diff --git a/go.mod b/go.mod index 818f6a62534..d0429d0f30b 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/Rican7/retry v0.1.0 // indirect github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7 // indirect - github.com/aws/aws-sdk-go v1.16.26 + github.com/aws/aws-sdk-go v1.28.2 github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 github.com/bazelbuild/buildtools v0.0.0-20190917191645-69366ca98f89 github.com/blang/semver v3.5.0+incompatible @@ -204,7 +204,7 @@ replace ( github.com/armon/consul-api => github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6 github.com/asaskevich/govalidator => github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a github.com/auth0/go-jwt-middleware => github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7 - github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.16.26 + github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.28.2 github.com/bazelbuild/bazel-gazelle => github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 github.com/bazelbuild/buildtools => github.com/bazelbuild/buildtools v0.0.0-20190917191645-69366ca98f89 github.com/bazelbuild/rules_go => github.com/bazelbuild/rules_go v0.0.0-20190719190356-6dae44dc5cab diff --git a/go.sum b/go.sum index 74fa6e99f25..d218425d515 100644 --- a/go.sum +++ b/go.sum @@ -58,8 +58,8 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7 h1:irR1cO6eek3n5uquIVaRAsQmZnlsfPuHNz31cXo4eyk= github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7/go.mod h1:LWMyo4iOLWXHGdBki7NIht1kHru/0wM179h+d3g8ATM= -github.com/aws/aws-sdk-go v1.16.26 h1:GWkl3rkRO/JGRTWoLLIqwf7AWC4/W/1hMOUZqmX0js4= -github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.28.2 h1:j5IXG9CdyLfcVfICqo1PXVv+rua+QQHbkXuvuU/JF+8= +github.com/aws/aws-sdk-go v1.28.2/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 h1:1pcd3bq1rC5X4nz56fdK0oQrz9CZup6DGZl8isCPthk= github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798/go.mod h1:rPwzNHUqEzngx1iVBfO/2X2npKaT3tqPqqHW6rVsn/A= github.com/bazelbuild/buildtools v0.0.0-20190917191645-69366ca98f89 h1:3B/ZE1a6eEJ/4Jf/M6RM2KBouN8yKCUcMmXzSyWqa3g= diff --git a/staging/src/k8s.io/legacy-cloud-providers/go.mod b/staging/src/k8s.io/legacy-cloud-providers/go.mod index 631dbe985dd..e4113753e7e 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/go.mod +++ b/staging/src/k8s.io/legacy-cloud-providers/go.mod @@ -13,7 +13,7 @@ require ( github.com/Azure/go-autorest/autorest/to v0.2.0 github.com/Azure/go-autorest/autorest/validation v0.1.0 // indirect github.com/GoogleCloudPlatform/k8s-cloud-provider v0.0.0-20190822182118-27a4ced34534 - github.com/aws/aws-sdk-go v1.16.26 + github.com/aws/aws-sdk-go v1.28.2 github.com/dnaeon/go-vcr v1.0.1 // indirect github.com/golang/mock v1.2.0 github.com/gophercloud/gophercloud v0.1.0 diff --git a/staging/src/k8s.io/legacy-cloud-providers/go.sum b/staging/src/k8s.io/legacy-cloud-providers/go.sum index 542114859da..a4a5fbf28c8 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/go.sum +++ b/staging/src/k8s.io/legacy-cloud-providers/go.sum @@ -33,8 +33,8 @@ github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdko github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/aws/aws-sdk-go v1.16.26 h1:GWkl3rkRO/JGRTWoLLIqwf7AWC4/W/1hMOUZqmX0js4= -github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.28.2 h1:j5IXG9CdyLfcVfICqo1PXVv+rua+QQHbkXuvuU/JF+8= +github.com/aws/aws-sdk-go v1.28.2/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0 h1:HWo1m869IqiPhD389kmkxeTalrjNbbJTC8LXupb+sl0= diff --git a/vendor/BUILD b/vendor/BUILD index b382ec1a4ac..38145337c81 100644 --- a/vendor/BUILD +++ b/vendor/BUILD @@ -35,9 +35,11 @@ filegroup( "//vendor/github.com/aws/aws-sdk-go/aws:all-srcs", "//vendor/github.com/aws/aws-sdk-go/internal/ini:all-srcs", "//vendor/github.com/aws/aws-sdk-go/internal/sdkio:all-srcs", + "//vendor/github.com/aws/aws-sdk-go/internal/sdkmath:all-srcs", "//vendor/github.com/aws/aws-sdk-go/internal/sdkrand:all-srcs", "//vendor/github.com/aws/aws-sdk-go/internal/sdkuri:all-srcs", "//vendor/github.com/aws/aws-sdk-go/internal/shareddefaults:all-srcs", + "//vendor/github.com/aws/aws-sdk-go/internal/strings:all-srcs", "//vendor/github.com/aws/aws-sdk-go/private/protocol:all-srcs", "//vendor/github.com/aws/aws-sdk-go/service/autoscaling:all-srcs", "//vendor/github.com/aws/aws-sdk-go/service/ec2:all-srcs", diff --git a/vendor/github.com/aws/aws-sdk-go/NOTICE.txt b/vendor/github.com/aws/aws-sdk-go/NOTICE.txt index 5f14d1162ed..899129ecc46 100644 --- a/vendor/github.com/aws/aws-sdk-go/NOTICE.txt +++ b/vendor/github.com/aws/aws-sdk-go/NOTICE.txt @@ -1,3 +1,3 @@ AWS SDK for Go -Copyright 2015 Amazon.com, Inc. or its affiliates. All Rights Reserved. +Copyright 2015 Amazon.com, Inc. or its affiliates. All Rights Reserved. Copyright 2014-2015 Stripe, Inc. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go b/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go index 56fdfc2bfc7..99849c0e19c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go @@ -138,8 +138,27 @@ type RequestFailure interface { RequestID() string } -// NewRequestFailure returns a new request error wrapper for the given Error -// provided. +// NewRequestFailure returns a wrapped error with additional information for +// request status code, and service requestID. +// +// Should be used to wrap all request which involve service requests. Even if +// the request failed without a service response, but had an HTTP status code +// that may be meaningful. func NewRequestFailure(err Error, statusCode int, reqID string) RequestFailure { return newRequestError(err, statusCode, reqID) } + +// UnmarshalError provides the interface for the SDK failing to unmarshal data. +type UnmarshalError interface { + awsError + Bytes() []byte +} + +// NewUnmarshalError returns an initialized UnmarshalError error wrapper adding +// the bytes that fail to unmarshal to the error. +func NewUnmarshalError(err error, msg string, bytes []byte) UnmarshalError { + return &unmarshalError{ + awsError: New("UnmarshalError", msg, err), + bytes: bytes, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go b/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go index 0202a008f5d..9cf7eaf4007 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go @@ -1,6 +1,9 @@ package awserr -import "fmt" +import ( + "encoding/hex" + "fmt" +) // SprintError returns a string of the formatted error code. // @@ -119,6 +122,7 @@ type requestError struct { awsError statusCode int requestID string + bytes []byte } // newRequestError returns a wrapped error with additional information for @@ -170,6 +174,29 @@ func (r requestError) OrigErrs() []error { return []error{r.OrigErr()} } +type unmarshalError struct { + awsError + bytes []byte +} + +// Error returns the string representation of the error. +// Satisfies the error interface. +func (e unmarshalError) Error() string { + extra := hex.Dump(e.bytes) + return SprintError(e.Code(), e.Message(), extra, e.OrigErr()) +} + +// String returns the string representation of the error. +// Alias for Error to satisfy the stringer interface. +func (e unmarshalError) String() string { + return e.Error() +} + +// Bytes returns the bytes that failed to unmarshal. +func (e unmarshalError) Bytes() []byte { + return e.bytes +} + // An error list that satisfies the golang interface type errorList []error @@ -181,7 +208,7 @@ func (e errorList) Error() string { // How do we want to handle the array size being zero if size := len(e); size > 0 { for i := 0; i < size; i++ { - msg += fmt.Sprintf("%s", e[i].Error()) + msg += e[i].Error() // We check the next index to see if it is within the slice. // If it is, then we append a newline. We do this, because unit tests // could be broken with the additional '\n' diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go index 59fa4a558a9..142a7a01c52 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go @@ -15,7 +15,7 @@ func DeepEqual(a, b interface{}) bool { rb := reflect.Indirect(reflect.ValueOf(b)) if raValid, rbValid := ra.IsValid(), rb.IsValid(); !raValid && !rbValid { - // If the elements are both nil, and of the same type the are equal + // If the elements are both nil, and of the same type they are equal // If they are of different types they are not equal return reflect.TypeOf(a) == reflect.TypeOf(b) } else if raValid != rbValid { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go index 11c52c38968..a4eb6a7f43a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go @@ -70,7 +70,7 @@ func rValuesAtPath(v interface{}, path string, createPath, caseSensitive, nilTer value = value.FieldByNameFunc(func(name string) bool { if c == name { return true - } else if !caseSensitive && strings.ToLower(name) == strings.ToLower(c) { + } else if !caseSensitive && strings.EqualFold(name, c) { return true } return false @@ -185,13 +185,12 @@ func ValuesAtPath(i interface{}, path string) ([]interface{}, error) { // SetValueAtPath sets a value at the case insensitive lexical path inside // of a structure. func SetValueAtPath(i interface{}, path string, v interface{}) { - if rvals := rValuesAtPath(i, path, true, false, v == nil); rvals != nil { - for _, rval := range rvals { - if rval.Kind() == reflect.Ptr && rval.IsNil() { - continue - } - setValue(rval, v) + rvals := rValuesAtPath(i, path, true, false, v == nil) + for _, rval := range rvals { + if rval.Kind() == reflect.Ptr && rval.IsNil() { + continue } + setValue(rval, v) } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/client/BUILD index 69b1be01703..ec41fb0b29f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/BUILD @@ -6,6 +6,7 @@ go_library( "client.go", "default_retryer.go", "logger.go", + "no_op_retryer.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/aws/client", importpath = "github.com/aws/aws-sdk-go/aws/client", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go index 70960538409..03334d69207 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go @@ -12,6 +12,7 @@ import ( type Config struct { Config *aws.Config Handlers request.Handlers + PartitionID string Endpoint string SigningRegion string SigningName string @@ -64,7 +65,7 @@ func New(cfg aws.Config, info metadata.ClientInfo, handlers request.Handlers, op default: maxRetries := aws.IntValue(cfg.MaxRetries) if cfg.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries { - maxRetries = 3 + maxRetries = DefaultRetryerMaxNumRetries } svc.Retryer = DefaultRetryer{NumMaxRetries: maxRetries} } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go index a397b0d044c..9f6af19dd45 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go @@ -1,6 +1,7 @@ package client import ( + "math" "strconv" "time" @@ -9,82 +10,142 @@ import ( ) // DefaultRetryer implements basic retry logic using exponential backoff for -// most services. If you want to implement custom retry logic, implement the -// request.Retryer interface or create a structure type that composes this -// struct and override the specific methods. For example, to override only -// the MaxRetries method: +// most services. If you want to implement custom retry logic, you can implement the +// request.Retryer interface. // -// type retryer struct { -// client.DefaultRetryer -// } -// -// // This implementation always has 100 max retries -// func (d retryer) MaxRetries() int { return 100 } type DefaultRetryer struct { + // Num max Retries is the number of max retries that will be performed. + // By default, this is zero. NumMaxRetries int + + // MinRetryDelay is the minimum retry delay after which retry will be performed. + // If not set, the value is 0ns. + MinRetryDelay time.Duration + + // MinThrottleRetryDelay is the minimum retry delay when throttled. + // If not set, the value is 0ns. + MinThrottleDelay time.Duration + + // MaxRetryDelay is the maximum retry delay before which retry must be performed. + // If not set, the value is 0ns. + MaxRetryDelay time.Duration + + // MaxThrottleDelay is the maximum retry delay when throttled. + // If not set, the value is 0ns. + MaxThrottleDelay time.Duration } +const ( + // DefaultRetryerMaxNumRetries sets maximum number of retries + DefaultRetryerMaxNumRetries = 3 + + // DefaultRetryerMinRetryDelay sets minimum retry delay + DefaultRetryerMinRetryDelay = 30 * time.Millisecond + + // DefaultRetryerMinThrottleDelay sets minimum delay when throttled + DefaultRetryerMinThrottleDelay = 500 * time.Millisecond + + // DefaultRetryerMaxRetryDelay sets maximum retry delay + DefaultRetryerMaxRetryDelay = 300 * time.Second + + // DefaultRetryerMaxThrottleDelay sets maximum delay when throttled + DefaultRetryerMaxThrottleDelay = 300 * time.Second +) + // MaxRetries returns the number of maximum returns the service will use to make // an individual API request. func (d DefaultRetryer) MaxRetries() int { return d.NumMaxRetries } +// setRetryerDefaults sets the default values of the retryer if not set +func (d *DefaultRetryer) setRetryerDefaults() { + if d.MinRetryDelay == 0 { + d.MinRetryDelay = DefaultRetryerMinRetryDelay + } + if d.MaxRetryDelay == 0 { + d.MaxRetryDelay = DefaultRetryerMaxRetryDelay + } + if d.MinThrottleDelay == 0 { + d.MinThrottleDelay = DefaultRetryerMinThrottleDelay + } + if d.MaxThrottleDelay == 0 { + d.MaxThrottleDelay = DefaultRetryerMaxThrottleDelay + } +} + // RetryRules returns the delay duration before retrying this request again func (d DefaultRetryer) RetryRules(r *request.Request) time.Duration { - // Set the upper limit of delay in retrying at ~five minutes - minTime := 30 - throttle := d.shouldThrottle(r) - if throttle { - if delay, ok := getRetryDelay(r); ok { - return delay - } - minTime = 500 + // if number of max retries is zero, no retries will be performed. + if d.NumMaxRetries == 0 { + return 0 + } + + // Sets default value for retryer members + d.setRetryerDefaults() + + // minDelay is the minimum retryer delay + minDelay := d.MinRetryDelay + + var initialDelay time.Duration + + isThrottle := r.IsErrorThrottle() + if isThrottle { + if delay, ok := getRetryAfterDelay(r); ok { + initialDelay = delay + } + minDelay = d.MinThrottleDelay } retryCount := r.RetryCount - if throttle && retryCount > 8 { - retryCount = 8 - } else if retryCount > 13 { - retryCount = 13 + + // maxDelay the maximum retryer delay + maxDelay := d.MaxRetryDelay + + if isThrottle { + maxDelay = d.MaxThrottleDelay } - delay := (1 << uint(retryCount)) * (sdkrand.SeededRand.Intn(minTime) + minTime) - return time.Duration(delay) * time.Millisecond + var delay time.Duration + + // Logic to cap the retry count based on the minDelay provided + actualRetryCount := int(math.Log2(float64(minDelay))) + 1 + if actualRetryCount < 63-retryCount { + delay = time.Duration(1< maxDelay { + delay = getJitterDelay(maxDelay / 2) + } + } else { + delay = getJitterDelay(maxDelay / 2) + } + return delay + initialDelay +} + +// getJitterDelay returns a jittered delay for retry +func getJitterDelay(duration time.Duration) time.Duration { + return time.Duration(sdkrand.SeededRand.Int63n(int64(duration)) + int64(duration)) } // ShouldRetry returns true if the request should be retried. func (d DefaultRetryer) ShouldRetry(r *request.Request) bool { + + // ShouldRetry returns false if number of max retries is 0. + if d.NumMaxRetries == 0 { + return false + } + // If one of the other handlers already set the retry state // we don't want to override it based on the service's state if r.Retryable != nil { return *r.Retryable } - - if r.HTTPResponse.StatusCode >= 500 && r.HTTPResponse.StatusCode != 501 { - return true - } - return r.IsErrorRetryable() || d.shouldThrottle(r) -} - -// ShouldThrottle returns true if the request should be throttled. -func (d DefaultRetryer) shouldThrottle(r *request.Request) bool { - switch r.HTTPResponse.StatusCode { - case 429: - case 502: - case 503: - case 504: - default: - return r.IsErrorThrottle() - } - - return true + return r.IsErrorRetryable() || r.IsErrorThrottle() } // This will look in the Retry-After header, RFC 7231, for how long // it will wait before attempting another request -func getRetryDelay(r *request.Request) (time.Duration, bool) { +func getRetryAfterDelay(r *request.Request) (time.Duration, bool) { if !canUseRetryAfterHeader(r) { return 0, false } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go index ce9fb896d94..8958c32d4e9 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go @@ -67,10 +67,14 @@ func logRequest(r *request.Request) { if !bodySeekable { r.SetReaderBody(aws.ReadSeekCloser(r.HTTPRequest.Body)) } - // Reset the request body because dumpRequest will re-wrap the r.HTTPRequest's - // Body as a NoOpCloser and will not be reset after read by the HTTP - // client reader. - r.ResetBody() + // Reset the request body because dumpRequest will re-wrap the + // r.HTTPRequest's Body as a NoOpCloser and will not be reset after + // read by the HTTP client reader. + if err := r.Error; err != nil { + r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, + r.ClientInfo.ServiceName, r.Operation.Name, err)) + return + } } r.Config.Logger.Log(fmt.Sprintf(logReqMsg, @@ -118,6 +122,12 @@ var LogHTTPResponseHandler = request.NamedHandler{ func logResponse(r *request.Request) { lw := &logWriter{r.Config.Logger, bytes.NewBuffer(nil)} + if r.HTTPResponse == nil { + lw.Logger.Log(fmt.Sprintf(logRespErrMsg, + r.ClientInfo.ServiceName, r.Operation.Name, "request's HTTPResponse is nil")) + return + } + logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) if logBody { r.HTTPResponse.Body = &teeReaderCloser{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go b/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go index 920e9fddf87..0c48f72e08e 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go @@ -5,6 +5,7 @@ type ClientInfo struct { ServiceName string ServiceID string APIVersion string + PartitionID string Endpoint string SigningName string SigningRegion string diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go new file mode 100644 index 00000000000..881d575f010 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go @@ -0,0 +1,28 @@ +package client + +import ( + "time" + + "github.com/aws/aws-sdk-go/aws/request" +) + +// NoOpRetryer provides a retryer that performs no retries. +// It should be used when we do not want retries to be performed. +type NoOpRetryer struct{} + +// MaxRetries returns the number of maximum returns the service will use to make +// an individual API; For NoOpRetryer the MaxRetries will always be zero. +func (d NoOpRetryer) MaxRetries() int { + return 0 +} + +// ShouldRetry will always return false for NoOpRetryer, as it should never retry. +func (d NoOpRetryer) ShouldRetry(_ *request.Request) bool { + return false +} + +// RetryRules returns the delay duration before retrying this request again; +// since NoOpRetryer does not retry, RetryRules always returns 0. +func (d NoOpRetryer) RetryRules(_ *request.Request) time.Duration { + return 0 +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go index 10634d173d3..2def23fa1d1 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -20,7 +20,7 @@ type RequestRetryer interface{} // A Config provides service configuration for service clients. By default, // all clients will use the defaults.DefaultConfig structure. // -// // Create Session with MaxRetry configuration to be shared by multiple +// // Create Session with MaxRetries configuration to be shared by multiple // // service clients. // sess := session.Must(session.NewSession(&aws.Config{ // MaxRetries: aws.Int(3), @@ -161,6 +161,17 @@ type Config struct { // on GetObject API calls. S3DisableContentMD5Validation *bool + // Set this to `true` to have the S3 service client to use the region specified + // in the ARN, when an ARN is provided as an argument to a bucket parameter. + S3UseARNRegion *bool + + // Set this to `true` to enable the SDK to unmarshal API response header maps to + // normalized lower case map keys. + // + // For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case + // Metadata member's map keys. The value of the header in the map is unaffected. + LowerCaseHeaderMaps *bool + // Set this to `true` to disable the EC2Metadata client from overriding the // default http.Client's Timeout. This is helpful if you do not want the // EC2Metadata client to create a new http.Client. This options is only @@ -246,12 +257,18 @@ type Config struct { // Disabling this feature is useful when you want to use local endpoints // for testing that do not support the modeled host prefix pattern. DisableEndpointHostPrefix *bool + + // STSRegionalEndpoint will enable regional or legacy endpoint resolving + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // S3UsEast1RegionalEndpoint will enable regional or legacy endpoint resolving + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint } // NewConfig returns a new Config pointer that can be chained with builder // methods to set multiple configuration values inline without using pointers. // -// // Create Session with MaxRetry configuration to be shared by multiple +// // Create Session with MaxRetries configuration to be shared by multiple // // service clients. // sess := session.Must(session.NewSession(aws.NewConfig(). // WithMaxRetries(3), @@ -379,6 +396,13 @@ func (c *Config) WithS3DisableContentMD5Validation(enable bool) *Config { } +// WithS3UseARNRegion sets a config S3UseARNRegion value and +// returning a Config pointer for chaining +func (c *Config) WithS3UseARNRegion(enable bool) *Config { + c.S3UseARNRegion = &enable + return c +} + // WithUseDualStack sets a config UseDualStack value returning a Config // pointer for chaining. func (c *Config) WithUseDualStack(enable bool) *Config { @@ -420,6 +444,20 @@ func (c *Config) MergeIn(cfgs ...*Config) { } } +// WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag +// when resolving the endpoint for a service +func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config { + c.STSRegionalEndpoint = sre + return c +} + +// WithS3UsEast1RegionalEndpoint will set whether or not to use regional endpoint flag +// when resolving the endpoint for a service +func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEndpoint) *Config { + c.S3UsEast1RegionalEndpoint = sre + return c +} + func mergeInConfig(dst *Config, other *Config) { if other == nil { return @@ -493,6 +531,10 @@ func mergeInConfig(dst *Config, other *Config) { dst.S3DisableContentMD5Validation = other.S3DisableContentMD5Validation } + if other.S3UseARNRegion != nil { + dst.S3UseARNRegion = other.S3UseARNRegion + } + if other.UseDualStack != nil { dst.UseDualStack = other.UseDualStack } @@ -520,6 +562,14 @@ func mergeInConfig(dst *Config, other *Config) { if other.DisableEndpointHostPrefix != nil { dst.DisableEndpointHostPrefix = other.DisableEndpointHostPrefix } + + if other.STSRegionalEndpoint != endpoints.UnsetSTSEndpoint { + dst.STSRegionalEndpoint = other.STSRegionalEndpoint + } + + if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint { + dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint + } } // Copy will return a shallow copy of the Config object. If any additional diff --git a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go b/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go index ff5d58e0683..4e076c1837a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go @@ -179,6 +179,242 @@ func IntValueMap(src map[string]*int) map[string]int { return dst } +// Uint returns a pointer to the uint value passed in. +func Uint(v uint) *uint { + return &v +} + +// UintValue returns the value of the uint pointer passed in or +// 0 if the pointer is nil. +func UintValue(v *uint) uint { + if v != nil { + return *v + } + return 0 +} + +// UintSlice converts a slice of uint values uinto a slice of +// uint pointers +func UintSlice(src []uint) []*uint { + dst := make([]*uint, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// UintValueSlice converts a slice of uint pointers uinto a slice of +// uint values +func UintValueSlice(src []*uint) []uint { + dst := make([]uint, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// UintMap converts a string map of uint values uinto a string +// map of uint pointers +func UintMap(src map[string]uint) map[string]*uint { + dst := make(map[string]*uint) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// UintValueMap converts a string map of uint pointers uinto a string +// map of uint values +func UintValueMap(src map[string]*uint) map[string]uint { + dst := make(map[string]uint) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int8 returns a pointer to the int8 value passed in. +func Int8(v int8) *int8 { + return &v +} + +// Int8Value returns the value of the int8 pointer passed in or +// 0 if the pointer is nil. +func Int8Value(v *int8) int8 { + if v != nil { + return *v + } + return 0 +} + +// Int8Slice converts a slice of int8 values into a slice of +// int8 pointers +func Int8Slice(src []int8) []*int8 { + dst := make([]*int8, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int8ValueSlice converts a slice of int8 pointers into a slice of +// int8 values +func Int8ValueSlice(src []*int8) []int8 { + dst := make([]int8, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int8Map converts a string map of int8 values into a string +// map of int8 pointers +func Int8Map(src map[string]int8) map[string]*int8 { + dst := make(map[string]*int8) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int8ValueMap converts a string map of int8 pointers into a string +// map of int8 values +func Int8ValueMap(src map[string]*int8) map[string]int8 { + dst := make(map[string]int8) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int16 returns a pointer to the int16 value passed in. +func Int16(v int16) *int16 { + return &v +} + +// Int16Value returns the value of the int16 pointer passed in or +// 0 if the pointer is nil. +func Int16Value(v *int16) int16 { + if v != nil { + return *v + } + return 0 +} + +// Int16Slice converts a slice of int16 values into a slice of +// int16 pointers +func Int16Slice(src []int16) []*int16 { + dst := make([]*int16, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int16ValueSlice converts a slice of int16 pointers into a slice of +// int16 values +func Int16ValueSlice(src []*int16) []int16 { + dst := make([]int16, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int16Map converts a string map of int16 values into a string +// map of int16 pointers +func Int16Map(src map[string]int16) map[string]*int16 { + dst := make(map[string]*int16) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int16ValueMap converts a string map of int16 pointers into a string +// map of int16 values +func Int16ValueMap(src map[string]*int16) map[string]int16 { + dst := make(map[string]int16) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int32 returns a pointer to the int32 value passed in. +func Int32(v int32) *int32 { + return &v +} + +// Int32Value returns the value of the int32 pointer passed in or +// 0 if the pointer is nil. +func Int32Value(v *int32) int32 { + if v != nil { + return *v + } + return 0 +} + +// Int32Slice converts a slice of int32 values into a slice of +// int32 pointers +func Int32Slice(src []int32) []*int32 { + dst := make([]*int32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int32ValueSlice converts a slice of int32 pointers into a slice of +// int32 values +func Int32ValueSlice(src []*int32) []int32 { + dst := make([]int32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int32Map converts a string map of int32 values into a string +// map of int32 pointers +func Int32Map(src map[string]int32) map[string]*int32 { + dst := make(map[string]*int32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int32ValueMap converts a string map of int32 pointers into a string +// map of int32 values +func Int32ValueMap(src map[string]*int32) map[string]int32 { + dst := make(map[string]int32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + // Int64 returns a pointer to the int64 value passed in. func Int64(v int64) *int64 { return &v @@ -238,6 +474,301 @@ func Int64ValueMap(src map[string]*int64) map[string]int64 { return dst } +// Uint8 returns a pointer to the uint8 value passed in. +func Uint8(v uint8) *uint8 { + return &v +} + +// Uint8Value returns the value of the uint8 pointer passed in or +// 0 if the pointer is nil. +func Uint8Value(v *uint8) uint8 { + if v != nil { + return *v + } + return 0 +} + +// Uint8Slice converts a slice of uint8 values into a slice of +// uint8 pointers +func Uint8Slice(src []uint8) []*uint8 { + dst := make([]*uint8, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint8ValueSlice converts a slice of uint8 pointers into a slice of +// uint8 values +func Uint8ValueSlice(src []*uint8) []uint8 { + dst := make([]uint8, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint8Map converts a string map of uint8 values into a string +// map of uint8 pointers +func Uint8Map(src map[string]uint8) map[string]*uint8 { + dst := make(map[string]*uint8) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint8ValueMap converts a string map of uint8 pointers into a string +// map of uint8 values +func Uint8ValueMap(src map[string]*uint8) map[string]uint8 { + dst := make(map[string]uint8) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint16 returns a pointer to the uint16 value passed in. +func Uint16(v uint16) *uint16 { + return &v +} + +// Uint16Value returns the value of the uint16 pointer passed in or +// 0 if the pointer is nil. +func Uint16Value(v *uint16) uint16 { + if v != nil { + return *v + } + return 0 +} + +// Uint16Slice converts a slice of uint16 values into a slice of +// uint16 pointers +func Uint16Slice(src []uint16) []*uint16 { + dst := make([]*uint16, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint16ValueSlice converts a slice of uint16 pointers into a slice of +// uint16 values +func Uint16ValueSlice(src []*uint16) []uint16 { + dst := make([]uint16, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint16Map converts a string map of uint16 values into a string +// map of uint16 pointers +func Uint16Map(src map[string]uint16) map[string]*uint16 { + dst := make(map[string]*uint16) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint16ValueMap converts a string map of uint16 pointers into a string +// map of uint16 values +func Uint16ValueMap(src map[string]*uint16) map[string]uint16 { + dst := make(map[string]uint16) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint32 returns a pointer to the uint32 value passed in. +func Uint32(v uint32) *uint32 { + return &v +} + +// Uint32Value returns the value of the uint32 pointer passed in or +// 0 if the pointer is nil. +func Uint32Value(v *uint32) uint32 { + if v != nil { + return *v + } + return 0 +} + +// Uint32Slice converts a slice of uint32 values into a slice of +// uint32 pointers +func Uint32Slice(src []uint32) []*uint32 { + dst := make([]*uint32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint32ValueSlice converts a slice of uint32 pointers into a slice of +// uint32 values +func Uint32ValueSlice(src []*uint32) []uint32 { + dst := make([]uint32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint32Map converts a string map of uint32 values into a string +// map of uint32 pointers +func Uint32Map(src map[string]uint32) map[string]*uint32 { + dst := make(map[string]*uint32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint32ValueMap converts a string map of uint32 pointers into a string +// map of uint32 values +func Uint32ValueMap(src map[string]*uint32) map[string]uint32 { + dst := make(map[string]uint32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint64 returns a pointer to the uint64 value passed in. +func Uint64(v uint64) *uint64 { + return &v +} + +// Uint64Value returns the value of the uint64 pointer passed in or +// 0 if the pointer is nil. +func Uint64Value(v *uint64) uint64 { + if v != nil { + return *v + } + return 0 +} + +// Uint64Slice converts a slice of uint64 values into a slice of +// uint64 pointers +func Uint64Slice(src []uint64) []*uint64 { + dst := make([]*uint64, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint64ValueSlice converts a slice of uint64 pointers into a slice of +// uint64 values +func Uint64ValueSlice(src []*uint64) []uint64 { + dst := make([]uint64, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint64Map converts a string map of uint64 values into a string +// map of uint64 pointers +func Uint64Map(src map[string]uint64) map[string]*uint64 { + dst := make(map[string]*uint64) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint64ValueMap converts a string map of uint64 pointers into a string +// map of uint64 values +func Uint64ValueMap(src map[string]*uint64) map[string]uint64 { + dst := make(map[string]uint64) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Float32 returns a pointer to the float32 value passed in. +func Float32(v float32) *float32 { + return &v +} + +// Float32Value returns the value of the float32 pointer passed in or +// 0 if the pointer is nil. +func Float32Value(v *float32) float32 { + if v != nil { + return *v + } + return 0 +} + +// Float32Slice converts a slice of float32 values into a slice of +// float32 pointers +func Float32Slice(src []float32) []*float32 { + dst := make([]*float32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Float32ValueSlice converts a slice of float32 pointers into a slice of +// float32 values +func Float32ValueSlice(src []*float32) []float32 { + dst := make([]float32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Float32Map converts a string map of float32 values into a string +// map of float32 pointers +func Float32Map(src map[string]float32) map[string]*float32 { + dst := make(map[string]*float32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Float32ValueMap converts a string map of float32 pointers into a string +// map of float32 values +func Float32ValueMap(src map[string]*float32) map[string]float32 { + dst := make(map[string]float32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + // Float64 returns a pointer to the float64 value passed in. func Float64(v float64) *float64 { return &v diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go index f8853d78af2..aa902d70837 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go @@ -159,9 +159,9 @@ func handleSendError(r *request.Request, err error) { Body: ioutil.NopCloser(bytes.NewReader([]byte{})), } } - // Catch all other request errors. - r.Error = awserr.New("RequestError", "send request failed", err) - r.Retryable = aws.Bool(true) // network errors are retryable + // Catch all request errors, and let the default retrier determine + // if the error is retryable. + r.Error = awserr.New(request.ErrCodeRequestError, "send request failed", err) // Override the error with a context canceled error, if that was canceled. ctx := r.Context() @@ -184,37 +184,39 @@ var ValidateResponseHandler = request.NamedHandler{Name: "core.ValidateResponseH // AfterRetryHandler performs final checks to determine if the request should // be retried and how long to delay. -var AfterRetryHandler = request.NamedHandler{Name: "core.AfterRetryHandler", Fn: func(r *request.Request) { - // If one of the other handlers already set the retry state - // we don't want to override it based on the service's state - if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) { - r.Retryable = aws.Bool(r.ShouldRetry(r)) - } - - if r.WillRetry() { - r.RetryDelay = r.RetryRules(r) - - if sleepFn := r.Config.SleepDelay; sleepFn != nil { - // Support SleepDelay for backwards compatibility and testing - sleepFn(r.RetryDelay) - } else if err := aws.SleepWithContext(r.Context(), r.RetryDelay); err != nil { - r.Error = awserr.New(request.CanceledErrorCode, - "request context canceled", err) - r.Retryable = aws.Bool(false) - return +var AfterRetryHandler = request.NamedHandler{ + Name: "core.AfterRetryHandler", + Fn: func(r *request.Request) { + // If one of the other handlers already set the retry state + // we don't want to override it based on the service's state + if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) { + r.Retryable = aws.Bool(r.ShouldRetry(r)) } - // when the expired token exception occurs the credentials - // need to be expired locally so that the next request to - // get credentials will trigger a credentials refresh. - if r.IsErrorExpired() { - r.Config.Credentials.Expire() - } + if r.WillRetry() { + r.RetryDelay = r.RetryRules(r) - r.RetryCount++ - r.Error = nil - } -}} + if sleepFn := r.Config.SleepDelay; sleepFn != nil { + // Support SleepDelay for backwards compatibility and testing + sleepFn(r.RetryDelay) + } else if err := aws.SleepWithContext(r.Context(), r.RetryDelay); err != nil { + r.Error = awserr.New(request.CanceledErrorCode, + "request context canceled", err) + r.Retryable = aws.Bool(false) + return + } + + // when the expired token exception occurs the credentials + // need to be expired locally so that the next request to + // get credentials will trigger a credentials refresh. + if r.IsErrorExpired() { + r.Config.Credentials.Expire() + } + + r.RetryCount++ + r.Error = nil + } + }} // ValidateEndpointHandler is a request handler to validate a request had the // appropriate Region and Endpoint set. Will set r.Error if the endpoint or diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go index 894bbc7f82c..4af59215814 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go @@ -50,9 +50,10 @@ package credentials import ( "fmt" - "github.com/aws/aws-sdk-go/aws/awserr" "sync" "time" + + "github.com/aws/aws-sdk-go/aws/awserr" ) // AnonymousCredentials is an empty Credential object that can be used as @@ -83,6 +84,12 @@ type Value struct { ProviderName string } +// HasKeys returns if the credentials Value has both AccessKeyID and +// SecretAccessKey value set. +func (v Value) HasKeys() bool { + return len(v.AccessKeyID) != 0 && len(v.SecretAccessKey) != 0 +} + // A Provider is the interface for any component which will provide credentials // Value. A provider is required to manage its own Expired state, and what to // be expired means. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/BUILD index 8ec934dc3e9..05f47d12fb4 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/BUILD @@ -11,6 +11,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/client:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/ec2metadata:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", "//vendor/github.com/aws/aws-sdk-go/internal/sdkuri:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go index 0ed791be641..43d4ed386ab 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go @@ -11,6 +11,7 @@ import ( "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/ec2metadata" + "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/sdkuri" ) @@ -142,7 +143,8 @@ func requestCredList(client *ec2metadata.EC2Metadata) ([]string, error) { } if err := s.Err(); err != nil { - return nil, awserr.New("SerializationError", "failed to read EC2 instance role from metadata service", err) + return nil, awserr.New(request.ErrCodeSerialization, + "failed to read EC2 instance role from metadata service", err) } return credsList, nil @@ -164,7 +166,7 @@ func requestCred(client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCred respCreds := ec2RoleCredRespBody{} if err := json.NewDecoder(strings.NewReader(resp)).Decode(&respCreds); err != nil { return ec2RoleCredRespBody{}, - awserr.New("SerializationError", + awserr.New(request.ErrCodeSerialization, fmt.Sprintf("failed to decode %s EC2 instance role credentials", credsName), err) } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/BUILD index 0ecbaf23d06..af7666c1e20 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/BUILD @@ -13,6 +13,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/client/metadata:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index ace51313820..1a7af53a4da 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -39,6 +39,7 @@ import ( "github.com/aws/aws-sdk-go/aws/client/metadata" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" ) // ProviderName is the name of the credentials provider. @@ -97,8 +98,8 @@ func NewProviderClient(cfg aws.Config, handlers request.Handlers, endpoint strin return p } -// NewCredentialsClient returns a Credentials wrapper for retrieving credentials -// from an arbitrary endpoint concurrently. The client will request the +// NewCredentialsClient returns a pointer to a new Credentials object +// wrapping the endpoint credentials Provider. func NewCredentialsClient(cfg aws.Config, handlers request.Handlers, endpoint string, options ...func(*Provider)) *credentials.Credentials { return credentials.NewCredentials(NewProviderClient(cfg, handlers, endpoint, options...)) } @@ -174,7 +175,7 @@ func unmarshalHandler(r *request.Request) { out := r.Data.(*getCredentialsOutput) if err := json.NewDecoder(r.HTTPResponse.Body).Decode(&out); err != nil { - r.Error = awserr.New("SerializationError", + r.Error = awserr.New(request.ErrCodeSerialization, "failed to decode endpoint credentials", err, ) @@ -185,11 +186,15 @@ func unmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() var errOut errorOutput - if err := json.NewDecoder(r.HTTPResponse.Body).Decode(&errOut); err != nil { - r.Error = awserr.New("SerializationError", - "failed to decode endpoint credentials", - err, + err := jsonutil.UnmarshalJSONError(&errOut, r.HTTPResponse.Body) + if err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to decode error message", err), + r.HTTPResponse.StatusCode, + r.RequestID, ) + return } // Response body format is not consistent between metadata endpoints. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/BUILD index dd5998add0d..6c31f05f52f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/BUILD @@ -9,6 +9,7 @@ go_library( deps = [ "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/internal/sdkio:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go index 1980c8c140a..e6248360029 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go @@ -90,6 +90,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/internal/sdkio" ) const ( @@ -142,7 +143,7 @@ const ( // DefaultBufSize limits buffer size from growing to an enormous // amount due to a faulty process. - DefaultBufSize = 1024 + DefaultBufSize = int(8 * sdkio.KibiByte) // DefaultTimeout default limit on time a process can run. DefaultTimeout = time.Duration(1) * time.Minute diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/BUILD index 3ce386b4a28..cfa4dbd6891 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/BUILD @@ -2,7 +2,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["assume_role_provider.go"], + srcs = [ + "assume_role_provider.go", + "web_identity_provider.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds", importpath = "github.com/aws/aws-sdk-go/aws/credentials/stscreds", visibility = ["//visibility:public"], @@ -11,7 +14,9 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/client:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/internal/sdkrand:go_default_library", "//vendor/github.com/aws/aws-sdk-go/service/sts:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/service/sts/stsiface:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 4108e433e64..9f37f44bcfa 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -80,16 +80,18 @@ package stscreds import ( "fmt" + "os" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/internal/sdkrand" "github.com/aws/aws-sdk-go/service/sts" ) -// StdinTokenProvider will prompt on stdout and read from stdin for a string value. +// StdinTokenProvider will prompt on stderr and read from stdin for a string value. // An error is returned if reading from stdin fails. // // Use this function go read MFA tokens from stdin. The function makes no attempt @@ -102,7 +104,7 @@ import ( // Will wait forever until something is provided on the stdin. func StdinTokenProvider() (string, error) { var v string - fmt.Printf("Assume Role MFA token code: ") + fmt.Fprintf(os.Stderr, "Assume Role MFA token code: ") _, err := fmt.Scanln(&v) return v, err @@ -142,6 +144,13 @@ type AssumeRoleProvider struct { // Session name, if you wish to reuse the credentials elsewhere. RoleSessionName string + // Optional, you can pass tag key-value pairs to your session. These tags are called session tags. + Tags []*sts.Tag + + // A list of keys for session tags that you want to set as transitive. + // If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. + TransitiveTagKeys []*string + // Expiry duration of the STS credentials. Defaults to 15 minutes if not set. Duration time.Duration @@ -193,6 +202,18 @@ type AssumeRoleProvider struct { // // If ExpiryWindow is 0 or less it will be ignored. ExpiryWindow time.Duration + + // MaxJitterFrac reduces the effective Duration of each credential requested + // by a random percentage between 0 and MaxJitterFraction. MaxJitterFrac must + // have a value between 0 and 1. Any other value may lead to expected behavior. + // With a MaxJitterFrac value of 0, default) will no jitter will be used. + // + // For example, with a Duration of 30m and a MaxJitterFrac of 0.1, the + // AssumeRole call will be made with an arbitrary Duration between 27m and + // 30m. + // + // MaxJitterFrac should not be negative. + MaxJitterFrac float64 } // NewCredentials returns a pointer to a new Credentials object wrapping the @@ -244,7 +265,6 @@ func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(* // Retrieve generates a new set of temporary credentials using STS. func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { - // Apply defaults where parameters are not set. if p.RoleSessionName == "" { // Try to work out a role name that will hopefully end up unique. @@ -254,11 +274,14 @@ func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { // Expire as often as AWS permits. p.Duration = DefaultDuration } + jitter := time.Duration(sdkrand.SeededRand.Float64() * p.MaxJitterFrac * float64(p.Duration)) input := &sts.AssumeRoleInput{ - DurationSeconds: aws.Int64(int64(p.Duration / time.Second)), - RoleArn: aws.String(p.RoleARN), - RoleSessionName: aws.String(p.RoleSessionName), - ExternalId: p.ExternalID, + DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)), + RoleArn: aws.String(p.RoleARN), + RoleSessionName: aws.String(p.RoleSessionName), + ExternalId: p.ExternalID, + Tags: p.Tags, + TransitiveTagKeys: p.TransitiveTagKeys, } if p.Policy != nil { input.Policy = p.Policy diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go new file mode 100644 index 00000000000..b20b6339484 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go @@ -0,0 +1,100 @@ +package stscreds + +import ( + "fmt" + "io/ioutil" + "strconv" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/service/sts" + "github.com/aws/aws-sdk-go/service/sts/stsiface" +) + +const ( + // ErrCodeWebIdentity will be used as an error code when constructing + // a new error to be returned during session creation or retrieval. + ErrCodeWebIdentity = "WebIdentityErr" + + // WebIdentityProviderName is the web identity provider name + WebIdentityProviderName = "WebIdentityCredentials" +) + +// now is used to return a time.Time object representing +// the current time. This can be used to easily test and +// compare test values. +var now = time.Now + +// WebIdentityRoleProvider is used to retrieve credentials using +// an OIDC token. +type WebIdentityRoleProvider struct { + credentials.Expiry + + client stsiface.STSAPI + ExpiryWindow time.Duration + + tokenFilePath string + roleARN string + roleSessionName string +} + +// NewWebIdentityCredentials will return a new set of credentials with a given +// configuration, role arn, and token file path. +func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials { + svc := sts.New(c) + p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path) + return credentials.NewCredentials(p) +} + +// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the +// provided stsiface.STSAPI +func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider { + return &WebIdentityRoleProvider{ + client: svc, + tokenFilePath: path, + roleARN: roleARN, + roleSessionName: roleSessionName, + } +} + +// Retrieve will attempt to assume a role from a token which is located at +// 'WebIdentityTokenFilePath' specified destination and if that is empty an +// error will be returned. +func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { + b, err := ioutil.ReadFile(p.tokenFilePath) + if err != nil { + errMsg := fmt.Sprintf("unable to read file at %s", p.tokenFilePath) + return credentials.Value{}, awserr.New(ErrCodeWebIdentity, errMsg, err) + } + + sessionName := p.roleSessionName + if len(sessionName) == 0 { + // session name is used to uniquely identify a session. This simply + // uses unix time in nanoseconds to uniquely identify sessions. + sessionName = strconv.FormatInt(now().UnixNano(), 10) + } + req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{ + RoleArn: &p.roleARN, + RoleSessionName: &sessionName, + WebIdentityToken: aws.String(string(b)), + }) + // InvalidIdentityToken error is a temporary error that can occur + // when assuming an Role with a JWT web identity token. + req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException) + if err := req.Send(); err != nil { + return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed to retrieve credentials", err) + } + + p.SetExpiration(aws.TimeValue(resp.Credentials.Expiration), p.ExpiryWindow) + + value := credentials.Value{ + AccessKeyID: aws.StringValue(resp.Credentials.AccessKeyId), + SecretAccessKey: aws.StringValue(resp.Credentials.SecretAccessKey), + SessionToken: aws.StringValue(resp.Credentials.SessionToken), + ProviderName: WebIdentityProviderName, + } + return value, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go index 152d785b362..25a66d1dda2 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go @@ -1,30 +1,61 @@ -// Package csm provides Client Side Monitoring (CSM) which enables sending metrics -// via UDP connection. Using the Start function will enable the reporting of -// metrics on a given port. If Start is called, with different parameters, again, -// a panic will occur. +// Package csm provides the Client Side Monitoring (CSM) client which enables +// sending metrics via UDP connection to the CSM agent. This package provides +// control options, and configuration for the CSM client. The client can be +// controlled manually, or automatically via the SDK's Session configuration. // -// Pause can be called to pause any metrics publishing on a given port. Sessions -// that have had their handlers modified via InjectHandlers may still be used. -// However, the handlers will act as a no-op meaning no metrics will be published. +// Enabling CSM client via SDK's Session configuration +// +// The CSM client can be enabled automatically via SDK's Session configuration. +// The SDK's session configuration enables the CSM client if the AWS_CSM_PORT +// environment variable is set to a non-empty value. +// +// The configuration options for the CSM client via the SDK's session +// configuration are: +// +// * AWS_CSM_PORT= +// The port number the CSM agent will receive metrics on. +// +// * AWS_CSM_HOST= +// The hostname, or IP address the CSM agent will receive metrics on. +// Without port number. +// +// Manually enabling the CSM client +// +// The CSM client can be started, paused, and resumed manually. The Start +// function will enable the CSM client to publish metrics to the CSM agent. It +// is safe to call Start concurrently, but if Start is called additional times +// with different ClientID or address it will panic. // -// Example: // r, err := csm.Start("clientID", ":31000") // if err != nil { // panic(fmt.Errorf("failed starting CSM: %v", err)) // } // +// When controlling the CSM client manually, you must also inject its request +// handlers into the SDK's Session configuration for the SDK's API clients to +// publish metrics. +// // sess, err := session.NewSession(&aws.Config{}) // if err != nil { // panic(fmt.Errorf("failed loading session: %v", err)) // } // +// // Add CSM client's metric publishing request handlers to the SDK's +// // Session Configuration. // r.InjectHandlers(&sess.Handlers) // -// client := s3.New(sess) -// resp, err := client.GetObject(&s3.GetObjectInput{ -// Bucket: aws.String("bucket"), -// Key: aws.String("key"), -// }) +// Controlling CSM client +// +// Once the CSM client has been enabled the Get function will return a Reporter +// value that you can use to pause and resume the metrics published to the CSM +// agent. If Get function is called before the reporter is enabled with the +// Start function or via SDK's Session configuration nil will be returned. +// +// The Pause method can be called to stop the CSM client publishing metrics to +// the CSM agent. The Continue method will resume metric publishing. +// +// // Get the CSM client Reporter. +// r := csm.Get() // // // Will pause monitoring // r.Pause() @@ -35,12 +66,4 @@ // // // Resume monitoring // r.Continue() -// -// Start returns a Reporter that is used to enable or disable monitoring. If -// access to the Reporter is required later, calling Get will return the Reporter -// singleton. -// -// Example: -// r := csm.Get() -// r.Continue() package csm diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go index 2f0c6eac9a8..4b19e2800e3 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go @@ -2,6 +2,7 @@ package csm import ( "fmt" + "strings" "sync" ) @@ -9,19 +10,40 @@ var ( lock sync.Mutex ) -// Client side metric handler names const ( - APICallMetricHandlerName = "awscsm.SendAPICallMetric" - APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric" + // DefaultPort is used when no port is specified. + DefaultPort = "31000" + + // DefaultHost is the host that will be used when none is specified. + DefaultHost = "127.0.0.1" ) -// Start will start the a long running go routine to capture +// AddressWithDefaults returns a CSM address built from the host and port +// values. If the host or port is not set, default values will be used +// instead. If host is "localhost" it will be replaced with "127.0.0.1". +func AddressWithDefaults(host, port string) string { + if len(host) == 0 || strings.EqualFold(host, "localhost") { + host = DefaultHost + } + + if len(port) == 0 { + port = DefaultPort + } + + // Only IP6 host can contain a colon + if strings.Contains(host, ":") { + return "[" + host + "]:" + port + } + + return host + ":" + port +} + +// Start will start a long running go routine to capture // client side metrics. Calling start multiple time will only // start the metric listener once and will panic if a different // client ID or port is passed in. // -// Example: -// r, err := csm.Start("clientID", "127.0.0.1:8094") +// r, err := csm.Start("clientID", "127.0.0.1:31000") // if err != nil { // panic(fmt.Errorf("expected no error, but received %v", err)) // } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go index 514fc3739a5..82a3e345e93 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go @@ -16,25 +16,26 @@ var ( type metricChan struct { ch chan metric - paused int64 + paused *int64 } func newMetricChan(size int) metricChan { return metricChan{ - ch: make(chan metric, size), + ch: make(chan metric, size), + paused: new(int64), } } func (ch *metricChan) Pause() { - atomic.StoreInt64(&ch.paused, pausedEnum) + atomic.StoreInt64(ch.paused, pausedEnum) } func (ch *metricChan) Continue() { - atomic.StoreInt64(&ch.paused, runningEnum) + atomic.StoreInt64(ch.paused, runningEnum) } func (ch *metricChan) IsPaused() bool { - v := atomic.LoadInt64(&ch.paused) + v := atomic.LoadInt64(ch.paused) return v == pausedEnum } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go index 0b5571acfbf..835bcd49cba 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go @@ -10,11 +10,6 @@ import ( "github.com/aws/aws-sdk-go/aws/request" ) -const ( - // DefaultPort is used when no port is specified - DefaultPort = "31000" -) - // Reporter will gather metrics of API requests made and // send those metrics to the CSM endpoint. type Reporter struct { @@ -71,7 +66,6 @@ func (rep *Reporter) sendAPICallAttemptMetric(r *request.Request) { XAmzRequestID: aws.String(r.RequestID), - AttemptCount: aws.Int(r.RetryCount + 1), AttemptLatency: aws.Int(int(now.Sub(r.AttemptTime).Nanoseconds() / int64(time.Millisecond))), AccessKey: aws.String(creds.AccessKeyID), } @@ -95,8 +89,8 @@ func getMetricException(err awserr.Error) metricException { code := err.Code() switch code { - case "RequestError", - "SerializationError", + case request.ErrCodeRequestError, + request.ErrCodeSerialization, request.CanceledErrorCode: return sdkException{ requestException{exception: code, message: msg}, @@ -123,7 +117,7 @@ func (rep *Reporter) sendAPICallMetric(r *request.Request) { Type: aws.String("ApiCall"), AttemptCount: aws.Int(r.RetryCount + 1), Region: r.Config.Region, - Latency: aws.Int(int(time.Now().Sub(r.Time) / time.Millisecond)), + Latency: aws.Int(int(time.Since(r.Time) / time.Millisecond)), XAmzRequestID: aws.String(r.RequestID), MaxRetriesExceeded: aws.Int(boolIntValue(r.RetryCount >= r.MaxRetries())), } @@ -190,8 +184,9 @@ func (rep *Reporter) start() { } } -// Pause will pause the metric channel preventing any new metrics from -// being added. +// Pause will pause the metric channel preventing any new metrics from being +// added. It is safe to call concurrently with other calls to Pause, but if +// called concurently with Continue can lead to unexpected state. func (rep *Reporter) Pause() { lock.Lock() defer lock.Unlock() @@ -203,8 +198,9 @@ func (rep *Reporter) Pause() { rep.close() } -// Continue will reopen the metric channel and allow for monitoring -// to be resumed. +// Continue will reopen the metric channel and allow for monitoring to be +// resumed. It is safe to call concurrently with other calls to Continue, but +// if called concurently with Pause can lead to unexpected state. func (rep *Reporter) Continue() { lock.Lock() defer lock.Unlock() @@ -219,10 +215,18 @@ func (rep *Reporter) Continue() { rep.metricsCh.Continue() } +// Client side metric handler names +const ( + APICallMetricHandlerName = "awscsm.SendAPICallMetric" + APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric" +) + // InjectHandlers will will enable client side metrics and inject the proper // handlers to handle how metrics are sent. // -// Example: +// InjectHandlers is NOT safe to call concurrently. Calling InjectHandlers +// multiple times may lead to unexpected behavior, (e.g. duplicate metrics). +// // // Start must be called in order to inject the correct handlers // r, err := csm.Start("clientID", "127.0.0.1:8094") // if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/BUILD index b5684d95ef1..3c70477b984 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/BUILD @@ -5,6 +5,7 @@ go_library( srcs = [ "api.go", "service.go", + "token_provider.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata", importpath = "github.com/aws/aws-sdk-go/aws/ec2metadata", @@ -15,6 +16,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/client:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/client/metadata:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/corehandlers:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", "//vendor/github.com/aws/aws-sdk-go/internal/sdkuri:go_default_library", ], diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go index 88e2fc70734..12897eef626 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go @@ -4,6 +4,7 @@ import ( "encoding/json" "fmt" "net/http" + "strconv" "strings" "time" @@ -12,8 +13,41 @@ import ( "github.com/aws/aws-sdk-go/internal/sdkuri" ) +// getToken uses the duration to return a token for EC2 metadata service, +// or an error if the request failed. +func (c *EC2Metadata) getToken(duration time.Duration) (tokenOutput, error) { + op := &request.Operation{ + Name: "GetToken", + HTTPMethod: "PUT", + HTTPPath: "/api/token", + } + + var output tokenOutput + req := c.NewRequest(op, nil, &output) + + // remove the fetch token handler from the request handlers to avoid infinite recursion + req.Handlers.Sign.RemoveByName(fetchTokenHandlerName) + + // Swap the unmarshalMetadataHandler with unmarshalTokenHandler on this request. + req.Handlers.Unmarshal.Swap(unmarshalMetadataHandlerName, unmarshalTokenHandler) + + ttl := strconv.FormatInt(int64(duration/time.Second), 10) + req.HTTPRequest.Header.Set(ttlHeader, ttl) + + err := req.Send() + + // Errors with bad request status should be returned. + if err != nil { + err = awserr.NewRequestFailure( + awserr.New(req.HTTPResponse.Status, http.StatusText(req.HTTPResponse.StatusCode), err), + req.HTTPResponse.StatusCode, req.RequestID) + } + + return output, err +} + // GetMetadata uses the path provided to request information from the EC2 -// instance metdata service. The content will be returned as a string, or +// instance metadata service. The content will be returned as a string, or // error if the request failed. func (c *EC2Metadata) GetMetadata(p string) (string, error) { op := &request.Operation{ @@ -21,11 +55,12 @@ func (c *EC2Metadata) GetMetadata(p string) (string, error) { HTTPMethod: "GET", HTTPPath: sdkuri.PathJoin("/meta-data", p), } - output := &metadataOutput{} + req := c.NewRequest(op, nil, output) - return output.Content, req.Send() + err := req.Send() + return output.Content, err } // GetUserData returns the userdata that was configured for the service. If @@ -40,13 +75,9 @@ func (c *EC2Metadata) GetUserData() (string, error) { output := &metadataOutput{} req := c.NewRequest(op, nil, output) - req.Handlers.UnmarshalError.PushBack(func(r *request.Request) { - if r.HTTPResponse.StatusCode == http.StatusNotFound { - r.Error = awserr.New("NotFoundError", "user-data not found", r.Error) - } - }) - return output.Content, req.Send() + err := req.Send() + return output.Content, err } // GetDynamicData uses the path provided to request information from the EC2 @@ -62,7 +93,8 @@ func (c *EC2Metadata) GetDynamicData(p string) (string, error) { output := &metadataOutput{} req := c.NewRequest(op, nil, output) - return output.Content, req.Send() + err := req.Send() + return output.Content, err } // GetInstanceIdentityDocument retrieves an identity document describing an @@ -79,7 +111,7 @@ func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument doc := EC2InstanceIdentityDocument{} if err := json.NewDecoder(strings.NewReader(resp)).Decode(&doc); err != nil { return EC2InstanceIdentityDocument{}, - awserr.New("SerializationError", + awserr.New(request.ErrCodeSerialization, "failed to decode EC2 instance identity document", err) } @@ -98,7 +130,7 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { info := EC2IAMInfo{} if err := json.NewDecoder(strings.NewReader(resp)).Decode(&info); err != nil { return EC2IAMInfo{}, - awserr.New("SerializationError", + awserr.New(request.ErrCodeSerialization, "failed to decode EC2 IAM info", err) } @@ -113,17 +145,17 @@ func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { // Region returns the region the instance is running in. func (c *EC2Metadata) Region() (string, error) { - resp, err := c.GetMetadata("placement/availability-zone") + ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocument() if err != nil { return "", err } - - if len(resp) == 0 { - return "", awserr.New("EC2MetadataError", "invalid Region response", nil) + // extract region from the ec2InstanceIdentityDocument + region := ec2InstanceIdentityDocument.Region + if len(region) == 0 { + return "", awserr.New("EC2MetadataError", "invalid region received for ec2metadata instance", nil) } - - // returns region without the suffix. Eg: us-west-2a becomes us-west-2 - return resp[:len(resp)-1], nil + // returns region + return region, nil } // Available returns if the application has access to the EC2 Metadata service. @@ -149,18 +181,19 @@ type EC2IAMInfo struct { // An EC2InstanceIdentityDocument provides the shape for unmarshaling // an instance identity document type EC2InstanceIdentityDocument struct { - DevpayProductCodes []string `json:"devpayProductCodes"` - AvailabilityZone string `json:"availabilityZone"` - PrivateIP string `json:"privateIp"` - Version string `json:"version"` - Region string `json:"region"` - InstanceID string `json:"instanceId"` - BillingProducts []string `json:"billingProducts"` - InstanceType string `json:"instanceType"` - AccountID string `json:"accountId"` - PendingTime time.Time `json:"pendingTime"` - ImageID string `json:"imageId"` - KernelID string `json:"kernelId"` - RamdiskID string `json:"ramdiskId"` - Architecture string `json:"architecture"` + DevpayProductCodes []string `json:"devpayProductCodes"` + MarketplaceProductCodes []string `json:"marketplaceProductCodes"` + AvailabilityZone string `json:"availabilityZone"` + PrivateIP string `json:"privateIp"` + Version string `json:"version"` + Region string `json:"region"` + InstanceID string `json:"instanceId"` + BillingProducts []string `json:"billingProducts"` + InstanceType string `json:"instanceType"` + AccountID string `json:"accountId"` + PendingTime time.Time `json:"pendingTime"` + ImageID string `json:"imageId"` + KernelID string `json:"kernelId"` + RamdiskID string `json:"ramdiskId"` + Architecture string `json:"architecture"` } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index 7d1f66e4e85..b8b2940d744 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -13,6 +13,7 @@ import ( "io" "net/http" "os" + "strconv" "strings" "time" @@ -24,9 +25,25 @@ import ( "github.com/aws/aws-sdk-go/aws/request" ) -// ServiceName is the name of the service. -const ServiceName = "ec2metadata" -const disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED" +const ( + // ServiceName is the name of the service. + ServiceName = "ec2metadata" + disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED" + + // Headers for Token and TTL + ttlHeader = "x-aws-ec2-metadata-token-ttl-seconds" + tokenHeader = "x-aws-ec2-metadata-token" + + // Named Handler constants + fetchTokenHandlerName = "FetchTokenHandler" + unmarshalMetadataHandlerName = "unmarshalMetadataHandler" + unmarshalTokenHandlerName = "unmarshalTokenHandler" + enableTokenProviderHandlerName = "enableTokenProviderHandler" + + // TTL constants + defaultTTL = 21600 * time.Second + ttlExpirationWindow = 30 * time.Second +) // A EC2Metadata is an EC2 Metadata service Client. type EC2Metadata struct { @@ -63,8 +80,10 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio // use a shorter timeout than default because the metadata // service is local if it is running, and to fail faster // if not running on an ec2 instance. - Timeout: 5 * time.Second, + Timeout: 1 * time.Second, } + // max number of retries on the client operation + cfg.MaxRetries = aws.Int(2) } svc := &EC2Metadata{ @@ -80,18 +99,35 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ), } - svc.Handlers.Unmarshal.PushBack(unmarshalHandler) + // token provider instance + tp := newTokenProvider(svc, defaultTTL) + + // NamedHandler for fetching token + svc.Handlers.Sign.PushBackNamed(request.NamedHandler{ + Name: fetchTokenHandlerName, + Fn: tp.fetchTokenHandler, + }) + // NamedHandler for enabling token provider + svc.Handlers.Complete.PushBackNamed(request.NamedHandler{ + Name: enableTokenProviderHandlerName, + Fn: tp.enableTokenProviderHandler, + }) + + svc.Handlers.Unmarshal.PushBackNamed(unmarshalHandler) svc.Handlers.UnmarshalError.PushBack(unmarshalError) svc.Handlers.Validate.Clear() svc.Handlers.Validate.PushBack(validateEndpointHandler) // Disable the EC2 Metadata service if the environment variable is set. - // This shortcirctes the service's functionality to always fail to send + // This short-circuits the service's functionality to always fail to send // requests. if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" { svc.Handlers.Send.SwapNamed(request.NamedHandler{ Name: corehandlers.SendHandler.Name, Fn: func(r *request.Request) { + r.HTTPResponse = &http.Response{ + Header: http.Header{}, + } r.Error = awserr.New( request.CanceledErrorCode, "EC2 IMDS access disabled via "+disableServiceEnvVar+" env var", @@ -104,7 +140,6 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio for _, option := range opts { option(svc.Client) } - return svc } @@ -116,30 +151,74 @@ type metadataOutput struct { Content string } -func unmarshalHandler(r *request.Request) { - defer r.HTTPResponse.Body.Close() - b := &bytes.Buffer{} - if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata respose", err) - return - } +type tokenOutput struct { + Token string + TTL time.Duration +} - if data, ok := r.Data.(*metadataOutput); ok { - data.Content = b.String() - } +// unmarshal token handler is used to parse the response of a getToken operation +var unmarshalTokenHandler = request.NamedHandler{ + Name: unmarshalTokenHandlerName, + Fn: func(r *request.Request) { + defer r.HTTPResponse.Body.Close() + var b bytes.Buffer + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, + "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + + v := r.HTTPResponse.Header.Get(ttlHeader) + data, ok := r.Data.(*tokenOutput) + if !ok { + return + } + + data.Token = b.String() + // TTL is in seconds + i, err := strconv.ParseInt(v, 10, 64) + if err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ParamFormatErrCode, + "unable to parse EC2 token TTL response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + t := time.Duration(i) * time.Second + data.TTL = t + }, +} + +var unmarshalHandler = request.NamedHandler{ + Name: unmarshalMetadataHandlerName, + Fn: func(r *request.Request) { + defer r.HTTPResponse.Body.Close() + var b bytes.Buffer + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, + "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) + return + } + + if data, ok := r.Data.(*metadataOutput); ok { + data.Content = b.String() + } + }, } func unmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - b := &bytes.Buffer{} - if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New("SerializationError", "unable to unmarshal EC2 metadata error respose", err) + var b bytes.Buffer + + if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err), + r.HTTPResponse.StatusCode, r.RequestID) return } // Response body format is not consistent between metadata endpoints. // Grab the error message as a string and include that as the source error - r.Error = awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())) + r.Error = awserr.NewRequestFailure(awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())), + r.HTTPResponse.StatusCode, r.RequestID) } func validateEndpointHandler(r *request.Request) { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go new file mode 100644 index 00000000000..663372a9154 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -0,0 +1,92 @@ +package ec2metadata + +import ( + "net/http" + "sync/atomic" + "time" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" +) + +// A tokenProvider struct provides access to EC2Metadata client +// and atomic instance of a token, along with configuredTTL for it. +// tokenProvider also provides an atomic flag to disable the +// fetch token operation. +// The disabled member will use 0 as false, and 1 as true. +type tokenProvider struct { + client *EC2Metadata + token atomic.Value + configuredTTL time.Duration + disabled uint32 +} + +// A ec2Token struct helps use of token in EC2 Metadata service ops +type ec2Token struct { + token string + credentials.Expiry +} + +// newTokenProvider provides a pointer to a tokenProvider instance +func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { + return &tokenProvider{client: c, configuredTTL: duration} +} + +// fetchTokenHandler fetches token for EC2Metadata service client by default. +func (t *tokenProvider) fetchTokenHandler(r *request.Request) { + + // short-circuits to insecure data flow if tokenProvider is disabled. + if v := atomic.LoadUint32(&t.disabled); v == 1 { + return + } + + if ec2Token, ok := t.token.Load().(ec2Token); ok && !ec2Token.IsExpired() { + r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) + return + } + + output, err := t.client.getToken(t.configuredTTL) + + if err != nil { + + // change the disabled flag on token provider to true, + // when error is request timeout error. + if requestFailureError, ok := err.(awserr.RequestFailure); ok { + switch requestFailureError.StatusCode() { + case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: + atomic.StoreUint32(&t.disabled, 1) + case http.StatusBadRequest: + r.Error = requestFailureError + } + + // Check if request timed out while waiting for response + if e, ok := requestFailureError.OrigErr().(awserr.Error); ok { + if e.Code() == request.ErrCodeRequestError { + atomic.StoreUint32(&t.disabled, 1) + } + } + } + return + } + + newToken := ec2Token{ + token: output.Token, + } + newToken.SetExpiration(time.Now().Add(output.TTL), ttlExpirationWindow) + t.token.Store(newToken) + + // Inject token header to the request. + if ec2Token, ok := t.token.Load().(ec2Token); ok { + r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) + } +} + +// enableTokenProviderHandler enables the token provider +func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) { + // If the error code status is 401, we enable the token provider + if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil && + e.StatusCode() == http.StatusUnauthorized { + atomic.StoreUint32(&t.disabled, 0) + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/BUILD index 26cc13a8c6e..3dd7d180721 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/BUILD @@ -8,6 +8,7 @@ go_library( "dep_service_ids.go", "doc.go", "endpoints.go", + "legacy_regions.go", "v3model.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/aws/endpoints", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go index 87b9ff3ffec..343a2106f81 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go @@ -83,6 +83,7 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol p := &ps[i] custAddEC2Metadata(p) custAddS3DualStack(p) + custRegionalS3(p) custRmIotDataService(p) custFixAppAutoscalingChina(p) custFixAppAutoscalingUsGov(p) @@ -100,6 +101,33 @@ func custAddS3DualStack(p *partition) { custAddDualstack(p, "s3-control") } +func custRegionalS3(p *partition) { + if p.ID != "aws" { + return + } + + service, ok := p.Services["s3"] + if !ok { + return + } + + // If global endpoint already exists no customization needed. + if _, ok := service.Endpoints["aws-global"]; ok { + return + } + + service.PartitionEndpoint = "aws-global" + service.Endpoints["us-east-1"] = endpoint{} + service.Endpoints["aws-global"] = endpoint{ + Hostname: "s3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + } + + p.Services["s3"] = service +} + func custAddDualstack(p *partition, svcName string) { s, ok := p.Services[svcName] if !ok { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 97486c32b4c..03f03570204 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -11,10 +11,13 @@ const ( AwsPartitionID = "aws" // AWS Standard partition. AwsCnPartitionID = "aws-cn" // AWS China partition. AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. + AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. + AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. ) // AWS Standard partition's regions. const ( + ApEast1RegionID = "ap-east-1" // Asia Pacific (Hong Kong). ApNortheast1RegionID = "ap-northeast-1" // Asia Pacific (Tokyo). ApNortheast2RegionID = "ap-northeast-2" // Asia Pacific (Seoul). ApSouth1RegionID = "ap-south-1" // Asia Pacific (Mumbai). @@ -26,6 +29,7 @@ const ( EuWest1RegionID = "eu-west-1" // EU (Ireland). EuWest2RegionID = "eu-west-2" // EU (London). EuWest3RegionID = "eu-west-3" // EU (Paris). + MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). UsEast1RegionID = "us-east-1" // US East (N. Virginia). UsEast2RegionID = "us-east-2" // US East (Ohio). @@ -45,8 +49,18 @@ const ( UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US). ) +// AWS ISO (US) partition's regions. +const ( + UsIsoEast1RegionID = "us-iso-east-1" // US ISO East. +) + +// AWS ISOB (US) partition's regions. +const ( + UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). +) + // DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, and AWS GovCloud (US). +// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). // // Use DefaultPartitions() to get the list of the default partitions. func DefaultResolver() Resolver { @@ -54,7 +68,7 @@ func DefaultResolver() Resolver { } // DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, and AWS GovCloud (US). +// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). // // partitions := endpoints.DefaultPartitions // for _, p := range partitions { @@ -68,6 +82,8 @@ var defaultPartitions = partitions{ awsPartition, awscnPartition, awsusgovPartition, + awsisoPartition, + awsisobPartition, } // AwsPartition returns the Resolver for AWS Standard. @@ -81,7 +97,7 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$") return reg }(), }, @@ -91,6 +107,9 @@ var awsPartition = partition{ SignatureVersions: []string{"v4"}, }, Regions: regions{ + "ap-east-1": region{ + Description: "Asia Pacific (Hong Kong)", + }, "ap-northeast-1": region{ Description: "Asia Pacific (Tokyo)", }, @@ -124,6 +143,9 @@ var awsPartition = partition{ "eu-west-3": region{ Description: "EU (Paris)", }, + "me-south-1": region{ + Description: "Middle East (Bahrain)", + }, "sa-east-1": region{ Description: "South America (Sao Paulo)", }, @@ -150,6 +172,62 @@ var awsPartition = partition{ "acm": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "acm-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "acm-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "acm-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "acm-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "acm-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "acm-pca": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -161,33 +239,53 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "acm-pca": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "fips-ca-central-1": endpoint{ + Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "fips-us-east-1": endpoint{ + Hostname: "acm-pca-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "acm-pca-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "acm-pca-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "acm-pca-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "api.ecr": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{ + Hostname: "api.ecr.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, "ap-northeast-1": endpoint{ Hostname: "api.ecr.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ @@ -254,6 +352,12 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + "me-south-1": endpoint{ + Hostname: "api.ecr.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, "sa-east-1": endpoint{ Hostname: "api.ecr.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -292,6 +396,7 @@ var awsPartition = partition{ "ap-northeast-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, @@ -311,24 +416,7 @@ var awsPartition = partition{ "api.sagemaker": service{ Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "apigateway": service{ - - Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -340,6 +428,54 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "apigateway": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -349,13 +485,10 @@ var awsPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -367,6 +500,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -374,6 +508,25 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "appmesh": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "appstream2": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -383,12 +536,19 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "appstream2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "appsync": service{ @@ -401,6 +561,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -409,24 +570,7 @@ var awsPartition = partition{ "athena": service{ Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -438,6 +582,32 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "autoscaling": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -447,11 +617,7 @@ var awsPartition = partition{ }, "autoscaling-plans": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "autoscaling-plans", - }, }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, @@ -469,9 +635,10 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "batch": service{ + "backup": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -479,9 +646,34 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "batch": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -535,8 +727,16 @@ var awsPartition = partition{ "cloud9": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -559,6 +759,7 @@ var awsPartition = partition{ "cloudformation": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -570,6 +771,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -613,6 +815,7 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -624,6 +827,8 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -648,6 +853,7 @@ var awsPartition = partition{ "cloudtrail": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -659,6 +865,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -669,6 +876,7 @@ var awsPartition = partition{ "codebuild": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -676,9 +884,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -713,32 +923,7 @@ var awsPartition = partition{ "codecommit": service{ Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "codecommit-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "codedeploy": service{ - - Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -750,6 +935,36 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "fips": endpoint{ + Hostname: "codecommit-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "codedeploy": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -791,6 +1006,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -873,9 +1089,24 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "comprehendmedical": service{ + + Endpoints: endpoints{ + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -884,6 +1115,7 @@ var awsPartition = partition{ "config": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -895,6 +1127,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -902,12 +1135,53 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "connect": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "cur": service{ Endpoints: endpoints{ "us-east-1": endpoint{}, }, }, + "data.mediastore": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "dataexchange": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "datapipeline": service{ Endpoints: endpoints{ @@ -921,16 +1195,48 @@ var awsPartition = partition{ "datasync": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "datasync-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "datasync-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "datasync-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "datasync-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dax": service{ @@ -940,7 +1246,10 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -957,6 +1266,7 @@ var awsPartition = partition{ "directconnect": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -968,6 +1278,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -978,12 +1289,14 @@ var awsPartition = partition{ "discovery": service{ Endpoints: endpoints{ - "us-west-2": endpoint{}, + "eu-central-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dms": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -991,9 +1304,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1004,12 +1319,66 @@ var awsPartition = partition{ "docdb": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "rds.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-northeast-2": endpoint{ + Hostname: "rds.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-south-1": endpoint{ + Hostname: "rds.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + "ap-southeast-1": endpoint{ + Hostname: "rds.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "rds.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "rds.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, "eu-west-1": endpoint{ Hostname: "rds.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-1", }, }, + "eu-west-2": endpoint{ + Hostname: "rds.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "eu-west-3": endpoint{ + Hostname: "rds.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1033,6 +1402,7 @@ var awsPartition = partition{ "ds": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1040,8 +1410,10 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1054,17 +1426,24 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "local": endpoint{ Hostname: "localhost:8000", Protocols: []string{"http"}, @@ -1072,11 +1451,36 @@ var awsPartition = partition{ Region: "us-east-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "ec2": service{ @@ -1084,6 +1488,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1095,6 +1500,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1116,6 +1522,7 @@ var awsPartition = partition{ "ecs": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1127,6 +1534,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1137,6 +1545,7 @@ var awsPartition = partition{ "elasticache": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1154,16 +1563,18 @@ var awsPartition = partition{ Region: "us-west-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "elasticbeanstalk": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1175,6 +1586,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1185,12 +1597,20 @@ var awsPartition = partition{ "elasticfilesystem": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1202,6 +1622,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1213,6 +1634,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1226,6 +1648,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1239,6 +1662,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "{service}.{region}.{dnsSuffix}", @@ -1264,9 +1688,12 @@ var awsPartition = partition{ "email": service{ Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "entitlement.marketplace": service{ @@ -1282,6 +1709,7 @@ var awsPartition = partition{ "es": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1293,16 +1721,24 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips": endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "events": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1314,6 +1750,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1324,6 +1761,7 @@ var awsPartition = partition{ "firehose": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1331,9 +1769,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1347,8 +1787,39 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "forecast": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "forecastquery": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1358,10 +1829,17 @@ var awsPartition = partition{ "fsx": service{ Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "gamelift": service{ @@ -1388,6 +1866,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1399,6 +1878,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1409,6 +1889,7 @@ var awsPartition = partition{ "glue": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1416,9 +1897,12 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1432,19 +1916,34 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, + "groundstation": service{ + + Endpoints: endpoints{ + "eu-north-1": endpoint{}, + "me-south-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "guardduty": service{ IsRegionalized: boxedTrue, Defaults: endpoint{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1452,14 +1951,40 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "guardduty-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "guardduty-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "guardduty-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "guardduty-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "health": service{ @@ -1504,7 +2029,9 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1518,16 +2045,23 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1542,7 +2076,87 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "kinesis": service{ + "iotevents": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "ioteventsdata": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "data.iotevents.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-northeast-2": endpoint{ + Hostname: "data.iotevents.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-southeast-1": endpoint{ + Hostname: "data.iotevents.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "eu-central-1": endpoint{ + Hostname: "data.iotevents.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "data.iotevents.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "data.iotevents.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "data.iotevents.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "data.iotevents.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "data.iotevents.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "iotsecuredtunneling": service{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, @@ -1563,28 +2177,68 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "iotthingsgraph": service{ + Defaults: endpoint{ + CredentialScope: credentialScope{ + Service: "iotthingsgraph", + }, + }, + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "kafka": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "kinesis": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "kinesisanalytics": service{ - Endpoints: endpoints{ - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "kinesisvideo": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "kms": service{ - Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1600,13 +2254,33 @@ var awsPartition = partition{ "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, - "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, - "lambda": service{ + "kinesisvideo": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "kms": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1618,6 +2292,71 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "lakeformation": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "lambda": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "license-manager": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1646,6 +2385,7 @@ var awsPartition = partition{ "logs": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1657,6 +2397,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1677,6 +2418,26 @@ var awsPartition = partition{ "us-east-1": endpoint{}, }, }, + "mediaconnect": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "mediaconvert": service{ Endpoints: endpoints{ @@ -1689,6 +2450,7 @@ var awsPartition = partition{ "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1705,9 +2467,13 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1721,6 +2487,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, @@ -1735,6 +2502,7 @@ var awsPartition = partition{ "ap-northeast-2": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, @@ -1747,6 +2515,7 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1758,6 +2527,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1768,7 +2538,8 @@ var awsPartition = partition{ "mgh": service{ Endpoints: endpoints{ - "us-west-2": endpoint{}, + "eu-central-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mobileanalytics": service{ @@ -1784,9 +2555,10 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "monitoring": service{ @@ -1794,6 +2566,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1805,6 +2578,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1817,14 +2591,44 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "mq-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "mq-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "mq-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "mq-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "mturk-requester": service{ @@ -1840,6 +2644,24 @@ var awsPartition = partition{ "neptune": service{ Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "rds.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-northeast-2": endpoint{ + Hostname: "rds.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + "ap-south-1": endpoint{ + Hostname: "rds.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, "ap-southeast-1": endpoint{ Hostname: "rds.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1852,12 +2674,24 @@ var awsPartition = partition{ Region: "ap-southeast-2", }, }, + "ca-central-1": endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, "eu-central-1": endpoint{ Hostname: "rds.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, }, + "eu-north-1": endpoint{ + Hostname: "rds.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, "eu-west-1": endpoint{ Hostname: "rds.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1870,6 +2704,12 @@ var awsPartition = partition{ Region: "eu-west-2", }, }, + "me-south-1": endpoint{ + Hostname: "rds.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1890,6 +2730,65 @@ var awsPartition = partition{ }, }, }, + "oidc": service{ + + Endpoints: endpoints{ + "ap-southeast-1": endpoint{ + Hostname: "oidc.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "oidc.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "oidc.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "oidc.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "oidc.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "oidc.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "oidc.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "oidc.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "oidc.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "opsworks": service{ Endpoints: endpoints{ @@ -1937,6 +2836,20 @@ var awsPartition = partition{ }, }, }, + "outposts": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "pinpoint": service{ Defaults: endpoint{ CredentialScope: credentialScope{ @@ -1944,10 +2857,34 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "pinpoint-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "pinpoint-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "pinpoint.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-west-2": endpoint{ + Hostname: "pinpoint.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "polly": service{ @@ -1960,6 +2897,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1970,9 +2908,95 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "rds": service{ + "portal.sso": service{ Endpoints: endpoints{ + "ap-southeast-1": endpoint{ + Hostname: "portal.sso.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "portal.sso.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "ca-central-1": endpoint{ + Hostname: "portal.sso.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{ + Hostname: "portal.sso.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "portal.sso.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "eu-west-2": endpoint{ + Hostname: "portal.sso.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + "us-east-1": endpoint{ + Hostname: "portal.sso.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "portal.sso.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "portal.sso.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "projects.iot1click": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "qldb": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "ram": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1984,6 +3008,30 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "rds": service{ + + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "{service}.{dnsSuffix}", @@ -1996,6 +3044,7 @@ var awsPartition = partition{ "redshift": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2007,6 +3056,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2018,16 +3068,23 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, "resource-groups": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2039,19 +3096,48 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "resource-groups-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "resource-groups-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "resource-groups-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "resource-groups-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "robomaker": service{ Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, }, }, "route53": service{ @@ -2078,12 +3164,21 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2094,14 +3189,16 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "runtime.sagemaker": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2109,16 +3206,44 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "s3": service{ - PartitionEndpoint: "us-east-1", + PartitionEndpoint: "aws-global", IsRegionalized: boxedTrue, Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -2128,6 +3253,7 @@ var awsPartition = partition{ DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{ Hostname: "s3.ap-northeast-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, @@ -2142,6 +3268,13 @@ var awsPartition = partition{ Hostname: "s3.ap-southeast-2.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, + "aws-global": endpoint{ + Hostname: "s3.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, @@ -2149,8 +3282,9 @@ var awsPartition = partition{ Hostname: "s3.eu-west-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "s3-external-1": endpoint{ Hostname: "s3-external-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, @@ -2163,7 +3297,7 @@ var awsPartition = partition{ SignatureVersions: []string{"s3", "s3v4"}, }, "us-east-1": endpoint{ - Hostname: "s3.amazonaws.com", + Hostname: "s3.us-east-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, "us-east-2": endpoint{}, @@ -2328,6 +3462,29 @@ var awsPartition = partition{ }, }, }, + "savingsplans": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "savingsplans.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "schemas": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "sdb": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -2349,6 +3506,7 @@ var awsPartition = partition{ "secretsmanager": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2356,9 +3514,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -2393,6 +3553,7 @@ var awsPartition = partition{ "securityhub": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2400,9 +3561,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2415,6 +3578,9 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{ + Protocols: []string{"https"}, + }, "ap-northeast-1": endpoint{ Protocols: []string{"https"}, }, @@ -2436,12 +3602,21 @@ var awsPartition = partition{ "eu-central-1": endpoint{ Protocols: []string{"https"}, }, + "eu-north-1": endpoint{ + Protocols: []string{"https"}, + }, "eu-west-1": endpoint{ Protocols: []string{"https"}, }, "eu-west-2": endpoint{ Protocols: []string{"https"}, }, + "eu-west-3": endpoint{ + Protocols: []string{"https"}, + }, + "me-south-1": endpoint{ + Protocols: []string{"https"}, + }, "sa-east-1": endpoint{ Protocols: []string{"https"}, }, @@ -2469,6 +3644,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2506,6 +3682,7 @@ var awsPartition = partition{ "servicediscovery": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2513,9 +3690,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2523,6 +3702,20 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "session.qldb": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "shield": service{ IsRegionalized: boxedFalse, Defaults: endpoint{ @@ -2536,6 +3729,7 @@ var awsPartition = partition{ "sms": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2543,9 +3737,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2557,6 +3753,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, @@ -2577,6 +3774,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2588,6 +3786,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2601,6 +3800,7 @@ var awsPartition = partition{ Protocols: []string{"http", "https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2636,7 +3836,8 @@ var awsPartition = partition{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "queue.{dnsSuffix}", }, @@ -2648,6 +3849,7 @@ var awsPartition = partition{ "ssm": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2659,6 +3861,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2669,6 +3872,7 @@ var awsPartition = partition{ "states": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2680,6 +3884,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2690,6 +3895,7 @@ var awsPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2701,6 +3907,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2722,11 +3929,17 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "local": endpoint{ Hostname: "localhost:8000", Protocols: []string{"http"}, @@ -2734,41 +3947,63 @@ var awsPartition = partition{ Region: "us-east-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "sts": service{ PartitionEndpoint: "aws-global", - Defaults: endpoint{ - Hostname: "sts.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{ - Hostname: "sts.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, + "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, - "aws-global": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "aws-global": endpoint{ + Hostname: "sts.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "sts-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2799,14 +4034,21 @@ var awsPartition = partition{ }, }, "support": service{ + PartitionEndpoint: "aws-global", Endpoints: endpoints{ - "us-east-1": endpoint{}, + "aws-global": endpoint{ + Hostname: "support.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, }, }, "swf": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2818,6 +4060,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2827,6 +4070,64 @@ var awsPartition = partition{ }, "tagging": service{ + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "transcribestreaming": service{ + + Endpoints: endpoints{ + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "transfer": service{ + Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -2846,31 +4147,24 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, - "transfer": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, "translate": service{ Defaults: endpoint{ Protocols: []string{"https"}, }, Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, + "ap-east-1": endpoint{}, + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "translate-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2884,6 +4178,7 @@ var awsPartition = partition{ Region: "us-east-2", }, }, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, "us-west-2-fips": endpoint{ Hostname: "translate-fips.us-west-2.amazonaws.com", @@ -2910,9 +4205,17 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -2959,6 +4262,7 @@ var awsPartition = partition{ "xray": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2970,6 +4274,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3035,11 +4340,7 @@ var awscnPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com.cn", Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, }, Endpoints: endpoints{ "cn-north-1": endpoint{}, @@ -3055,6 +4356,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "batch": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "cloudformation": service{ Endpoints: endpoints{ @@ -3062,6 +4370,20 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "cloudfront": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "cloudfront.cn-northwest-1.amazonaws.com.cn", + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "cloudtrail": service{ Endpoints: endpoints{ @@ -3096,6 +4418,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "dax": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, "directconnect": service{ Endpoints: endpoints{ @@ -3206,6 +4534,12 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "gamelift": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, "glacier": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -3215,6 +4549,28 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "glue": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, + "health": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "iam": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -3235,7 +4591,8 @@ var awscnPartition = partition{ }, }, Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, }, }, "kinesis": service{ @@ -3245,6 +4602,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "kms": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "lambda": service{ Endpoints: endpoints{ @@ -3252,6 +4616,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "license-manager": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "logs": service{ Endpoints: endpoints{ @@ -3259,6 +4630,17 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "mediaconvert": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{ + Hostname: "subscribe.mediaconvert.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "monitoring": service{ Defaults: endpoint{ Protocols: []string{"http", "https"}, @@ -3320,6 +4702,13 @@ var awscnPartition = partition{ }, }, }, + "secretsmanager": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "sms": service{ Endpoints: endpoints{ @@ -3391,6 +4780,18 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "support": service{ + PartitionEndpoint: "aws-cn-global", + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "support.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, "swf": service{ Endpoints: endpoints{ @@ -3400,6 +4801,38 @@ var awscnPartition = partition{ }, "tagging": service{ + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{ + Hostname: "cn.transcribe.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + "cn-northwest-1": endpoint{ + Hostname: "cn.transcribe.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "workspaces": service{ + + Endpoints: endpoints{ + "cn-northwest-1": endpoint{}, + }, + }, + "xray": service{ + Endpoints: endpoints{ "cn-north-1": endpoint{}, "cn-northwest-1": endpoint{}, @@ -3444,6 +4877,15 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "acm-pca": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "api.ecr": service{ Endpoints: endpoints{ @@ -3476,7 +4918,8 @@ var awsusgovPartition = partition{ }, "application-autoscaling": service{ Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", + Hostname: "autoscaling.{region}.amazonaws.com", + Protocols: []string{"http", "https"}, CredentialScope: credentialScope{ Service: "application-autoscaling", }, @@ -3486,6 +4929,30 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "appstream2": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Service: "appstream", + }, + }, + Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, + "athena": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "autoscaling": service{ Endpoints: endpoints{ @@ -3532,6 +4999,20 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "codebuild": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "codecommit": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "codedeploy": service{ Endpoints: endpoints{ @@ -3551,6 +5032,14 @@ var awsusgovPartition = partition{ }, }, }, + "comprehend": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "config": service{ Endpoints: endpoints{ @@ -3558,6 +5047,19 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "datasync": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "directconnect": service{ Endpoints: endpoints{ @@ -3575,6 +5077,7 @@ var awsusgovPartition = partition{ "ds": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -3582,6 +5085,12 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "dynamodb.us-gov-west-1.amazonaws.com", @@ -3663,6 +5172,12 @@ var awsusgovPartition = partition{ "es": service{ Endpoints: endpoints{ + "fips": endpoint{ + Hostname: "es-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -3677,6 +5192,7 @@ var awsusgovPartition = partition{ "firehose": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -3689,6 +5205,22 @@ var awsusgovPartition = partition{ }, }, }, + "glue": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "guardduty": service{ IsRegionalized: boxedTrue, Defaults: endpoint{ @@ -3698,6 +5230,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "health": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "iam": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, @@ -3738,6 +5276,12 @@ var awsusgovPartition = partition{ "kms": service{ Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, @@ -3749,6 +5293,13 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "license-manager": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "logs": service{ Endpoints: endpoints{ @@ -3769,6 +5320,7 @@ var awsusgovPartition = partition{ }, }, Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -3779,12 +5331,49 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "neptune": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "organizations": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-us-gov-global": endpoint{ + Hostname: "organizations.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "polly": service{ Endpoints: endpoints{ "us-gov-west-1": endpoint{}, }, }, + "ram": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "rds": service{ Endpoints: endpoints{ @@ -3805,6 +5394,45 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "resource-groups": service{ + + Endpoints: endpoints{ + "fips-us-gov-east-1": endpoint{ + Hostname: "resource-groups.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "fips-us-gov-west-1": endpoint{ + Hostname: "resource-groups.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-us-gov-global": endpoint{ + Hostname: "route53.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "route53resolver": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "runtime.sagemaker": service{ Endpoints: endpoints{ @@ -3868,6 +5496,50 @@ var awsusgovPartition = partition{ }, }, }, + "secretsmanager": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "serverlessrepo": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Protocols: []string{"https"}, + }, + "us-gov-west-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "servicecatalog": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "sms": service{ Endpoints: endpoints{ @@ -3929,6 +5601,12 @@ var awsusgovPartition = partition{ }, Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "dynamodb.us-gov-west-1.amazonaws.com", @@ -3959,6 +5637,14 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "transcribe": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "translate": service{ Defaults: endpoint{ Protocols: []string{"https"}, @@ -3973,5 +5659,636 @@ var awsusgovPartition = partition{ }, }, }, + "waf-regional": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, + "workspaces": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, + }, +} + +// AwsIsoPartition returns the Resolver for AWS ISO (US). +func AwsIsoPartition() Partition { + return awsisoPartition.Partition() +} + +var awsisoPartition = partition{ + ID: "aws-iso", + Name: "AWS ISO (US)", + DNSSuffix: "c2s.ic.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-iso\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + Regions: regions{ + "us-iso-east-1": region{ + Description: "US ISO East", + }, + }, + Services: services{ + "api.ecr": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Hostname: "api.ecr.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "api.sagemaker": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "apigateway": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "application-autoscaling": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "autoscaling": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "cloudformation": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "cloudtrail": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "codedeploy": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "config": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "datapipeline": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "directconnect": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "dms": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "ds": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "dynamodb": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "ec2": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "ec2metadata": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "169.254.169.254/latest", + Protocols: []string{"http"}, + }, + }, + }, + "ecs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "elasticache": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "elasticloadbalancing": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "elasticmapreduce": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "events": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "glacier": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "health": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-iso-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "iam.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "kinesis": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "kms": service{ + + Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + "us-iso-east-1": endpoint{}, + }, + }, + "lambda": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "logs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "monitoring": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "rds": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "redshift": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-iso-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "route53.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "runtime.sagemaker": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "s3": service{ + Defaults: endpoint{ + SignatureVersions: []string{"s3v4"}, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + }, + "snowball": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "sns": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "sqs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "states": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "streams.dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "sts": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "support": service{ + PartitionEndpoint: "aws-iso-global", + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "support.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "swf": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "workspaces": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + }, +} + +// AwsIsoBPartition returns the Resolver for AWS ISOB (US). +func AwsIsoBPartition() Partition { + return awsisobPartition.Partition() +} + +var awsisobPartition = partition{ + ID: "aws-iso-b", + Name: "AWS ISOB (US)", + DNSSuffix: "sc2s.sgov.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-isob\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + Regions: regions{ + "us-isob-east-1": region{ + Description: "US ISOB East (Ohio)", + }, + }, + Services: services{ + "application-autoscaling": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "autoscaling": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "cloudformation": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "cloudtrail": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "config": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "directconnect": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "dms": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "ec2": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "ec2metadata": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "169.254.169.254/latest", + Protocols: []string{"http"}, + }, + }, + }, + "elasticache": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "elasticloadbalancing": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "elasticmapreduce": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "events": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "glacier": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "health": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-iso-b-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-b-global": endpoint{ + Hostname: "iam.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, + "kinesis": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "kms": service{ + + Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + "us-isob-east-1": endpoint{}, + }, + }, + "logs": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "monitoring": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "rds": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "redshift": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "s3": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "snowball": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sns": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sqs": service{ + Defaults: endpoint{ + SSLCommonName: "{region}.queue.{dnsSuffix}", + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "states": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "streams.dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sts": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "support": service{ + PartitionEndpoint: "aws-iso-b-global", + + Endpoints: endpoints{ + "aws-iso-b-global": endpoint{ + Hostname: "support.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, + "swf": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, }, } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go index 000dd79eec4..ca8fc828e15 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go @@ -2,7 +2,7 @@ package endpoints // Service identifiers // -// Deprecated: Use client package's EndpointID value instead of these +// Deprecated: Use client package's EndpointsID value instead of these // ServiceIDs. These IDs are not maintained, and are out of date. const ( A4bServiceID = "a4b" // A4b. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go index f82babf6f95..ca956e5f12a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go @@ -3,6 +3,7 @@ package endpoints import ( "fmt" "regexp" + "strings" "github.com/aws/aws-sdk-go/aws/awserr" ) @@ -46,6 +47,108 @@ type Options struct { // // This option is ignored if StrictMatching is enabled. ResolveUnknownService bool + + // STS Regional Endpoint flag helps with resolving the STS endpoint + STSRegionalEndpoint STSRegionalEndpoint + + // S3 Regional Endpoint flag helps with resolving the S3 endpoint + S3UsEast1RegionalEndpoint S3UsEast1RegionalEndpoint +} + +// STSRegionalEndpoint is an enum for the states of the STS Regional Endpoint +// options. +type STSRegionalEndpoint int + +func (e STSRegionalEndpoint) String() string { + switch e { + case LegacySTSEndpoint: + return "legacy" + case RegionalSTSEndpoint: + return "regional" + case UnsetSTSEndpoint: + return "" + default: + return "unknown" + } +} + +const ( + + // UnsetSTSEndpoint represents that STS Regional Endpoint flag is not specified. + UnsetSTSEndpoint STSRegionalEndpoint = iota + + // LegacySTSEndpoint represents when STS Regional Endpoint flag is specified + // to use legacy endpoints. + LegacySTSEndpoint + + // RegionalSTSEndpoint represents when STS Regional Endpoint flag is specified + // to use regional endpoints. + RegionalSTSEndpoint +) + +// GetSTSRegionalEndpoint function returns the STSRegionalEndpointFlag based +// on the input string provided in env config or shared config by the user. +// +// `legacy`, `regional` are the only case-insensitive valid strings for +// resolving the STS regional Endpoint flag. +func GetSTSRegionalEndpoint(s string) (STSRegionalEndpoint, error) { + switch { + case strings.EqualFold(s, "legacy"): + return LegacySTSEndpoint, nil + case strings.EqualFold(s, "regional"): + return RegionalSTSEndpoint, nil + default: + return UnsetSTSEndpoint, fmt.Errorf("unable to resolve the value of STSRegionalEndpoint for %v", s) + } +} + +// S3UsEast1RegionalEndpoint is an enum for the states of the S3 us-east-1 +// Regional Endpoint options. +type S3UsEast1RegionalEndpoint int + +func (e S3UsEast1RegionalEndpoint) String() string { + switch e { + case LegacyS3UsEast1Endpoint: + return "legacy" + case RegionalS3UsEast1Endpoint: + return "regional" + case UnsetS3UsEast1Endpoint: + return "" + default: + return "unknown" + } +} + +const ( + + // UnsetS3UsEast1Endpoint represents that S3 Regional Endpoint flag is not + // specified. + UnsetS3UsEast1Endpoint S3UsEast1RegionalEndpoint = iota + + // LegacyS3UsEast1Endpoint represents when S3 Regional Endpoint flag is + // specified to use legacy endpoints. + LegacyS3UsEast1Endpoint + + // RegionalS3UsEast1Endpoint represents when S3 Regional Endpoint flag is + // specified to use regional endpoints. + RegionalS3UsEast1Endpoint +) + +// GetS3UsEast1RegionalEndpoint function returns the S3UsEast1RegionalEndpointFlag based +// on the input string provided in env config or shared config by the user. +// +// `legacy`, `regional` are the only case-insensitive valid strings for +// resolving the S3 regional Endpoint flag. +func GetS3UsEast1RegionalEndpoint(s string) (S3UsEast1RegionalEndpoint, error) { + switch { + case strings.EqualFold(s, "legacy"): + return LegacyS3UsEast1Endpoint, nil + case strings.EqualFold(s, "regional"): + return RegionalS3UsEast1Endpoint, nil + default: + return UnsetS3UsEast1Endpoint, + fmt.Errorf("unable to resolve the value of S3UsEast1RegionalEndpoint for %v", s) + } } // Set combines all of the option functions together. @@ -79,6 +182,12 @@ func ResolveUnknownServiceOption(o *Options) { o.ResolveUnknownService = true } +// STSRegionalEndpointOption enables the STS endpoint resolver behavior to resolve +// STS endpoint to their regional endpoint, instead of the global endpoint. +func STSRegionalEndpointOption(o *Options) { + o.STSRegionalEndpoint = RegionalSTSEndpoint +} + // A Resolver provides the interface for functionality to resolve endpoints. // The build in Partition and DefaultResolver return value satisfy this interface. type Resolver interface { @@ -170,10 +279,13 @@ func PartitionForRegion(ps []Partition, regionID string) (Partition, bool) { // A Partition provides the ability to enumerate the partition's regions // and services. type Partition struct { - id string - p *partition + id, dnsSuffix string + p *partition } +// DNSSuffix returns the base domain name of the partition. +func (p Partition) DNSSuffix() string { return p.dnsSuffix } + // ID returns the identifier of the partition. func (p Partition) ID() string { return p.id } @@ -191,7 +303,7 @@ func (p Partition) ID() string { return p.id } // require the provided service and region to be known by the partition. // If the endpoint cannot be strictly resolved an error will be returned. This // mode is useful to ensure the endpoint resolved is valid. Without -// StrictMatching enabled the endpoint returned my look valid but may not work. +// StrictMatching enabled the endpoint returned may look valid but may not work. // StrictMatching requires the SDK to be updated if you want to take advantage // of new regions and services expansions. // @@ -205,7 +317,7 @@ func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) ( // Regions returns a map of Regions indexed by their ID. This is useful for // enumerating over the regions in a partition. func (p Partition) Regions() map[string]Region { - rs := map[string]Region{} + rs := make(map[string]Region, len(p.p.Regions)) for id, r := range p.p.Regions { rs[id] = Region{ id: id, @@ -220,7 +332,7 @@ func (p Partition) Regions() map[string]Region { // Services returns a map of Service indexed by their ID. This is useful for // enumerating over the services in a partition. func (p Partition) Services() map[string]Service { - ss := map[string]Service{} + ss := make(map[string]Service, len(p.p.Services)) for id := range p.p.Services { ss[id] = Service{ id: id, @@ -307,7 +419,7 @@ func (s Service) Regions() map[string]Region { // A region is the AWS region the service exists in. Whereas a Endpoint is // an URL that can be resolved to a instance of a service. func (s Service) Endpoints() map[string]Endpoint { - es := map[string]Endpoint{} + es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints)) for id := range s.p.Services[s.id].Endpoints { es[id] = Endpoint{ id: id, @@ -347,6 +459,9 @@ type ResolvedEndpoint struct { // The endpoint URL URL string + // The endpoint partition + PartitionID string + // The region that should be used for signing requests. SigningRegion string diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go new file mode 100644 index 00000000000..df75e899adb --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go @@ -0,0 +1,24 @@ +package endpoints + +var legacyGlobalRegions = map[string]map[string]struct{}{ + "sts": { + "ap-northeast-1": {}, + "ap-south-1": {}, + "ap-southeast-1": {}, + "ap-southeast-2": {}, + "ca-central-1": {}, + "eu-central-1": {}, + "eu-north-1": {}, + "eu-west-1": {}, + "eu-west-2": {}, + "eu-west-3": {}, + "sa-east-1": {}, + "us-east-1": {}, + "us-east-2": {}, + "us-west-1": {}, + "us-west-2": {}, + }, + "s3": { + "us-east-1": {}, + }, +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go index ff6f76db6eb..eb2ac83c992 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go @@ -54,8 +54,9 @@ type partition struct { func (p partition) Partition() Partition { return Partition{ - id: p.ID, - p: &p, + dnsSuffix: p.DNSSuffix, + id: p.ID, + p: &p, } } @@ -74,24 +75,56 @@ func (p partition) canResolveEndpoint(service, region string, strictMatch bool) return p.RegionRegex.MatchString(region) } +func allowLegacyEmptyRegion(service string) bool { + legacy := map[string]struct{}{ + "budgets": {}, + "ce": {}, + "chime": {}, + "cloudfront": {}, + "ec2metadata": {}, + "iam": {}, + "importexport": {}, + "organizations": {}, + "route53": {}, + "sts": {}, + "support": {}, + "waf": {}, + } + + _, allowed := legacy[service] + return allowed +} + func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (resolved ResolvedEndpoint, err error) { var opt Options opt.Set(opts...) s, hasService := p.Services[service] - if !(hasService || opt.ResolveUnknownService) { + if len(service) == 0 || !(hasService || opt.ResolveUnknownService) { // Only return error if the resolver will not fallback to creating // endpoint based on service endpoint ID passed in. return resolved, NewUnknownServiceError(p.ID, service, serviceList(p.Services)) } + if len(region) == 0 && allowLegacyEmptyRegion(service) && len(s.PartitionEndpoint) != 0 { + region = s.PartitionEndpoint + } + + if (service == "sts" && opt.STSRegionalEndpoint != RegionalSTSEndpoint) || + (service == "s3" && opt.S3UsEast1RegionalEndpoint != RegionalS3UsEast1Endpoint) { + if _, ok := legacyGlobalRegions[service][region]; ok { + region = "aws-global" + } + } + e, hasEndpoint := s.endpointForRegion(region) - if !hasEndpoint && opt.StrictMatching { + if len(region) == 0 || (!hasEndpoint && opt.StrictMatching) { return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(s.Endpoints)) } defs := []endpoint{p.Defaults, s.Defaults} - return e.resolve(service, region, p.DNSSuffix, defs, opt), nil + + return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt), nil } func serviceList(ss services) []string { @@ -200,7 +233,7 @@ func getByPriority(s []string, p []string, def string) string { return s[0] } -func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint { +func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) ResolvedEndpoint { var merged endpoint for _, def := range defs { merged.mergeIn(def) @@ -208,20 +241,6 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op merged.mergeIn(e) e = merged - hostname := e.Hostname - - // Offset the hostname for dualstack if enabled - if opts.UseDualStack && e.HasDualStack == boxedTrue { - hostname = e.DualStackHostname - } - - u := strings.Replace(hostname, "{service}", service, 1) - u = strings.Replace(u, "{region}", region, 1) - u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1) - - scheme := getEndpointScheme(e.Protocols, opts.DisableSSL) - u = fmt.Sprintf("%s://%s", scheme, u) - signingRegion := e.CredentialScope.Region if len(signingRegion) == 0 { signingRegion = region @@ -234,8 +253,23 @@ func (e endpoint) resolve(service, region, dnsSuffix string, defs []endpoint, op signingNameDerived = true } + hostname := e.Hostname + // Offset the hostname for dualstack if enabled + if opts.UseDualStack && e.HasDualStack == boxedTrue { + hostname = e.DualStackHostname + region = signingRegion + } + + u := strings.Replace(hostname, "{service}", service, 1) + u = strings.Replace(u, "{region}", region, 1) + u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1) + + scheme := getEndpointScheme(e.Protocols, opts.DisableSSL) + u = fmt.Sprintf("%s://%s", scheme, u) + return ResolvedEndpoint{ URL: u, + PartitionID: partitionID, SigningRegion: signingRegion, SigningName: signingName, SigningNameDerived: signingNameDerived, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/request/BUILD index f0e1a2e5eda..6b167e0638e 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/BUILD @@ -4,7 +4,6 @@ go_library( name = "go_default_library", srcs = [ "connection_reset_error.go", - "connection_reset_error_other.go", "handlers.go", "http_request.go", "offset_reader.go", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go index 271da432ce1..d9b37f4d32a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go @@ -1,18 +1,17 @@ -// +build !appengine,!plan9 - package request import ( - "net" - "os" - "syscall" + "strings" ) func isErrConnectionReset(err error) bool { - if opErr, ok := err.(*net.OpError); ok { - if sysErr, ok := opErr.Err.(*os.SyscallError); ok { - return sysErr.Err == syscall.ECONNRESET - } + if strings.Contains(err.Error(), "read: connection reset") { + return false + } + + if strings.Contains(err.Error(), "connection reset") || + strings.Contains(err.Error(), "broken pipe") { + return true } return false diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go deleted file mode 100644 index daf9eca4373..00000000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go +++ /dev/null @@ -1,11 +0,0 @@ -// +build appengine plan9 - -package request - -import ( - "strings" -) - -func isErrConnectionReset(err error) bool { - return strings.Contains(err.Error(), "connection reset") -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go index 8ef8548a96d..e819ab6c0e8 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go @@ -10,6 +10,7 @@ import ( type Handlers struct { Validate HandlerList Build HandlerList + BuildStream HandlerList Sign HandlerList Send HandlerList ValidateResponse HandlerList @@ -23,11 +24,12 @@ type Handlers struct { Complete HandlerList } -// Copy returns of this handler's lists. +// Copy returns a copy of this handler's lists. func (h *Handlers) Copy() Handlers { return Handlers{ Validate: h.Validate.copy(), Build: h.Build.copy(), + BuildStream: h.BuildStream.copy(), Sign: h.Sign.copy(), Send: h.Send.copy(), ValidateResponse: h.ValidateResponse.copy(), @@ -42,10 +44,11 @@ func (h *Handlers) Copy() Handlers { } } -// Clear removes callback functions for all handlers +// Clear removes callback functions for all handlers. func (h *Handlers) Clear() { h.Validate.Clear() h.Build.Clear() + h.BuildStream.Clear() h.Send.Clear() h.Sign.Clear() h.Unmarshal.Clear() @@ -59,6 +62,54 @@ func (h *Handlers) Clear() { h.Complete.Clear() } +// IsEmpty returns if there are no handlers in any of the handlerlists. +func (h *Handlers) IsEmpty() bool { + if h.Validate.Len() != 0 { + return false + } + if h.Build.Len() != 0 { + return false + } + if h.BuildStream.Len() != 0 { + return false + } + if h.Send.Len() != 0 { + return false + } + if h.Sign.Len() != 0 { + return false + } + if h.Unmarshal.Len() != 0 { + return false + } + if h.UnmarshalStream.Len() != 0 { + return false + } + if h.UnmarshalMeta.Len() != 0 { + return false + } + if h.UnmarshalError.Len() != 0 { + return false + } + if h.ValidateResponse.Len() != 0 { + return false + } + if h.Retry.Len() != 0 { + return false + } + if h.AfterRetry.Len() != 0 { + return false + } + if h.CompleteAttempt.Len() != 0 { + return false + } + if h.Complete.Len() != 0 { + return false + } + + return true +} + // A HandlerListRunItem represents an entry in the HandlerList which // is being run. type HandlerListRunItem struct { @@ -275,3 +326,18 @@ func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) { AddToUserAgent(r, s) } } + +// WithSetRequestHeaders updates the operation request's HTTP header to contain +// the header key value pairs provided. If the header key already exists in the +// request's HTTP header set, the existing value(s) will be replaced. +func WithSetRequestHeaders(h map[string]string) Option { + return withRequestHeader(h).SetRequestHeaders +} + +type withRequestHeader map[string]string + +func (h withRequestHeader) SetRequestHeaders(r *Request) { + for k, v := range h { + r.HTTPRequest.Header[k] = []string{v} + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go b/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go index b0c2ef4fe67..9370fa50c38 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go @@ -15,12 +15,15 @@ type offsetReader struct { closed bool } -func newOffsetReader(buf io.ReadSeeker, offset int64) *offsetReader { +func newOffsetReader(buf io.ReadSeeker, offset int64) (*offsetReader, error) { reader := &offsetReader{} - buf.Seek(offset, sdkio.SeekStart) + _, err := buf.Seek(offset, sdkio.SeekStart) + if err != nil { + return nil, err + } reader.buf = buf - return reader + return reader, nil } // Close will close the instance of the offset reader's access to @@ -54,7 +57,9 @@ func (o *offsetReader) Seek(offset int64, whence int) (int64, error) { // CloseAndCopy will return a new offsetReader with a copy of the old buffer // and close the old buffer. -func (o *offsetReader) CloseAndCopy(offset int64) *offsetReader { - o.Close() +func (o *offsetReader) CloseAndCopy(offset int64) (*offsetReader, error) { + if err := o.Close(); err != nil { + return nil, err + } return newOffsetReader(o.buf, offset) } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go index 8f2eb3e43c5..59da73ed408 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go @@ -36,6 +36,10 @@ const ( // API request that was canceled. Requests given a aws.Context may // return this error when canceled. CanceledErrorCode = "RequestCanceled" + + // ErrCodeRequestError is an error preventing the SDK from continuing to + // process the request. + ErrCodeRequestError = "RequestError" ) // A Request is the service request to be made. @@ -51,6 +55,7 @@ type Request struct { HTTPRequest *http.Request HTTPResponse *http.Response Body io.ReadSeeker + streamingBody io.ReadCloser BodyStart int64 // offset from beginning of Body that the request body starts Params interface{} Error error @@ -64,6 +69,15 @@ type Request struct { LastSignedAt time.Time DisableFollowRedirects bool + // Additional API error codes that should be retried. IsErrorRetryable + // will consider these codes in addition to its built in cases. + RetryErrorCodes []string + + // Additional API error codes that should be retried with throttle backoff + // delay. IsErrorThrottle will consider these codes in addition to its + // built in cases. + ThrottleErrorCodes []string + // A value greater than 0 instructs the request to be signed as Presigned URL // You should not set this field directly. Instead use Request's // Presign or PresignRequest methods. @@ -90,8 +104,12 @@ type Operation struct { BeforePresignFn func(r *Request) error } -// New returns a new Request pointer for the service API -// operation and parameters. +// New returns a new Request pointer for the service API operation and +// parameters. +// +// A Retryer should be provided to direct how the request is retried. If +// Retryer is nil, a default no retry value will be used. You can use +// NoOpRetryer in the Client package to disable retry behavior directly. // // Params is any value of input parameters to be the request payload. // Data is pointer value to an object which the request's response @@ -99,6 +117,10 @@ type Operation struct { func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, retryer Retryer, operation *Operation, params interface{}, data interface{}) *Request { + if retryer == nil { + retryer = noOpRetryer{} + } + method := operation.HTTPMethod if method == "" { method = "POST" @@ -231,6 +253,10 @@ func (r *Request) WillRetry() bool { return r.Error != nil && aws.BoolValue(r.Retryable) && r.RetryCount < r.MaxRetries() } +func fmtAttemptCount(retryCount, maxRetries int) string { + return fmt.Sprintf("attempt %v/%v", retryCount, maxRetries) +} + // ParamsFilled returns if the request's parameters have been populated // and the parameters are valid. False is returned if no parameters are // provided or invalid. @@ -259,10 +285,28 @@ func (r *Request) SetStringBody(s string) { // SetReaderBody will set the request's body reader. func (r *Request) SetReaderBody(reader io.ReadSeeker) { r.Body = reader - r.BodyStart, _ = reader.Seek(0, sdkio.SeekCurrent) // Get the Bodies current offset. + + if aws.IsReaderSeekable(reader) { + var err error + // Get the Bodies current offset so retries will start from the same + // initial position. + r.BodyStart, err = reader.Seek(0, sdkio.SeekCurrent) + if err != nil { + r.Error = awserr.New(ErrCodeSerialization, + "failed to determine start of request body", err) + return + } + } r.ResetBody() } +// SetStreamingBody set the reader to be used for the request that will stream +// bytes to the server. Request's Body must not be set to any reader. +func (r *Request) SetStreamingBody(reader io.ReadCloser) { + r.streamingBody = reader + r.SetReaderBody(aws.ReadSeekCloser(reader)) +} + // Presign returns the request's signed URL. Error will be returned // if the signing fails. The expire parameter is only used for presigned Amazon // S3 API requests. All other AWS services will use a fixed expiration @@ -330,16 +374,15 @@ func getPresignedURL(r *Request, expire time.Duration) (string, http.Header, err return r.HTTPRequest.URL.String(), r.SignedHeaderVals, nil } -func debugLogReqError(r *Request, stage string, retrying bool, err error) { +const ( + notRetrying = "not retrying" +) + +func debugLogReqError(r *Request, stage, retryStr string, err error) { if !r.Config.LogLevel.Matches(aws.LogDebugWithRequestErrors) { return } - retryStr := "not retrying" - if retrying { - retryStr = "will retry" - } - r.Config.Logger.Log(fmt.Sprintf("DEBUG: %s %s/%s failed, %s, error %v", stage, r.ClientInfo.ServiceName, r.Operation.Name, retryStr, err)) } @@ -358,12 +401,12 @@ func (r *Request) Build() error { if !r.built { r.Handlers.Validate.Run(r) if r.Error != nil { - debugLogReqError(r, "Validate Request", false, r.Error) + debugLogReqError(r, "Validate Request", notRetrying, r.Error) return r.Error } r.Handlers.Build.Run(r) if r.Error != nil { - debugLogReqError(r, "Build Request", false, r.Error) + debugLogReqError(r, "Build Request", notRetrying, r.Error) return r.Error } r.built = true @@ -379,7 +422,7 @@ func (r *Request) Build() error { func (r *Request) Sign() error { r.Build() if r.Error != nil { - debugLogReqError(r, "Build Request", false, r.Error) + debugLogReqError(r, "Build Request", notRetrying, r.Error) return r.Error } @@ -387,12 +430,20 @@ func (r *Request) Sign() error { return r.Error } -func (r *Request) getNextRequestBody() (io.ReadCloser, error) { +func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) { + if r.streamingBody != nil { + return r.streamingBody, nil + } + if r.safeBody != nil { r.safeBody.Close() } - r.safeBody = newOffsetReader(r.Body, r.BodyStart) + r.safeBody, err = newOffsetReader(r.Body, r.BodyStart) + if err != nil { + return nil, awserr.New(ErrCodeSerialization, + "failed to get next request body reader", err) + } // Go 1.8 tightened and clarified the rules code needs to use when building // requests with the http package. Go 1.8 removed the automatic detection @@ -409,10 +460,10 @@ func (r *Request) getNextRequestBody() (io.ReadCloser, error) { // Related golang/go#18257 l, err := aws.SeekerLen(r.Body) if err != nil { - return nil, awserr.New(ErrCodeSerialization, "failed to compute request body size", err) + return nil, awserr.New(ErrCodeSerialization, + "failed to compute request body size", err) } - var body io.ReadCloser if l == 0 { body = NoBody } else if l > 0 { @@ -473,29 +524,28 @@ func (r *Request) Send() error { r.AttemptTime = time.Now() if err := r.Sign(); err != nil { - debugLogReqError(r, "Sign Request", false, err) + debugLogReqError(r, "Sign Request", notRetrying, err) return err } if err := r.sendRequest(); err == nil { return nil - } else if !shouldRetryCancel(r.Error) { + } + r.Handlers.Retry.Run(r) + r.Handlers.AfterRetry.Run(r) + + if r.Error != nil || !aws.BoolValue(r.Retryable) { + return r.Error + } + + if err := r.prepareRetry(); err != nil { + r.Error = err return err - } else { - r.Handlers.Retry.Run(r) - r.Handlers.AfterRetry.Run(r) - - if r.Error != nil || !aws.BoolValue(r.Retryable) { - return r.Error - } - - r.prepareRetry() - continue } } } -func (r *Request) prepareRetry() { +func (r *Request) prepareRetry() error { if r.Config.LogLevel.Matches(aws.LogDebugWithRequestRetries) { r.Config.Logger.Log(fmt.Sprintf("DEBUG: Retrying Request %s/%s, attempt %d", r.ClientInfo.ServiceName, r.Operation.Name, r.RetryCount)) @@ -506,12 +556,19 @@ func (r *Request) prepareRetry() { // the request's body even though the Client's Do returned. r.HTTPRequest = copyHTTPRequest(r.HTTPRequest, nil) r.ResetBody() + if err := r.Error; err != nil { + return awserr.New(ErrCodeSerialization, + "failed to prepare body for retry", err) + + } // Closing response body to ensure that no response body is leaked // between retry attempts. if r.HTTPResponse != nil && r.HTTPResponse.Body != nil { r.HTTPResponse.Body.Close() } + + return nil } func (r *Request) sendRequest() (sendErr error) { @@ -520,7 +577,9 @@ func (r *Request) sendRequest() (sendErr error) { r.Retryable = nil r.Handlers.Send.Run(r) if r.Error != nil { - debugLogReqError(r, "Send Request", r.WillRetry(), r.Error) + debugLogReqError(r, "Send Request", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } @@ -528,13 +587,17 @@ func (r *Request) sendRequest() (sendErr error) { r.Handlers.ValidateResponse.Run(r) if r.Error != nil { r.Handlers.UnmarshalError.Run(r) - debugLogReqError(r, "Validate Response", r.WillRetry(), r.Error) + debugLogReqError(r, "Validate Response", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } r.Handlers.Unmarshal.Run(r) if r.Error != nil { - debugLogReqError(r, "Unmarshal Response", r.WillRetry(), r.Error) + debugLogReqError(r, "Unmarshal Response", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } @@ -561,48 +624,6 @@ func AddToUserAgent(r *Request, s string) { r.HTTPRequest.Header.Set("User-Agent", s) } -type temporary interface { - Temporary() bool -} - -func shouldRetryCancel(err error) bool { - switch err := err.(type) { - case awserr.Error: - if err.Code() == CanceledErrorCode { - return false - } - return shouldRetryCancel(err.OrigErr()) - case *url.Error: - if strings.Contains(err.Error(), "connection refused") { - // Refused connections should be retried as the service may not yet - // be running on the port. Go TCP dial considers refused - // connections as not temporary. - return true - } - // *url.Error only implements Temporary after golang 1.6 but since - // url.Error only wraps the error: - return shouldRetryCancel(err.Err) - case temporary: - // If the error is temporary, we want to allow continuation of the - // retry process - return err.Temporary() - case nil: - // `awserr.Error.OrigErr()` can be nil, meaning there was an error but - // because we don't know the cause, it is marked as retriable. See - // TestRequest4xxUnretryable for an example. - return true - default: - switch err.Error() { - case "net/http: request canceled", - "net/http: request canceled while waiting for connection": - // known 1.5 error case when an http request is cancelled - return false - } - // here we don't know the error; so we allow a retry. - return true - } -} - // SanitizeHostForHeader removes default port from host and updates request.Host func SanitizeHostForHeader(r *http.Request) { host := getHost(r) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go index 7c6a8000f67..de1292f45a2 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go @@ -4,6 +4,8 @@ package request import ( "net/http" + + "github.com/aws/aws-sdk-go/aws/awserr" ) // NoBody is a http.NoBody reader instructing Go HTTP client to not include @@ -24,7 +26,8 @@ var NoBody = http.NoBody func (r *Request) ResetBody() { body, err := r.getNextRequestBody() if err != nil { - r.Error = err + r.Error = awserr.New(ErrCodeSerialization, + "failed to reset request body", err) return } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go index a633ed5acfa..64784e16f3d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go @@ -17,11 +17,13 @@ import ( // does the pagination between API operations, and Paginator defines the // configuration that will be used per page request. // -// cont := true -// for p.Next() && cont { +// for p.Next() { // data := p.Page().(*s3.ListObjectsOutput) // // process the page's data +// // ... +// // break out of loop to stop fetching additional pages // } +// // return p.Err() // // See service client API operation Pages methods for examples how the SDK will @@ -146,7 +148,7 @@ func (r *Request) nextPageTokens() []interface{} { return nil } case bool: - if v == false { + if !v { return nil } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go index 7bc5da78266..1b61dec9c21 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go @@ -1,32 +1,81 @@ package request import ( + "net" + "net/url" + "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" ) -// Retryer is an interface to control retry logic for a given service. -// The default implementation used by most services is the client.DefaultRetryer -// structure, which contains basic retry logic using exponential backoff. +// Retryer provides the interface drive the SDK's request retry behavior. The +// Retryer implementation is responsible for implementing exponential backoff, +// and determine if a request API error should be retried. +// +// client.DefaultRetryer is the SDK's default implementation of the Retryer. It +// uses the which uses the Request.IsErrorRetryable and Request.IsErrorThrottle +// methods to determine if the request is retried. type Retryer interface { + // RetryRules return the retry delay that should be used by the SDK before + // making another request attempt for the failed request. RetryRules(*Request) time.Duration + + // ShouldRetry returns if the failed request is retryable. + // + // Implementations may consider request attempt count when determining if a + // request is retryable, but the SDK will use MaxRetries to limit the + // number of attempts a request are made. ShouldRetry(*Request) bool + + // MaxRetries is the number of times a request may be retried before + // failing. MaxRetries() int } -// WithRetryer sets a config Retryer value to the given Config returning it -// for chaining. +// WithRetryer sets a Retryer value to the given Config returning the Config +// value for chaining. The value must not be nil. func WithRetryer(cfg *aws.Config, retryer Retryer) *aws.Config { + if retryer == nil { + if cfg.Logger != nil { + cfg.Logger.Log("ERROR: Request.WithRetryer called with nil retryer. Replacing with retry disabled Retryer.") + } + retryer = noOpRetryer{} + } cfg.Retryer = retryer return cfg + +} + +// noOpRetryer is a internal no op retryer used when a request is created +// without a retryer. +// +// Provides a retryer that performs no retries. +// It should be used when we do not want retries to be performed. +type noOpRetryer struct{} + +// MaxRetries returns the number of maximum returns the service will use to make +// an individual API; For NoOpRetryer the MaxRetries will always be zero. +func (d noOpRetryer) MaxRetries() int { + return 0 +} + +// ShouldRetry will always return false for NoOpRetryer, as it should never retry. +func (d noOpRetryer) ShouldRetry(_ *Request) bool { + return false +} + +// RetryRules returns the delay duration before retrying this request again; +// since NoOpRetryer does not retry, RetryRules always returns 0. +func (d noOpRetryer) RetryRules(_ *Request) time.Duration { + return 0 } // retryableCodes is a collection of service response codes which are retry-able // without any further action. var retryableCodes = map[string]struct{}{ - "RequestError": {}, + ErrCodeRequestError: {}, "RequestTimeout": {}, ErrCodeResponseTimeout: {}, "RequestTimeoutException": {}, // Glacier's flavor of RequestTimeout @@ -34,10 +83,12 @@ var retryableCodes = map[string]struct{}{ var throttleCodes = map[string]struct{}{ "ProvisionedThroughputExceededException": {}, + "ThrottledException": {}, // SNS, XRay, ResourceGroupsTagging API "Throttling": {}, "ThrottlingException": {}, "RequestLimitExceeded": {}, "RequestThrottled": {}, + "RequestThrottledException": {}, "TooManyRequestsException": {}, // Lambda functions "PriorRequestNotComplete": {}, // Route53 "TransactionInProgressException": {}, @@ -75,10 +126,6 @@ var validParentCodes = map[string]struct{}{ ErrCodeRead: {}, } -type temporaryError interface { - Temporary() bool -} - func isNestedErrorRetryable(parentErr awserr.Error) bool { if parentErr == nil { return false @@ -97,7 +144,7 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool { return isCodeRetryable(aerr.Code()) } - if t, ok := err.(temporaryError); ok { + if t, ok := err.(temporary); ok { return t.Temporary() || isErrConnectionReset(err) } @@ -107,32 +154,90 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool { // IsErrorRetryable returns whether the error is retryable, based on its Code. // Returns false if error is nil. func IsErrorRetryable(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeRetryable(aerr.Code()) || isNestedErrorRetryable(aerr) - } + if err == nil { + return false + } + return shouldRetryError(err) +} + +type temporary interface { + Temporary() bool +} + +func shouldRetryError(origErr error) bool { + switch err := origErr.(type) { + case awserr.Error: + if err.Code() == CanceledErrorCode { + return false + } + if isNestedErrorRetryable(err) { + return true + } + + origErr := err.OrigErr() + var shouldRetry bool + if origErr != nil { + shouldRetry = shouldRetryError(origErr) + if err.Code() == ErrCodeRequestError && !shouldRetry { + return false + } + } + if isCodeRetryable(err.Code()) { + return true + } + return shouldRetry + + case *url.Error: + if strings.Contains(err.Error(), "connection refused") { + // Refused connections should be retried as the service may not yet + // be running on the port. Go TCP dial considers refused + // connections as not temporary. + return true + } + // *url.Error only implements Temporary after golang 1.6 but since + // url.Error only wraps the error: + return shouldRetryError(err.Err) + + case temporary: + if netErr, ok := err.(*net.OpError); ok && netErr.Op == "dial" { + return true + } + // If the error is temporary, we want to allow continuation of the + // retry process + return err.Temporary() || isErrConnectionReset(origErr) + + case nil: + // `awserr.Error.OrigErr()` can be nil, meaning there was an error but + // because we don't know the cause, it is marked as retryable. See + // TestRequest4xxUnretryable for an example. + return true + + default: + switch err.Error() { + case "net/http: request canceled", + "net/http: request canceled while waiting for connection": + // known 1.5 error case when an http request is cancelled + return false + } + // here we don't know the error; so we allow a retry. + return true } - return false } // IsErrorThrottle returns whether the error is to be throttled based on its code. // Returns false if error is nil. func IsErrorThrottle(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeThrottle(aerr.Code()) - } + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + return isCodeThrottle(aerr.Code()) } return false } -// IsErrorExpiredCreds returns whether the error code is a credential expiry error. -// Returns false if error is nil. +// IsErrorExpiredCreds returns whether the error code is a credential expiry +// error. Returns false if error is nil. func IsErrorExpiredCreds(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeExpiredCreds(aerr.Code()) - } + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + return isCodeExpiredCreds(aerr.Code()) } return false } @@ -142,17 +247,58 @@ func IsErrorExpiredCreds(err error) bool { // // Alias for the utility function IsErrorRetryable func (r *Request) IsErrorRetryable() bool { + if isErrCode(r.Error, r.RetryErrorCodes) { + return true + } + + // HTTP response status code 501 should not be retried. + // 501 represents Not Implemented which means the request method is not + // supported by the server and cannot be handled. + if r.HTTPResponse != nil { + // HTTP response status code 500 represents internal server error and + // should be retried without any throttle. + if r.HTTPResponse.StatusCode == 500 { + return true + } + } return IsErrorRetryable(r.Error) } -// IsErrorThrottle returns whether the error is to be throttled based on its code. -// Returns false if the request has no Error set +// IsErrorThrottle returns whether the error is to be throttled based on its +// code. Returns false if the request has no Error set. // // Alias for the utility function IsErrorThrottle func (r *Request) IsErrorThrottle() bool { + if isErrCode(r.Error, r.ThrottleErrorCodes) { + return true + } + + if r.HTTPResponse != nil { + switch r.HTTPResponse.StatusCode { + case + 429, // error caused due to too many requests + 502, // Bad Gateway error should be throttled + 503, // caused when service is unavailable + 504: // error occurred due to gateway timeout + return true + } + } + return IsErrorThrottle(r.Error) } +func isErrCode(err error, codes []string) bool { + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + for _, code := range codes { + if code == aerr.Code() { + return true + } + } + } + + return false +} + // IsErrorExpired returns whether the error code is a credential expiry error. // Returns false if the request has no Error set. // diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/session/BUILD index d1c14c1318e..70c3481af43 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/BUILD @@ -3,6 +3,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = [ + "cabundle_transport.go", + "cabundle_transport_1_5.go", + "cabundle_transport_1_6.go", + "credentials.go", "doc.go", "env_config.go", "session.go", diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go new file mode 100644 index 00000000000..ea9ebb6f6a2 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go @@ -0,0 +1,26 @@ +// +build go1.7 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + DialContext: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + DualStack: true, + }).DialContext, + MaxIdleConns: 100, + IdleConnTimeout: 90 * time.Second, + TLSHandshakeTimeout: 10 * time.Second, + ExpectContinueTimeout: 1 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go new file mode 100644 index 00000000000..fec39dfc126 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go @@ -0,0 +1,22 @@ +// +build !go1.6,go1.5 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + Dial: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + }).Dial, + TLSHandshakeTimeout: 10 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go new file mode 100644 index 00000000000..1c5a5391e65 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go @@ -0,0 +1,23 @@ +// +build !go1.7,go1.6 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCABundleTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + Dial: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + }).Dial, + TLSHandshakeTimeout: 10 * time.Second, + ExpectContinueTimeout: 1 * time.Second, + } +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go new file mode 100644 index 00000000000..cc64e24f1d5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -0,0 +1,259 @@ +package session + +import ( + "fmt" + "os" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/credentials/processcreds" + "github.com/aws/aws-sdk-go/aws/credentials/stscreds" + "github.com/aws/aws-sdk-go/aws/defaults" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/internal/shareddefaults" +) + +func resolveCredentials(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (*credentials.Credentials, error) { + + switch { + case len(sessOpts.Profile) != 0: + // User explicitly provided an Profile in the session's configuration + // so load that profile from shared config first. + // Github(aws/aws-sdk-go#2727) + return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) + + case envCfg.Creds.HasKeys(): + // Environment credentials + return credentials.NewStaticCredentialsFromCreds(envCfg.Creds), nil + + case len(envCfg.WebIdentityTokenFilePath) != 0: + // Web identity token from environment, RoleARN required to also be + // set. + return assumeWebIdentity(cfg, handlers, + envCfg.WebIdentityTokenFilePath, + envCfg.RoleARN, + envCfg.RoleSessionName, + ) + + default: + // Fallback to the "default" credential resolution chain. + return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) + } +} + +// WebIdentityEmptyRoleARNErr will occur if 'AWS_WEB_IDENTITY_TOKEN_FILE' was set but +// 'AWS_ROLE_ARN' was not set. +var WebIdentityEmptyRoleARNErr = awserr.New(stscreds.ErrCodeWebIdentity, "role ARN is not set", nil) + +// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_ROLE_ARN' was set but +// 'AWS_WEB_IDENTITY_TOKEN_FILE' was not set. +var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "token file path is not set", nil) + +func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers, + filepath string, + roleARN, sessionName string, +) (*credentials.Credentials, error) { + + if len(filepath) == 0 { + return nil, WebIdentityEmptyTokenFilePathErr + } + + if len(roleARN) == 0 { + return nil, WebIdentityEmptyRoleARNErr + } + + creds := stscreds.NewWebIdentityCredentials( + &Session{ + Config: cfg, + Handlers: handlers.Copy(), + }, + roleARN, + sessionName, + filepath, + ) + + return creds, nil +} + +func resolveCredsFromProfile(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (creds *credentials.Credentials, err error) { + + switch { + case sharedCfg.SourceProfile != nil: + // Assume IAM role with credentials source from a different profile. + creds, err = resolveCredsFromProfile(cfg, envCfg, + *sharedCfg.SourceProfile, handlers, sessOpts, + ) + + case sharedCfg.Creds.HasKeys(): + // Static Credentials from Shared Config/Credentials file. + creds = credentials.NewStaticCredentialsFromCreds( + sharedCfg.Creds, + ) + + case len(sharedCfg.CredentialProcess) != 0: + // Get credentials from CredentialProcess + creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) + + case len(sharedCfg.CredentialSource) != 0: + creds, err = resolveCredsFromSource(cfg, envCfg, + sharedCfg, handlers, sessOpts, + ) + + case len(sharedCfg.WebIdentityTokenFile) != 0: + // Credentials from Assume Web Identity token require an IAM Role, and + // that roll will be assumed. May be wrapped with another assume role + // via SourceProfile. + return assumeWebIdentity(cfg, handlers, + sharedCfg.WebIdentityTokenFile, + sharedCfg.RoleARN, + sharedCfg.RoleSessionName, + ) + + default: + // Fallback to default credentials provider, include mock errors for + // the credential chain so user can identify why credentials failed to + // be retrieved. + creds = credentials.NewCredentials(&credentials.ChainProvider{ + VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), + Providers: []credentials.Provider{ + &credProviderError{ + Err: awserr.New("EnvAccessKeyNotFound", + "failed to find credentials in the environment.", nil), + }, + &credProviderError{ + Err: awserr.New("SharedCredsLoad", + fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil), + }, + defaults.RemoteCredProvider(*cfg, handlers), + }, + }) + } + if err != nil { + return nil, err + } + + if len(sharedCfg.RoleARN) > 0 { + cfgCp := *cfg + cfgCp.Credentials = creds + return credsFromAssumeRole(cfgCp, handlers, sharedCfg, sessOpts) + } + + return creds, nil +} + +// valid credential source values +const ( + credSourceEc2Metadata = "Ec2InstanceMetadata" + credSourceEnvironment = "Environment" + credSourceECSContainer = "EcsContainer" +) + +func resolveCredsFromSource(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (creds *credentials.Credentials, err error) { + + switch sharedCfg.CredentialSource { + case credSourceEc2Metadata: + p := defaults.RemoteCredProvider(*cfg, handlers) + creds = credentials.NewCredentials(p) + + case credSourceEnvironment: + creds = credentials.NewStaticCredentialsFromCreds(envCfg.Creds) + + case credSourceECSContainer: + if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 { + return nil, ErrSharedConfigECSContainerEnvVarEmpty + } + + p := defaults.RemoteCredProvider(*cfg, handlers) + creds = credentials.NewCredentials(p) + + default: + return nil, ErrSharedConfigInvalidCredSource + } + + return creds, nil +} + +func credsFromAssumeRole(cfg aws.Config, + handlers request.Handlers, + sharedCfg sharedConfig, + sessOpts Options, +) (*credentials.Credentials, error) { + + if len(sharedCfg.MFASerial) != 0 && sessOpts.AssumeRoleTokenProvider == nil { + // AssumeRole Token provider is required if doing Assume Role + // with MFA. + return nil, AssumeRoleTokenProviderNotSetError{} + } + + return stscreds.NewCredentials( + &Session{ + Config: &cfg, + Handlers: handlers.Copy(), + }, + sharedCfg.RoleARN, + func(opt *stscreds.AssumeRoleProvider) { + opt.RoleSessionName = sharedCfg.RoleSessionName + opt.Duration = sessOpts.AssumeRoleDuration + + // Assume role with external ID + if len(sharedCfg.ExternalID) > 0 { + opt.ExternalID = aws.String(sharedCfg.ExternalID) + } + + // Assume role with MFA + if len(sharedCfg.MFASerial) > 0 { + opt.SerialNumber = aws.String(sharedCfg.MFASerial) + opt.TokenProvider = sessOpts.AssumeRoleTokenProvider + } + }, + ), nil +} + +// AssumeRoleTokenProviderNotSetError is an error returned when creating a +// session when the MFAToken option is not set when shared config is configured +// load assume a role with an MFA token. +type AssumeRoleTokenProviderNotSetError struct{} + +// Code is the short id of the error. +func (e AssumeRoleTokenProviderNotSetError) Code() string { + return "AssumeRoleTokenProviderNotSetError" +} + +// Message is the description of the error +func (e AssumeRoleTokenProviderNotSetError) Message() string { + return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") +} + +// OrigErr is the underlying error that caused the failure. +func (e AssumeRoleTokenProviderNotSetError) OrigErr() error { + return nil +} + +// Error satisfies the error interface. +func (e AssumeRoleTokenProviderNotSetError) Error() string { + return awserr.SprintError(e.Code(), e.Message(), "", nil) +} + +type credProviderError struct { + Err error +} + +func (c credProviderError) Retrieve() (credentials.Value, error) { + return credentials.Value{}, c.Err +} +func (c credProviderError) IsExpired() bool { + return true +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go index 38a7b05a621..7ec66e7e589 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go @@ -1,97 +1,93 @@ /* -Package session provides configuration for the SDK's service clients. - -Sessions can be shared across all service clients that share the same base -configuration. The Session is built from the SDK's default configuration and -request handlers. - -Sessions should be cached when possible, because creating a new Session will -load all configuration values from the environment, and config files each time -the Session is created. Sharing the Session value across all of your service -clients will ensure the configuration is loaded the fewest number of times possible. - -Concurrency +Package session provides configuration for the SDK's service clients. Sessions +can be shared across service clients that share the same base configuration. Sessions are safe to use concurrently as long as the Session is not being -modified. The SDK will not modify the Session once the Session has been created. -Creating service clients concurrently from a shared Session is safe. +modified. Sessions should be cached when possible, because creating a new +Session will load all configuration values from the environment, and config +files each time the Session is created. Sharing the Session value across all of +your service clients will ensure the configuration is loaded the fewest number +of times possible. -Sessions from Shared Config - -Sessions can be created using the method above that will only load the -additional config if the AWS_SDK_LOAD_CONFIG environment variable is set. -Alternatively you can explicitly create a Session with shared config enabled. -To do this you can use NewSessionWithOptions to configure how the Session will -be created. Using the NewSessionWithOptions with SharedConfigState set to -SharedConfigEnable will create the session as if the AWS_SDK_LOAD_CONFIG -environment variable was set. - -Creating Sessions - -When creating Sessions optional aws.Config values can be passed in that will -override the default, or loaded config values the Session is being created -with. This allows you to provide additional, or case based, configuration -as needed. +Sessions options from Shared Config By default NewSession will only load credentials from the shared credentials file (~/.aws/credentials). If the AWS_SDK_LOAD_CONFIG environment variable is set to a truthy value the Session will be created from the configuration values from the shared config (~/.aws/config) and shared credentials -(~/.aws/credentials) files. See the section Sessions from Shared Config for -more information. +(~/.aws/credentials) files. Using the NewSessionWithOptions with +SharedConfigState set to SharedConfigEnable will create the session as if the +AWS_SDK_LOAD_CONFIG environment variable was set. -Create a Session with the default config and request handlers. With credentials -region, and profile loaded from the environment and shared config automatically. -Requires the AWS_PROFILE to be set, or "default" is used. +Credential and config loading order + +The Session will attempt to load configuration and credentials from the +environment, configuration files, and other credential sources. The order +configuration is loaded in is: + + * Environment Variables + * Shared Credentials file + * Shared Configuration file (if SharedConfig is enabled) + * EC2 Instance Metadata (credentials only) + +The Environment variables for credentials will have precedence over shared +config even if SharedConfig is enabled. To override this behavior, and use +shared config credentials instead specify the session.Options.Profile, (e.g. +when using credential_source=Environment to assume a role). + + sess, err := session.NewSessionWithOptions(session.Options{ + Profile: "myProfile", + }) + +Creating Sessions + +Creating a Session without additional options will load credentials region, and +profile loaded from the environment and shared config automatically. See, +"Environment Variables" section for information on environment variables used +by Session. // Create Session - sess := session.Must(session.NewSession()) + sess, err := session.NewSession() + + +When creating Sessions optional aws.Config values can be passed in that will +override the default, or loaded, config values the Session is being created +with. This allows you to provide additional, or case based, configuration +as needed. // Create a Session with a custom region - sess := session.Must(session.NewSession(&aws.Config{ - Region: aws.String("us-east-1"), - })) + sess, err := session.NewSession(&aws.Config{ + Region: aws.String("us-west-2"), + }) - // Create a S3 client instance from a session - sess := session.Must(session.NewSession()) - - svc := s3.New(sess) - -Create Session With Option Overrides - -In addition to NewSession, Sessions can be created using NewSessionWithOptions. -This func allows you to control and override how the Session will be created -through code instead of being driven by environment variables only. - -Use NewSessionWithOptions when you want to provide the config profile, or -override the shared config state (AWS_SDK_LOAD_CONFIG). +Use NewSessionWithOptions to provide additional configuration driving how the +Session's configuration will be loaded. Such as, specifying shared config +profile, or override the shared config state, (AWS_SDK_LOAD_CONFIG). // Equivalent to session.NewSession() - sess := session.Must(session.NewSessionWithOptions(session.Options{ + sess, err := session.NewSessionWithOptions(session.Options{ // Options - })) + }) - // Specify profile to load for the session's config - sess := session.Must(session.NewSessionWithOptions(session.Options{ - Profile: "profile_name", - })) + sess, err := session.NewSessionWithOptions(session.Options{ + // Specify profile to load for the session's config + Profile: "profile_name", - // Specify profile for config and region for requests - sess := session.Must(session.NewSessionWithOptions(session.Options{ - Config: aws.Config{Region: aws.String("us-east-1")}, - Profile: "profile_name", - })) + // Provide SDK Config options, such as Region. + Config: aws.Config{ + Region: aws.String("us-west-2"), + }, - // Force enable Shared Config support - sess := session.Must(session.NewSessionWithOptions(session.Options{ + // Force enable Shared Config support SharedConfigState: session.SharedConfigEnable, - })) + }) Adding Handlers -You can add handlers to a session for processing HTTP requests. All service -clients that use the session inherit the handlers. For example, the following -handler logs every request and its payload made by a service client: +You can add handlers to a session to decorate API operation, (e.g. adding HTTP +headers). All clients that use the Session receive a copy of the Session's +handlers. For example, the following request handler added to the Session logs +every requests made. // Create a session, and add additional handlers for all service // clients created with the Session to inherit. Adds logging handler. @@ -99,22 +95,15 @@ handler logs every request and its payload made by a service client: sess.Handlers.Send.PushFront(func(r *request.Request) { // Log every request made and its payload - logger.Printf("Request: %s/%s, Payload: %s", + logger.Printf("Request: %s/%s, Params: %s", r.ClientInfo.ServiceName, r.Operation, r.Params) }) -Deprecated "New" function - -The New session function has been deprecated because it does not provide good -way to return errors that occur when loading the configuration files and values. -Because of this, NewSession was created so errors can be retrieved when -creating a session fails. - Shared Config Fields -By default the SDK will only load the shared credentials file's (~/.aws/credentials) -credentials values, and all other config is provided by the environment variables, -SDK defaults, and user provided aws.Config values. +By default the SDK will only load the shared credentials file's +(~/.aws/credentials) credentials values, and all other config is provided by +the environment variables, SDK defaults, and user provided aws.Config values. If the AWS_SDK_LOAD_CONFIG environment variable is set, or SharedConfigEnable option is used to create the Session the full shared config values will be @@ -125,24 +114,31 @@ files have the same format. If both config files are present the configuration from both files will be read. The Session will be created from configuration values from the shared -credentials file (~/.aws/credentials) over those in the shared config file (~/.aws/config). +credentials file (~/.aws/credentials) over those in the shared config file +(~/.aws/config). -Credentials are the values the SDK should use for authenticating requests with -AWS Services. They are from a configuration file will need to include both -aws_access_key_id and aws_secret_access_key must be provided together in the -same file to be considered valid. The values will be ignored if not a complete -group. aws_session_token is an optional field that can be provided if both of -the other two fields are also provided. +Credentials are the values the SDK uses to authenticating requests with AWS +Services. When specified in a file, both aws_access_key_id and +aws_secret_access_key must be provided together in the same file to be +considered valid. They will be ignored if both are not present. +aws_session_token is an optional field that can be provided in addition to the +other two fields. aws_access_key_id = AKID aws_secret_access_key = SECRET aws_session_token = TOKEN -Assume Role values allow you to configure the SDK to assume an IAM role using -a set of credentials provided in a config file via the source_profile field. -Both "role_arn" and "source_profile" are required. The SDK supports assuming -a role with MFA token if the session option AssumeRoleTokenProvider -is set. + ; region only supported if SharedConfigEnabled. + region = us-east-1 + +Assume Role configuration + +The role_arn field allows you to configure the SDK to assume an IAM role using +a set of credentials from another source. Such as when paired with static +credentials, "profile_source", "credential_process", or "credential_source" +fields. If "role_arn" is provided, a source of credentials must also be +specified, such as "source_profile", "credential_source", or +"credential_process". role_arn = arn:aws:iam:::role/ source_profile = profile_with_creds @@ -150,40 +146,16 @@ is set. mfa_serial = role_session_name = session_name -Region is the region the SDK should use for looking up AWS service endpoints -and signing requests. - region = us-east-1 - -Assume Role with MFA token - -To create a session with support for assuming an IAM role with MFA set the -session option AssumeRoleTokenProvider to a function that will prompt for the -MFA token code when the SDK assumes the role and refreshes the role's credentials. -This allows you to configure the SDK via the shared config to assumea role -with MFA tokens. - -In order for the SDK to assume a role with MFA the SharedConfigState -session option must be set to SharedConfigEnable, or AWS_SDK_LOAD_CONFIG -environment variable set. - -The shared configuration instructs the SDK to assume an IAM role with MFA -when the mfa_serial configuration field is set in the shared config -(~/.aws/config) or shared credentials (~/.aws/credentials) file. - -If mfa_serial is set in the configuration, the SDK will assume the role, and -the AssumeRoleTokenProvider session option is not set an an error will -be returned when creating the session. +The SDK supports assuming a role with MFA token. If "mfa_serial" is set, you +must also set the Session Option.AssumeRoleTokenProvider. The Session will fail +to load if the AssumeRoleTokenProvider is not specified. sess := session.Must(session.NewSessionWithOptions(session.Options{ AssumeRoleTokenProvider: stscreds.StdinTokenProvider, })) - // Create service client value configured for credentials - // from assumed role. - svc := s3.New(sess) - -To setup assume role outside of a session see the stscreds.AssumeRoleProvider +To setup Assume Role outside of a session see the stscreds.AssumeRoleProvider documentation. Environment Variables diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index e3959b959ef..c1e0e9c9543 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -1,12 +1,15 @@ package session import ( + "fmt" "os" "strconv" + "strings" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/defaults" + "github.com/aws/aws-sdk-go/aws/endpoints" ) // EnvProviderName provides a name of the provider when config is loaded from environment. @@ -99,21 +102,61 @@ type envConfig struct { CustomCABundle string csmEnabled string - CSMEnabled bool + CSMEnabled *bool CSMPort string + CSMHost string CSMClientID string - enableEndpointDiscovery string // Enables endpoint discovery via environment variables. // // AWS_ENABLE_ENDPOINT_DISCOVERY=true EnableEndpointDiscovery *bool + enableEndpointDiscovery string + + // Specifies the WebIdentity token the SDK should use to assume a role + // with. + // + // AWS_WEB_IDENTITY_TOKEN_FILE=file_path + WebIdentityTokenFilePath string + + // Specifies the IAM role arn to use when assuming an role. + // + // AWS_ROLE_ARN=role_arn + RoleARN string + + // Specifies the IAM role session name to use when assuming a role. + // + // AWS_ROLE_SESSION_NAME=session_name + RoleSessionName string + + // Specifies the STS Regional Endpoint flag for the SDK to resolve the endpoint + // for a service. + // + // AWS_STS_REGIONAL_ENDPOINTS=regional + // This can take value as `regional` or `legacy` + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // Specifies the S3 Regional Endpoint flag for the SDK to resolve the + // endpoint for a service. + // + // AWS_S3_US_EAST_1_REGIONAL_ENDPOINT=regional + // This can take value as `regional` or `legacy` + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint + + // Specifies if the S3 service should allow ARNs to direct the region + // the client's requests are sent to. + // + // AWS_S3_USE_ARN_REGION=true + S3UseARNRegion bool } var ( csmEnabledEnvKey = []string{ "AWS_CSM_ENABLED", } + csmHostEnvKey = []string{ + "AWS_CSM_HOST", + } csmPortEnvKey = []string{ "AWS_CSM_PORT", } @@ -150,6 +193,24 @@ var ( sharedConfigFileEnvKey = []string{ "AWS_CONFIG_FILE", } + webIdentityTokenFilePathEnvKey = []string{ + "AWS_WEB_IDENTITY_TOKEN_FILE", + } + roleARNEnvKey = []string{ + "AWS_ROLE_ARN", + } + roleSessionNameEnvKey = []string{ + "AWS_ROLE_SESSION_NAME", + } + stsRegionalEndpointKey = []string{ + "AWS_STS_REGIONAL_ENDPOINTS", + } + s3UsEast1RegionalEndpoint = []string{ + "AWS_S3_US_EAST_1_REGIONAL_ENDPOINT", + } + s3UseARNRegionEnvKey = []string{ + "AWS_S3_USE_ARN_REGION", + } ) // loadEnvConfig retrieves the SDK's environment configuration. @@ -158,7 +219,7 @@ var ( // If the environment variable `AWS_SDK_LOAD_CONFIG` is set to a truthy value // the shared SDK config will be loaded in addition to the SDK's specific // configuration values. -func loadEnvConfig() envConfig { +func loadEnvConfig() (envConfig, error) { enableSharedConfig, _ := strconv.ParseBool(os.Getenv("AWS_SDK_LOAD_CONFIG")) return envConfigLoad(enableSharedConfig) } @@ -169,30 +230,42 @@ func loadEnvConfig() envConfig { // Loads the shared configuration in addition to the SDK's specific configuration. // This will load the same values as `loadEnvConfig` if the `AWS_SDK_LOAD_CONFIG` // environment variable is set. -func loadSharedEnvConfig() envConfig { +func loadSharedEnvConfig() (envConfig, error) { return envConfigLoad(true) } -func envConfigLoad(enableSharedConfig bool) envConfig { +func envConfigLoad(enableSharedConfig bool) (envConfig, error) { cfg := envConfig{} cfg.EnableSharedConfig = enableSharedConfig - setFromEnvVal(&cfg.Creds.AccessKeyID, credAccessEnvKey) - setFromEnvVal(&cfg.Creds.SecretAccessKey, credSecretEnvKey) - setFromEnvVal(&cfg.Creds.SessionToken, credSessionEnvKey) + // Static environment credentials + var creds credentials.Value + setFromEnvVal(&creds.AccessKeyID, credAccessEnvKey) + setFromEnvVal(&creds.SecretAccessKey, credSecretEnvKey) + setFromEnvVal(&creds.SessionToken, credSessionEnvKey) + if creds.HasKeys() { + // Require logical grouping of credentials + creds.ProviderName = EnvProviderName + cfg.Creds = creds + } + + // Role Metadata + setFromEnvVal(&cfg.RoleARN, roleARNEnvKey) + setFromEnvVal(&cfg.RoleSessionName, roleSessionNameEnvKey) + + // Web identity environment variables + setFromEnvVal(&cfg.WebIdentityTokenFilePath, webIdentityTokenFilePathEnvKey) // CSM environment variables setFromEnvVal(&cfg.csmEnabled, csmEnabledEnvKey) + setFromEnvVal(&cfg.CSMHost, csmHostEnvKey) setFromEnvVal(&cfg.CSMPort, csmPortEnvKey) setFromEnvVal(&cfg.CSMClientID, csmClientIDEnvKey) - cfg.CSMEnabled = len(cfg.csmEnabled) > 0 - // Require logical grouping of credentials - if len(cfg.Creds.AccessKeyID) == 0 || len(cfg.Creds.SecretAccessKey) == 0 { - cfg.Creds = credentials.Value{} - } else { - cfg.Creds.ProviderName = EnvProviderName + if len(cfg.csmEnabled) != 0 { + v, _ := strconv.ParseBool(cfg.csmEnabled) + cfg.CSMEnabled = &v } regionKeys := regionEnvKeys @@ -223,12 +296,48 @@ func envConfigLoad(enableSharedConfig bool) envConfig { cfg.CustomCABundle = os.Getenv("AWS_CA_BUNDLE") - return cfg + var err error + // STS Regional Endpoint variable + for _, k := range stsRegionalEndpointKey { + if v := os.Getenv(k); len(v) != 0 { + cfg.STSRegionalEndpoint, err = endpoints.GetSTSRegionalEndpoint(v) + if err != nil { + return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) + } + } + } + + // S3 Regional Endpoint variable + for _, k := range s3UsEast1RegionalEndpoint { + if v := os.Getenv(k); len(v) != 0 { + cfg.S3UsEast1RegionalEndpoint, err = endpoints.GetS3UsEast1RegionalEndpoint(v) + if err != nil { + return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) + } + } + } + + var s3UseARNRegion string + setFromEnvVal(&s3UseARNRegion, s3UseARNRegionEnvKey) + if len(s3UseARNRegion) != 0 { + switch { + case strings.EqualFold(s3UseARNRegion, "false"): + cfg.S3UseARNRegion = false + case strings.EqualFold(s3UseARNRegion, "true"): + cfg.S3UseARNRegion = true + default: + return envConfig{}, fmt.Errorf( + "invalid value for environment variable, %s=%s, need true or false", + s3UseARNRegionEnvKey[0], s3UseARNRegion) + } + } + + return cfg, nil } func setFromEnvVal(dst *string, keys []string) { for _, k := range keys { - if v := os.Getenv(k); len(v) > 0 { + if v := os.Getenv(k); len(v) != 0 { *dst = v break } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 9bdbafd65cc..0ff49960510 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -8,19 +8,17 @@ import ( "io/ioutil" "net/http" "os" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/corehandlers" "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/credentials/processcreds" - "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/csm" "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/shareddefaults" ) const ( @@ -75,7 +73,7 @@ type Session struct { // func is called instead of waiting to receive an error until a request is made. func New(cfgs ...*aws.Config) *Session { // load initial config from environment - envCfg := loadEnvConfig() + envCfg, envErr := loadEnvConfig() if envCfg.EnableSharedConfig { var cfg aws.Config @@ -95,19 +93,28 @@ func New(cfgs ...*aws.Config) *Session { // Session creation failed, need to report the error and prevent // any requests from succeeding. s = &Session{Config: defaults.Config()} - s.Config.MergeIn(cfgs...) - s.Config.Logger.Log("ERROR:", msg, "Error:", err) - s.Handlers.Validate.PushBack(func(r *request.Request) { - r.Error = err - }) + s.logDeprecatedNewSessionError(msg, err, cfgs) } return s } s := deprecatedNewSession(cfgs...) - if envCfg.CSMEnabled { - enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger) + if envErr != nil { + msg := "failed to load env config" + s.logDeprecatedNewSessionError(msg, envErr, cfgs) + } + + if csmCfg, err := loadCSMConfig(envCfg, []string{}); err != nil { + if l := s.Config.Logger; l != nil { + l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) + } + } else if csmCfg.Enabled { + err := enableCSM(&s.Handlers, csmCfg, s.Config.Logger) + if err != nil { + msg := "failed to enable CSM" + s.logDeprecatedNewSessionError(msg, err, cfgs) + } } return s @@ -126,7 +133,7 @@ func New(cfgs ...*aws.Config) *Session { // to be built with retrieving credentials with AssumeRole set in the config. // // See the NewSessionWithOptions func for information on how to override or -// control through code how the Session will be created. Such as specifying the +// control through code how the Session will be created, such as specifying the // config profile, and controlling if shared config is enabled or not. func NewSession(cfgs ...*aws.Config) (*Session, error) { opts := Options{} @@ -210,6 +217,12 @@ type Options struct { // the config enables assume role wit MFA via the mfa_serial field. AssumeRoleTokenProvider func() (string, error) + // When the SDK's shared config is configured to assume a role this option + // may be provided to set the expiry duration of the STS credentials. + // Defaults to 15 minutes if not set as documented in the + // stscreds.AssumeRoleProvider. + AssumeRoleDuration time.Duration + // Reader for a custom Credentials Authority (CA) bundle in PEM format that // the SDK will use instead of the default system's root CA bundle. Use this // only if you want to replace the CA bundle the SDK uses for TLS requests. @@ -224,6 +237,12 @@ type Options struct { // to also enable this feature. CustomCABundle session option field has priority // over the AWS_CA_BUNDLE environment variable, and will be used if both are set. CustomCABundle io.Reader + + // The handlers that the session and all API clients will be created with. + // This must be a complete set of handlers. Use the defaults.Handlers() + // function to initialize this value before changing the handlers to be + // used by the SDK. + Handlers request.Handlers } // NewSessionWithOptions returns a new Session created from SDK defaults, config files, @@ -257,13 +276,20 @@ type Options struct { // })) func NewSessionWithOptions(opts Options) (*Session, error) { var envCfg envConfig + var err error if opts.SharedConfigState == SharedConfigEnable { - envCfg = loadSharedEnvConfig() + envCfg, err = loadSharedEnvConfig() + if err != nil { + return nil, fmt.Errorf("failed to load shared config, %v", err) + } } else { - envCfg = loadEnvConfig() + envCfg, err = loadEnvConfig() + if err != nil { + return nil, fmt.Errorf("failed to load environment config, %v", err) + } } - if len(opts.Profile) > 0 { + if len(opts.Profile) != 0 { envCfg.Profile = opts.Profile } @@ -329,27 +355,33 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session { return s } -func enableCSM(handlers *request.Handlers, clientID string, port string, logger aws.Logger) { - logger.Log("Enabling CSM") - if len(port) == 0 { - port = csm.DefaultPort +func enableCSM(handlers *request.Handlers, cfg csmConfig, logger aws.Logger) error { + if logger != nil { + logger.Log("Enabling CSM") } - r, err := csm.Start(clientID, "127.0.0.1:"+port) + r, err := csm.Start(cfg.ClientID, csm.AddressWithDefaults(cfg.Host, cfg.Port)) if err != nil { - return + return err } r.InjectHandlers(handlers) + + return nil } func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, error) { cfg := defaults.Config() - handlers := defaults.Handlers() + + handlers := opts.Handlers + if handlers.IsEmpty() { + handlers = defaults.Handlers() + } // Get a merged version of the user provided config to determine if // credentials were. userCfg := &aws.Config{} userCfg.MergeIn(cfgs...) + cfg.MergeIn(userCfg) // Ordered config files will be loaded in with later files overwriting // previous config file values. @@ -366,9 +398,17 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, } // Load additional config from file(s) - sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles) + sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles, envCfg.EnableSharedConfig) if err != nil { - return nil, err + if len(envCfg.Profile) == 0 && !envCfg.EnableSharedConfig && (envCfg.Creds.HasKeys() || userCfg.Credentials != nil) { + // Special case where the user has not explicitly specified an AWS_PROFILE, + // or session.Options.profile, shared config is not enabled, and the + // environment has credentials, allow the shared config file to fail to + // load since the user has already provided credentials, and nothing else + // is required to be read file. Github(aws/aws-sdk-go#2455) + } else if _, ok := err.(SharedConfigProfileNotExistsError); !ok { + return nil, err + } } if err := mergeConfigSrcs(cfg, userCfg, envCfg, sharedCfg, handlers, opts); err != nil { @@ -381,8 +421,16 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, } initHandlers(s) - if envCfg.CSMEnabled { - enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger) + + if csmCfg, err := loadCSMConfig(envCfg, cfgFiles); err != nil { + if l := s.Config.Logger; l != nil { + l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) + } + } else if csmCfg.Enabled { + err = enableCSM(&s.Handlers, csmCfg, s.Config.Logger) + if err != nil { + return nil, err + } } // Setup HTTP client with custom cert bundle if enabled @@ -395,6 +443,46 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, return s, nil } +type csmConfig struct { + Enabled bool + Host string + Port string + ClientID string +} + +var csmProfileName = "aws_csm" + +func loadCSMConfig(envCfg envConfig, cfgFiles []string) (csmConfig, error) { + if envCfg.CSMEnabled != nil { + if *envCfg.CSMEnabled { + return csmConfig{ + Enabled: true, + ClientID: envCfg.CSMClientID, + Host: envCfg.CSMHost, + Port: envCfg.CSMPort, + }, nil + } + return csmConfig{}, nil + } + + sharedCfg, err := loadSharedConfig(csmProfileName, cfgFiles, false) + if err != nil { + if _, ok := err.(SharedConfigProfileNotExistsError); !ok { + return csmConfig{}, err + } + } + if sharedCfg.CSMEnabled != nil && *sharedCfg.CSMEnabled == true { + return csmConfig{ + Enabled: true, + ClientID: sharedCfg.CSMClientID, + Host: sharedCfg.CSMHost, + Port: sharedCfg.CSMPort, + }, nil + } + + return csmConfig{}, nil +} + func loadCustomCABundle(s *Session, bundle io.Reader) error { var t *http.Transport switch v := s.Config.HTTPClient.Transport.(type) { @@ -407,7 +495,10 @@ func loadCustomCABundle(s *Session, bundle io.Reader) error { } } if t == nil { - t = &http.Transport{} + // Nil transport implies `http.DefaultTransport` should be used. Since + // the SDK cannot modify, nor copy the `DefaultTransport` specifying + // the values the next closest behavior. + t = getCABundleTransport() } p, err := loadCertPool(bundle) @@ -440,9 +531,11 @@ func loadCertPool(r io.Reader) (*x509.CertPool, error) { return p, nil } -func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig, handlers request.Handlers, sessOpts Options) error { - // Merge in user provided configuration - cfg.MergeIn(userCfg) +func mergeConfigSrcs(cfg, userCfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) error { // Region if not already set by user if len(aws.StringValue(cfg.Region)) == 0 { @@ -461,162 +554,59 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg share } } - // Configure credentials if not already set + // Regional Endpoint flag for STS endpoint resolving + mergeSTSRegionalEndpointConfig(cfg, []endpoints.STSRegionalEndpoint{ + userCfg.STSRegionalEndpoint, + envCfg.STSRegionalEndpoint, + sharedCfg.STSRegionalEndpoint, + endpoints.LegacySTSEndpoint, + }) + + // Regional Endpoint flag for S3 endpoint resolving + mergeS3UsEast1RegionalEndpointConfig(cfg, []endpoints.S3UsEast1RegionalEndpoint{ + userCfg.S3UsEast1RegionalEndpoint, + envCfg.S3UsEast1RegionalEndpoint, + sharedCfg.S3UsEast1RegionalEndpoint, + endpoints.LegacyS3UsEast1Endpoint, + }) + + // Configure credentials if not already set by the user when creating the + // Session. if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - - // inspect the profile to see if a credential source has been specified. - if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.CredentialSource) > 0 { - - // if both credential_source and source_profile have been set, return an error - // as this is undefined behavior. - if len(sharedCfg.AssumeRole.SourceProfile) > 0 { - return ErrSharedConfigSourceCollision - } - - // valid credential source values - const ( - credSourceEc2Metadata = "Ec2InstanceMetadata" - credSourceEnvironment = "Environment" - credSourceECSContainer = "EcsContainer" - ) - - switch sharedCfg.AssumeRole.CredentialSource { - case credSourceEc2Metadata: - cfgCp := *cfg - p := defaults.RemoteCredProvider(cfgCp, handlers) - cfgCp.Credentials = credentials.NewCredentials(p) - - if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil { - // AssumeRole Token provider is required if doing Assume Role - // with MFA. - return AssumeRoleTokenProviderNotSetError{} - } - - cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts) - case credSourceEnvironment: - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - envCfg.Creds, - ) - case credSourceECSContainer: - if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 { - return ErrSharedConfigECSContainerEnvVarEmpty - } - - cfgCp := *cfg - p := defaults.RemoteCredProvider(cfgCp, handlers) - creds := credentials.NewCredentials(p) - - cfg.Credentials = creds - default: - return ErrSharedConfigInvalidCredSource - } - - return nil + creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) + if err != nil { + return err } + cfg.Credentials = creds + } - if len(envCfg.Creds.AccessKeyID) > 0 { - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - envCfg.Creds, - ) - } else if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.RoleARN) > 0 && sharedCfg.AssumeRoleSource != nil { - cfgCp := *cfg - cfgCp.Credentials = credentials.NewStaticCredentialsFromCreds( - sharedCfg.AssumeRoleSource.Creds, - ) - - if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil { - // AssumeRole Token provider is required if doing Assume Role - // with MFA. - return AssumeRoleTokenProviderNotSetError{} - } - - cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts) - } else if len(sharedCfg.Creds.AccessKeyID) > 0 { - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - sharedCfg.Creds, - ) - } else if len(sharedCfg.CredentialProcess) > 0 { - cfg.Credentials = processcreds.NewCredentials( - sharedCfg.CredentialProcess, - ) - } else { - // Fallback to default credentials provider, include mock errors - // for the credential chain so user can identify why credentials - // failed to be retrieved. - cfg.Credentials = credentials.NewCredentials(&credentials.ChainProvider{ - VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), - Providers: []credentials.Provider{ - &credProviderError{Err: awserr.New("EnvAccessKeyNotFound", "failed to find credentials in the environment.", nil)}, - &credProviderError{Err: awserr.New("SharedCredsLoad", fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil)}, - defaults.RemoteCredProvider(*cfg, handlers), - }, - }) - } + cfg.S3UseARNRegion = userCfg.S3UseARNRegion + if cfg.S3UseARNRegion == nil { + cfg.S3UseARNRegion = &envCfg.S3UseARNRegion + } + if cfg.S3UseARNRegion == nil { + cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion } return nil } -func assumeRoleCredentials(cfg aws.Config, handlers request.Handlers, sharedCfg sharedConfig, sessOpts Options) *credentials.Credentials { - return stscreds.NewCredentials( - &Session{ - Config: &cfg, - Handlers: handlers.Copy(), - }, - sharedCfg.AssumeRole.RoleARN, - func(opt *stscreds.AssumeRoleProvider) { - opt.RoleSessionName = sharedCfg.AssumeRole.RoleSessionName - - // Assume role with external ID - if len(sharedCfg.AssumeRole.ExternalID) > 0 { - opt.ExternalID = aws.String(sharedCfg.AssumeRole.ExternalID) - } - - // Assume role with MFA - if len(sharedCfg.AssumeRole.MFASerial) > 0 { - opt.SerialNumber = aws.String(sharedCfg.AssumeRole.MFASerial) - opt.TokenProvider = sessOpts.AssumeRoleTokenProvider - } - }, - ) +func mergeSTSRegionalEndpointConfig(cfg *aws.Config, values []endpoints.STSRegionalEndpoint) { + for _, v := range values { + if v != endpoints.UnsetSTSEndpoint { + cfg.STSRegionalEndpoint = v + break + } + } } -// AssumeRoleTokenProviderNotSetError is an error returned when creating a session when the -// MFAToken option is not set when shared config is configured load assume a -// role with an MFA token. -type AssumeRoleTokenProviderNotSetError struct{} - -// Code is the short id of the error. -func (e AssumeRoleTokenProviderNotSetError) Code() string { - return "AssumeRoleTokenProviderNotSetError" -} - -// Message is the description of the error -func (e AssumeRoleTokenProviderNotSetError) Message() string { - return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") -} - -// OrigErr is the underlying error that caused the failure. -func (e AssumeRoleTokenProviderNotSetError) OrigErr() error { - return nil -} - -// Error satisfies the error interface. -func (e AssumeRoleTokenProviderNotSetError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", nil) -} - -type credProviderError struct { - Err error -} - -var emptyCreds = credentials.Value{} - -func (c credProviderError) Retrieve() (credentials.Value, error) { - return credentials.Value{}, c.Err -} -func (c credProviderError) IsExpired() bool { - return true +func mergeS3UsEast1RegionalEndpointConfig(cfg *aws.Config, values []endpoints.S3UsEast1RegionalEndpoint) { + for _, v := range values { + if v != endpoints.UnsetS3UsEast1Endpoint { + cfg.S3UsEast1RegionalEndpoint = v + break + } + } } func initHandlers(s *Session) { @@ -627,7 +617,7 @@ func initHandlers(s *Session) { } } -// Copy creates and returns a copy of the current Session, coping the config +// Copy creates and returns a copy of the current Session, copying the config // and handlers. If any additional configs are provided they will be merged // on top of the Session's copied config. // @@ -647,47 +637,67 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session { // ClientConfig satisfies the client.ConfigProvider interface and is used to // configure the service client instances. Passing the Session to the service // client's constructor (New) will use this method to configure the client. -func (s *Session) ClientConfig(serviceName string, cfgs ...*aws.Config) client.Config { - // Backwards compatibility, the error will be eaten if user calls ClientConfig - // directly. All SDK services will use ClientconfigWithError. - cfg, _ := s.clientConfigWithErr(serviceName, cfgs...) - - return cfg -} - -func (s *Session) clientConfigWithErr(serviceName string, cfgs ...*aws.Config) (client.Config, error) { +func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Config { s = s.Copy(cfgs...) - var resolved endpoints.ResolvedEndpoint - var err error - region := aws.StringValue(s.Config.Region) - - if endpoint := aws.StringValue(s.Config.Endpoint); len(endpoint) != 0 { - resolved.URL = endpoints.AddScheme(endpoint, aws.BoolValue(s.Config.DisableSSL)) - resolved.SigningRegion = region - } else { - resolved, err = s.Config.EndpointResolver.EndpointFor( - serviceName, region, - func(opt *endpoints.Options) { - opt.DisableSSL = aws.BoolValue(s.Config.DisableSSL) - opt.UseDualStack = aws.BoolValue(s.Config.UseDualStack) - - // Support the condition where the service is modeled but its - // endpoint metadata is not available. - opt.ResolveUnknownService = true - }, - ) + resolved, err := s.resolveEndpoint(service, region, s.Config) + if err != nil { + s.Handlers.Validate.PushBack(func(r *request.Request) { + if len(r.ClientInfo.Endpoint) != 0 { + // Error occurred while resolving endpoint, but the request + // being invoked has had an endpoint specified after the client + // was created. + return + } + r.Error = err + }) } return client.Config{ Config: s.Config, Handlers: s.Handlers, + PartitionID: resolved.PartitionID, Endpoint: resolved.URL, SigningRegion: resolved.SigningRegion, SigningNameDerived: resolved.SigningNameDerived, SigningName: resolved.SigningName, - }, err + } +} + +func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { + + if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 { + return endpoints.ResolvedEndpoint{ + URL: endpoints.AddScheme(ep, aws.BoolValue(cfg.DisableSSL)), + SigningRegion: region, + }, nil + } + + resolved, err := cfg.EndpointResolver.EndpointFor(service, region, + func(opt *endpoints.Options) { + opt.DisableSSL = aws.BoolValue(cfg.DisableSSL) + opt.UseDualStack = aws.BoolValue(cfg.UseDualStack) + // Support for STSRegionalEndpoint where the STSRegionalEndpoint is + // provided in envConfig or sharedConfig with envConfig getting + // precedence. + opt.STSRegionalEndpoint = cfg.STSRegionalEndpoint + + // Support for S3UsEast1RegionalEndpoint where the S3UsEast1RegionalEndpoint is + // provided in envConfig or sharedConfig with envConfig getting + // precedence. + opt.S3UsEast1RegionalEndpoint = cfg.S3UsEast1RegionalEndpoint + + // Support the condition where the service is modeled but its + // endpoint metadata is not available. + opt.ResolveUnknownService = true + }, + ) + if err != nil { + return endpoints.ResolvedEndpoint{}, err + } + + return resolved, nil } // ClientConfigNoResolveEndpoint is the same as ClientConfig with the exception @@ -697,12 +707,9 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf s = s.Copy(cfgs...) var resolved endpoints.ResolvedEndpoint - - region := aws.StringValue(s.Config.Region) - if ep := aws.StringValue(s.Config.Endpoint); len(ep) > 0 { resolved.URL = endpoints.AddScheme(ep, aws.BoolValue(s.Config.DisableSSL)) - resolved.SigningRegion = region + resolved.SigningRegion = aws.StringValue(s.Config.Region) } return client.Config{ @@ -714,3 +721,14 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf SigningName: resolved.SigningName, } } + +// logDeprecatedNewSessionError function enables error handling for session +func (s *Session) logDeprecatedNewSessionError(msg string, err error, cfgs []*aws.Config) { + // Session creation failed, need to report the error and prevent + // any requests from succeeding. + s.Config.MergeIn(cfgs...) + s.Config.Logger.Log("ERROR:", msg, "Error:", err) + s.Handlers.Validate.PushBack(func(r *request.Request) { + r.Error = err + }) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index 7cb44021b3f..a8ed8807600 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -5,7 +5,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" - + "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/internal/ini" ) @@ -23,50 +23,66 @@ const ( mfaSerialKey = `mfa_serial` // optional roleSessionNameKey = `role_session_name` // optional + // CSM options + csmEnabledKey = `csm_enabled` + csmHostKey = `csm_host` + csmPortKey = `csm_port` + csmClientIDKey = `csm_client_id` + // Additional Config fields regionKey = `region` // endpoint discovery group enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional + // External Credential Process - credentialProcessKey = `credential_process` + credentialProcessKey = `credential_process` // optional + + // Web Identity Token File + webIdentityTokenFileKey = `web_identity_token_file` // optional + + // Additional config fields for regional or legacy endpoints + stsRegionalEndpointSharedKey = `sts_regional_endpoints` + + // Additional config fields for regional or legacy endpoints + s3UsEast1RegionalSharedKey = `s3_us_east_1_regional_endpoint` // DefaultSharedConfigProfile is the default profile to be used when // loading configuration from the config files if another profile name // is not provided. DefaultSharedConfigProfile = `default` -) -type assumeRoleConfig struct { - RoleARN string - SourceProfile string - CredentialSource string - ExternalID string - MFASerial string - RoleSessionName string -} + // S3 ARN Region Usage + s3UseARNRegionKey = "s3_use_arn_region" +) // sharedConfig represents the configuration fields of the SDK config files. type sharedConfig struct { - // Credentials values from the config file. Both aws_access_key_id - // and aws_secret_access_key must be provided together in the same file - // to be considered valid. The values will be ignored if not a complete group. - // aws_session_token is an optional field that can be provided if both of the - // other two fields are also provided. + // Credentials values from the config file. Both aws_access_key_id and + // aws_secret_access_key must be provided together in the same file to be + // considered valid. The values will be ignored if not a complete group. + // aws_session_token is an optional field that can be provided if both of + // the other two fields are also provided. // // aws_access_key_id // aws_secret_access_key // aws_session_token Creds credentials.Value - AssumeRole assumeRoleConfig - AssumeRoleSource *sharedConfig + CredentialSource string + CredentialProcess string + WebIdentityTokenFile string - // An external process to request credentials - CredentialProcess string + RoleARN string + RoleSessionName string + ExternalID string + MFASerial string - // Region is the region the SDK should use for looking up AWS service endpoints - // and signing requests. + SourceProfileName string + SourceProfile *sharedConfig + + // Region is the region the SDK should use for looking up AWS service + // endpoints and signing requests. // // region Region string @@ -76,6 +92,30 @@ type sharedConfig struct { // // endpoint_discovery_enabled = true EnableEndpointDiscovery *bool + + // CSM Options + CSMEnabled *bool + CSMHost string + CSMPort string + CSMClientID string + + // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service + // + // sts_regional_endpoints = regional + // This can take value as `LegacySTSEndpoint` or `RegionalSTSEndpoint` + STSRegionalEndpoint endpoints.STSRegionalEndpoint + + // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service + // + // s3_us_east_1_regional_endpoint = regional + // This can take value as `LegacyS3UsEast1Endpoint` or `RegionalS3UsEast1Endpoint` + S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint + + // Specifies if the S3 service should allow ARNs to direct the region + // the client's requests are sent to. + // + // s3_use_arn_region=true + S3UseARNRegion bool } type sharedConfigFile struct { @@ -83,17 +123,18 @@ type sharedConfigFile struct { IniData ini.Sections } -// loadSharedConfig retrieves the configuration from the list of files -// using the profile provided. The order the files are listed will determine +// loadSharedConfig retrieves the configuration from the list of files using +// the profile provided. The order the files are listed will determine // precedence. Values in subsequent files will overwrite values defined in // earlier files. // // For example, given two files A and B. Both define credentials. If the order -// of the files are A then B, B's credential values will be used instead of A's. +// of the files are A then B, B's credential values will be used instead of +// A's. // // See sharedConfig.setFromFile for information how the config files // will be loaded. -func loadSharedConfig(profile string, filenames []string) (sharedConfig, error) { +func loadSharedConfig(profile string, filenames []string, exOpts bool) (sharedConfig, error) { if len(profile) == 0 { profile = DefaultSharedConfigProfile } @@ -104,16 +145,11 @@ func loadSharedConfig(profile string, filenames []string) (sharedConfig, error) } cfg := sharedConfig{} - if err = cfg.setFromIniFiles(profile, files); err != nil { + profiles := map[string]struct{}{} + if err = cfg.setFromIniFiles(profiles, profile, files, exOpts); err != nil { return sharedConfig{}, err } - if len(cfg.AssumeRole.SourceProfile) > 0 { - if err := cfg.setAssumeRoleSource(profile, files); err != nil { - return sharedConfig{}, err - } - } - return cfg, nil } @@ -137,60 +173,88 @@ func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) { return files, nil } -func (cfg *sharedConfig) setAssumeRoleSource(origProfile string, files []sharedConfigFile) error { - var assumeRoleSrc sharedConfig - - if len(cfg.AssumeRole.CredentialSource) > 0 { - // setAssumeRoleSource is only called when source_profile is found. - // If both source_profile and credential_source are set, then - // ErrSharedConfigSourceCollision will be returned - return ErrSharedConfigSourceCollision - } - - // Multiple level assume role chains are not support - if cfg.AssumeRole.SourceProfile == origProfile { - assumeRoleSrc = *cfg - assumeRoleSrc.AssumeRole = assumeRoleConfig{} - } else { - err := assumeRoleSrc.setFromIniFiles(cfg.AssumeRole.SourceProfile, files) - if err != nil { - return err - } - } - - if len(assumeRoleSrc.Creds.AccessKeyID) == 0 { - return SharedConfigAssumeRoleError{RoleARN: cfg.AssumeRole.RoleARN} - } - - cfg.AssumeRoleSource = &assumeRoleSrc - - return nil -} - -func (cfg *sharedConfig) setFromIniFiles(profile string, files []sharedConfigFile) error { +func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error { // Trim files from the list that don't exist. + var skippedFiles int + var profileNotFoundErr error for _, f := range files { - if err := cfg.setFromIniFile(profile, f); err != nil { + if err := cfg.setFromIniFile(profile, f, exOpts); err != nil { if _, ok := err.(SharedConfigProfileNotExistsError); ok { - // Ignore proviles missings + // Ignore profiles not defined in individual files. + profileNotFoundErr = err + skippedFiles++ continue } return err } } + if skippedFiles == len(files) { + // If all files were skipped because the profile is not found, return + // the original profile not found error. + return profileNotFoundErr + } + + if _, ok := profiles[profile]; ok { + // if this is the second instance of the profile the Assume Role + // options must be cleared because they are only valid for the + // first reference of a profile. The self linked instance of the + // profile only have credential provider options. + cfg.clearAssumeRoleOptions() + } else { + // First time a profile has been seen, It must either be a assume role + // or credentials. Assert if the credential type requires a role ARN, + // the ARN is also set. + if err := cfg.validateCredentialsRequireARN(profile); err != nil { + return err + } + } + profiles[profile] = struct{}{} + + if err := cfg.validateCredentialType(); err != nil { + return err + } + + // Link source profiles for assume roles + if len(cfg.SourceProfileName) != 0 { + // Linked profile via source_profile ignore credential provider + // options, the source profile must provide the credentials. + cfg.clearCredentialOptions() + + srcCfg := &sharedConfig{} + err := srcCfg.setFromIniFiles(profiles, cfg.SourceProfileName, files, exOpts) + if err != nil { + // SourceProfile that doesn't exist is an error in configuration. + if _, ok := err.(SharedConfigProfileNotExistsError); ok { + err = SharedConfigAssumeRoleError{ + RoleARN: cfg.RoleARN, + SourceProfile: cfg.SourceProfileName, + } + } + return err + } + + if !srcCfg.hasCredentials() { + return SharedConfigAssumeRoleError{ + RoleARN: cfg.RoleARN, + SourceProfile: cfg.SourceProfileName, + } + } + + cfg.SourceProfile = srcCfg + } return nil } -// setFromFile loads the configuration from the file using -// the profile provided. A sharedConfig pointer type value is used so that -// multiple config file loadings can be chained. +// setFromFile loads the configuration from the file using the profile +// provided. A sharedConfig pointer type value is used so that multiple config +// file loadings can be chained. // // Only loads complete logically grouped values, and will not set fields in cfg -// for incomplete grouped values in the config. Such as credentials. For example -// if a config file only includes aws_access_key_id but no aws_secret_access_key -// the aws_access_key_id will be ignored. -func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) error { +// for incomplete grouped values in the config. Such as credentials. For +// example if a config file only includes aws_access_key_id but no +// aws_secret_access_key the aws_access_key_id will be ignored. +func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, exOpts bool) error { section, ok := file.IniData.GetSection(profile) if !ok { // Fallback to to alternate profile name: profile @@ -200,53 +264,171 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) e } } + if exOpts { + // Assume Role Parameters + updateString(&cfg.RoleARN, section, roleArnKey) + updateString(&cfg.ExternalID, section, externalIDKey) + updateString(&cfg.MFASerial, section, mfaSerialKey) + updateString(&cfg.RoleSessionName, section, roleSessionNameKey) + updateString(&cfg.SourceProfileName, section, sourceProfileKey) + updateString(&cfg.CredentialSource, section, credentialSourceKey) + updateString(&cfg.Region, section, regionKey) + + if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 { + sre, err := endpoints.GetSTSRegionalEndpoint(v) + if err != nil { + return fmt.Errorf("failed to load %s from shared config, %s, %v", + stsRegionalEndpointSharedKey, file.Filename, err) + } + cfg.STSRegionalEndpoint = sre + } + + if v := section.String(s3UsEast1RegionalSharedKey); len(v) != 0 { + sre, err := endpoints.GetS3UsEast1RegionalEndpoint(v) + if err != nil { + return fmt.Errorf("failed to load %s from shared config, %s, %v", + s3UsEast1RegionalSharedKey, file.Filename, err) + } + cfg.S3UsEast1RegionalEndpoint = sre + } + } + + updateString(&cfg.CredentialProcess, section, credentialProcessKey) + updateString(&cfg.WebIdentityTokenFile, section, webIdentityTokenFileKey) + // Shared Credentials - akid := section.String(accessKeyIDKey) - secret := section.String(secretAccessKey) - if len(akid) > 0 && len(secret) > 0 { - cfg.Creds = credentials.Value{ - AccessKeyID: akid, - SecretAccessKey: secret, - SessionToken: section.String(sessionTokenKey), - ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename), - } + creds := credentials.Value{ + AccessKeyID: section.String(accessKeyIDKey), + SecretAccessKey: section.String(secretAccessKey), + SessionToken: section.String(sessionTokenKey), + ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename), } - - // Assume Role - roleArn := section.String(roleArnKey) - srcProfile := section.String(sourceProfileKey) - credentialSource := section.String(credentialSourceKey) - hasSource := len(srcProfile) > 0 || len(credentialSource) > 0 - if len(roleArn) > 0 && hasSource { - cfg.AssumeRole = assumeRoleConfig{ - RoleARN: roleArn, - SourceProfile: srcProfile, - CredentialSource: credentialSource, - ExternalID: section.String(externalIDKey), - MFASerial: section.String(mfaSerialKey), - RoleSessionName: section.String(roleSessionNameKey), - } - } - - // `credential_process` - if credProc := section.String(credentialProcessKey); len(credProc) > 0 { - cfg.CredentialProcess = credProc - } - - // Region - if v := section.String(regionKey); len(v) > 0 { - cfg.Region = v + if creds.HasKeys() { + cfg.Creds = creds } // Endpoint discovery - if section.Has(enableEndpointDiscoveryKey) { - v := section.Bool(enableEndpointDiscoveryKey) - cfg.EnableEndpointDiscovery = &v + updateBoolPtr(&cfg.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey) + + // CSM options + updateBoolPtr(&cfg.CSMEnabled, section, csmEnabledKey) + updateString(&cfg.CSMHost, section, csmHostKey) + updateString(&cfg.CSMPort, section, csmPortKey) + updateString(&cfg.CSMClientID, section, csmClientIDKey) + + updateBool(&cfg.S3UseARNRegion, section, s3UseARNRegionKey) + + return nil +} + +func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error { + var credSource string + + switch { + case len(cfg.SourceProfileName) != 0: + credSource = sourceProfileKey + case len(cfg.CredentialSource) != 0: + credSource = credentialSourceKey + case len(cfg.WebIdentityTokenFile) != 0: + credSource = webIdentityTokenFileKey + } + + if len(credSource) != 0 && len(cfg.RoleARN) == 0 { + return CredentialRequiresARNError{ + Type: credSource, + Profile: profile, + } } return nil } +func (cfg *sharedConfig) validateCredentialType() error { + // Only one or no credential type can be defined. + if !oneOrNone( + len(cfg.SourceProfileName) != 0, + len(cfg.CredentialSource) != 0, + len(cfg.CredentialProcess) != 0, + len(cfg.WebIdentityTokenFile) != 0, + ) { + return ErrSharedConfigSourceCollision + } + + return nil +} + +func (cfg *sharedConfig) hasCredentials() bool { + switch { + case len(cfg.SourceProfileName) != 0: + case len(cfg.CredentialSource) != 0: + case len(cfg.CredentialProcess) != 0: + case len(cfg.WebIdentityTokenFile) != 0: + case cfg.Creds.HasKeys(): + default: + return false + } + + return true +} + +func (cfg *sharedConfig) clearCredentialOptions() { + cfg.CredentialSource = "" + cfg.CredentialProcess = "" + cfg.WebIdentityTokenFile = "" + cfg.Creds = credentials.Value{} +} + +func (cfg *sharedConfig) clearAssumeRoleOptions() { + cfg.RoleARN = "" + cfg.ExternalID = "" + cfg.MFASerial = "" + cfg.RoleSessionName = "" + cfg.SourceProfileName = "" +} + +func oneOrNone(bs ...bool) bool { + var count int + + for _, b := range bs { + if b { + count++ + if count > 1 { + return false + } + } + } + + return true +} + +// updateString will only update the dst with the value in the section key, key +// is present in the section. +func updateString(dst *string, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = section.String(key) +} + +// updateBool will only update the dst with the value in the section key, key +// is present in the section. +func updateBool(dst *bool, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = section.Bool(key) +} + +// updateBoolPtr will only update the dst with the value in the section key, +// key is present in the section. +func updateBoolPtr(dst **bool, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = new(bool) + **dst = section.Bool(key) +} + // SharedConfigLoadError is an error for the shared config file failed to load. type SharedConfigLoadError struct { Filename string @@ -304,7 +486,8 @@ func (e SharedConfigProfileNotExistsError) Error() string { // profile contains assume role information, but that information is invalid // or not complete. type SharedConfigAssumeRoleError struct { - RoleARN string + RoleARN string + SourceProfile string } // Code is the short id of the error. @@ -314,8 +497,10 @@ func (e SharedConfigAssumeRoleError) Code() string { // Message is the description of the error func (e SharedConfigAssumeRoleError) Message() string { - return fmt.Sprintf("failed to load assume role for %s, source profile has no shared credentials", - e.RoleARN) + return fmt.Sprintf( + "failed to load assume role for %s, source profile %s has no shared credentials", + e.RoleARN, e.SourceProfile, + ) } // OrigErr is the underlying error that caused the failure. @@ -327,3 +512,36 @@ func (e SharedConfigAssumeRoleError) OrigErr() error { func (e SharedConfigAssumeRoleError) Error() string { return awserr.SprintError(e.Code(), e.Message(), "", nil) } + +// CredentialRequiresARNError provides the error for shared config credentials +// that are incorrectly configured in the shared config or credentials file. +type CredentialRequiresARNError struct { + // type of credentials that were configured. + Type string + + // Profile name the credentials were in. + Profile string +} + +// Code is the short id of the error. +func (e CredentialRequiresARNError) Code() string { + return "CredentialRequiresARNError" +} + +// Message is the description of the error +func (e CredentialRequiresARNError) Message() string { + return fmt.Sprintf( + "credential type %s requires role_arn, profile %s", + e.Type, e.Profile, + ) +} + +// OrigErr is the underlying error that caused the failure. +func (e CredentialRequiresARNError) OrigErr() error { + return nil +} + +// Error satisfies the error interface. +func (e CredentialRequiresARNError) Error() string { + return awserr.SprintError(e.Code(), e.Message(), "", nil) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/BUILD b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/BUILD index fcd4cbb0e96..11665340473 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/BUILD @@ -5,6 +5,7 @@ go_library( srcs = [ "header_rules.go", "options.go", + "stream.go", "uri_path.go", "v4.go", ], @@ -16,6 +17,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", "//vendor/github.com/aws/aws-sdk-go/internal/sdkio:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/internal/strings:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol/rest:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go index 244c86da054..07ea799fbd3 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go @@ -1,8 +1,7 @@ package v4 import ( - "net/http" - "strings" + "github.com/aws/aws-sdk-go/internal/strings" ) // validator houses a set of rule needed for validation of a @@ -61,7 +60,7 @@ type patterns []string // been found func (p patterns) IsValid(value string) bool { for _, pattern := range p { - if strings.HasPrefix(http.CanonicalHeaderKey(value), pattern) { + if strings.HasPrefixFold(value, pattern) { return true } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go new file mode 100644 index 00000000000..02cbd97e234 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go @@ -0,0 +1,63 @@ +package v4 + +import ( + "encoding/hex" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws/credentials" +) + +type credentialValueProvider interface { + Get() (credentials.Value, error) +} + +// StreamSigner implements signing of event stream encoded payloads +type StreamSigner struct { + region string + service string + + credentials credentialValueProvider + + prevSig []byte +} + +// NewStreamSigner creates a SigV4 signer used to sign Event Stream encoded messages +func NewStreamSigner(region, service string, seedSignature []byte, credentials *credentials.Credentials) *StreamSigner { + return &StreamSigner{ + region: region, + service: service, + credentials: credentials, + prevSig: seedSignature, + } +} + +// GetSignature takes an event stream encoded headers and payload and returns a signature +func (s *StreamSigner) GetSignature(headers, payload []byte, date time.Time) ([]byte, error) { + credValue, err := s.credentials.Get() + if err != nil { + return nil, err + } + + sigKey := deriveSigningKey(s.region, s.service, credValue.SecretAccessKey, date) + + keyPath := buildSigningScope(s.region, s.service, date) + + stringToSign := buildEventStreamStringToSign(headers, payload, s.prevSig, keyPath, date) + + signature := hmacSHA256(sigKey, []byte(stringToSign)) + s.prevSig = signature + + return signature, nil +} + +func buildEventStreamStringToSign(headers, payload, prevSig []byte, scope string, date time.Time) string { + return strings.Join([]string{ + "AWS4-HMAC-SHA256-PAYLOAD", + formatTime(date), + scope, + hex.EncodeToString(prevSig), + hex.EncodeToString(hashSHA256(headers)), + hex.EncodeToString(hashSHA256(payload)), + }, "\n") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 523db79f8d2..b97334c7f28 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -76,9 +76,14 @@ import ( ) const ( + authorizationHeader = "Authorization" + authHeaderSignatureElem = "Signature=" + signatureQueryKey = "X-Amz-Signature" + authHeaderPrefix = "AWS4-HMAC-SHA256" timeFormat = "20060102T150405Z" shortTimeFormat = "20060102" + awsV4Request = "aws4_request" // emptyStringSHA256 is a SHA256 of an empty string emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` @@ -87,9 +92,9 @@ const ( var ignoredHeaders = rules{ blacklist{ mapRule{ - "Authorization": struct{}{}, - "User-Agent": struct{}{}, - "X-Amzn-Trace-Id": struct{}{}, + authorizationHeader: struct{}{}, + "User-Agent": struct{}{}, + "X-Amzn-Trace-Id": struct{}{}, }, }, } @@ -229,11 +234,9 @@ type signingCtx struct { DisableURIPathEscaping bool - credValues credentials.Value - isPresign bool - formattedTime string - formattedShortTime string - unsignedPayload bool + credValues credentials.Value + isPresign bool + unsignedPayload bool bodyDigest string signedHeaders string @@ -532,39 +535,56 @@ func (ctx *signingCtx) build(disableHeaderHoisting bool) error { ctx.buildSignature() // depends on string to sign if ctx.isPresign { - ctx.Request.URL.RawQuery += "&X-Amz-Signature=" + ctx.signature + ctx.Request.URL.RawQuery += "&" + signatureQueryKey + "=" + ctx.signature } else { parts := []string{ authHeaderPrefix + " Credential=" + ctx.credValues.AccessKeyID + "/" + ctx.credentialString, "SignedHeaders=" + ctx.signedHeaders, - "Signature=" + ctx.signature, + authHeaderSignatureElem + ctx.signature, } - ctx.Request.Header.Set("Authorization", strings.Join(parts, ", ")) + ctx.Request.Header.Set(authorizationHeader, strings.Join(parts, ", ")) } return nil } -func (ctx *signingCtx) buildTime() { - ctx.formattedTime = ctx.Time.UTC().Format(timeFormat) - ctx.formattedShortTime = ctx.Time.UTC().Format(shortTimeFormat) +// GetSignedRequestSignature attempts to extract the signature of the request. +// Returning an error if the request is unsigned, or unable to extract the +// signature. +func GetSignedRequestSignature(r *http.Request) ([]byte, error) { + if auth := r.Header.Get(authorizationHeader); len(auth) != 0 { + ps := strings.Split(auth, ", ") + for _, p := range ps { + if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 { + sig := p[len(authHeaderSignatureElem):] + if len(sig) == 0 { + return nil, fmt.Errorf("invalid request signature authorization header") + } + return hex.DecodeString(sig) + } + } + } + + if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 { + return hex.DecodeString(sig) + } + + return nil, fmt.Errorf("request not signed") +} + +func (ctx *signingCtx) buildTime() { if ctx.isPresign { duration := int64(ctx.ExpireTime / time.Second) - ctx.Query.Set("X-Amz-Date", ctx.formattedTime) + ctx.Query.Set("X-Amz-Date", formatTime(ctx.Time)) ctx.Query.Set("X-Amz-Expires", strconv.FormatInt(duration, 10)) } else { - ctx.Request.Header.Set("X-Amz-Date", ctx.formattedTime) + ctx.Request.Header.Set("X-Amz-Date", formatTime(ctx.Time)) } } func (ctx *signingCtx) buildCredentialString() { - ctx.credentialString = strings.Join([]string{ - ctx.formattedShortTime, - ctx.Region, - ctx.ServiceName, - "aws4_request", - }, "/") + ctx.credentialString = buildSigningScope(ctx.Region, ctx.ServiceName, ctx.Time) if ctx.isPresign { ctx.Query.Set("X-Amz-Credential", ctx.credValues.AccessKeyID+"/"+ctx.credentialString) @@ -588,8 +608,7 @@ func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) { var headers []string headers = append(headers, "host") for k, v := range header { - canonicalKey := http.CanonicalHeaderKey(k) - if !r.IsValid(canonicalKey) { + if !r.IsValid(k) { continue // ignored header } if ctx.SignedHeaderVals == nil { @@ -653,19 +672,15 @@ func (ctx *signingCtx) buildCanonicalString() { func (ctx *signingCtx) buildStringToSign() { ctx.stringToSign = strings.Join([]string{ authHeaderPrefix, - ctx.formattedTime, + formatTime(ctx.Time), ctx.credentialString, - hex.EncodeToString(makeSha256([]byte(ctx.canonicalString))), + hex.EncodeToString(hashSHA256([]byte(ctx.canonicalString))), }, "\n") } func (ctx *signingCtx) buildSignature() { - secret := ctx.credValues.SecretAccessKey - date := makeHmac([]byte("AWS4"+secret), []byte(ctx.formattedShortTime)) - region := makeHmac(date, []byte(ctx.Region)) - service := makeHmac(region, []byte(ctx.ServiceName)) - credentials := makeHmac(service, []byte("aws4_request")) - signature := makeHmac(credentials, []byte(ctx.stringToSign)) + creds := deriveSigningKey(ctx.Region, ctx.ServiceName, ctx.credValues.SecretAccessKey, ctx.Time) + signature := hmacSHA256(creds, []byte(ctx.stringToSign)) ctx.signature = hex.EncodeToString(signature) } @@ -687,7 +702,11 @@ func (ctx *signingCtx) buildBodyDigest() error { if !aws.IsReaderSeekable(ctx.Body) { return fmt.Errorf("cannot use unseekable request body %T, for signed request with body", ctx.Body) } - hash = hex.EncodeToString(makeSha256Reader(ctx.Body)) + hashBytes, err := makeSha256Reader(ctx.Body) + if err != nil { + return err + } + hash = hex.EncodeToString(hashBytes) } if includeSHA256Header { @@ -722,22 +741,28 @@ func (ctx *signingCtx) removePresign() { ctx.Query.Del("X-Amz-SignedHeaders") } -func makeHmac(key []byte, data []byte) []byte { +func hmacSHA256(key []byte, data []byte) []byte { hash := hmac.New(sha256.New, key) hash.Write(data) return hash.Sum(nil) } -func makeSha256(data []byte) []byte { +func hashSHA256(data []byte) []byte { hash := sha256.New() hash.Write(data) return hash.Sum(nil) } -func makeSha256Reader(reader io.ReadSeeker) []byte { +func makeSha256Reader(reader io.ReadSeeker) (hashBytes []byte, err error) { hash := sha256.New() - start, _ := reader.Seek(0, sdkio.SeekCurrent) - defer reader.Seek(start, sdkio.SeekStart) + start, err := reader.Seek(0, sdkio.SeekCurrent) + if err != nil { + return nil, err + } + defer func() { + // ensure error is return if unable to seek back to start of payload. + _, err = reader.Seek(start, sdkio.SeekStart) + }() // Use CopyN to avoid allocating the 32KB buffer in io.Copy for bodies // smaller than 32KB. Fall back to io.Copy if we fail to determine the size. @@ -748,7 +773,7 @@ func makeSha256Reader(reader io.ReadSeeker) []byte { io.CopyN(hash, reader, size) } - return hash.Sum(nil) + return hash.Sum(nil), nil } const doubleSpace = " " @@ -794,3 +819,28 @@ func stripExcessSpaces(vals []string) { vals[i] = string(buf[:m]) } } + +func buildSigningScope(region, service string, dt time.Time) string { + return strings.Join([]string{ + formatShortTime(dt), + region, + service, + awsV4Request, + }, "/") +} + +func deriveSigningKey(region, service, secretKey string, dt time.Time) []byte { + kDate := hmacSHA256([]byte("AWS4"+secretKey), []byte(formatShortTime(dt))) + kRegion := hmacSHA256(kDate, []byte(region)) + kService := hmacSHA256(kRegion, []byte(service)) + signingKey := hmacSHA256(kService, []byte(awsV4Request)) + return signingKey +} + +func formatShortTime(dt time.Time) string { + return dt.UTC().Format(shortTimeFormat) +} + +func formatTime(dt time.Time) string { + return dt.UTC().Format(timeFormat) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/types.go b/vendor/github.com/aws/aws-sdk-go/aws/types.go index 8b6f23425a6..d542ef01bc8 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/types.go @@ -2,18 +2,24 @@ package aws import ( "io" + "strings" "sync" "github.com/aws/aws-sdk-go/internal/sdkio" ) -// ReadSeekCloser wraps a io.Reader returning a ReaderSeekerCloser. Should -// only be used with an io.Reader that is also an io.Seeker. Doing so may -// cause request signature errors, or request body's not sent for GET, HEAD -// and DELETE HTTP methods. +// ReadSeekCloser wraps a io.Reader returning a ReaderSeekerCloser. Allows the +// SDK to accept an io.Reader that is not also an io.Seeker for unsigned +// streaming payload API operations. // -// Deprecated: Should only be used with io.ReadSeeker. If using for -// S3 PutObject to stream content use s3manager.Uploader instead. +// A ReadSeekCloser wrapping an nonseekable io.Reader used in an API +// operation's input will prevent that operation being retried in the case of +// network errors, and cause operation requests to fail if the operation +// requires payload signing. +// +// Note: If using With S3 PutObject to stream an object upload The SDK's S3 +// Upload manager (s3manager.Uploader) provides support for streaming with the +// ability to retry network errors. func ReadSeekCloser(r io.Reader) ReaderSeekerCloser { return ReaderSeekerCloser{r} } @@ -43,7 +49,8 @@ func IsReaderSeekable(r io.Reader) bool { // Read reads from the reader up to size of p. The number of bytes read, and // error if it occurred will be returned. // -// If the reader is not an io.Reader zero bytes read, and nil error will be returned. +// If the reader is not an io.Reader zero bytes read, and nil error will be +// returned. // // Performs the same functionality as io.Reader Read func (r ReaderSeekerCloser) Read(p []byte) (int, error) { @@ -199,3 +206,36 @@ func (b *WriteAtBuffer) Bytes() []byte { defer b.m.Unlock() return b.buf } + +// MultiCloser is a utility to close multiple io.Closers within a single +// statement. +type MultiCloser []io.Closer + +// Close closes all of the io.Closers making up the MultiClosers. Any +// errors that occur while closing will be returned in the order they +// occur. +func (m MultiCloser) Close() error { + var errs errors + for _, c := range m { + err := c.Close() + if err != nil { + errs = append(errs, err) + } + } + if len(errs) != 0 { + return errs + } + + return nil +} + +type errors []error + +func (es errors) Error() string { + var parts []string + for _, e := range es { + parts = append(parts, e.Error()) + } + + return strings.Join(parts, "\n") +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 000c839b7e3..94f6d68caaa 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.16.26" +const SDKVersion = "1.28.2" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go index f99703372c4..cf9fad81e70 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go +++ b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go @@ -162,7 +162,7 @@ loop: if len(tokens) == 0 { break loop } - + // if should skip is true, we skip the tokens until should skip is set to false. step = SkipTokenState } @@ -218,7 +218,7 @@ loop: // S -> equal_expr' expr_stmt' switch k.Kind { case ASTKindEqualExpr: - // assiging a value to some key + // assigning a value to some key k.AppendChild(newExpression(tok)) stack.Push(newExprStatement(k)) case ASTKindExpr: @@ -250,6 +250,13 @@ loop: if !runeCompare(tok.Raw(), openBrace) { return nil, NewParseError("expected '['") } + // If OpenScopeState is not at the start, we must mark the previous ast as complete + // + // for example: if previous ast was a skip statement; + // we should mark it as complete before we create a new statement + if k.Kind != ASTKindStart { + stack.MarkComplete(k) + } stmt := newStatement() stack.Push(stmt) @@ -304,7 +311,9 @@ loop: stmt := newCommentStatement(tok) stack.Push(stmt) default: - return nil, NewParseError(fmt.Sprintf("invalid state with ASTKind %v and TokenType %v", k, tok)) + return nil, NewParseError( + fmt.Sprintf("invalid state with ASTKind %v and TokenType %v", + k, tok.Type())) } if len(tokens) > 0 { @@ -314,7 +323,7 @@ loop: // this occurs when a statement has not been completed if stack.top > 1 { - return nil, NewParseError(fmt.Sprintf("incomplete expression: %v", stack.container)) + return nil, NewParseError(fmt.Sprintf("incomplete ini expression")) } // returns a sublist which excludes the start symbol diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go index 6bb6964475e..da7a4049cfa 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go +++ b/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go @@ -22,24 +22,24 @@ func newSkipper() skipper { } func (s *skipper) ShouldSkip(tok Token) bool { + // should skip state will be modified only if previous token was new line (NL); + // and the current token is not WhiteSpace (WS). if s.shouldSkip && s.prevTok.Type() == TokenNL && tok.Type() != TokenWS { - s.Continue() return false } s.prevTok = tok - return s.shouldSkip } func (s *skipper) Skip() { s.shouldSkip = true - s.prevTok = emptyToken } func (s *skipper) Continue() { s.shouldSkip = false + // empty token is assigned as we return to default state, when should skip is false s.prevTok = emptyToken } diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/BUILD b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/BUILD index e1aa115d9f9..76f62d877e3 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/BUILD @@ -3,6 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = [ + "byte.go", "io_go1.6.go", "io_go1.7.go", ], diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go new file mode 100644 index 00000000000..6c443988bbc --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go @@ -0,0 +1,12 @@ +package sdkio + +const ( + // Byte is 8 bits + Byte int64 = 1 + // KibiByte (KiB) is 1024 Bytes + KibiByte = Byte * 1024 + // MebiByte (MiB) is 1024 KiB + MebiByte = KibiByte * 1024 + // GibiByte (GiB) is 1024 MiB + GibiByte = MebiByte * 1024 +) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/BUILD b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/BUILD new file mode 100644 index 00000000000..60e8c3caeee --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/BUILD @@ -0,0 +1,26 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "floor.go", + "floor_go1.9.go", + ], + importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/internal/sdkmath", + importpath = "github.com/aws/aws-sdk-go/internal/sdkmath", + visibility = ["//vendor/github.com/aws/aws-sdk-go:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go new file mode 100644 index 00000000000..44898eed0fd --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go @@ -0,0 +1,15 @@ +// +build go1.10 + +package sdkmath + +import "math" + +// Round returns the nearest integer, rounding half away from zero. +// +// Special cases are: +// Round(±0) = ±0 +// Round(±Inf) = ±Inf +// Round(NaN) = NaN +func Round(x float64) float64 { + return math.Round(x) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go new file mode 100644 index 00000000000..810ec7f08b0 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go @@ -0,0 +1,56 @@ +// +build !go1.10 + +package sdkmath + +import "math" + +// Copied from the Go standard library's (Go 1.12) math/floor.go for use in +// Go version prior to Go 1.10. +const ( + uvone = 0x3FF0000000000000 + mask = 0x7FF + shift = 64 - 11 - 1 + bias = 1023 + signMask = 1 << 63 + fracMask = 1<= 0.5 { + // return t + Copysign(1, x) + // } + // return t + // } + bits := math.Float64bits(x) + e := uint(bits>>shift) & mask + if e < bias { + // Round abs(x) < 1 including denormals. + bits &= signMask // +-0 + if e == bias-1 { + bits |= uvone // +-1 + } + } else if e < bias+shift { + // Round any abs(x) >= 1 containing a fractional component [0,1). + // + // Numbers with larger exponents are returned unchanged since they + // must be either an integer, infinity, or NaN. + const half = 1 << (shift - 1) + e -= bias + bits += half >> e + bits &^= fracMask >> e + } + return math.Float64frombits(bits) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/BUILD b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/BUILD index bc67f235ad2..b537f70538a 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/BUILD @@ -2,7 +2,11 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["locked_source.go"], + srcs = [ + "locked_source.go", + "read.go", + "read_1_5.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/internal/sdkrand", importpath = "github.com/aws/aws-sdk-go/internal/sdkrand", visibility = ["//vendor/github.com/aws/aws-sdk-go:__subpackages__"], diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go new file mode 100644 index 00000000000..f4651da2da5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go @@ -0,0 +1,11 @@ +// +build go1.6 + +package sdkrand + +import "math/rand" + +// Read provides the stub for math.Rand.Read method support for go version's +// 1.6 and greater. +func Read(r *rand.Rand, p []byte) (int, error) { + return r.Read(p) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go new file mode 100644 index 00000000000..b1d93a33d48 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go @@ -0,0 +1,24 @@ +// +build !go1.6 + +package sdkrand + +import "math/rand" + +// Read backfills Go 1.6's math.Rand.Reader for Go 1.5 +func Read(r *rand.Rand, p []byte) (n int, err error) { + // Copy of Go standard libraries math package's read function not added to + // standard library until Go 1.6. + var pos int8 + var val int64 + for n = 0; n < len(p); n++ { + if pos == 0 { + val = r.Int63() + pos = 7 + } + p[n] = byte(val) + val >>= 8 + pos-- + } + + return n, err +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/strings/BUILD b/vendor/github.com/aws/aws-sdk-go/internal/strings/BUILD new file mode 100644 index 00000000000..6a516155daa --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/strings/BUILD @@ -0,0 +1,23 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["strings.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/internal/strings", + importpath = "github.com/aws/aws-sdk-go/internal/strings", + visibility = ["//vendor/github.com/aws/aws-sdk-go:__subpackages__"], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go new file mode 100644 index 00000000000..d008ae27cb3 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go @@ -0,0 +1,11 @@ +package strings + +import ( + "strings" +) + +// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings, +// under Unicode case-folding. +func HasPrefixFold(s, prefix string) bool { + return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix) +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/BUILD b/vendor/github.com/aws/aws-sdk-go/private/protocol/BUILD index 38a5cc0c6f7..ccf3cb073b7 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/BUILD @@ -8,16 +8,20 @@ go_library( "idempotency.go", "jsonvalue.go", "payload.go", + "protocol.go", "timestamp.go", "unmarshal.go", + "unmarshal_error.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/private/protocol", importpath = "github.com/aws/aws-sdk-go/private/protocol", visibility = ["//visibility:public"], deps = [ "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/client/metadata:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/internal/sdkmath:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go index 3104e6ce4c9..50c5ed76005 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/build.go @@ -21,7 +21,8 @@ func Build(r *request.Request) { "Version": {r.ClientInfo.APIVersion}, } if err := queryutil.Parse(body, r.Params, true); err != nil { - r.Error = awserr.New("SerializationError", "failed encoding EC2 Query request", err) + r.Error = awserr.New(request.ErrCodeSerialization, + "failed encoding EC2 Query request", err) } if !r.IsPresigned() { diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go index 5793c047373..105d732f9d3 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query/unmarshal.go @@ -4,7 +4,6 @@ package ec2query import ( "encoding/xml" - "io" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" @@ -28,7 +27,8 @@ func Unmarshal(r *request.Request) { err := xmlutil.UnmarshalXML(r.Data, decoder, "") if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed decoding EC2 Query response", err), + awserr.New(request.ErrCodeSerialization, + "failed decoding EC2 Query response", err), r.HTTPResponse.StatusCode, r.RequestID, ) @@ -39,7 +39,11 @@ func Unmarshal(r *request.Request) { // UnmarshalMeta unmarshals response headers for the EC2 protocol. func UnmarshalMeta(r *request.Request) { - // TODO implement unmarshaling of request IDs + r.RequestID = r.HTTPResponse.Header.Get("X-Amzn-Requestid") + if r.RequestID == "" { + // Alternative version of request id in the header + r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id") + } } type xmlErrorResponse struct { @@ -53,19 +57,21 @@ type xmlErrorResponse struct { func UnmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - resp := &xmlErrorResponse{} - err := xml.NewDecoder(r.HTTPResponse.Body).Decode(resp) - if err != nil && err != io.EOF { + var respErr xmlErrorResponse + err := xmlutil.UnmarshalXMLError(&respErr, r.HTTPResponse.Body) + if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed decoding EC2 Query error response", err), + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal error message", err), r.HTTPResponse.StatusCode, r.RequestID, ) - } else { - r.Error = awserr.NewRequestFailure( - awserr.New(resp.Code, resp.Message, nil), - r.HTTPResponse.StatusCode, - resp.RequestID, - ) + return } + + r.Error = awserr.NewRequestFailure( + awserr.New(respErr.Code, respErr.Message, nil), + r.HTTPResponse.StatusCode, + respErr.RequestID, + ) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/BUILD b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/BUILD index 1f7f3a3638a..d6aff0bd755 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/BUILD @@ -11,6 +11,7 @@ go_library( visibility = ["//visibility:public"], deps = [ "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go index b11f3ee45b5..ea0da79a5e0 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go @@ -1,6 +1,7 @@ package jsonutil import ( + "bytes" "encoding/base64" "encoding/json" "fmt" @@ -9,9 +10,30 @@ import ( "time" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/private/protocol" ) +// UnmarshalJSONError unmarshal's the reader's JSON document into the passed in +// type. The value to unmarshal the json document into must be a pointer to the +// type. +func UnmarshalJSONError(v interface{}, stream io.Reader) error { + var errBuf bytes.Buffer + body := io.TeeReader(stream, &errBuf) + + err := json.NewDecoder(body).Decode(v) + if err != nil { + msg := "failed decoding error message" + if err == io.EOF { + msg = "error message missing" + err = nil + } + return awserr.NewUnmarshalError(err, msg, errBuf.Bytes()) + } + + return nil +} + // UnmarshalJSON reads a stream and unmarshals the results in object v. func UnmarshalJSON(v interface{}, stream io.Reader) error { var out interface{} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/BUILD b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/BUILD index 8d3a5256d22..0010f3e60cf 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/BUILD @@ -2,13 +2,17 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", - srcs = ["jsonrpc.go"], + srcs = [ + "jsonrpc.go", + "unmarshal_error.go", + ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc", importpath = "github.com/aws/aws-sdk-go/private/protocol/jsonrpc", visibility = ["//visibility:public"], deps = [ "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol/rest:go_default_library", ], diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go index 9a7ba27ad53..89cfda75f66 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go @@ -6,10 +6,6 @@ package jsonrpc //go:generate go run -tags codegen ../../../models/protocol_tests/generate.go ../../../models/protocol_tests/output/json.json unmarshal_test.go import ( - "encoding/json" - "io" - "strings" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" @@ -18,17 +14,26 @@ import ( var emptyJSON = []byte("{}") -// BuildHandler is a named request handler for building jsonrpc protocol requests -var BuildHandler = request.NamedHandler{Name: "awssdk.jsonrpc.Build", Fn: Build} +// BuildHandler is a named request handler for building jsonrpc protocol +// requests +var BuildHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.Build", + Fn: Build, +} -// UnmarshalHandler is a named request handler for unmarshaling jsonrpc protocol requests -var UnmarshalHandler = request.NamedHandler{Name: "awssdk.jsonrpc.Unmarshal", Fn: Unmarshal} +// UnmarshalHandler is a named request handler for unmarshaling jsonrpc +// protocol requests +var UnmarshalHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.Unmarshal", + Fn: Unmarshal, +} -// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.jsonrpc.UnmarshalMeta", Fn: UnmarshalMeta} - -// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc protocol request errors -var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.jsonrpc.UnmarshalError", Fn: UnmarshalError} +// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc +// protocol request metadata +var UnmarshalMetaHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.UnmarshalMeta", + Fn: UnmarshalMeta, +} // Build builds a JSON payload for a JSON RPC request. func Build(req *request.Request) { @@ -37,7 +42,7 @@ func Build(req *request.Request) { if req.ParamsFilled() { buf, err = jsonutil.BuildJSON(req.Params) if err != nil { - req.Error = awserr.New("SerializationError", "failed encoding JSON RPC request", err) + req.Error = awserr.New(request.ErrCodeSerialization, "failed encoding JSON RPC request", err) return } } else { @@ -52,9 +57,12 @@ func Build(req *request.Request) { target := req.ClientInfo.TargetPrefix + "." + req.Operation.Name req.HTTPRequest.Header.Add("X-Amz-Target", target) } - if req.ClientInfo.JSONVersion != "" { + + // Only set the content type if one is not already specified and an + // JSONVersion is specified. + if ct, v := req.HTTPRequest.Header.Get("Content-Type"), req.ClientInfo.JSONVersion; len(ct) == 0 && len(v) != 0 { jsonVersion := req.ClientInfo.JSONVersion - req.HTTPRequest.Header.Add("Content-Type", "application/x-amz-json-"+jsonVersion) + req.HTTPRequest.Header.Set("Content-Type", "application/x-amz-json-"+jsonVersion) } } @@ -65,7 +73,7 @@ func Unmarshal(req *request.Request) { err := jsonutil.UnmarshalJSON(req.Data, req.HTTPResponse.Body) if err != nil { req.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed decoding JSON RPC response", err), + awserr.New(request.ErrCodeSerialization, "failed decoding JSON RPC response", err), req.HTTPResponse.StatusCode, req.RequestID, ) @@ -78,38 +86,3 @@ func Unmarshal(req *request.Request) { func UnmarshalMeta(req *request.Request) { rest.UnmarshalMeta(req) } - -// UnmarshalError unmarshals an error response for a JSON RPC service. -func UnmarshalError(req *request.Request) { - defer req.HTTPResponse.Body.Close() - - var jsonErr jsonErrorResponse - err := json.NewDecoder(req.HTTPResponse.Body).Decode(&jsonErr) - if err == io.EOF { - req.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", req.HTTPResponse.Status, nil), - req.HTTPResponse.StatusCode, - req.RequestID, - ) - return - } else if err != nil { - req.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed decoding JSON RPC error response", err), - req.HTTPResponse.StatusCode, - req.RequestID, - ) - return - } - - codes := strings.SplitN(jsonErr.Code, "#", 2) - req.Error = awserr.NewRequestFailure( - awserr.New(codes[len(codes)-1], jsonErr.Message, nil), - req.HTTPResponse.StatusCode, - req.RequestID, - ) -} - -type jsonErrorResponse struct { - Code string `json:"__type"` - Message string `json:"message"` -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go new file mode 100644 index 00000000000..a2416c04485 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go @@ -0,0 +1,107 @@ +package jsonrpc + +import ( + "bytes" + "io" + "io/ioutil" + "net/http" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" +) + +// UnmarshalTypedError provides unmarshaling errors API response errors +// for both typed and untyped errors. +type UnmarshalTypedError struct { + exceptions map[string]func(protocol.ResponseMetadata) error +} + +// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the +// set of exception names to the error unmarshalers +func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { + return &UnmarshalTypedError{ + exceptions: exceptions, + } +} + +// UnmarshalError attempts to unmarshal the HTTP response error as a known +// error type. If unable to unmarshal the error type, the generic SDK error +// type will be used. +func (u *UnmarshalTypedError) UnmarshalError( + resp *http.Response, + respMeta protocol.ResponseMetadata, +) (error, error) { + + var buf bytes.Buffer + var jsonErr jsonErrorResponse + teeReader := io.TeeReader(resp.Body, &buf) + err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) + if err != nil { + return nil, err + } + body := ioutil.NopCloser(&buf) + + // Code may be separated by hash(#), with the last element being the code + // used by the SDK. + codeParts := strings.SplitN(jsonErr.Code, "#", 2) + code := codeParts[len(codeParts)-1] + msg := jsonErr.Message + + if fn, ok := u.exceptions[code]; ok { + // If exception code is know, use associated constructor to get a value + // for the exception that the JSON body can be unmarshaled into. + v := fn(respMeta) + err := jsonutil.UnmarshalJSON(v, body) + if err != nil { + return nil, err + } + + return v, nil + } + + // fallback to unmodeled generic exceptions + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil +} + +// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc +// protocol request errors +var UnmarshalErrorHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.UnmarshalError", + Fn: UnmarshalError, +} + +// UnmarshalError unmarshals an error response for a JSON RPC service. +func UnmarshalError(req *request.Request) { + defer req.HTTPResponse.Body.Close() + + var jsonErr jsonErrorResponse + err := jsonutil.UnmarshalJSONError(&jsonErr, req.HTTPResponse.Body) + if err != nil { + req.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal error message", err), + req.HTTPResponse.StatusCode, + req.RequestID, + ) + return + } + + codes := strings.SplitN(jsonErr.Code, "#", 2) + req.Error = awserr.NewRequestFailure( + awserr.New(codes[len(codes)-1], jsonErr.Message, nil), + req.HTTPResponse.StatusCode, + req.RequestID, + ) +} + +type jsonErrorResponse struct { + Code string `json:"__type"` + Message string `json:"message"` +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go index e21614a1250..0ea0647a57d 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go @@ -64,7 +64,7 @@ func (h HandlerPayloadMarshal) MarshalPayload(w io.Writer, v interface{}) error metadata.ClientInfo{}, request.Handlers{}, nil, - &request.Operation{HTTPMethod: "GET"}, + &request.Operation{HTTPMethod: "PUT"}, v, nil, ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go new file mode 100644 index 00000000000..9d521dcb950 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go @@ -0,0 +1,49 @@ +package protocol + +import ( + "fmt" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" +) + +// RequireHTTPMinProtocol request handler is used to enforce that +// the target endpoint supports the given major and minor HTTP protocol version. +type RequireHTTPMinProtocol struct { + Major, Minor int +} + +// Handler will mark the request.Request with an error if the +// target endpoint did not connect with the required HTTP protocol +// major and minor version. +func (p RequireHTTPMinProtocol) Handler(r *request.Request) { + if r.Error != nil || r.HTTPResponse == nil { + return + } + + if !strings.HasPrefix(r.HTTPResponse.Proto, "HTTP") { + r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) + } + + if r.HTTPResponse.ProtoMajor < p.Major || r.HTTPResponse.ProtoMinor < p.Minor { + r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) + } +} + +// ErrCodeMinimumHTTPProtocolError error code is returned when the target endpoint +// did not match the required HTTP major and minor protocol version. +const ErrCodeMinimumHTTPProtocolError = "MinimumHTTPProtocolError" + +func newMinHTTPProtoError(major, minor int, r *request.Request) error { + return awserr.NewRequestFailure( + awserr.New("MinimumHTTPProtocolError", + fmt.Sprintf( + "operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s", + major, minor, r.HTTPResponse.Proto, + ), + nil, + ), + r.HTTPResponse.StatusCode, r.RequestID, + ) +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go index 60e5b09d548..0cb99eb5796 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go @@ -21,7 +21,7 @@ func Build(r *request.Request) { "Version": {r.ClientInfo.APIVersion}, } if err := queryutil.Parse(body, r.Params, false); err != nil { - r.Error = awserr.New("SerializationError", "failed encoding Query request", err) + r.Error = awserr.New(request.ErrCodeSerialization, "failed encoding Query request", err) return } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go index 3495c73070b..f69c1efc93a 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go @@ -24,7 +24,7 @@ func Unmarshal(r *request.Request) { err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result") if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed decoding Query response", err), + awserr.New(request.ErrCodeSerialization, "failed decoding Query response", err), r.HTTPResponse.StatusCode, r.RequestID, ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go index 46d354e826f..831b0110c54 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go @@ -2,73 +2,68 @@ package query import ( "encoding/xml" - "io/ioutil" + "fmt" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil" ) -type xmlErrorResponse struct { - XMLName xml.Name `xml:"ErrorResponse"` - Code string `xml:"Error>Code"` - Message string `xml:"Error>Message"` - RequestID string `xml:"RequestId"` -} - -type xmlServiceUnavailableResponse struct { - XMLName xml.Name `xml:"ServiceUnavailableException"` -} - // UnmarshalErrorHandler is a name request handler to unmarshal request errors var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.query.UnmarshalError", Fn: UnmarshalError} +type xmlErrorResponse struct { + Code string `xml:"Error>Code"` + Message string `xml:"Error>Message"` + RequestID string `xml:"RequestId"` +} + +type xmlResponseError struct { + xmlErrorResponse +} + +func (e *xmlResponseError) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error { + const svcUnavailableTagName = "ServiceUnavailableException" + const errorResponseTagName = "ErrorResponse" + + switch start.Name.Local { + case svcUnavailableTagName: + e.Code = svcUnavailableTagName + e.Message = "service is unavailable" + return d.Skip() + + case errorResponseTagName: + return d.DecodeElement(&e.xmlErrorResponse, &start) + + default: + return fmt.Errorf("unknown error response tag, %v", start) + } +} + // UnmarshalError unmarshals an error response for an AWS Query service. func UnmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - bodyBytes, err := ioutil.ReadAll(r.HTTPResponse.Body) + var respErr xmlResponseError + err := xmlutil.UnmarshalXMLError(&respErr, r.HTTPResponse.Body) if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", "failed to read from query HTTP response body", err), + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal error message", err), r.HTTPResponse.StatusCode, r.RequestID, ) return } - // First check for specific error - resp := xmlErrorResponse{} - decodeErr := xml.Unmarshal(bodyBytes, &resp) - if decodeErr == nil { - reqID := resp.RequestID - if reqID == "" { - reqID = r.RequestID - } - r.Error = awserr.NewRequestFailure( - awserr.New(resp.Code, resp.Message, nil), - r.HTTPResponse.StatusCode, - reqID, - ) - return + reqID := respErr.RequestID + if len(reqID) == 0 { + reqID = r.RequestID } - // Check for unhandled error - servUnavailResp := xmlServiceUnavailableResponse{} - unavailErr := xml.Unmarshal(bodyBytes, &servUnavailResp) - if unavailErr == nil { - r.Error = awserr.NewRequestFailure( - awserr.New("ServiceUnavailableException", "service is unavailable", nil), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - - // Failed to retrieve any error message from the response body r.Error = awserr.NewRequestFailure( - awserr.New("SerializationError", - "failed to decode query XML error response", decodeErr), + awserr.New(respErr.Code, respErr.Message, nil), r.HTTPResponse.StatusCode, - r.RequestID, + reqID, ) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/BUILD b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/BUILD index dc320ab3f7b..9187f4ccf59 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/BUILD @@ -14,6 +14,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/internal/strings:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library", ], ) diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go index b34f5258a4c..1301b149d35 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go @@ -25,6 +25,8 @@ var noEscape [256]bool var errValueNotSet = fmt.Errorf("value not set") +var byteSliceType = reflect.TypeOf([]byte{}) + func init() { for i := 0; i < len(noEscape); i++ { // AWS expects every character except these to be escaped @@ -94,6 +96,14 @@ func buildLocationElements(r *request.Request, v reflect.Value, buildGETQuery bo continue } + // Support the ability to customize values to be marshaled as a + // blob even though they were modeled as a string. Required for S3 + // API operations like SSECustomerKey is modeled as stirng but + // required to be base64 encoded in request. + if field.Tag.Get("marshal-as") == "blob" { + m = m.Convert(byteSliceType) + } + var err error switch field.Tag.Get("location") { case "headers": // header maps @@ -137,7 +147,7 @@ func buildBody(r *request.Request, v reflect.Value) { case string: r.SetStringBody(reader) default: - r.Error = awserr.New("SerializationError", + r.Error = awserr.New(request.ErrCodeSerialization, "failed to encode REST request", fmt.Errorf("unknown payload type %s", payload.Type())) } @@ -152,9 +162,12 @@ func buildHeader(header *http.Header, v reflect.Value, name string, tag reflect. if err == errValueNotSet { return nil } else if err != nil { - return awserr.New("SerializationError", "failed to encode REST request", err) + return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) } + name = strings.TrimSpace(name) + str = strings.TrimSpace(str) + header.Add(name, str) return nil @@ -167,11 +180,13 @@ func buildHeaderMap(header *http.Header, v reflect.Value, tag reflect.StructTag) if err == errValueNotSet { continue } else if err != nil { - return awserr.New("SerializationError", "failed to encode REST request", err) + return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) } + keyStr := strings.TrimSpace(key.String()) + str = strings.TrimSpace(str) - header.Add(prefix+key.String(), str) + header.Add(prefix+keyStr, str) } return nil } @@ -181,7 +196,7 @@ func buildURI(u *url.URL, v reflect.Value, name string, tag reflect.StructTag) e if err == errValueNotSet { return nil } else if err != nil { - return awserr.New("SerializationError", "failed to encode REST request", err) + return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) } u.Path = strings.Replace(u.Path, "{"+name+"}", value, -1) @@ -214,7 +229,7 @@ func buildQueryString(query url.Values, v reflect.Value, name string, tag reflec if err == errValueNotSet { return nil } else if err != nil { - return awserr.New("SerializationError", "failed to encode REST request", err) + return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) } query.Set(name, str) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go index 33fd53b126a..92f8b4d9a48 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go @@ -15,6 +15,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" + awsStrings "github.com/aws/aws-sdk-go/internal/strings" "github.com/aws/aws-sdk-go/private/protocol" ) @@ -28,7 +29,9 @@ var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.rest.UnmarshalMeta func Unmarshal(r *request.Request) { if r.DataFilled() { v := reflect.Indirect(reflect.ValueOf(r.Data)) - unmarshalBody(r, v) + if err := unmarshalBody(r, v); err != nil { + r.Error = err + } } } @@ -40,12 +43,21 @@ func UnmarshalMeta(r *request.Request) { r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id") } if r.DataFilled() { - v := reflect.Indirect(reflect.ValueOf(r.Data)) - unmarshalLocationElements(r, v) + if err := UnmarshalResponse(r.HTTPResponse, r.Data, aws.BoolValue(r.Config.LowerCaseHeaderMaps)); err != nil { + r.Error = err + } } } -func unmarshalBody(r *request.Request, v reflect.Value) { +// UnmarshalResponse attempts to unmarshal the REST response headers to +// the data type passed in. The type must be a pointer. An error is returned +// with any error unmarshaling the response into the target datatype. +func UnmarshalResponse(resp *http.Response, data interface{}, lowerCaseHeaderMaps bool) error { + v := reflect.Indirect(reflect.ValueOf(data)) + return unmarshalLocationElements(resp, v, lowerCaseHeaderMaps) +} + +func unmarshalBody(r *request.Request, v reflect.Value) error { if field, ok := v.Type().FieldByName("_"); ok { if payloadName := field.Tag.Get("payload"); payloadName != "" { pfield, _ := v.Type().FieldByName(payloadName) @@ -57,35 +69,38 @@ func unmarshalBody(r *request.Request, v reflect.Value) { defer r.HTTPResponse.Body.Close() b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New("SerializationError", "failed to decode REST response", err) - } else { - payload.Set(reflect.ValueOf(b)) + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + + payload.Set(reflect.ValueOf(b)) + case *string: defer r.HTTPResponse.Body.Close() b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New("SerializationError", "failed to decode REST response", err) - } else { - str := string(b) - payload.Set(reflect.ValueOf(&str)) + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + + str := string(b) + payload.Set(reflect.ValueOf(&str)) + default: switch payload.Type().String() { case "io.ReadCloser": payload.Set(reflect.ValueOf(r.HTTPResponse.Body)) + case "io.ReadSeeker": b, err := ioutil.ReadAll(r.HTTPResponse.Body) if err != nil { - r.Error = awserr.New("SerializationError", + return awserr.New(request.ErrCodeSerialization, "failed to read response body", err) - return } payload.Set(reflect.ValueOf(ioutil.NopCloser(bytes.NewReader(b)))) + default: io.Copy(ioutil.Discard, r.HTTPResponse.Body) - defer r.HTTPResponse.Body.Close() - r.Error = awserr.New("SerializationError", + r.HTTPResponse.Body.Close() + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", fmt.Errorf("unknown payload type %s", payload.Type())) } @@ -94,9 +109,11 @@ func unmarshalBody(r *request.Request, v reflect.Value) { } } } + + return nil } -func unmarshalLocationElements(r *request.Request, v reflect.Value) { +func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHeaderMaps bool) error { for i := 0; i < v.NumField(); i++ { m, field := v.Field(i), v.Type().Field(i) if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) { @@ -111,26 +128,25 @@ func unmarshalLocationElements(r *request.Request, v reflect.Value) { switch field.Tag.Get("location") { case "statusCode": - unmarshalStatusCode(m, r.HTTPResponse.StatusCode) + unmarshalStatusCode(m, resp.StatusCode) + case "header": - err := unmarshalHeader(m, r.HTTPResponse.Header.Get(name), field.Tag) + err := unmarshalHeader(m, resp.Header.Get(name), field.Tag) if err != nil { - r.Error = awserr.New("SerializationError", "failed to decode REST response", err) - break + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } + case "headers": prefix := field.Tag.Get("locationName") - err := unmarshalHeaderMap(m, r.HTTPResponse.Header, prefix) + err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps) if err != nil { - r.Error = awserr.New("SerializationError", "failed to decode REST response", err) - break + awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } } } - if r.Error != nil { - return - } } + + return nil } func unmarshalStatusCode(v reflect.Value, statusCode int) { @@ -145,29 +161,45 @@ func unmarshalStatusCode(v reflect.Value, statusCode int) { } } -func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) error { +func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string, normalize bool) error { + if len(headers) == 0 { + return nil + } switch r.Interface().(type) { case map[string]*string: // we only support string map value types out := map[string]*string{} for k, v := range headers { - k = http.CanonicalHeaderKey(k) - if strings.HasPrefix(strings.ToLower(k), strings.ToLower(prefix)) { + if awsStrings.HasPrefixFold(k, prefix) { + if normalize == true { + k = strings.ToLower(k) + } else { + k = http.CanonicalHeaderKey(k) + } out[k[len(prefix):]] = &v[0] } } - r.Set(reflect.ValueOf(out)) + if len(out) != 0 { + r.Set(reflect.ValueOf(out)) + } + } return nil } func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) error { - isJSONValue := tag.Get("type") == "jsonvalue" - if isJSONValue { + switch tag.Get("type") { + case "jsonvalue": if len(header) == 0 { return nil } - } else if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) { - return nil + case "blob": + if len(header) == 0 { + return nil + } + default: + if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) { + return nil + } } switch v.Interface().(type) { @@ -178,7 +210,7 @@ func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) erro if err != nil { return err } - v.Set(reflect.ValueOf(&b)) + v.Set(reflect.ValueOf(b)) case *bool: b, err := strconv.ParseBool(header) if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go index b7ed6c6f810..05d4ff51925 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go @@ -1,8 +1,11 @@ package protocol import ( + "math" "strconv" "time" + + "github.com/aws/aws-sdk-go/internal/sdkmath" ) // Names of time formats supported by the SDK @@ -13,12 +16,19 @@ const ( ) // Time formats supported by the SDK +// Output time is intended to not contain decimals const ( // RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT" + // This format is used for output time without seconds precision + RFC822OutputTimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT" + // RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z - ISO8601TimeFormat = "2006-01-02T15:04:05Z" + ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" + + // This format is used for output time without seconds precision + ISO8601OutputTimeFormat = "2006-01-02T15:04:05Z" ) // IsKnownTimestampFormat returns if the timestamp format name @@ -42,9 +52,9 @@ func FormatTime(name string, t time.Time) string { switch name { case RFC822TimeFormatName: - return t.Format(RFC822TimeFormat) + return t.Format(RFC822OutputTimeFormat) case ISO8601TimeFormatName: - return t.Format(ISO8601TimeFormat) + return t.Format(ISO8601OutputTimeFormat) case UnixTimeFormatName: return strconv.FormatInt(t.Unix(), 10) default: @@ -62,10 +72,12 @@ func ParseTime(formatName, value string) (time.Time, error) { return time.Parse(ISO8601TimeFormat, value) case UnixTimeFormatName: v, err := strconv.ParseFloat(value, 64) + _, dec := math.Modf(v) + dec = sdkmath.Round(dec*1e3) / 1e3 //Rounds 0.1229999 to 0.123 if err != nil { return time.Time{}, err } - return time.Unix(int64(v), 0), nil + return time.Unix(int64(v), int64(dec*(1e9))), nil default: panic("unknown timestamp format name, " + formatName) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go index da1a68111db..f614ef898be 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go @@ -19,3 +19,9 @@ func UnmarshalDiscardBody(r *request.Request) { io.Copy(ioutil.Discard, r.HTTPResponse.Body) r.HTTPResponse.Body.Close() } + +// ResponseMetadata provides the SDK response metadata attributes. +type ResponseMetadata struct { + StatusCode int + RequestID string +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go new file mode 100644 index 00000000000..cc857f136c5 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go @@ -0,0 +1,65 @@ +package protocol + +import ( + "net/http" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" +) + +// UnmarshalErrorHandler provides unmarshaling errors API response errors for +// both typed and untyped errors. +type UnmarshalErrorHandler struct { + unmarshaler ErrorUnmarshaler +} + +// ErrorUnmarshaler is an abstract interface for concrete implementations to +// unmarshal protocol specific response errors. +type ErrorUnmarshaler interface { + UnmarshalError(*http.Response, ResponseMetadata) (error, error) +} + +// NewUnmarshalErrorHandler returns an UnmarshalErrorHandler +// initialized for the set of exception names to the error unmarshalers +func NewUnmarshalErrorHandler(unmarshaler ErrorUnmarshaler) *UnmarshalErrorHandler { + return &UnmarshalErrorHandler{ + unmarshaler: unmarshaler, + } +} + +// UnmarshalErrorHandlerName is the name of the named handler. +const UnmarshalErrorHandlerName = "awssdk.protocol.UnmarshalError" + +// NamedHandler returns a NamedHandler for the unmarshaler using the set of +// errors the unmarshaler was initialized for. +func (u *UnmarshalErrorHandler) NamedHandler() request.NamedHandler { + return request.NamedHandler{ + Name: UnmarshalErrorHandlerName, + Fn: u.UnmarshalError, + } +} + +// UnmarshalError will attempt to unmarshal the API response's error message +// into either a generic SDK error type, or a typed error corresponding to the +// errors exception name. +func (u *UnmarshalErrorHandler) UnmarshalError(r *request.Request) { + defer r.HTTPResponse.Body.Close() + + respMeta := ResponseMetadata{ + StatusCode: r.HTTPResponse.StatusCode, + RequestID: r.RequestID, + } + + v, err := u.unmarshaler.UnmarshalError(r.HTTPResponse, respMeta) + if err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal response error", err), + respMeta.StatusCode, + respMeta.RequestID, + ) + return + } + + r.Error = v +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/BUILD b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/BUILD index 97b65078b3f..1d3f3ab0ba3 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/BUILD @@ -4,13 +4,17 @@ go_library( name = "go_default_library", srcs = [ "build.go", + "sort.go", "unmarshal.go", "xml_to_struct.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil", importpath = "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil", visibility = ["//visibility:public"], - deps = ["//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library"], + deps = [ + "//vendor/github.com/aws/aws-sdk-go/aws/awserr:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library", + ], ) filegroup( diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go new file mode 100644 index 00000000000..c1a511851f6 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go @@ -0,0 +1,32 @@ +package xmlutil + +import ( + "encoding/xml" + "strings" +) + +type xmlAttrSlice []xml.Attr + +func (x xmlAttrSlice) Len() int { + return len(x) +} + +func (x xmlAttrSlice) Less(i, j int) bool { + spaceI, spaceJ := x[i].Name.Space, x[j].Name.Space + localI, localJ := x[i].Name.Local, x[j].Name.Local + valueI, valueJ := x[i].Value, x[j].Value + + spaceCmp := strings.Compare(spaceI, spaceJ) + localCmp := strings.Compare(localI, localJ) + valueCmp := strings.Compare(valueI, valueJ) + + if spaceCmp == -1 || (spaceCmp == 0 && (localCmp == -1 || (localCmp == 0 && valueCmp == -1))) { + return true + } + + return false +} + +func (x xmlAttrSlice) Swap(i, j int) { + x[i], x[j] = x[j], x[i] +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go index ff1ef6830b9..7108d380093 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go @@ -1,6 +1,7 @@ package xmlutil import ( + "bytes" "encoding/base64" "encoding/xml" "fmt" @@ -10,9 +11,27 @@ import ( "strings" "time" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/private/protocol" ) +// UnmarshalXMLError unmarshals the XML error from the stream into the value +// type specified. The value must be a pointer. If the message fails to +// unmarshal, the message content will be included in the returned error as a +// awserr.UnmarshalError. +func UnmarshalXMLError(v interface{}, stream io.Reader) error { + var errBuf bytes.Buffer + body := io.TeeReader(stream, &errBuf) + + err := xml.NewDecoder(body).Decode(v) + if err != nil && err != io.EOF { + return awserr.NewUnmarshalError(err, + "failed to unmarshal error message", errBuf.Bytes()) + } + + return nil +} + // UnmarshalXML deserializes an xml.Decoder into the container v. V // needs to match the shape of the XML expected to be decoded. // If the shape doesn't match unmarshaling will fail. diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go index 515ce15215b..42f71648eee 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go @@ -119,7 +119,18 @@ func (n *XMLNode) findElem(name string) (string, bool) { // StructToXML writes an XMLNode to a xml.Encoder as tokens. func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error { - e.EncodeToken(xml.StartElement{Name: node.Name, Attr: node.Attr}) + // Sort Attributes + attrs := node.Attr + if sorted { + sortedAttrs := make([]xml.Attr, len(attrs)) + for _, k := range node.Attr { + sortedAttrs = append(sortedAttrs, k) + } + sort.Sort(xmlAttrSlice(sortedAttrs)) + attrs = sortedAttrs + } + + e.EncodeToken(xml.StartElement{Name: node.Name, Attr: attrs}) if node.Text != "" { e.EncodeToken(xml.CharData([]byte(node.Text))) diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go index 2a822a5fb87..cfa9204ebdd 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/api.go @@ -71,7 +71,7 @@ func (c *AutoScaling) AttachInstancesRequest(input *AttachInstancesInput) (req * // with the target groups. // // For more information, see Attach EC2 Instances to Your Auto Scaling Group -// (http://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-instance-asg.html) +// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-instance-asg.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -83,8 +83,8 @@ func (c *AutoScaling) AttachInstancesRequest(input *AttachInstancesInput) (req * // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -161,8 +161,10 @@ func (c *AutoScaling) AttachLoadBalancerTargetGroupsRequest(input *AttachLoadBal // To describe the target groups for an Auto Scaling group, use DescribeLoadBalancerTargetGroups. // To detach the target group from the Auto Scaling group, use DetachLoadBalancerTargetGroups. // -// For more information, see Attach a Load Balancer to Your Auto Scaling Group -// (http://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html) +// With Application Load Balancers and Network Load Balancers, instances are +// registered as targets with a target group. With Classic Load Balancers, instances +// are registered with the load balancer. For more information, see Attaching +// a Load Balancer to Your Auto Scaling Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -174,8 +176,8 @@ func (c *AutoScaling) AttachLoadBalancerTargetGroupsRequest(input *AttachLoadBal // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -250,13 +252,14 @@ func (c *AutoScaling) AttachLoadBalancersRequest(input *AttachLoadBalancersInput // Attaches one or more Classic Load Balancers to the specified Auto Scaling // group. // -// To attach an Application Load Balancer instead, see AttachLoadBalancerTargetGroups. +// To attach an Application Load Balancer or a Network Load Balancer instead, +// see AttachLoadBalancerTargetGroups. // // To describe the load balancers for an Auto Scaling group, use DescribeLoadBalancers. // To detach the load balancer from the Auto Scaling group, use DetachLoadBalancers. // -// For more information, see Attach a Load Balancer to Your Auto Scaling Group -// (http://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html) +// For more information, see Attaching a Load Balancer to Your Auto Scaling +// Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-load-balancer-asg.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -268,8 +271,8 @@ func (c *AutoScaling) AttachLoadBalancersRequest(input *AttachLoadBalancersInput // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -351,8 +354,8 @@ func (c *AutoScaling) BatchDeleteScheduledActionRequest(input *BatchDeleteSchedu // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/BatchDeleteScheduledAction func (c *AutoScaling) BatchDeleteScheduledAction(input *BatchDeleteScheduledActionInput) (*BatchDeleteScheduledActionOutput, error) { @@ -437,13 +440,13 @@ func (c *AutoScaling) BatchPutScheduledUpdateGroupActionRequest(input *BatchPutS // name. // // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/BatchPutScheduledUpdateGroupAction func (c *AutoScaling) BatchPutScheduledUpdateGroupAction(input *BatchPutScheduledUpdateGroupActionInput) (*BatchPutScheduledUpdateGroupActionOutput, error) { @@ -534,7 +537,7 @@ func (c *AutoScaling) CompleteLifecycleActionRequest(input *CompleteLifecycleAct // // If you finish before the timeout period ends, complete the lifecycle action. // -// For more information, see Auto Scaling Lifecycle (http://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroupLifecycle.html) +// For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -546,8 +549,8 @@ func (c *AutoScaling) CompleteLifecycleActionRequest(input *CompleteLifecycleAct // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/CompleteLifecycleAction func (c *AutoScaling) CompleteLifecycleAction(input *CompleteLifecycleActionInput) (*CompleteLifecycleActionOutput, error) { @@ -620,10 +623,8 @@ func (c *AutoScaling) CreateAutoScalingGroupRequest(input *CreateAutoScalingGrou // // If you exceed your maximum limit of Auto Scaling groups, the call fails. // For information about viewing this limit, see DescribeAccountLimits. For -// information about updating this limit, see Auto Scaling Limits (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) -// in the Amazon EC2 Auto Scaling User Guide. -// -// For more information, see Auto Scaling Groups (http://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroup.html) +// information about updating this limit, see Amazon EC2 Auto Scaling Limits +// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -639,13 +640,13 @@ func (c *AutoScaling) CreateAutoScalingGroupRequest(input *CreateAutoScalingGrou // name. // // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -721,10 +722,11 @@ func (c *AutoScaling) CreateLaunchConfigurationRequest(input *CreateLaunchConfig // // If you exceed your maximum limit of launch configurations, the call fails. // For information about viewing this limit, see DescribeAccountLimits. For -// information about updating this limit, see Auto Scaling Limits (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// information about updating this limit, see Amazon EC2 Auto Scaling Limits +// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) // in the Amazon EC2 Auto Scaling User Guide. // -// For more information, see Launch Configurations (http://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchConfiguration.html) +// For more information, see Launch Configurations (https://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchConfiguration.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -740,13 +742,13 @@ func (c *AutoScaling) CreateLaunchConfigurationRequest(input *CreateLaunchConfig // name. // // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/CreateLaunchConfiguration func (c *AutoScaling) CreateLaunchConfiguration(input *CreateLaunchConfigurationInput) (*CreateLaunchConfigurationOutput, error) { @@ -820,7 +822,7 @@ func (c *AutoScaling) CreateOrUpdateTagsRequest(input *CreateOrUpdateTagsInput) // When you specify a tag with a key that already exists, the operation overwrites // the previous tag definition, and you do not get an error message. // -// For more information, see Tagging Auto Scaling Groups and Instances (http://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) +// For more information, see Tagging Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -832,17 +834,17 @@ func (c *AutoScaling) CreateOrUpdateTagsRequest(input *CreateOrUpdateTagsInput) // // Returned Error Codes: // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeAlreadyExistsFault "AlreadyExists" // You already have an Auto Scaling group or launch configuration with this // name. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeResourceInUseFault "ResourceInUse" // The operation can't be performed because the resource is in use. @@ -947,8 +949,8 @@ func (c *AutoScaling) DeleteAutoScalingGroupRequest(input *DeleteAutoScalingGrou // The operation can't be performed because the resource is in use. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DeleteAutoScalingGroup func (c *AutoScaling) DeleteAutoScalingGroup(input *DeleteAutoScalingGroupInput) (*DeleteAutoScalingGroupOutput, error) { @@ -1035,8 +1037,8 @@ func (c *AutoScaling) DeleteLaunchConfigurationRequest(input *DeleteLaunchConfig // The operation can't be performed because the resource is in use. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DeleteLaunchConfiguration func (c *AutoScaling) DeleteLaunchConfiguration(input *DeleteLaunchConfigurationInput) (*DeleteLaunchConfigurationOutput, error) { @@ -1119,8 +1121,8 @@ func (c *AutoScaling) DeleteLifecycleHookRequest(input *DeleteLifecycleHookInput // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DeleteLifecycleHook func (c *AutoScaling) DeleteLifecycleHook(input *DeleteLifecycleHookInput) (*DeleteLifecycleHookOutput, error) { @@ -1200,8 +1202,8 @@ func (c *AutoScaling) DeleteNotificationConfigurationRequest(input *DeleteNotifi // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DeleteNotificationConfiguration func (c *AutoScaling) DeleteNotificationConfiguration(input *DeleteNotificationConfigurationInput) (*DeleteNotificationConfigurationOutput, error) { @@ -1270,10 +1272,14 @@ func (c *AutoScaling) DeletePolicyRequest(input *DeletePolicyInput) (req *reques // DeletePolicy API operation for Auto Scaling. // -// Deletes the specified Auto Scaling policy. +// Deletes the specified scaling policy. // -// Deleting a policy deletes the underlying alarm action, but does not delete -// the alarm, even if it no longer has an associated action. +// Deleting either a step scaling policy or a simple scaling policy deletes +// the underlying alarm action, but does not delete the alarm, even if it no +// longer has an associated action. +// +// For more information, see Deleting a Scaling Policy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/deleting-scaling-policy.html) +// in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1284,8 +1290,8 @@ func (c *AutoScaling) DeletePolicyRequest(input *DeletePolicyInput) (req *reques // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -1368,8 +1374,8 @@ func (c *AutoScaling) DeleteScheduledActionRequest(input *DeleteScheduledActionI // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DeleteScheduledAction func (c *AutoScaling) DeleteScheduledAction(input *DeleteScheduledActionInput) (*DeleteScheduledActionOutput, error) { @@ -1449,8 +1455,8 @@ func (c *AutoScaling) DeleteTagsRequest(input *DeleteTagsInput) (req *request.Re // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeResourceInUseFault "ResourceInUse" // The operation can't be performed because the resource is in use. @@ -1521,10 +1527,11 @@ func (c *AutoScaling) DescribeAccountLimitsRequest(input *DescribeAccountLimitsI // DescribeAccountLimits API operation for Auto Scaling. // -// Describes the current Auto Scaling resource limits for your AWS account. +// Describes the current Amazon EC2 Auto Scaling resource limits for your AWS +// account. // -// For information about requesting an increase in these limits, see Auto Scaling -// Limits (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) +// For information about requesting an increase in these limits, see Amazon +// EC2 Auto Scaling Limits (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1536,8 +1543,8 @@ func (c *AutoScaling) DescribeAccountLimitsRequest(input *DescribeAccountLimitsI // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeAccountLimits func (c *AutoScaling) DescribeAccountLimits(input *DescribeAccountLimitsInput) (*DescribeAccountLimitsOutput, error) { @@ -1616,8 +1623,8 @@ func (c *AutoScaling) DescribeAdjustmentTypesRequest(input *DescribeAdjustmentTy // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeAdjustmentTypes func (c *AutoScaling) DescribeAdjustmentTypes(input *DescribeAdjustmentTypesInput) (*DescribeAdjustmentTypesOutput, error) { @@ -1705,8 +1712,8 @@ func (c *AutoScaling) DescribeAutoScalingGroupsRequest(input *DescribeAutoScalin // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeAutoScalingGroups func (c *AutoScaling) DescribeAutoScalingGroups(input *DescribeAutoScalingGroupsInput) (*DescribeAutoScalingGroupsOutput, error) { @@ -1741,7 +1748,7 @@ func (c *AutoScaling) DescribeAutoScalingGroupsWithContext(ctx aws.Context, inpu // // Example iterating over at most 3 pages of a DescribeAutoScalingGroups operation. // pageNum := 0 // err := client.DescribeAutoScalingGroupsPages(params, -// func(page *DescribeAutoScalingGroupsOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeAutoScalingGroupsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1773,10 +1780,12 @@ func (c *AutoScaling) DescribeAutoScalingGroupsPagesWithContext(ctx aws.Context, }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeAutoScalingGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeAutoScalingGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1844,8 +1853,8 @@ func (c *AutoScaling) DescribeAutoScalingInstancesRequest(input *DescribeAutoSca // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeAutoScalingInstances func (c *AutoScaling) DescribeAutoScalingInstances(input *DescribeAutoScalingInstancesInput) (*DescribeAutoScalingInstancesOutput, error) { @@ -1880,7 +1889,7 @@ func (c *AutoScaling) DescribeAutoScalingInstancesWithContext(ctx aws.Context, i // // Example iterating over at most 3 pages of a DescribeAutoScalingInstances operation. // pageNum := 0 // err := client.DescribeAutoScalingInstancesPages(params, -// func(page *DescribeAutoScalingInstancesOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeAutoScalingInstancesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1912,10 +1921,12 @@ func (c *AutoScaling) DescribeAutoScalingInstancesPagesWithContext(ctx aws.Conte }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeAutoScalingInstancesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeAutoScalingInstancesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1974,8 +1985,8 @@ func (c *AutoScaling) DescribeAutoScalingNotificationTypesRequest(input *Describ // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeAutoScalingNotificationTypes func (c *AutoScaling) DescribeAutoScalingNotificationTypes(input *DescribeAutoScalingNotificationTypesInput) (*DescribeAutoScalingNotificationTypesOutput, error) { @@ -2063,8 +2074,8 @@ func (c *AutoScaling) DescribeLaunchConfigurationsRequest(input *DescribeLaunchC // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeLaunchConfigurations func (c *AutoScaling) DescribeLaunchConfigurations(input *DescribeLaunchConfigurationsInput) (*DescribeLaunchConfigurationsOutput, error) { @@ -2099,7 +2110,7 @@ func (c *AutoScaling) DescribeLaunchConfigurationsWithContext(ctx aws.Context, i // // Example iterating over at most 3 pages of a DescribeLaunchConfigurations operation. // pageNum := 0 // err := client.DescribeLaunchConfigurationsPages(params, -// func(page *DescribeLaunchConfigurationsOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeLaunchConfigurationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -2131,10 +2142,12 @@ func (c *AutoScaling) DescribeLaunchConfigurationsPagesWithContext(ctx aws.Conte }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeLaunchConfigurationsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeLaunchConfigurationsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -2199,8 +2212,8 @@ func (c *AutoScaling) DescribeLifecycleHookTypesRequest(input *DescribeLifecycle // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeLifecycleHookTypes func (c *AutoScaling) DescribeLifecycleHookTypes(input *DescribeLifecycleHookTypesInput) (*DescribeLifecycleHookTypesOutput, error) { @@ -2279,8 +2292,8 @@ func (c *AutoScaling) DescribeLifecycleHooksRequest(input *DescribeLifecycleHook // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeLifecycleHooks func (c *AutoScaling) DescribeLifecycleHooks(input *DescribeLifecycleHooksInput) (*DescribeLifecycleHooksOutput, error) { @@ -2359,8 +2372,8 @@ func (c *AutoScaling) DescribeLoadBalancerTargetGroupsRequest(input *DescribeLoa // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeLoadBalancerTargetGroups func (c *AutoScaling) DescribeLoadBalancerTargetGroups(input *DescribeLoadBalancerTargetGroupsInput) (*DescribeLoadBalancerTargetGroupsOutput, error) { @@ -2431,7 +2444,8 @@ func (c *AutoScaling) DescribeLoadBalancersRequest(input *DescribeLoadBalancersI // Describes the load balancers for the specified Auto Scaling group. // // This operation describes only Classic Load Balancers. If you have Application -// Load Balancers, use DescribeLoadBalancerTargetGroups instead. +// Load Balancers or Network Load Balancers, use DescribeLoadBalancerTargetGroups +// instead. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2442,8 +2456,8 @@ func (c *AutoScaling) DescribeLoadBalancersRequest(input *DescribeLoadBalancersI // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeLoadBalancers func (c *AutoScaling) DescribeLoadBalancers(input *DescribeLoadBalancersInput) (*DescribeLoadBalancersOutput, error) { @@ -2525,8 +2539,8 @@ func (c *AutoScaling) DescribeMetricCollectionTypesRequest(input *DescribeMetric // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeMetricCollectionTypes func (c *AutoScaling) DescribeMetricCollectionTypes(input *DescribeMetricCollectionTypesInput) (*DescribeMetricCollectionTypesOutput, error) { @@ -2615,8 +2629,8 @@ func (c *AutoScaling) DescribeNotificationConfigurationsRequest(input *DescribeN // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeNotificationConfigurations func (c *AutoScaling) DescribeNotificationConfigurations(input *DescribeNotificationConfigurationsInput) (*DescribeNotificationConfigurationsOutput, error) { @@ -2651,7 +2665,7 @@ func (c *AutoScaling) DescribeNotificationConfigurationsWithContext(ctx aws.Cont // // Example iterating over at most 3 pages of a DescribeNotificationConfigurations operation. // pageNum := 0 // err := client.DescribeNotificationConfigurationsPages(params, -// func(page *DescribeNotificationConfigurationsOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeNotificationConfigurationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -2683,10 +2697,12 @@ func (c *AutoScaling) DescribeNotificationConfigurationsPagesWithContext(ctx aws }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeNotificationConfigurationsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeNotificationConfigurationsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -2754,8 +2770,8 @@ func (c *AutoScaling) DescribePoliciesRequest(input *DescribePoliciesInput) (req // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -2793,7 +2809,7 @@ func (c *AutoScaling) DescribePoliciesWithContext(ctx aws.Context, input *Descri // // Example iterating over at most 3 pages of a DescribePolicies operation. // pageNum := 0 // err := client.DescribePoliciesPages(params, -// func(page *DescribePoliciesOutput, lastPage bool) bool { +// func(page *autoscaling.DescribePoliciesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -2825,10 +2841,12 @@ func (c *AutoScaling) DescribePoliciesPagesWithContext(ctx aws.Context, input *D }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribePoliciesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribePoliciesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -2896,8 +2914,8 @@ func (c *AutoScaling) DescribeScalingActivitiesRequest(input *DescribeScalingAct // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeScalingActivities func (c *AutoScaling) DescribeScalingActivities(input *DescribeScalingActivitiesInput) (*DescribeScalingActivitiesOutput, error) { @@ -2932,7 +2950,7 @@ func (c *AutoScaling) DescribeScalingActivitiesWithContext(ctx aws.Context, inpu // // Example iterating over at most 3 pages of a DescribeScalingActivities operation. // pageNum := 0 // err := client.DescribeScalingActivitiesPages(params, -// func(page *DescribeScalingActivitiesOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeScalingActivitiesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -2964,10 +2982,12 @@ func (c *AutoScaling) DescribeScalingActivitiesPagesWithContext(ctx aws.Context, }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeScalingActivitiesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeScalingActivitiesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3026,8 +3046,8 @@ func (c *AutoScaling) DescribeScalingProcessTypesRequest(input *DescribeScalingP // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeScalingProcessTypes func (c *AutoScaling) DescribeScalingProcessTypes(input *DescribeScalingProcessTypesInput) (*DescribeScalingProcessTypesOutput, error) { @@ -3102,7 +3122,8 @@ func (c *AutoScaling) DescribeScheduledActionsRequest(input *DescribeScheduledAc // DescribeScheduledActions API operation for Auto Scaling. // // Describes the actions scheduled for your Auto Scaling group that haven't -// run. To describe the actions that have already run, use DescribeScalingActivities. +// run or that have not reached their end time. To describe the actions that +// have already run, use DescribeScalingActivities. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3116,8 +3137,8 @@ func (c *AutoScaling) DescribeScheduledActionsRequest(input *DescribeScheduledAc // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeScheduledActions func (c *AutoScaling) DescribeScheduledActions(input *DescribeScheduledActionsInput) (*DescribeScheduledActionsOutput, error) { @@ -3152,7 +3173,7 @@ func (c *AutoScaling) DescribeScheduledActionsWithContext(ctx aws.Context, input // // Example iterating over at most 3 pages of a DescribeScheduledActions operation. // pageNum := 0 // err := client.DescribeScheduledActionsPages(params, -// func(page *DescribeScheduledActionsOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeScheduledActionsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3184,10 +3205,12 @@ func (c *AutoScaling) DescribeScheduledActionsPagesWithContext(ctx aws.Context, }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeScheduledActionsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeScheduledActionsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3264,8 +3287,8 @@ func (c *AutoScaling) DescribeTagsRequest(input *DescribeTagsInput) (req *reques // The NextToken value is not valid. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeTags func (c *AutoScaling) DescribeTags(input *DescribeTagsInput) (*DescribeTagsOutput, error) { @@ -3300,7 +3323,7 @@ func (c *AutoScaling) DescribeTagsWithContext(ctx aws.Context, input *DescribeTa // // Example iterating over at most 3 pages of a DescribeTags operation. // pageNum := 0 // err := client.DescribeTagsPages(params, -// func(page *DescribeTagsOutput, lastPage bool) bool { +// func(page *autoscaling.DescribeTagsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3332,10 +3355,12 @@ func (c *AutoScaling) DescribeTagsPagesWithContext(ctx aws.Context, input *Descr }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeTagsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeTagsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3386,7 +3411,7 @@ func (c *AutoScaling) DescribeTerminationPolicyTypesRequest(input *DescribeTermi // Describes the termination policies supported by Amazon EC2 Auto Scaling. // // For more information, see Controlling Which Auto Scaling Instances Terminate -// During Scale In (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) +// During Scale In (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3398,8 +3423,8 @@ func (c *AutoScaling) DescribeTerminationPolicyTypesRequest(input *DescribeTermi // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DescribeTerminationPolicyTypes func (c *AutoScaling) DescribeTerminationPolicyTypes(input *DescribeTerminationPolicyTypesInput) (*DescribeTerminationPolicyTypesOutput, error) { @@ -3481,7 +3506,7 @@ func (c *AutoScaling) DetachInstancesRequest(input *DetachInstancesInput) (req * // target groups. // // For more information, see Detach EC2 Instances from Your Auto Scaling Group -// (http://docs.aws.amazon.com/autoscaling/ec2/userguide/detach-instance-asg.html) +// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/detach-instance-asg.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3493,8 +3518,8 @@ func (c *AutoScaling) DetachInstancesRequest(input *DetachInstancesInput) (req * // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DetachInstances func (c *AutoScaling) DetachInstances(input *DetachInstancesInput) (*DetachInstancesOutput, error) { @@ -3574,8 +3599,8 @@ func (c *AutoScaling) DetachLoadBalancerTargetGroupsRequest(input *DetachLoadBal // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DetachLoadBalancerTargetGroups func (c *AutoScaling) DetachLoadBalancerTargetGroups(input *DetachLoadBalancerTargetGroupsInput) (*DetachLoadBalancerTargetGroupsOutput, error) { @@ -3648,7 +3673,8 @@ func (c *AutoScaling) DetachLoadBalancersRequest(input *DetachLoadBalancersInput // group. // // This operation detaches only Classic Load Balancers. If you have Application -// Load Balancers, use DetachLoadBalancerTargetGroups instead. +// Load Balancers or Network Load Balancers, use DetachLoadBalancerTargetGroups +// instead. // // When you detach a load balancer, it enters the Removing state while deregistering // the instances in the group. When all instances are deregistered, then you @@ -3664,8 +3690,8 @@ func (c *AutoScaling) DetachLoadBalancersRequest(input *DetachLoadBalancersInput // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DetachLoadBalancers func (c *AutoScaling) DetachLoadBalancers(input *DetachLoadBalancersInput) (*DetachLoadBalancersOutput, error) { @@ -3745,8 +3771,8 @@ func (c *AutoScaling) DisableMetricsCollectionRequest(input *DisableMetricsColle // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/DisableMetricsCollection func (c *AutoScaling) DisableMetricsCollection(input *DisableMetricsCollectionInput) (*DisableMetricsCollectionOutput, error) { @@ -3816,7 +3842,7 @@ func (c *AutoScaling) EnableMetricsCollectionRequest(input *EnableMetricsCollect // EnableMetricsCollection API operation for Auto Scaling. // // Enables group metrics for the specified Auto Scaling group. For more information, -// see Monitoring Your Auto Scaling Groups and Instances (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html) +// see Monitoring Your Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3828,8 +3854,8 @@ func (c *AutoScaling) EnableMetricsCollectionRequest(input *EnableMetricsCollect // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/EnableMetricsCollection func (c *AutoScaling) EnableMetricsCollection(input *EnableMetricsCollectionInput) (*EnableMetricsCollectionOutput, error) { @@ -3899,8 +3925,17 @@ func (c *AutoScaling) EnterStandbyRequest(input *EnterStandbyInput) (req *reques // // Moves the specified instances into the standby state. // +// If you choose to decrement the desired capacity of the Auto Scaling group, +// the instances can enter standby as long as the desired capacity of the Auto +// Scaling group after the instances are placed into standby is equal to or +// greater than the minimum capacity of the group. +// +// If you choose not to decrement the desired capacity of the Auto Scaling group, +// the Auto Scaling group launches new instances to replace the instances on +// standby. +// // For more information, see Temporarily Removing Instances from Your Auto Scaling -// Group (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) +// Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3912,8 +3947,8 @@ func (c *AutoScaling) EnterStandbyRequest(input *EnterStandbyInput) (req *reques // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/EnterStandby func (c *AutoScaling) EnterStandby(input *EnterStandbyInput) (*EnterStandbyOutput, error) { @@ -3997,8 +4032,8 @@ func (c *AutoScaling) ExecutePolicyRequest(input *ExecutePolicyInput) (req *requ // progress. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/ExecutePolicy func (c *AutoScaling) ExecutePolicy(input *ExecutePolicyInput) (*ExecutePolicyOutput, error) { @@ -4068,8 +4103,10 @@ func (c *AutoScaling) ExitStandbyRequest(input *ExitStandbyInput) (req *request. // // Moves the specified instances out of the standby state. // +// After you put the instances back in service, the desired capacity is incremented. +// // For more information, see Temporarily Removing Instances from Your Auto Scaling -// Group (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) +// Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4081,8 +4118,8 @@ func (c *AutoScaling) ExitStandbyRequest(input *ExitStandbyInput) (req *request. // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/ExitStandby func (c *AutoScaling) ExitStandby(input *ExitStandbyInput) (*ExitStandbyOutput, error) { @@ -4154,8 +4191,8 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // Creates or updates a lifecycle hook for the specified Auto Scaling group. // // A lifecycle hook tells Amazon EC2 Auto Scaling to perform an action on an -// instance that is not actively in service; for example, either when the instance -// launches or before the instance terminates. +// instance when the instance launches (before it is put into service) or as +// the instance terminates (before it is fully terminated). // // This step is a part of the procedure for adding a lifecycle hook to an Auto // Scaling group: @@ -4172,17 +4209,19 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // launch or terminate. // // If you need more time, record the lifecycle action heartbeat to keep the -// instance in a pending state. +// instance in a pending state using RecordLifecycleActionHeartbeat. // -// If you finish before the timeout period ends, complete the lifecycle action. +// If you finish before the timeout period ends, complete the lifecycle action +// using CompleteLifecycleAction. // -// For more information, see Auto Scaling Lifecycle Hooks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) +// For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) // in the Amazon EC2 Auto Scaling User Guide. // // If you exceed your maximum limit of lifecycle hooks, which by default is -// 50 per Auto Scaling group, the call fails. For information about updating -// this limit, see AWS Service Limits (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) -// in the Amazon Web Services General Reference. +// 50 per Auto Scaling group, the call fails. +// +// You can view the lifecycle hooks for an Auto Scaling group using DescribeLifecycleHooks. +// If you are no longer using a lifecycle hook, you can delete it using DeleteLifecycleHook. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4193,13 +4232,13 @@ func (c *AutoScaling) PutLifecycleHookRequest(input *PutLifecycleHookInput) (req // // Returned Error Codes: // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/PutLifecycleHook func (c *AutoScaling) PutLifecycleHook(input *PutLifecycleHookInput) (*PutLifecycleHookOutput, error) { @@ -4274,9 +4313,9 @@ func (c *AutoScaling) PutNotificationConfigurationRequest(input *PutNotification // // This configuration overwrites any existing configuration. // -// For more information, see Getting SNS Notifications When Your Auto Scaling -// Group Scales (http://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) -// in the Auto Scaling User Guide. +// For more information, see Getting Amazon SNS Notifications When Your Auto +// Scaling Group Scales (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) +// in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4287,13 +4326,13 @@ func (c *AutoScaling) PutNotificationConfigurationRequest(input *PutNotification // // Returned Error Codes: // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -4364,15 +4403,14 @@ func (c *AutoScaling) PutScalingPolicyRequest(input *PutScalingPolicyInput) (req // PutScalingPolicy API operation for Auto Scaling. // -// Creates or updates a policy for an Auto Scaling group. To update an existing -// policy, use the existing policy name and set the parameters to change. Any -// existing parameter not changed in an update to an existing policy is not -// changed in this update request. +// Creates or updates a scaling policy for an Auto Scaling group. To update +// an existing scaling policy, use the existing policy name and set the parameters +// to change. Any existing parameter not changed in an update to an existing +// policy is not changed in this update request. // -// If you exceed your maximum limit of step adjustments, which by default is -// 20 per region, the call fails. For information about updating this limit, -// see AWS Service Limits (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) -// in the Amazon Web Services General Reference. +// For more information about using scaling policies to scale your Auto Scaling +// group automatically, see Dynamic Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html) +// in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4383,13 +4421,13 @@ func (c *AutoScaling) PutScalingPolicyRequest(input *PutScalingPolicyInput) (req // // Returned Error Codes: // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -4465,7 +4503,7 @@ func (c *AutoScaling) PutScheduledUpdateGroupActionRequest(input *PutScheduledUp // If you leave a parameter unspecified when updating a scheduled scaling action, // the corresponding value remains unchanged. // -// For more information, see Scheduled Scaling (http://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html) +// For more information, see Scheduled Scaling (https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4481,13 +4519,13 @@ func (c *AutoScaling) PutScheduledUpdateGroupActionRequest(input *PutScheduledUp // name. // // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/PutScheduledUpdateGroupAction func (c *AutoScaling) PutScheduledUpdateGroupAction(input *PutScheduledUpdateGroupActionInput) (*PutScheduledUpdateGroupActionOutput, error) { @@ -4579,7 +4617,7 @@ func (c *AutoScaling) RecordLifecycleActionHeartbeatRequest(input *RecordLifecyc // // If you finish before the timeout period ends, complete the lifecycle action. // -// For more information, see Auto Scaling Lifecycle (http://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroupLifecycle.html) +// For more information, see Auto Scaling Lifecycle (https://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroupLifecycle.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4591,8 +4629,8 @@ func (c *AutoScaling) RecordLifecycleActionHeartbeatRequest(input *RecordLifecyc // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/RecordLifecycleActionHeartbeat func (c *AutoScaling) RecordLifecycleActionHeartbeat(input *RecordLifecycleActionHeartbeatInput) (*RecordLifecycleActionHeartbeatOutput, error) { @@ -4664,7 +4702,7 @@ func (c *AutoScaling) ResumeProcessesRequest(input *ScalingProcessQuery) (req *r // Resumes the specified suspended automatic scaling processes, or all suspended // process, for the specified Auto Scaling group. // -// For more information, see Suspending and Resuming Scaling Processes (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) +// For more information, see Suspending and Resuming Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4679,8 +4717,8 @@ func (c *AutoScaling) ResumeProcessesRequest(input *ScalingProcessQuery) (req *r // The operation can't be performed because the resource is in use. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/ResumeProcesses func (c *AutoScaling) ResumeProcesses(input *ScalingProcessQuery) (*ResumeProcessesOutput, error) { @@ -4752,7 +4790,7 @@ func (c *AutoScaling) SetDesiredCapacityRequest(input *SetDesiredCapacityInput) // Sets the size of the specified Auto Scaling group. // // For more information about desired capacity, see What Is Amazon EC2 Auto -// Scaling? (http://docs.aws.amazon.com/autoscaling/ec2/userguide/WhatIsAutoScaling.html) +// Scaling? (https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4768,8 +4806,8 @@ func (c *AutoScaling) SetDesiredCapacityRequest(input *SetDesiredCapacityInput) // progress. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/SetDesiredCapacity func (c *AutoScaling) SetDesiredCapacity(input *SetDesiredCapacityInput) (*SetDesiredCapacityOutput, error) { @@ -4840,7 +4878,7 @@ func (c *AutoScaling) SetInstanceHealthRequest(input *SetInstanceHealthInput) (r // // Sets the health status of the specified instance. // -// For more information, see Health Checks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) +// For more information, see Health Checks for Auto Scaling Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4852,8 +4890,8 @@ func (c *AutoScaling) SetInstanceHealthRequest(input *SetInstanceHealthInput) (r // // Returned Error Codes: // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/SetInstanceHealth func (c *AutoScaling) SetInstanceHealth(input *SetInstanceHealthInput) (*SetInstanceHealthOutput, error) { @@ -4924,7 +4962,8 @@ func (c *AutoScaling) SetInstanceProtectionRequest(input *SetInstanceProtectionI // // Updates the instance protection settings of the specified instances. // -// For more information, see Instance Protection (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) +// For more information about preventing instances that are part of an Auto +// Scaling group from terminating on scale in, see Instance Protection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4936,13 +4975,13 @@ func (c *AutoScaling) SetInstanceProtectionRequest(input *SetInstanceProtectionI // // Returned Error Codes: // * ErrCodeLimitExceededFault "LimitExceeded" -// You have already reached a limit for your Auto Scaling resources (for example, -// groups, launch configurations, or lifecycle hooks). For more information, -// see DescribeAccountLimits. +// You have already reached a limit for your Amazon EC2 Auto Scaling resources +// (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). +// For more information, see DescribeAccountLimits. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/SetInstanceProtection func (c *AutoScaling) SetInstanceProtection(input *SetInstanceProtectionInput) (*SetInstanceProtectionOutput, error) { @@ -5019,7 +5058,7 @@ func (c *AutoScaling) SuspendProcessesRequest(input *ScalingProcessQuery) (req * // // To resume processes that have been suspended, use ResumeProcesses. // -// For more information, see Suspending and Resuming Scaling Processes (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) +// For more information, see Suspending and Resuming Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html) // in the Amazon EC2 Auto Scaling User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5034,8 +5073,8 @@ func (c *AutoScaling) SuspendProcessesRequest(input *ScalingProcessQuery) (req * // The operation can't be performed because the resource is in use. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/SuspendProcesses func (c *AutoScaling) SuspendProcesses(input *ScalingProcessQuery) (*SuspendProcessesOutput, error) { @@ -5122,8 +5161,8 @@ func (c *AutoScaling) TerminateInstanceInAutoScalingGroupRequest(input *Terminat // progress. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // See also, https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01/TerminateInstanceInAutoScalingGroup func (c *AutoScaling) TerminateInstanceInAutoScalingGroup(input *TerminateInstanceInAutoScalingGroupInput) (*TerminateInstanceInAutoScalingGroupOutput, error) { @@ -5194,27 +5233,42 @@ func (c *AutoScaling) UpdateAutoScalingGroupRequest(input *UpdateAutoScalingGrou // // Updates the configuration for the specified Auto Scaling group. // -// The new settings take effect on any scaling activities after this call returns. -// Scaling activities that are currently in progress aren't affected. +// To update an Auto Scaling group, specify the name of the group and the parameter +// that you want to change. Any parameters that you don't specify are not changed +// by this update request. The new settings take effect on any scaling activities +// after this call returns. // -// To update an Auto Scaling group with a launch configuration with InstanceMonitoring -// set to false, you must first disable the collection of group metrics. Otherwise, -// you get an error. If you have previously enabled the collection of group -// metrics, you can disable it using DisableMetricsCollection. +// If you associate a new launch configuration or template with an Auto Scaling +// group, all new instances will get the updated configuration. Existing instances +// continue to run with the configuration that they were originally launched +// with. When you update a group to specify a mixed instances policy instead +// of a launch configuration or template, existing instances may be replaced +// to match the new purchasing options that you specified in the policy. For +// example, if the group currently has 100% On-Demand capacity and the policy +// specifies 50% Spot capacity, this means that half of your instances will +// be gradually terminated and relaunched as Spot Instances. When replacing +// instances, Amazon EC2 Auto Scaling launches new instances before terminating +// the old ones, so that updating your group does not compromise the performance +// or availability of your application. // -// Note the following: +// Note the following about changing DesiredCapacity, MaxSize, or MinSize: +// +// * If a scale-in event occurs as a result of a new DesiredCapacity value +// that is lower than the current size of the group, the Auto Scaling group +// uses its termination policy to determine which instances to terminate. // // * If you specify a new value for MinSize without specifying a value for // DesiredCapacity, and the new MinSize is larger than the current size of -// the group, we implicitly call SetDesiredCapacity to set the size of the -// group to the new value of MinSize. +// the group, this sets the group's DesiredCapacity to the new MinSize value. // // * If you specify a new value for MaxSize without specifying a value for // DesiredCapacity, and the new MaxSize is smaller than the current size -// of the group, we implicitly call SetDesiredCapacity to set the size of -// the group to the new value of MaxSize. +// of the group, this sets the group's DesiredCapacity to the new MaxSize +// value. // -// * All other optional parameters are left unchanged if not specified. +// To see which parameters have been set, use DescribeAutoScalingGroups. You +// can also view the scaling policies for an Auto Scaling group using DescribePolicies. +// If the group has scaling policies, you can update them using PutScalingPolicy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5229,8 +5283,8 @@ func (c *AutoScaling) UpdateAutoScalingGroupRequest(input *UpdateAutoScalingGrou // progress. // // * ErrCodeResourceContentionFault "ResourceContention" -// You already have a pending update to an Auto Scaling resource (for example, -// a group, instance, or load balancer). +// You already have a pending update to an Amazon EC2 Auto Scaling resource +// (for example, an Auto Scaling group, instance, or load balancer). // // * ErrCodeServiceLinkedRoleFailure "ServiceLinkedRoleFailure" // The service-linked role is not yet ready for use. @@ -5375,9 +5429,6 @@ func (s *Activity) SetStatusMessage(v string) *Activity { } // Describes a policy adjustment type. -// -// For more information, see Dynamic Scaling (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html) -// in the Amazon EC2 Auto Scaling User Guide. type AdjustmentType struct { _ struct{} `type:"structure"` @@ -5812,6 +5863,8 @@ type BlockDeviceMapping struct { _ struct{} `type:"structure"` // The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh). + // For more information, see Device Naming on Linux Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html) + // in the Amazon EC2 User Guide for Linux Instances. // // DeviceName is a required field DeviceName *string `min:"1" type:"string" required:"true"` @@ -6004,50 +6057,54 @@ func (s CompleteLifecycleActionOutput) GoString() string { type CreateAutoScalingGroupInput struct { _ struct{} `type:"structure"` - // The name of the Auto Scaling group. This name must be unique within the scope - // of your AWS account. + // The name of the Auto Scaling group. This name must be unique per Region per + // account. // // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` // One or more Availability Zones for the group. This parameter is optional - // if you specify one or more subnets. + // if you specify one or more subnets for VPCZoneIdentifier. + // + // Conditional: If your account supports EC2-Classic and VPC, this parameter + // is required to launch instances into EC2-Classic. AvailabilityZones []*string `min:"1" type:"list"` // The amount of time, in seconds, after a scaling activity completes before - // another scaling activity can start. The default is 300. + // another scaling activity can start. The default value is 300. // - // For more information, see Scaling Cooldowns (http://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // For more information, see Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. DefaultCooldown *int64 `type:"integer"` - // The number of EC2 instances that should be running in the group. This number - // must be greater than or equal to the minimum size of the group and less than - // or equal to the maximum size of the group. If you do not specify a desired - // capacity, the default is the minimum size of the group. + // The number of Amazon EC2 instances that the Auto Scaling group attempts to + // maintain. This number must be greater than or equal to the minimum size of + // the group and less than or equal to the maximum size of the group. If you + // do not specify a desired capacity, the default is the minimum size of the + // group. DesiredCapacity *int64 `type:"integer"` // The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before // checking the health status of an EC2 instance that has come into service. // During this time, any health check failures for the instance are ignored. - // The default is 0. + // The default value is 0. // - // This parameter is required if you are adding an ELB health check. - // - // For more information, see Health Checks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) + // For more information, see Health Check Grace Period (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html#health-check-grace-period) // in the Amazon EC2 Auto Scaling User Guide. + // + // Conditional: This parameter is required if you are adding an ELB health check. HealthCheckGracePeriod *int64 `type:"integer"` // The service to use for the health checks. The valid values are EC2 and ELB. + // The default value is EC2. If you configure an Auto Scaling group to use ELB + // health checks, it considers the instance unhealthy if it fails either the + // EC2 status checks or the load balancer health checks. // - // By default, health checks use Amazon EC2 instance status checks to determine - // the health of an instance. For more information, see Health Checks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) + // For more information, see Health Checks for Auto Scaling Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) // in the Amazon EC2 Auto Scaling User Guide. HealthCheckType *string `min:"1" type:"string"` // The ID of the instance used to create a launch configuration for the group. - // This parameter, a launch configuration, a launch template, or a mixed instances - // policy must be specified. // // When you specify an ID of an instance, Amazon EC2 Auto Scaling creates a // new launch configuration and associates it with the group. This launch configuration @@ -6055,29 +6112,45 @@ type CreateAutoScalingGroupInput struct { // device mapping. // // For more information, see Create an Auto Scaling Group Using an EC2 Instance - // (http://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) // in the Amazon EC2 Auto Scaling User Guide. + // + // You must specify one of the following parameters in your request: LaunchConfigurationName, + // LaunchTemplate, InstanceId, or MixedInstancesPolicy. InstanceId *string `min:"1" type:"string"` - // The name of the launch configuration. This parameter, a launch template, - // a mixed instances policy, or an EC2 instance must be specified. + // The name of the launch configuration. + // + // If you do not specify LaunchConfigurationName, you must specify one of the + // following parameters: InstanceId, LaunchTemplate, or MixedInstancesPolicy. LaunchConfigurationName *string `min:"1" type:"string"` - // The launch template to use to launch instances. This parameter, a launch - // configuration, a mixed instances policy, or an EC2 instance must be specified. + // The launch template to use to launch instances. + // + // For more information, see LaunchTemplateSpecification (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_LaunchTemplateSpecification.html) + // in the Amazon EC2 Auto Scaling API Reference. + // + // If you do not specify LaunchTemplate, you must specify one of the following + // parameters: InstanceId, LaunchConfigurationName, or MixedInstancesPolicy. LaunchTemplate *LaunchTemplateSpecification `type:"structure"` // One or more lifecycle hooks. LifecycleHookSpecificationList []*LifecycleHookSpecification `type:"list"` - // One or more Classic Load Balancers. To specify an Application Load Balancer, - // use TargetGroupARNs instead. + // A list of Classic Load Balancers associated with this Auto Scaling group. + // For Application Load Balancers and Network Load Balancers, specify a list + // of target groups using the TargetGroupARNs property instead. // - // For more information, see Using a Load Balancer With an Auto Scaling Group - // (http://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) + // For more information, see Using a Load Balancer with an Auto Scaling Group + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) // in the Amazon EC2 Auto Scaling User Guide. LoadBalancerNames []*string `type:"list"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the group. // // MaxSize is a required field @@ -6088,50 +6161,78 @@ type CreateAutoScalingGroupInput struct { // MinSize is a required field MinSize *int64 `type:"integer" required:"true"` - // The mixed instances policy to use to launch instances. This parameter, a - // launch template, a launch configuration, or an EC2 instance must be specified. + // An embedded object that specifies a mixed instances policy. The required + // parameters must be specified. If optional parameters are unspecified, their + // default values are used. + // + // The policy includes parameters that not only define the distribution of On-Demand + // Instances and Spot Instances, the maximum price to pay for Spot Instances, + // and how the Auto Scaling group allocates instance types to fulfill On-Demand + // and Spot capacity, but also the parameters that specify the instance configuration + // information—the launch template and instance types. + // + // For more information, see MixedInstancesPolicy (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_MixedInstancesPolicy.html) + // in the Amazon EC2 Auto Scaling API Reference and Auto Scaling Groups with + // Multiple Instance Types and Purchase Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html) + // in the Amazon EC2 Auto Scaling User Guide. + // + // You must specify one of the following parameters in your request: LaunchConfigurationName, + // LaunchTemplate, InstanceId, or MixedInstancesPolicy. MixedInstancesPolicy *MixedInstancesPolicy `type:"structure"` // Indicates whether newly launched instances are protected from termination - // by Auto Scaling when scaling in. + // by Amazon EC2 Auto Scaling when scaling in. + // + // For more information about preventing instances from terminating on scale + // in, see Instance Protection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) + // in the Amazon EC2 Auto Scaling User Guide. NewInstancesProtectedFromScaleIn *bool `type:"boolean"` // The name of the placement group into which to launch your instances, if any. - // For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) - // in the Amazon Elastic Compute Cloud User Guide. + // A placement group is a logical grouping of instances within a single Availability + // Zone. You cannot specify multiple Availability Zones and a placement group. + // For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) + // in the Amazon EC2 User Guide for Linux Instances. PlacementGroup *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling // group uses to call other AWS services on your behalf. By default, Amazon // EC2 Auto Scaling uses a service-linked role named AWSServiceRoleForAutoScaling, - // which it creates if it does not exist. + // which it creates if it does not exist. For more information, see Service-Linked + // Roles (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-service-linked-role.html) + // in the Amazon EC2 Auto Scaling User Guide. ServiceLinkedRoleARN *string `min:"1" type:"string"` // One or more tags. // - // For more information, see Tagging Auto Scaling Groups and Instances (http://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) + // For more information, see Tagging Auto Scaling Groups and Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) // in the Amazon EC2 Auto Scaling User Guide. Tags []*Tag `type:"list"` - // The Amazon Resource Names (ARN) of the target groups. + // The Amazon Resource Names (ARN) of the target groups to associate with the + // Auto Scaling group. Instances are registered as targets in a target group, + // and traffic is routed to the target group. + // + // For more information, see Using a Load Balancer with an Auto Scaling Group + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) + // in the Amazon EC2 Auto Scaling User Guide. TargetGroupARNs []*string `type:"list"` // One or more termination policies used to select the instance to terminate. // These policies are executed in the order that they are listed. // // For more information, see Controlling Which Instances Auto Scaling Terminates - // During Scale In (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) - // in the Auto Scaling User Guide. + // During Scale In (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) + // in the Amazon EC2 Auto Scaling User Guide. TerminationPolicies []*string `type:"list"` - // A comma-separated list of subnet identifiers for your virtual private cloud - // (VPC). + // A comma-separated list of subnet IDs for your virtual private cloud (VPC). // - // If you specify subnets and Availability Zones with this call, ensure that - // the subnets' Availability Zones match the Availability Zones specified. + // If you specify VPCZoneIdentifier with AvailabilityZones, the subnets that + // you specify for this parameter must reside in those Availability Zones. // - // For more information, see Launching Auto Scaling Instances in a VPC (http://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) - // in the Amazon EC2 Auto Scaling User Guide. + // Conditional: If your account supports EC2-Classic and VPC, this parameter + // is required to launch instances into a VPC. VPCZoneIdentifier *string `min:"1" type:"string"` } @@ -6284,6 +6385,12 @@ func (s *CreateAutoScalingGroupInput) SetLoadBalancerNames(v []*string) *CreateA return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *CreateAutoScalingGroupInput) SetMaxInstanceLifetime(v int64) *CreateAutoScalingGroupInput { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *CreateAutoScalingGroupInput) SetMaxSize(v int64) *CreateAutoScalingGroupInput { s.MaxSize = &v @@ -6361,146 +6468,169 @@ func (s CreateAutoScalingGroupOutput) GoString() string { type CreateLaunchConfigurationInput struct { _ struct{} `type:"structure"` - // Used for groups that launch instances into a virtual private cloud (VPC). - // Specifies whether to assign a public IP address to each instance. For more - // information, see Launching Auto Scaling Instances in a VPC (http://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) + // For Auto Scaling groups that are running in a virtual private cloud (VPC), + // specifies whether to assign a public IP address to the group's instances. + // If you specify true, each instance in the Auto Scaling group receives a unique + // public IP address. For more information, see Launching Auto Scaling Instances + // in a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) // in the Amazon EC2 Auto Scaling User Guide. // - // If you specify this parameter, be sure to specify at least one subnet when - // you create your group. + // If you specify this parameter, you must specify at least one subnet for VPCZoneIdentifier + // when you create your group. // - // Default: If the instance is launched into a default subnet, the default is - // to assign a public IP address. If the instance is launched into a nondefault - // subnet, the default is not to assign a public IP address. + // If the instance is launched into a default subnet, the default is to assign + // a public IP address, unless you disabled the option to assign a public IP + // address on the subnet. If the instance is launched into a nondefault subnet, + // the default is not to assign a public IP address, unless you enabled the + // option to assign a public IP address on the subnet. AssociatePublicIpAddress *bool `type:"boolean"` - // One or more mappings that specify how block devices are exposed to the instance. - // For more information, see Block Device Mapping (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // A block device mapping, which specifies the block devices for the instance. + // You can specify virtual devices and EBS volumes. For more information, see + // Block Device Mapping (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) + // in the Amazon EC2 User Guide for Linux Instances. BlockDeviceMappings []*BlockDeviceMapping `type:"list"` // The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. - // This parameter is supported only if you are launching EC2-Classic instances. - // For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) - // in the Amazon Elastic Compute Cloud User Guide. + // For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) + // in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic + // Instances to a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-ClassicLink) + // in the Amazon EC2 Auto Scaling User Guide. + // + // This parameter can only be used if you are launching EC2-Classic instances. ClassicLinkVPCId *string `min:"1" type:"string"` // The IDs of one or more security groups for the specified ClassicLink-enabled - // VPC. This parameter is required if you specify a ClassicLink-enabled VPC, - // and is not supported otherwise. For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) - // in the Amazon Elastic Compute Cloud User Guide. + // VPC. For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) + // in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic + // Instances to a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-ClassicLink) + // in the Amazon EC2 Auto Scaling User Guide. + // + // If you specify the ClassicLinkVPCId parameter, you must specify this parameter. ClassicLinkVPCSecurityGroups []*string `type:"list"` - // Indicates whether the instance is optimized for Amazon EBS I/O. By default, - // the instance is not optimized for EBS I/O. The optimization provides dedicated - // throughput to Amazon EBS and an optimized configuration stack to provide - // optimal I/O performance. This optimization is not available with all instance - // types. Additional usage charges apply. For more information, see Amazon EBS-Optimized - // Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Specifies whether the launch configuration is optimized for EBS I/O (true) + // or not (false). The optimization provides dedicated throughput to Amazon + // EBS and an optimized configuration stack to provide optimal I/O performance. + // This optimization is not available with all instance types. Additional fees + // are incurred when you enable EBS optimization for an instance type that is + // not EBS-optimized by default. For more information, see Amazon EBS-Optimized + // Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) + // in the Amazon EC2 User Guide for Linux Instances. + // + // The default value is false. EbsOptimized *bool `type:"boolean"` // The name or the Amazon Resource Name (ARN) of the instance profile associated - // with the IAM role for the instance. + // with the IAM role for the instance. The instance profile contains the IAM + // role. // - // EC2 instances launched with an IAM role automatically have AWS security credentials - // available. You can use IAM roles with Amazon EC2 Auto Scaling to automatically - // enable applications running on your EC2 instances to securely access other - // AWS resources. For more information, see Launch Auto Scaling Instances with - // an IAM Role (http://docs.aws.amazon.com/autoscaling/ec2/userguide/us-iam-role.html) + // For more information, see IAM Role for Applications That Run on Amazon EC2 + // Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/us-iam-role.html) // in the Amazon EC2 Auto Scaling User Guide. IamInstanceProfile *string `min:"1" type:"string"` - // The ID of the Amazon Machine Image (AMI) to use to launch your EC2 instances. + // The ID of the Amazon Machine Image (AMI) that was assigned during registration. + // For more information, see Finding an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html) + // in the Amazon EC2 User Guide for Linux Instances. // // If you do not specify InstanceId, you must specify ImageId. - // - // For more information, see Finding an AMI (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html) - // in the Amazon Elastic Compute Cloud User Guide. ImageId *string `min:"1" type:"string"` // The ID of the instance to use to create the launch configuration. The new // launch configuration derives attributes from the instance, except for the // block device mapping. // - // If you do not specify InstanceId, you must specify both ImageId and InstanceType. - // // To create a launch configuration with a block device mapping or override // any other instance attributes, specify them as part of the same request. // // For more information, see Create a Launch Configuration Using an EC2 Instance - // (http://docs.aws.amazon.com/autoscaling/ec2/userguide/create-lc-with-instanceID.html) + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-lc-with-instanceID.html) // in the Amazon EC2 Auto Scaling User Guide. + // + // If you do not specify InstanceId, you must specify both ImageId and InstanceType. InstanceId *string `min:"1" type:"string"` - // Enables detailed monitoring (true) or basic monitoring (false) for the Auto - // Scaling instances. The default is true. + // Controls whether instances in this group are launched with detailed (true) + // or basic (false) monitoring. + // + // The default value is true (enabled). + // + // When detailed monitoring is enabled, Amazon CloudWatch generates metrics + // every minute and your account is charged a fee. When you disable detailed + // monitoring, CloudWatch generates metrics every 5 minutes. For more information, + // see Configure Monitoring for Auto Scaling Instances (https://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-monitoring.html#enable-as-instance-metrics) + // in the Amazon EC2 Auto Scaling User Guide. InstanceMonitoring *InstanceMonitoring `type:"structure"` - // The instance type of the EC2 instance. - // - // If you do not specify InstanceId, you must specify InstanceType. + // Specifies the instance type of the EC2 instance. // // For information about available instance types, see Available Instance Types - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) - // in the Amazon Elastic Compute Cloud User Guide. + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) + // in the Amazon EC2 User Guide for Linux Instances. + // + // If you do not specify InstanceId, you must specify InstanceType. InstanceType *string `min:"1" type:"string"` // The ID of the kernel associated with the AMI. KernelId *string `min:"1" type:"string"` // The name of the key pair. For more information, see Amazon EC2 Key Pairs - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in - // the Amazon Elastic Compute Cloud User Guide. + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) + // in the Amazon EC2 User Guide for Linux Instances. KeyName *string `min:"1" type:"string"` - // The name of the launch configuration. This name must be unique within the - // scope of your AWS account. + // The name of the launch configuration. This name must be unique per Region + // per account. // // LaunchConfigurationName is a required field LaunchConfigurationName *string `min:"1" type:"string" required:"true"` - // The tenancy of the instance. An instance with a tenancy of dedicated runs - // on single-tenant hardware and can only be launched into a VPC. + // The tenancy of the instance. An instance with dedicated tenancy runs on isolated, + // single-tenant hardware and can only be launched into a VPC. // - // To launch Dedicated Instances into a shared tenancy VPC (a VPC with the instance + // To launch dedicated instances into a shared tenancy VPC (a VPC with the instance // placement tenancy attribute set to default), you must set the value of this // parameter to dedicated. // - // If you specify this parameter, be sure to specify at least one subnet when - // you create your group. + // If you specify PlacementTenancy, you must specify at least one subnet for + // VPCZoneIdentifier when you create your group. // - // For more information, see Launching Auto Scaling Instances in a VPC (http://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) + // For more information, see Instance Placement Tenancy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-vpc-tenancy) // in the Amazon EC2 Auto Scaling User Guide. // - // Valid values: default | dedicated + // Valid Values: default | dedicated PlacementTenancy *string `min:"1" type:"string"` - // The ID of the RAM disk associated with the AMI. + // The ID of the RAM disk to select. RamdiskId *string `min:"1" type:"string"` - // One or more security groups with which to associate the instances. + // A list that contains the security groups to assign to the instances in the + // Auto Scaling group. // - // If your instances are launched in EC2-Classic, you can either specify security - // group names or the security group IDs. For more information, see Amazon EC2 - // Security Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) - // in the Amazon Elastic Compute Cloud User Guide. - // - // If your instances are launched into a VPC, specify security group IDs. For - // more information, see Security Groups for Your VPC (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) + // [EC2-VPC] Specify the security group IDs. For more information, see Security + // Groups for Your VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) // in the Amazon Virtual Private Cloud User Guide. + // + // [EC2-Classic] Specify either the security group names or the security group + // IDs. For more information, see Amazon EC2 Security Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) + // in the Amazon EC2 User Guide for Linux Instances. SecurityGroups []*string `type:"list"` // The maximum hourly price to be paid for any Spot Instance launched to fulfill // the request. Spot Instances are launched when the price you specify exceeds - // the current Spot market price. For more information, see Launching Spot Instances - // in Your Auto Scaling Group (http://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-launch-spot-instances.html) + // the current Spot price. For more information, see Launching Spot Instances + // in Your Auto Scaling Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-launch-spot-instances.html) // in the Amazon EC2 Auto Scaling User Guide. + // + // When you change your maximum price by creating a new launch configuration, + // running instances will continue to run as long as the maximum price for those + // running instances is higher than the current Spot price. SpotPrice *string `min:"1" type:"string"` - // The user data to make available to the launched EC2 instances. For more information, - // see Instance Metadata and User Data (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The Base64-encoded user data to make available to the launched EC2 instances. + // For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // in the Amazon EC2 User Guide for Linux Instances. UserData *string `type:"string"` } @@ -6754,11 +6884,30 @@ func (s CreateOrUpdateTagsOutput) GoString() string { return s.String() } -// Configures a customized metric for a target tracking policy. +// Represents a CloudWatch metric of your choosing for a target tracking scaling +// policy to use with Amazon EC2 Auto Scaling. +// +// To create your customized metric specification: +// +// * Add values for each required parameter from CloudWatch. You can use +// an existing metric, or a new metric that you create. To use your own metric, +// you must first publish the metric to CloudWatch. For more information, +// see Publish Custom Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) +// in the Amazon CloudWatch User Guide. +// +// * Choose a metric that changes proportionally with capacity. The value +// of the metric should increase or decrease in inverse proportion to the +// number of capacity units. That is, the value of the metric should decrease +// when capacity increases. +// +// For more information about CloudWatch, see Amazon CloudWatch Concepts (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html). type CustomizedMetricSpecification struct { _ struct{} `type:"structure"` // The dimensions of the metric. + // + // Conditional: If you published your metric with dimensions, you must specify + // the same dimensions in your scaling policy. Dimensions []*MetricDimension `type:"list"` // The name of the metric. @@ -7334,11 +7483,11 @@ type DescribeAccountLimitsOutput struct { _ struct{} `type:"structure"` // The maximum number of groups allowed for your AWS account. The default limit - // is 20 per region. + // is 200 per AWS Region. MaxNumberOfAutoScalingGroups *int64 `type:"integer"` // The maximum number of launch configurations allowed for your AWS account. - // The default limit is 100 per region. + // The default limit is 200 per AWS Region. MaxNumberOfLaunchConfigurations *int64 `type:"integer"` // The current number of groups for your AWS account. @@ -7422,7 +7571,10 @@ func (s *DescribeAdjustmentTypesOutput) SetAdjustmentTypes(v []*AdjustmentType) type DescribeAutoScalingGroupsInput struct { _ struct{} `type:"structure"` - // The names of the Auto Scaling groups. You can specify up to MaxRecords names. + // The names of the Auto Scaling groups. Each name can be a maximum of 1600 + // characters. By default, you can only specify up to 50 names. You can optionally + // increase this limit using the MaxRecords parameter. + // // If you omit this parameter, all Auto Scaling groups are described. AutoScalingGroupNames []*string `type:"list"` @@ -7471,8 +7623,10 @@ type DescribeAutoScalingGroupsOutput struct { // AutoScalingGroups is a required field AutoScalingGroups []*Group `type:"list" required:"true"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -7549,8 +7703,10 @@ type DescribeAutoScalingInstancesOutput struct { // The instances. AutoScalingInstances []*InstanceDetails `type:"list"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -7665,8 +7821,10 @@ type DescribeLaunchConfigurationsOutput struct { // LaunchConfigurations is a required field LaunchConfigurations []*LaunchConfiguration `type:"list" required:"true"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -7870,8 +8028,10 @@ type DescribeLoadBalancerTargetGroupsOutput struct { // Information about the target groups. LoadBalancerTargetGroups []*LoadBalancerTargetGroupState `type:"list"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -7964,8 +8124,10 @@ type DescribeLoadBalancersOutput struct { // The load balancers. LoadBalancers []*LoadBalancerState `type:"list"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -8083,8 +8245,10 @@ func (s *DescribeNotificationConfigurationsInput) SetNextToken(v string) *Descri type DescribeNotificationConfigurationsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` // The notification configurations. @@ -8135,7 +8299,8 @@ type DescribePoliciesInput struct { // name, it is ignored with no error. PolicyNames []*string `type:"list"` - // One or more policy types. Valid values are SimpleScaling and StepScaling. + // One or more policy types. The valid values are SimpleScaling, StepScaling, + // and TargetTrackingScaling. PolicyTypes []*string `type:"list"` } @@ -8195,8 +8360,10 @@ func (s *DescribePoliciesInput) SetPolicyTypes(v []*string) *DescribePoliciesInp type DescribePoliciesOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` // The scaling policies. @@ -8303,8 +8470,10 @@ type DescribeScalingActivitiesOutput struct { // Activities is a required field Activities []*Activity `type:"list" required:"true"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` } @@ -8457,8 +8626,10 @@ func (s *DescribeScheduledActionsInput) SetStartTime(v time.Time) *DescribeSched type DescribeScheduledActionsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` // The scheduled actions. @@ -8534,8 +8705,10 @@ func (s *DescribeTagsInput) SetNextToken(v string) *DescribeTagsInput { type DescribeTagsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // A string that indicates that the response contains more items than can be + // returned in a single response. To receive additional items, specify this + // string for the NextToken value when requesting the next set of items. This + // value is null when there are no more items to return. NextToken *string `type:"string"` // One or more tags. @@ -8583,9 +8756,7 @@ type DescribeTerminationPolicyTypesOutput struct { // The termination policies supported by Amazon EC2 Auto Scaling: OldestInstance, // OldestLaunchConfiguration, NewestInstance, ClosestToNextInstanceHour, Default, - // OldestLaunchTemplate, and AllocationStrategy. Currently, the OldestLaunchTemplate - // and AllocationStrategy policies are only supported for Auto Scaling groups - // with MixedInstancesPolicy. + // OldestLaunchTemplate, and AllocationStrategy. TerminationPolicyTypes []*string `type:"list"` } @@ -8913,44 +9084,73 @@ func (s DisableMetricsCollectionOutput) GoString() string { return s.String() } -// Describes an Amazon EBS volume. +// Describes an Amazon EBS volume. Used in combination with BlockDeviceMapping. type Ebs struct { _ struct{} `type:"structure"` - // Indicates whether the volume is deleted on instance termination. The default - // is true. + // Indicates whether the volume is deleted on instance termination. For Amazon + // EC2 Auto Scaling, the default value is true. DeleteOnTermination *bool `type:"boolean"` - // Indicates whether the volume should be encrypted. Encrypted EBS volumes must - // be attached to instances that support Amazon EBS encryption. Volumes that - // are created from encrypted snapshots are automatically encrypted. There is - // no way to create an encrypted volume from an unencrypted snapshot or an unencrypted - // volume from an encrypted snapshot. For more information, see Amazon EBS Encryption - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) in - // the Amazon Elastic Compute Cloud User Guide. + // Specifies whether the volume should be encrypted. Encrypted EBS volumes can + // only be attached to instances that support Amazon EBS encryption. For more + // information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // If your AMI uses encrypted volumes, you can also only launch it on supported + // instance types. + // + // If you are creating a volume from a snapshot, you cannot specify an encryption + // value. Volumes that are created from encrypted snapshots are automatically + // encrypted, and volumes that are created from unencrypted snapshots are automatically + // unencrypted. By default, encrypted snapshots use the AWS managed CMK that + // is used for EBS encryption, but you can specify a custom CMK when you create + // the snapshot. The ability to encrypt a snapshot during copying also allows + // you to apply a new CMK to an already-encrypted snapshot. Volumes restored + // from the resulting copy are only accessible using the new CMK. + // + // Enabling encryption by default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) + // results in all EBS volumes being encrypted with the AWS managed CMK or a + // customer managed CMK, whether or not the snapshot was encrypted. + // + // For more information, see Using Encryption with EBS-Backed AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html) + // in the Amazon EC2 User Guide for Linux Instances and Required CMK Key Policy + // for Use with Encrypted Volumes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/key-policy-requirements-EBS-encryption.html) + // in the Amazon EC2 Auto Scaling User Guide. Encrypted *bool `type:"boolean"` // The number of I/O operations per second (IOPS) to provision for the volume. + // The maximum ratio of IOPS to volume size (in GiB) is 50:1. For more information, + // see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // in the Amazon EC2 User Guide for Linux Instances. // - // Constraint: Required when the volume type is io1. + // Conditional: This parameter is required when the volume type is io1. (Not + // used with standard, gp2, st1, or sc1 volumes.) Iops *int64 `min:"100" type:"integer"` - // The ID of the snapshot. + // The snapshot ID of the volume to use. + // + // Conditional: This parameter is optional if you specify a volume size. If + // you specify both SnapshotId and VolumeSize, VolumeSize must be equal or greater + // than the size of the snapshot. SnapshotId *string `min:"1" type:"string"` - // The volume size, in GiB. For standard volumes, specify a value from 1 to - // 1,024. For io1 volumes, specify a value from 4 to 16,384. For gp2 volumes, - // specify a value from 1 to 16,384. If you specify a snapshot, the volume size - // must be equal to or larger than the snapshot size. + // The volume size, in Gibibytes (GiB). + // + // This can be a number from 1-1,024 for standard, 4-16,384 for io1, 1-16,384 + // for gp2, and 500-16,384 for st1 and sc1. If you specify a snapshot, the volume + // size must be equal to or larger than the snapshot size. // // Default: If you create a volume from a snapshot and you don't specify a volume // size, the default is the snapshot size. + // + // At least one of VolumeSize or SnapshotId is required. VolumeSize *int64 `min:"1" type:"integer"` - // The volume type. For more information, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The volume type, which can be standard for Magnetic, io1 for Provisioned + // IOPS SSD, gp2 for General Purpose SSD, st1 for Throughput Optimized HDD, + // or sc1 for Cold HDD. For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // in the Amazon EC2 User Guide for Linux Instances. // - // Valid values: standard | io1 | gp2 + // Valid Values: standard | io1 | gp2 | st1 | sc1 VolumeType *string `min:"1" type:"string"` } @@ -9266,16 +9466,16 @@ type ExecutePolicyInput struct { // The breach threshold for the alarm. // - // This parameter is required if the policy type is StepScaling and not supported - // otherwise. + // Conditional: This parameter is required if the policy type is StepScaling + // and not supported otherwise. BreachThreshold *float64 `type:"double"` // Indicates whether Amazon EC2 Auto Scaling waits for the cooldown period to // complete before executing the policy. // - // This parameter is not supported if the policy type is StepScaling. + // This parameter is not supported if the policy type is StepScaling or TargetTrackingScaling. // - // For more information, see Scaling Cooldowns (http://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // For more information, see Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. HonorCooldown *bool `type:"boolean"` @@ -9288,8 +9488,8 @@ type ExecutePolicyInput struct { // If you specify a metric value that doesn't correspond to a step adjustment // for the policy, the call returns an error. // - // This parameter is required if the policy type is StepScaling and not supported - // otherwise. + // Conditional: This parameter is required if the policy type is StepScaling + // and not supported otherwise. MetricValue *float64 `type:"double"` // The name or ARN of the policy. @@ -9563,6 +9763,9 @@ type Group struct { HealthCheckGracePeriod *int64 `type:"integer"` // The service to use for the health checks. The valid values are EC2 and ELB. + // If you configure an Auto Scaling group to use ELB health checks, it considers + // the instance unhealthy if it fails either the EC2 status checks or the load + // balancer health checks. // // HealthCheckType is a required field HealthCheckType *string `min:"1" type:"string" required:"true"` @@ -9579,6 +9782,11 @@ type Group struct { // One or more load balancers associated with the group. LoadBalancerNames []*string `type:"list"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the group. // // MaxSize is a required field @@ -9593,12 +9801,10 @@ type Group struct { MixedInstancesPolicy *MixedInstancesPolicy `type:"structure"` // Indicates whether newly launched instances are protected from termination - // by Auto Scaling when scaling in. + // by Amazon EC2 Auto Scaling when scaling in. NewInstancesProtectedFromScaleIn *bool `type:"boolean"` // The name of the placement group into which to launch your instances, if any. - // For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) - // in the Amazon Elastic Compute Cloud User Guide. PlacementGroup *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling @@ -9621,9 +9827,6 @@ type Group struct { TerminationPolicies []*string `type:"list"` // One or more subnet IDs, if applicable, separated by commas. - // - // If you specify VPCZoneIdentifier and AvailabilityZones, ensure that the Availability - // Zones of the subnets match the values for AvailabilityZones. VPCZoneIdentifier *string `min:"1" type:"string"` } @@ -9715,6 +9918,12 @@ func (s *Group) SetLoadBalancerNames(v []*string) *Group { return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *Group) SetMaxInstanceLifetime(v int64) *Group { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *Group) SetMaxSize(v int64) *Group { s.MaxSize = &v @@ -9809,6 +10018,9 @@ type Instance struct { // InstanceId is a required field InstanceId *string `min:"1" type:"string" required:"true"` + // The instance type of the EC2 instance. + InstanceType *string `min:"1" type:"string"` + // The launch configuration associated with the instance. LaunchConfigurationName *string `min:"1" type:"string"` @@ -9826,6 +10038,12 @@ type Instance struct { // // ProtectedFromScaleIn is a required field ProtectedFromScaleIn *bool `type:"boolean" required:"true"` + + // The number of capacity units contributed by the instance based on its instance + // type. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -9856,6 +10074,12 @@ func (s *Instance) SetInstanceId(v string) *Instance { return s } +// SetInstanceType sets the InstanceType field's value. +func (s *Instance) SetInstanceType(v string) *Instance { + s.InstanceType = &v + return s +} + // SetLaunchConfigurationName sets the LaunchConfigurationName field's value. func (s *Instance) SetLaunchConfigurationName(v string) *Instance { s.LaunchConfigurationName = &v @@ -9880,6 +10104,12 @@ func (s *Instance) SetProtectedFromScaleIn(v bool) *Instance { return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *Instance) SetWeightedCapacity(v string) *Instance { + s.WeightedCapacity = &v + return s +} + // Describes an EC2 instance associated with an Auto Scaling group. type InstanceDetails struct { _ struct{} `type:"structure"` @@ -9907,6 +10137,9 @@ type InstanceDetails struct { // InstanceId is a required field InstanceId *string `min:"1" type:"string" required:"true"` + // The instance type of the EC2 instance. + InstanceType *string `min:"1" type:"string"` + // The launch configuration used to launch the instance. This value is not available // if you attached the instance to the Auto Scaling group. LaunchConfigurationName *string `min:"1" type:"string"` @@ -9914,9 +10147,7 @@ type InstanceDetails struct { // The launch template for the instance. LaunchTemplate *LaunchTemplateSpecification `type:"structure"` - // The lifecycle state for the instance. For more information, see Auto Scaling - // Lifecycle (http://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroupLifecycle.html) - // in the Amazon EC2 Auto Scaling User Guide. + // The lifecycle state for the instance. // // LifecycleState is a required field LifecycleState *string `min:"1" type:"string" required:"true"` @@ -9926,6 +10157,12 @@ type InstanceDetails struct { // // ProtectedFromScaleIn is a required field ProtectedFromScaleIn *bool `type:"boolean" required:"true"` + + // The number of capacity units contributed by the instance based on its instance + // type. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -9962,6 +10199,12 @@ func (s *InstanceDetails) SetInstanceId(v string) *InstanceDetails { return s } +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceDetails) SetInstanceType(v string) *InstanceDetails { + s.InstanceType = &v + return s +} + // SetLaunchConfigurationName sets the LaunchConfigurationName field's value. func (s *InstanceDetails) SetLaunchConfigurationName(v string) *InstanceDetails { s.LaunchConfigurationName = &v @@ -9986,6 +10229,12 @@ func (s *InstanceDetails) SetProtectedFromScaleIn(v bool) *InstanceDetails { return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *InstanceDetails) SetWeightedCapacity(v string) *InstanceDetails { + s.WeightedCapacity = &v + return s +} + // Describes whether detailed monitoring is enabled for the Auto Scaling instances. type InstanceMonitoring struct { _ struct{} `type:"structure"` @@ -10014,14 +10263,23 @@ func (s *InstanceMonitoring) SetEnabled(v bool) *InstanceMonitoring { // // The instances distribution specifies the distribution of On-Demand Instances // and Spot Instances, the maximum price to pay for Spot Instances, and how -// the Auto Scaling group allocates instance types. +// the Auto Scaling group allocates instance types to fulfill On-Demand and +// Spot capacity. +// +// When you update SpotAllocationStrategy, SpotInstancePools, or SpotMaxPrice, +// this update action does not deploy any changes across the running Amazon +// EC2 instances in the group. Your existing Spot Instances continue to run +// as long as the maximum price for those instances is higher than the current +// Spot price. When scale out occurs, Amazon EC2 Auto Scaling launches instances +// based on the new settings. When scale in occurs, Amazon EC2 Auto Scaling +// terminates instances according to the group's termination policies. type InstancesDistribution struct { _ struct{} `type:"structure"` // Indicates how to allocate instance types to fulfill On-Demand capacity. // // The only valid value is prioritized, which is also the default value. This - // strategy uses the order of instance types in the Overrides array of LaunchTemplate + // strategy uses the order of instance type overrides for the LaunchTemplate // to define the launch priority of each instance type. The first instance type // in the array is prioritized higher than the last. If all your On-Demand capacity // cannot be fulfilled using your highest priority instance, then the Auto Scaling @@ -10033,37 +10291,61 @@ type InstancesDistribution struct { // by On-Demand Instances. This base portion is provisioned first as your group // scales. // - // The default value is 0. If you leave this parameter set to 0, On-Demand Instances - // are launched as a percentage of the Auto Scaling group's desired capacity, - // per the OnDemandPercentageAboveBaseCapacity setting. + // Default if not set is 0. If you leave it set to 0, On-Demand Instances are + // launched as a percentage of the Auto Scaling group's desired capacity, per + // the OnDemandPercentageAboveBaseCapacity setting. + // + // An update to this setting means a gradual replacement of instances to maintain + // the specified number of On-Demand Instances for your base capacity. When + // replacing instances, Amazon EC2 Auto Scaling launches new instances before + // terminating the old ones. OnDemandBaseCapacity *int64 `type:"integer"` // Controls the percentages of On-Demand Instances and Spot Instances for your // additional capacity beyond OnDemandBaseCapacity. // - // The range is 0–100. The default value is 100. If you leave this parameter - // set to 100, the percentages are 100% for On-Demand Instances and 0% for Spot - // Instances. + // Default if not set is 100. If you leave it set to 100, the percentages are + // 100% for On-Demand Instances and 0% for Spot Instances. + // + // An update to this setting means a gradual replacement of instances to maintain + // the percentage of On-Demand Instances for your additional capacity above + // the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches + // new instances before terminating the old ones. + // + // Valid Range: Minimum value of 0. Maximum value of 100. OnDemandPercentageAboveBaseCapacity *int64 `type:"integer"` - // Indicates how to allocate Spot capacity across Spot pools. + // Indicates how to allocate instances across Spot Instance pools. // - // The only valid value is lowest-price, which is also the default value. The - // Auto Scaling group selects the cheapest Spot pools and evenly allocates your - // Spot capacity across the number of Spot pools that you specify. + // If the allocation strategy is lowest-price, the Auto Scaling group launches + // instances using the Spot pools with the lowest price, and evenly allocates + // your instances across the number of Spot pools that you specify. If the allocation + // strategy is capacity-optimized, the Auto Scaling group launches instances + // using Spot pools that are optimally chosen based on the available Spot capacity. + // + // The default Spot allocation strategy for calls that you make through the + // API, the AWS CLI, or the AWS SDKs is lowest-price. The default Spot allocation + // strategy for the AWS Management Console is capacity-optimized. + // + // Valid values: lowest-price | capacity-optimized SpotAllocationStrategy *string `type:"string"` - // The number of Spot pools to use to allocate your Spot capacity. The Spot - // pools are determined from the different instance types in the Overrides array - // of LaunchTemplate. + // The number of Spot Instance pools across which to allocate your Spot Instances. + // The Spot pools are determined from the different instance types in the Overrides + // array of LaunchTemplate. Default if not set is 2. // - // The range is 1–20 and the default is 2. + // Used only when the Spot allocation strategy is lowest-price. + // + // Valid Range: Minimum value of 1. Maximum value of 20. SpotInstancePools *int64 `type:"integer"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. - // If you leave this value blank (which is the default), the maximum Spot price - // is set at the On-Demand price. - SpotMaxPrice *string `min:"1" type:"string"` + // If you leave the value of this parameter blank (which is the default), the + // maximum Spot price is set at the On-Demand price. + // + // To remove a value that you previously set, include the parameter but leave + // the value blank. + SpotMaxPrice *string `type:"string"` } // String returns the string representation @@ -10076,19 +10358,6 @@ func (s InstancesDistribution) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *InstancesDistribution) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "InstancesDistribution"} - if s.SpotMaxPrice != nil && len(*s.SpotMaxPrice) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SpotMaxPrice", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - // SetOnDemandAllocationStrategy sets the OnDemandAllocationStrategy field's value. func (s *InstancesDistribution) SetOnDemandAllocationStrategy(v string) *InstancesDistribution { s.OnDemandAllocationStrategy = &v @@ -10129,22 +10398,33 @@ func (s *InstancesDistribution) SetSpotMaxPrice(v string) *InstancesDistribution type LaunchConfiguration struct { _ struct{} `type:"structure"` - // [EC2-VPC] Indicates whether to assign a public IP address to each instance. + // For Auto Scaling groups that are running in a VPC, specifies whether to assign + // a public IP address to the group's instances. + // + // For more information, see Launching Auto Scaling Instances in a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) + // in the Amazon EC2 Auto Scaling User Guide. AssociatePublicIpAddress *bool `type:"boolean"` // A block device mapping, which specifies the block devices for the instance. + // + // For more information, see Block Device Mapping (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) + // in the Amazon EC2 User Guide for Linux Instances. BlockDeviceMappings []*BlockDeviceMapping `type:"list"` // The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to. - // This parameter can only be used if you are launching EC2-Classic instances. - // For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) - // in the Amazon Elastic Compute Cloud User Guide. + // + // For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) + // in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic + // Instances to a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-ClassicLink) + // in the Amazon EC2 Auto Scaling User Guide. ClassicLinkVPCId *string `min:"1" type:"string"` // The IDs of one or more security groups for the VPC specified in ClassicLinkVPCId. - // This parameter is required if you specify a ClassicLink-enabled VPC, and - // cannot be used otherwise. For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) - // in the Amazon Elastic Compute Cloud User Guide. + // + // For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) + // in the Amazon EC2 User Guide for Linux Instances and Linking EC2-Classic + // Instances to a VPC (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-ClassicLink) + // in the Amazon EC2 Auto Scaling User Guide. ClassicLinkVPCSecurityGroups []*string `type:"list"` // The creation date and time for the launch configuration. @@ -10152,24 +10432,44 @@ type LaunchConfiguration struct { // CreatedTime is a required field CreatedTime *time.Time `type:"timestamp" required:"true"` - // Controls whether the instance is optimized for EBS I/O (true) or not (false). + // Specifies whether the launch configuration is optimized for EBS I/O (true) + // or not (false). + // + // For more information, see Amazon EBS-Optimized Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) + // in the Amazon EC2 User Guide for Linux Instances. EbsOptimized *bool `type:"boolean"` - // The name or Amazon Resource Name (ARN) of the instance profile associated - // with the IAM role for the instance. + // The name or the Amazon Resource Name (ARN) of the instance profile associated + // with the IAM role for the instance. The instance profile contains the IAM + // role. + // + // For more information, see IAM Role for Applications That Run on Amazon EC2 + // Instances (https://docs.aws.amazon.com/autoscaling/ec2/userguide/us-iam-role.html) + // in the Amazon EC2 Auto Scaling User Guide. IamInstanceProfile *string `min:"1" type:"string"` - // The ID of the Amazon Machine Image (AMI). + // The ID of the Amazon Machine Image (AMI) to use to launch your EC2 instances. + // + // For more information, see Finding an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html) + // in the Amazon EC2 User Guide for Linux Instances. // // ImageId is a required field ImageId *string `min:"1" type:"string" required:"true"` // Controls whether instances in this group are launched with detailed (true) // or basic (false) monitoring. + // + // For more information, see Configure Monitoring for Auto Scaling Instances + // (https://docs.aws.amazon.com/autoscaling/latest/userguide/as-instance-monitoring.html#enable-as-instance-metrics) + // in the Amazon EC2 Auto Scaling User Guide. InstanceMonitoring *InstanceMonitoring `type:"structure"` // The instance type for the instances. // + // For information about available instance types, see Available Instance Types + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) + // in the Amazon EC2 User Guide for Linux Instances. + // // InstanceType is a required field InstanceType *string `min:"1" type:"string" required:"true"` @@ -10177,6 +10477,9 @@ type LaunchConfiguration struct { KernelId *string `min:"1" type:"string"` // The name of the key pair. + // + // For more information, see Amazon EC2 Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) + // in the Amazon EC2 User Guide for Linux Instances. KeyName *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of the launch configuration. @@ -10188,20 +10491,36 @@ type LaunchConfiguration struct { LaunchConfigurationName *string `min:"1" type:"string" required:"true"` // The tenancy of the instance, either default or dedicated. An instance with - // dedicated tenancy runs in an isolated, single-tenant hardware and can only - // be launched into a VPC. + // dedicated tenancy runs on isolated, single-tenant hardware and can only be + // launched into a VPC. + // + // For more information, see Instance Placement Tenancy (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html#as-vpc-tenancy) + // in the Amazon EC2 Auto Scaling User Guide. PlacementTenancy *string `min:"1" type:"string"` // The ID of the RAM disk associated with the AMI. RamdiskId *string `min:"1" type:"string"` - // The security groups to associate with the instances. + // A list that contains the security groups to assign to the instances in the + // Auto Scaling group. + // + // For more information, see Security Groups for Your VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) + // in the Amazon Virtual Private Cloud User Guide. SecurityGroups []*string `type:"list"` - // The price to bid when launching Spot Instances. + // The maximum hourly price to be paid for any Spot Instance launched to fulfill + // the request. Spot Instances are launched when the price you specify exceeds + // the current Spot price. + // + // For more information, see Launching Spot Instances in Your Auto Scaling Group + // (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-launch-spot-instances.html) + // in the Amazon EC2 Auto Scaling User Guide. SpotPrice *string `min:"1" type:"string"` - // The user data available to the instances. + // The Base64-encoded user data to make available to the launched EC2 instances. + // + // For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // in the Amazon EC2 User Guide for Linux Instances. UserData *string `type:"string"` } @@ -10334,6 +10653,11 @@ func (s *LaunchConfiguration) SetUserData(v string) *LaunchConfiguration { // The overrides are used to override the instance type specified by the launch // template with multiple instance types that can be used to launch On-Demand // Instances and Spot Instances. +// +// When you update the launch template or overrides, existing Amazon EC2 instances +// continue to run. When scale out occurs, Amazon EC2 Auto Scaling launches +// instances to match the new settings. When scale in occurs, Amazon EC2 Auto +// Scaling terminates instances according to the group's termination policies. type LaunchTemplate struct { _ struct{} `type:"structure"` @@ -10341,10 +10665,9 @@ type LaunchTemplate struct { // or launch template name in the request. LaunchTemplateSpecification *LaunchTemplateSpecification `type:"structure"` - // Any parameters that you specify override the same parameters in the launch - // template. Currently, the only supported override is instance type. - // - // You must specify between 2 and 20 overrides. + // An optional setting. Any parameters that you specify override the same parameters + // in the launch template. Currently, the only supported override is instance + // type. You can specify between 1 and 20 instance types. Overrides []*LaunchTemplateOverrides `type:"list"` } @@ -10402,9 +10725,18 @@ type LaunchTemplateOverrides struct { // The instance type. // // For information about available instance types, see Available Instance Types - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) // in the Amazon Elastic Compute Cloud User Guide. InstanceType *string `min:"1" type:"string"` + + // The number of capacity units, which gives the instance type a proportional + // weight to other instance types. For example, larger instance types are generally + // weighted more than smaller instance types. These are the same units that + // you chose to set the desired capacity in terms of instances, or a performance + // attribute such as vCPUs, memory, or I/O. + // + // Valid Range: Minimum value of 1. Maximum value of 999. + WeightedCapacity *string `min:"1" type:"string"` } // String returns the string representation @@ -10423,6 +10755,9 @@ func (s *LaunchTemplateOverrides) Validate() error { if s.InstanceType != nil && len(*s.InstanceType) < 1 { invalidParams.Add(request.NewErrParamMinLen("InstanceType", 1)) } + if s.WeightedCapacity != nil && len(*s.WeightedCapacity) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WeightedCapacity", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -10436,11 +10771,17 @@ func (s *LaunchTemplateOverrides) SetInstanceType(v string) *LaunchTemplateOverr return s } +// SetWeightedCapacity sets the WeightedCapacity field's value. +func (s *LaunchTemplateOverrides) SetWeightedCapacity(v string) *LaunchTemplateOverrides { + s.WeightedCapacity = &v + return s +} + // Describes a launch template and the launch template version. // // The launch template that is specified must be configured for use with an // Auto Scaling group. For more information, see Creating a Launch Template -// for an Auto Scaling group (http://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) +// for an Auto Scaling Group (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) // in the Amazon EC2 Auto Scaling User Guide. type LaunchTemplateSpecification struct { _ struct{} `type:"structure"` @@ -10509,11 +10850,8 @@ func (s *LaunchTemplateSpecification) SetVersion(v string) *LaunchTemplateSpecif } // Describes a lifecycle hook, which tells Amazon EC2 Auto Scaling that you -// want to perform an action whenever it launches instances or whenever it terminates -// instances. -// -// For more information, see Lifecycle Hooks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) -// in the Amazon EC2 Auto Scaling User Guide. +// want to perform an action whenever it launches instances or terminates instances. +// Used in response to DescribeLifecycleHooks. type LifecycleHook struct { _ struct{} `type:"structure"` @@ -10521,8 +10859,8 @@ type LifecycleHook struct { AutoScalingGroupName *string `min:"1" type:"string"` // Defines the action the Auto Scaling group should take when the lifecycle - // hook timeout elapses or if an unexpected failure occurs. The valid values - // are CONTINUE and ABANDON. The default value is CONTINUE. + // hook timeout elapses or if an unexpected failure occurs. The possible values + // are CONTINUE and ABANDON. DefaultResult *string `type:"string"` // The maximum time, in seconds, that an instance can remain in a Pending:Wait @@ -10532,8 +10870,7 @@ type LifecycleHook struct { // The maximum time, in seconds, that can elapse before the lifecycle hook times // out. If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the - // default action. You can prevent the lifecycle hook from timing out by calling - // RecordLifecycleActionHeartbeat. + // action that you specified in the DefaultResult parameter. HeartbeatTimeout *int64 `type:"integer"` // The name of the lifecycle hook. @@ -10547,8 +10884,8 @@ type LifecycleHook struct { // * autoscaling:EC2_INSTANCE_TERMINATING LifecycleTransition *string `type:"string"` - // Additional information that you want to include any time Amazon EC2 Auto - // Scaling sends a message to the notification target. + // Additional information that is included any time Amazon EC2 Auto Scaling + // sends a message to the notification target. NotificationMetadata *string `min:"1" type:"string"` // The ARN of the target that Amazon EC2 Auto Scaling sends notifications to @@ -10625,24 +10962,53 @@ func (s *LifecycleHook) SetRoleARN(v string) *LifecycleHook { return s } -// Describes a lifecycle hook, which tells Amazon EC2 Auto Scaling that you -// want to perform an action whenever it launches instances or whenever it terminates +// Describes a lifecycle hook. Used in combination with CreateAutoScalingGroup. +// +// A lifecycle hook tells Amazon EC2 Auto Scaling to perform an action on an +// instance when the instance launches (before it is put into service) or as +// the instance terminates (before it is fully terminated). +// +// This step is a part of the procedure for creating a lifecycle hook for an +// Auto Scaling group: +// +// (Optional) Create a Lambda function and a rule that allows CloudWatch Events +// to invoke your Lambda function when Amazon EC2 Auto Scaling launches or terminates // instances. // -// For more information, see Lifecycle Hooks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) +// (Optional) Create a notification target and an IAM role. The target can be +// either an Amazon SQS queue or an Amazon SNS topic. The role allows Amazon +// EC2 Auto Scaling to publish lifecycle notifications to the target. +// +// Create the lifecycle hook. Specify whether the hook is used when the instances +// launch or terminate. +// +// If you need more time, record the lifecycle action heartbeat to keep the +// instance in a pending state using RecordLifecycleActionHeartbeat. +// +// If you finish before the timeout period ends, complete the lifecycle action +// using CompleteLifecycleAction. +// +// For more information, see Amazon EC2 Auto Scaling Lifecycle Hooks (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) // in the Amazon EC2 Auto Scaling User Guide. +// +// You can view the lifecycle hooks for an Auto Scaling group using DescribeLifecycleHooks. +// You can modify an existing lifecycle hook or create new lifecycle hooks using +// PutLifecycleHook. If you are no longer using a lifecycle hook, you can delete +// it using DeleteLifecycleHook. type LifecycleHookSpecification struct { _ struct{} `type:"structure"` // Defines the action the Auto Scaling group should take when the lifecycle // hook timeout elapses or if an unexpected failure occurs. The valid values - // are CONTINUE and ABANDON. + // are CONTINUE and ABANDON. The default value is ABANDON. DefaultResult *string `type:"string"` // The maximum time, in seconds, that can elapse before the lifecycle hook times - // out. If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the - // default action. You can prevent the lifecycle hook from timing out by calling - // RecordLifecycleActionHeartbeat. + // out. + // + // If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action + // that you specified in the DefaultResult parameter. You can prevent the lifecycle + // hook from timing out by calling RecordLifecycleActionHeartbeat. HeartbeatTimeout *int64 `type:"integer"` // The name of the lifecycle hook. @@ -10651,7 +11017,7 @@ type LifecycleHookSpecification struct { LifecycleHookName *string `min:"1" type:"string" required:"true"` // The state of the EC2 instance to which you want to attach the lifecycle hook. - // The possible values are: + // The valid values are: // // * autoscaling:EC2_INSTANCE_LAUNCHING // @@ -10670,7 +11036,8 @@ type LifecycleHookSpecification struct { NotificationTargetARN *string `type:"string"` // The ARN of the IAM role that allows the Auto Scaling group to publish to - // the specified notification target. + // the specified notification target, for example, an Amazon SNS topic or an + // Amazon SQS queue. RoleARN *string `min:"1" type:"string"` } @@ -10985,25 +11352,26 @@ func (s *MetricGranularityType) SetGranularity(v string) *MetricGranularityType // Describes a mixed instances policy for an Auto Scaling group. With mixed // instances, your Auto Scaling group can provision a combination of On-Demand // Instances and Spot Instances across multiple instance types. For more information, -// see Using Multiple Instance Types and Purchase Options (http://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroup.html#asg-purchase-options) +// see Auto Scaling Groups with Multiple Instance Types and Purchase Options +// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html) // in the Amazon EC2 Auto Scaling User Guide. // -// When you create your Auto Scaling group, you can specify a launch configuration -// or template as a parameter for the top-level object, or you can specify a -// mixed instances policy, but not both at the same time. +// You can create a mixed instances policy for a new Auto Scaling group, or +// you can create it for an existing group by updating the group to specify +// MixedInstancesPolicy as the top-level parameter instead of a launch configuration +// or template. For more information, see CreateAutoScalingGroup and UpdateAutoScalingGroup. type MixedInstancesPolicy struct { _ struct{} `type:"structure"` // The instances distribution to use. // - // If you leave this parameter unspecified when creating the group, the default - // values are used. + // If you leave this parameter unspecified, the value for each parameter in + // InstancesDistribution uses a default value. InstancesDistribution *InstancesDistribution `type:"structure"` - // The launch template and overrides. + // The launch template and instance types (overrides). // - // This parameter is required when creating an Auto Scaling group with a mixed - // instances policy, but is not required when updating the group. + // This parameter must be specified when creating a mixed instances policy. LaunchTemplate *LaunchTemplate `type:"structure"` } @@ -11020,11 +11388,6 @@ func (s MixedInstancesPolicy) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *MixedInstancesPolicy) Validate() error { invalidParams := request.ErrInvalidParams{Context: "MixedInstancesPolicy"} - if s.InstancesDistribution != nil { - if err := s.InstancesDistribution.Validate(); err != nil { - invalidParams.AddNested("InstancesDistribution", err.(request.ErrInvalidParams)) - } - } if s.LaunchTemplate != nil { if err := s.LaunchTemplate.Validate(); err != nil { invalidParams.AddNested("LaunchTemplate", err.(request.ErrInvalidParams)) @@ -11102,17 +11465,12 @@ func (s *NotificationConfiguration) SetTopicARN(v string) *NotificationConfigura return s } -// Configures a predefined metric for a target tracking policy. +// Represents a predefined metric for a target tracking scaling policy to use +// with Amazon EC2 Auto Scaling. type PredefinedMetricSpecification struct { _ struct{} `type:"structure"` - // The metric type. - // - // PredefinedMetricType is a required field - PredefinedMetricType *string `type:"string" required:"true" enum:"MetricType"` - - // Identifies the resource associated with the metric type. The following predefined - // metrics are available: + // The metric type. The following predefined metrics are available: // // * ASGAverageCPUUtilization - Average CPU utilization of the Auto Scaling // group. @@ -11126,15 +11484,21 @@ type PredefinedMetricSpecification struct { // * ALBRequestCountPerTarget - Number of requests completed per target in // an Application Load Balancer target group. // - // For predefined metric types ASGAverageCPUUtilization, ASGAverageNetworkIn, - // and ASGAverageNetworkOut, the parameter must not be specified as the resource - // associated with the metric type is the Auto Scaling group. For predefined - // metric type ALBRequestCountPerTarget, the parameter must be specified in - // the format: app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id, - // where app/load-balancer-name/load-balancer-id is the final portion of the - // load balancer ARN, and targetgroup/target-group-name/target-group-id is the - // final portion of the target group ARN. The target group must be attached - // to the Auto Scaling group. + // PredefinedMetricType is a required field + PredefinedMetricType *string `type:"string" required:"true" enum:"MetricType"` + + // Identifies the resource associated with the metric type. You can't specify + // a resource label unless the metric type is ALBRequestCountPerTarget and there + // is a target group attached to the Auto Scaling group. + // + // The format is app/load-balancer-name/load-balancer-id/targetgroup/target-group-name/target-group-id + // , where + // + // * app/load-balancer-name/load-balancer-id is the final portion of the + // load balancer ARN, and + // + // * targetgroup/target-group-name/target-group-id is the final portion of + // the target group ARN. ResourceLabel *string `min:"1" type:"string"` } @@ -11178,7 +11542,7 @@ func (s *PredefinedMetricSpecification) SetResourceLabel(v string) *PredefinedMe // Describes a process type. // -// For more information, see Scaling Processes (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html#process-types) +// For more information, see Scaling Processes (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html#process-types) // in the Amazon EC2 Auto Scaling User Guide. type ProcessType struct { _ struct{} `type:"structure"` @@ -11235,11 +11599,12 @@ type PutLifecycleHookInput struct { DefaultResult *string `type:"string"` // The maximum time, in seconds, that can elapse before the lifecycle hook times - // out. The range is from 30 to 7200 seconds. The default is 3600 seconds (1 - // hour). + // out. The range is from 30 to 7200 seconds. The default value is 3600 seconds + // (1 hour). // - // If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the default - // action. You can prevent the lifecycle hook from timing out by calling RecordLifecycleActionHeartbeat. + // If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action + // that you specified in the DefaultResult parameter. You can prevent the lifecycle + // hook from timing out by calling RecordLifecycleActionHeartbeat. HeartbeatTimeout *int64 `type:"integer"` // The name of the lifecycle hook. @@ -11247,25 +11612,26 @@ type PutLifecycleHookInput struct { // LifecycleHookName is a required field LifecycleHookName *string `min:"1" type:"string" required:"true"` - // The instance state to which you want to attach the lifecycle hook. The possible + // The instance state to which you want to attach the lifecycle hook. The valid // values are: // // * autoscaling:EC2_INSTANCE_LAUNCHING // // * autoscaling:EC2_INSTANCE_TERMINATING // - // This parameter is required for new lifecycle hooks, but optional when updating - // existing hooks. + // Conditional: This parameter is required for new lifecycle hooks, but optional + // when updating existing hooks. LifecycleTransition *string `type:"string"` - // Contains additional information that you want to include any time Amazon - // EC2 Auto Scaling sends a message to the notification target. + // Additional information that you want to include any time Amazon EC2 Auto + // Scaling sends a message to the notification target. NotificationMetadata *string `min:"1" type:"string"` // The ARN of the notification target that Amazon EC2 Auto Scaling uses to notify // you when an instance is in the transition state for the lifecycle hook. This - // target can be either an SQS queue or an SNS topic. If you specify an empty - // string, this overrides the current ARN. + // target can be either an SQS queue or an SNS topic. + // + // If you specify an empty string, this overrides the current ARN. // // This operation uses the JSON format when sending notifications to an Amazon // SQS queue, and an email key-value pair format when sending notifications @@ -11277,10 +11643,11 @@ type PutLifecycleHookInput struct { NotificationTargetARN *string `type:"string"` // The ARN of the IAM role that allows the Auto Scaling group to publish to - // the specified notification target. + // the specified notification target, for example, an Amazon SNS topic or an + // Amazon SQS queue. // - // This parameter is required for new lifecycle hooks, but optional when updating - // existing hooks. + // Conditional: This parameter is required for new lifecycle hooks, but optional + // when updating existing hooks. RoleARN *string `min:"1" type:"string"` } @@ -11475,12 +11842,12 @@ func (s PutNotificationConfigurationOutput) GoString() string { type PutScalingPolicyInput struct { _ struct{} `type:"structure"` - // The adjustment type. The valid values are ChangeInCapacity, ExactCapacity, - // and PercentChangeInCapacity. + // Specifies whether the ScalingAdjustment parameter is an absolute number or + // a percentage of the current capacity. The valid values are ChangeInCapacity, + // ExactCapacity, and PercentChangeInCapacity. // - // This parameter is supported if the policy type is SimpleScaling or StepScaling. - // - // For more information, see Dynamic Scaling (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scale-based-on-demand.html) + // Valid only if the policy type is StepScaling or SimpleScaling. For more information, + // see Scaling Adjustment Types (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-adjustment) // in the Amazon EC2 Auto Scaling User Guide. AdjustmentType *string `min:"1" type:"string"` @@ -11489,13 +11856,12 @@ type PutScalingPolicyInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The amount of time, in seconds, after a scaling activity completes and before - // the next scaling activity can start. If this parameter is not specified, - // the default cooldown period for the group applies. + // The amount of time, in seconds, after a scaling activity completes before + // any further dynamic scaling activities can start. If this parameter is not + // specified, the default cooldown period for the group applies. // - // This parameter is supported if the policy type is SimpleScaling. - // - // For more information, see Scaling Cooldowns (http://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // Valid only if the policy type is SimpleScaling. For more information, see + // Scaling Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. Cooldown *int64 `type:"integer"` @@ -11503,14 +11869,14 @@ type PutScalingPolicyInput struct { // to the CloudWatch metrics. The default is to use the value specified for // the default cooldown period for the group. // - // This parameter is supported if the policy type is StepScaling or TargetTrackingScaling. + // Valid only if the policy type is StepScaling or TargetTrackingScaling. EstimatedInstanceWarmup *int64 `type:"integer"` // The aggregation type for the CloudWatch metrics. The valid values are Minimum, // Maximum, and Average. If the aggregation type is null, the value is treated // as Average. // - // This parameter is supported if the policy type is StepScaling. + // Valid only if the policy type is StepScaling. MetricAggregationType *string `min:"1" type:"string"` // The minimum number of instances to scale. If the value of AdjustmentType @@ -11518,7 +11884,14 @@ type PutScalingPolicyInput struct { // of the Auto Scaling group by at least this many instances. Otherwise, the // error is ValidationError. // - // This parameter is supported if the policy type is SimpleScaling or StepScaling. + // This property replaces the MinAdjustmentStep property. For example, suppose + // that you create a step scaling policy to scale out an Auto Scaling group + // by 25 percent and you specify a MinAdjustmentMagnitude of 2. If the group + // has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. + // However, because you specified a MinAdjustmentMagnitude of 2, Amazon EC2 + // Auto Scaling scales out the group by 2 instances. + // + // Valid only if the policy type is SimpleScaling or StepScaling. MinAdjustmentMagnitude *int64 `type:"integer"` // Available for backward compatibility. Use MinAdjustmentMagnitude instead. @@ -11533,25 +11906,32 @@ type PutScalingPolicyInput struct { // If the policy type is null, the value is treated as SimpleScaling. PolicyType *string `min:"1" type:"string"` - // The amount by which to scale, based on the specified adjustment type. A positive - // value adds to the current capacity while a negative number removes from the - // current capacity. + // The amount by which a simple scaling policy scales the Auto Scaling group + // in response to an alarm breach. The adjustment is based on the value that + // you specified in the AdjustmentType parameter (either an absolute number + // or a percentage). A positive value adds to the current capacity and a negative + // value subtracts from the current capacity. For exact capacity, you must specify + // a positive value. // - // This parameter is required if the policy type is SimpleScaling and not supported - // otherwise. + // Conditional: If you specify SimpleScaling for the policy type, you must specify + // this parameter. (Not used with any other policy type.) ScalingAdjustment *int64 `type:"integer"` // A set of adjustments that enable you to scale based on the size of the alarm // breach. // - // This parameter is required if the policy type is StepScaling and not supported - // otherwise. + // Conditional: If you specify StepScaling for the policy type, you must specify + // this parameter. (Not used with any other policy type.) StepAdjustments []*StepAdjustment `type:"list"` - // A target tracking policy. + // A target tracking scaling policy. Includes support for predefined or customized + // metrics. // - // This parameter is required if the policy type is TargetTrackingScaling and - // not supported otherwise. + // For more information, see TargetTrackingConfiguration (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_TargetTrackingConfiguration.html) + // in the Amazon EC2 Auto Scaling API Reference. + // + // Conditional: If you specify TargetTrackingScaling for the policy type, you + // must specify this parameter. (Not used with any other policy type.) TargetTrackingConfiguration *TargetTrackingConfiguration `type:"structure"` } @@ -11687,7 +12067,7 @@ func (s *PutScalingPolicyInput) SetTargetTrackingConfiguration(v *TargetTracking type PutScalingPolicyOutput struct { _ struct{} `type:"structure"` - // The CloudWatch alarms created for the target tracking policy. + // The CloudWatch alarms created for the target tracking scaling policy. Alarms []*Alarm `type:"list"` // The Amazon Resource Name (ARN) of the policy. @@ -11724,21 +12104,27 @@ type PutScheduledUpdateGroupActionInput struct { // AutoScalingGroupName is a required field AutoScalingGroupName *string `min:"1" type:"string" required:"true"` - // The number of EC2 instances that should be running in the group. + // The number of EC2 instances that should be running in the Auto Scaling group. DesiredCapacity *int64 `type:"integer"` - // The time for the recurring schedule to end. Amazon EC2 Auto Scaling does - // not perform the action after this time. + // The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling + // does not perform the action after this time. EndTime *time.Time `type:"timestamp"` - // The maximum size for the Auto Scaling group. + // The maximum number of instances in the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum size for the Auto Scaling group. + // The minimum number of instances in the Auto Scaling group. MinSize *int64 `type:"integer"` - // The recurring schedule for this action, in Unix cron syntax format. For more - // information about this format, see Crontab (http://crontab.org). + // The recurring schedule for this action, in Unix cron syntax format. This + // format consists of five fields separated by white spaces: [Minute] [Hour] + // [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes + // (for example, "30 0 1 1,6,12 *"). For more information about this format, + // see Crontab (http://crontab.org). + // + // When StartTime and EndTime are specified with Recurrence, they form the boundaries + // of when the recurring action starts and stops. Recurrence *string `min:"1" type:"string"` // The name of this scaling action. @@ -11746,8 +12132,8 @@ type PutScheduledUpdateGroupActionInput struct { // ScheduledActionName is a required field ScheduledActionName *string `min:"1" type:"string" required:"true"` - // The time for this action to start, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT - // only (for example, 2014-06-01T00:00:00Z). + // The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format + // in UTC/GMT only and in quotes (for example, "2019-06-01T00:00:00Z"). // // If you specify Recurrence and StartTime, Amazon EC2 Auto Scaling performs // the action at this time, and then performs the action based on the specified @@ -11757,7 +12143,7 @@ type PutScheduledUpdateGroupActionInput struct { // an error message. StartTime *time.Time `type:"timestamp"` - // This parameter is deprecated. + // This parameter is no longer used. Time *time.Time `type:"timestamp"` } @@ -11981,7 +12367,7 @@ type ScalingPolicy struct { _ struct{} `type:"structure"` // The adjustment type, which specifies how ScalingAdjustment is interpreted. - // Valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. + // The valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. AdjustmentType *string `min:"1" type:"string"` // The CloudWatch alarms related to the policy. @@ -11998,7 +12384,7 @@ type ScalingPolicy struct { // to the CloudWatch metrics. EstimatedInstanceWarmup *int64 `type:"integer"` - // The aggregation type for the CloudWatch metrics. Valid values are Minimum, + // The aggregation type for the CloudWatch metrics. The valid values are Minimum, // Maximum, and Average. MetricAggregationType *string `min:"1" type:"string"` @@ -12017,7 +12403,7 @@ type ScalingPolicy struct { // The name of the scaling policy. PolicyName *string `min:"1" type:"string"` - // The policy type. Valid values are SimpleScaling and StepScaling. + // The policy type. The valid values are SimpleScaling, StepScaling, and TargetTrackingScaling. PolicyType *string `min:"1" type:"string"` // The amount by which to scale, based on the specified adjustment type. A positive @@ -12029,7 +12415,7 @@ type ScalingPolicy struct { // breach. StepAdjustments []*StepAdjustment `type:"list"` - // A target tracking policy. + // A target tracking scaling policy. TargetTrackingConfiguration *TargetTrackingConfiguration `type:"structure"` } @@ -12204,17 +12590,20 @@ type ScheduledUpdateGroupAction struct { // The number of instances you prefer to maintain in the group. DesiredCapacity *int64 `type:"integer"` - // The date and time that the action is scheduled to end. This date and time - // can be up to one month in the future. + // The date and time in UTC for the recurring schedule to end. For example, + // "2019-06-01T00:00:00Z". EndTime *time.Time `type:"timestamp"` - // The maximum size of the group. + // The maximum number of instances in the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum size of the group. + // The minimum number of instances in the Auto Scaling group. MinSize *int64 `type:"integer"` - // The recurring schedule for the action. + // The recurring schedule for the action, in Unix cron syntax format. + // + // When StartTime and EndTime are specified with Recurrence, they form the boundaries + // of when the recurring action starts and stops. Recurrence *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of the scheduled action. @@ -12223,14 +12612,10 @@ type ScheduledUpdateGroupAction struct { // The name of the scheduled action. ScheduledActionName *string `min:"1" type:"string"` - // The date and time that the action is scheduled to begin. This date and time - // can be up to one month in the future. - // - // When StartTime and EndTime are specified with Recurrence, they form the boundaries - // of when the recurring action starts and stops. + // The date and time in UTC for this action to start. For example, "2019-06-01T00:00:00Z". StartTime *time.Time `type:"timestamp"` - // This parameter is deprecated. + // This parameter is no longer used. Time *time.Time `type:"timestamp"` } @@ -12315,18 +12700,23 @@ type ScheduledUpdateGroupActionRequest struct { // The number of EC2 instances that should be running in the group. DesiredCapacity *int64 `type:"integer"` - // The time for the recurring schedule to end. Amazon EC2 Auto Scaling does - // not perform the action after this time. + // The date and time for the recurring schedule to end. Amazon EC2 Auto Scaling + // does not perform the action after this time. EndTime *time.Time `type:"timestamp"` - // The maximum size of the group. + // The maximum number of instances in the Auto Scaling group. MaxSize *int64 `type:"integer"` - // The minimum size of the group. + // The minimum number of instances in the Auto Scaling group. MinSize *int64 `type:"integer"` - // The recurring schedule for the action, in Unix cron syntax format. For more - // information about this format, see Crontab (http://crontab.org). + // The recurring schedule for the action, in Unix cron syntax format. This format + // consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] + // [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, + // "30 0 1 1,6,12 *"). For more information about this format, see Crontab (http://crontab.org). + // + // When StartTime and EndTime are specified with Recurrence, they form the boundaries + // of when the recurring action starts and stops. Recurrence *string `min:"1" type:"string"` // The name of the scaling action. @@ -12334,8 +12724,8 @@ type ScheduledUpdateGroupActionRequest struct { // ScheduledActionName is a required field ScheduledActionName *string `min:"1" type:"string" required:"true"` - // The time for the action to start, in "YYYY-MM-DDThh:mm:ssZ" format in UTC/GMT - // only (for example, 2014-06-01T00:00:00Z). + // The date and time for the action to start, in YYYY-MM-DDThh:mm:ssZ format + // in UTC/GMT only and in quotes (for example, "2019-06-01T00:00:00Z"). // // If you specify Recurrence and StartTime, Amazon EC2 Auto Scaling performs // the action at this time, and then performs the action based on the specified @@ -12672,7 +13062,7 @@ func (s SetInstanceProtectionOutput) GoString() string { // Describes an adjustment based on the difference between the value of the // aggregated CloudWatch metric and the breach threshold that you've defined -// for the alarm. +// for the alarm. Used in combination with PutScalingPolicy. // // For the following examples, suppose that you have an alarm with a breach // threshold of 50: @@ -12955,20 +13345,22 @@ func (s *TagDescription) SetValue(v string) *TagDescription { return s } -// Represents a target tracking policy configuration. +// Represents a target tracking scaling policy configuration to use with Amazon +// EC2 Auto Scaling. type TargetTrackingConfiguration struct { _ struct{} `type:"structure"` - // A customized metric. + // A customized metric. You must specify either a predefined metric or a customized + // metric. CustomizedMetricSpecification *CustomizedMetricSpecification `type:"structure"` - // Indicates whether scaling in by the target tracking policy is disabled. If - // scaling in is disabled, the target tracking policy doesn't remove instances - // from the Auto Scaling group. Otherwise, the target tracking policy can remove - // instances from the Auto Scaling group. The default is disabled. + // Indicates whether scaling in by the target tracking scaling policy is disabled. + // If scaling in is disabled, the target tracking scaling policy doesn't remove + // instances from the Auto Scaling group. Otherwise, the target tracking scaling + // policy can remove instances from the Auto Scaling group. The default is false. DisableScaleIn *bool `type:"boolean"` - // A predefined metric. You can specify either a predefined metric or a customized + // A predefined metric. You must specify either a predefined metric or a customized // metric. PredefinedMetricSpecification *PredefinedMetricSpecification `type:"structure"` @@ -13126,9 +13518,12 @@ type UpdateAutoScalingGroupInput struct { AvailabilityZones []*string `min:"1" type:"list"` // The amount of time, in seconds, after a scaling activity completes before - // another scaling activity can start. The default is 300. + // another scaling activity can start. The default value is 300. This cooldown + // period is not used when a scaling-specific cooldown is specified. // - // For more information, see Scaling Cooldowns (http://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) + // Cooldown periods are not supported for target tracking scaling policies, + // step scaling policies, or scheduled scaling. For more information, see Scaling + // Cooldowns (https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html) // in the Amazon EC2 Auto Scaling User Guide. DefaultCooldown *int64 `type:"integer"` @@ -13139,45 +13534,73 @@ type UpdateAutoScalingGroupInput struct { // The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before // checking the health status of an EC2 instance that has come into service. - // The default is 0. + // The default value is 0. // - // For more information, see Health Checks (http://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) + // For more information, see Health Check Grace Period (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html#health-check-grace-period) // in the Amazon EC2 Auto Scaling User Guide. + // + // Conditional: This parameter is required if you are adding an ELB health check. HealthCheckGracePeriod *int64 `type:"integer"` // The service to use for the health checks. The valid values are EC2 and ELB. + // If you configure an Auto Scaling group to use ELB health checks, it considers + // the instance unhealthy if it fails either the EC2 status checks or the load + // balancer health checks. HealthCheckType *string `min:"1" type:"string"` - // The name of the launch configuration. If you specify this parameter, you - // can't specify a launch template or a mixed instances policy. + // The name of the launch configuration. If you specify LaunchConfigurationName + // in your update request, you can't specify LaunchTemplate or MixedInstancesPolicy. LaunchConfigurationName *string `min:"1" type:"string"` // The launch template and version to use to specify the updates. If you specify - // this parameter, you can't specify a launch configuration or a mixed instances - // policy. + // LaunchTemplate in your update request, you can't specify LaunchConfigurationName + // or MixedInstancesPolicy. + // + // For more information, see LaunchTemplateSpecification (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_LaunchTemplateSpecification.html) + // in the Amazon EC2 Auto Scaling API Reference. LaunchTemplate *LaunchTemplateSpecification `type:"structure"` + // The maximum amount of time, in seconds, that an instance can be in service. + // + // Valid Range: Minimum value of 604800. + MaxInstanceLifetime *int64 `type:"integer"` + // The maximum size of the Auto Scaling group. MaxSize *int64 `type:"integer"` // The minimum size of the Auto Scaling group. MinSize *int64 `type:"integer"` - // The mixed instances policy to use to specify the updates. If you specify - // this parameter, you can't specify a launch configuration or a launch template. + // An embedded object that specifies a mixed instances policy. + // + // In your call to UpdateAutoScalingGroup, you can make changes to the policy + // that is specified. All optional parameters are left unchanged if not specified. + // + // For more information, see MixedInstancesPolicy (https://docs.aws.amazon.com/autoscaling/ec2/APIReference/API_MixedInstancesPolicy.html) + // in the Amazon EC2 Auto Scaling API Reference and Auto Scaling Groups with + // Multiple Instance Types and Purchase Options (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html) + // in the Amazon EC2 Auto Scaling User Guide. MixedInstancesPolicy *MixedInstancesPolicy `type:"structure"` // Indicates whether newly launched instances are protected from termination - // by Auto Scaling when scaling in. + // by Amazon EC2 Auto Scaling when scaling in. + // + // For more information about preventing instances from terminating on scale + // in, see Instance Protection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) + // in the Amazon EC2 Auto Scaling User Guide. NewInstancesProtectedFromScaleIn *bool `type:"boolean"` // The name of the placement group into which to launch your instances, if any. - // For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) - // in the Amazon Elastic Compute Cloud User Guide. + // A placement group is a logical grouping of instances within a single Availability + // Zone. You cannot specify multiple Availability Zones and a placement group. + // For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) + // in the Amazon EC2 User Guide for Linux Instances. PlacementGroup *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling - // group uses to call other AWS services on your behalf. + // group uses to call other AWS services on your behalf. For more information, + // see Service-Linked Roles (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-service-linked-role.html) + // in the Amazon EC2 Auto Scaling User Guide. ServiceLinkedRoleARN *string `min:"1" type:"string"` // A standalone termination policy or a list of termination policies used to @@ -13185,18 +13608,14 @@ type UpdateAutoScalingGroupInput struct { // that they are listed. // // For more information, see Controlling Which Instances Auto Scaling Terminates - // During Scale In (http://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) - // in the Auto Scaling User Guide. + // During Scale In (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html) + // in the Amazon EC2 Auto Scaling User Guide. TerminationPolicies []*string `type:"list"` - // The ID of the subnet, if you are launching into a VPC. You can specify several - // subnets in a comma-separated list. + // A comma-separated list of subnet IDs for virtual private cloud (VPC). // - // When you specify VPCZoneIdentifier with AvailabilityZones, ensure that the - // subnets' Availability Zones match the values you specify for AvailabilityZones. - // - // For more information, see Launching Auto Scaling Instances in a VPC (http://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) - // in the Amazon EC2 Auto Scaling User Guide. + // If you specify VPCZoneIdentifier with AvailabilityZones, the subnets that + // you specify for this parameter must reside in those Availability Zones. VPCZoneIdentifier *string `min:"1" type:"string"` } @@ -13302,6 +13721,12 @@ func (s *UpdateAutoScalingGroupInput) SetLaunchTemplate(v *LaunchTemplateSpecifi return s } +// SetMaxInstanceLifetime sets the MaxInstanceLifetime field's value. +func (s *UpdateAutoScalingGroupInput) SetMaxInstanceLifetime(v int64) *UpdateAutoScalingGroupInput { + s.MaxInstanceLifetime = &v + return s +} + // SetMaxSize sets the MaxSize field's value. func (s *UpdateAutoScalingGroupInput) SetMaxSize(v int64) *UpdateAutoScalingGroupInput { s.MaxSize = &v diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/doc.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/doc.go index 32d9594c7ad..0a2fe8c30f3 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/doc.go @@ -4,11 +4,13 @@ // requests to Auto Scaling. // // Amazon EC2 Auto Scaling is designed to automatically launch or terminate -// EC2 instances based on user-defined policies, schedules, and health checks. -// Use this service with AWS Auto Scaling, Amazon CloudWatch, and Elastic Load -// Balancing. +// EC2 instances based on user-defined scaling policies, scheduled actions, +// and health checks. Use this service with AWS Auto Scaling, Amazon CloudWatch, +// and Elastic Load Balancing. // -// For more information, see the Amazon EC2 Auto Scaling User Guide (http://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html). +// For more information, including information about granting IAM users required +// permissions for Amazon EC2 Auto Scaling actions, see the Amazon EC2 Auto +// Scaling User Guide (https://docs.aws.amazon.com/autoscaling/ec2/userguide/what-is-amazon-ec2-auto-scaling.html). // // See https://docs.aws.amazon.com/goto/WebAPI/autoscaling-2011-01-01 for more information on this service. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go index be8b7e70b13..2e65ee3d93f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/errors.go @@ -20,16 +20,16 @@ const ( // ErrCodeLimitExceededFault for service response error code // "LimitExceeded". // - // You have already reached a limit for your Auto Scaling resources (for example, - // groups, launch configurations, or lifecycle hooks). For more information, - // see DescribeAccountLimits. + // You have already reached a limit for your Amazon EC2 Auto Scaling resources + // (for example, Auto Scaling groups, launch configurations, or lifecycle hooks). + // For more information, see DescribeAccountLimits. ErrCodeLimitExceededFault = "LimitExceeded" // ErrCodeResourceContentionFault for service response error code // "ResourceContention". // - // You already have a pending update to an Auto Scaling resource (for example, - // a group, instance, or load balancer). + // You already have a pending update to an Amazon EC2 Auto Scaling resource + // (for example, an Auto Scaling group, instance, or load balancer). ErrCodeResourceContentionFault = "ResourceContention" // ErrCodeResourceInUseFault for service response error code diff --git a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/service.go b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/service.go index e1da9fd7546..644838dd337 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/autoscaling/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/autoscaling/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "autoscaling" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "Auto Scaling" // ServiceID is a unique identifer of a specific service. + ServiceID = "Auto Scaling" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the AutoScaling client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a AutoScaling client from just a session. // svc := autoscaling.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := autoscaling.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *AutoScaling { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *AutoScaling { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *AutoScaling { svc := &AutoScaling{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2011-01-01", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/BUILD b/vendor/github.com/aws/aws-sdk-go/service/ec2/BUILD index fd30f4e27cb..ffe2f2c2267 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/BUILD @@ -21,7 +21,6 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/endpoints:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/signer/v4:go_default_library", - "//vendor/github.com/aws/aws-sdk-go/internal/sdkrand:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol/ec2query:go_default_library", ], diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 8ccb729e5e3..a33cce5d7e3 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -88,6 +88,81 @@ func (c *EC2) AcceptReservedInstancesExchangeQuoteWithContext(ctx aws.Context, i return out, req.Send() } +const opAcceptTransitGatewayPeeringAttachment = "AcceptTransitGatewayPeeringAttachment" + +// AcceptTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the +// client's request for the AcceptTransitGatewayPeeringAttachment operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AcceptTransitGatewayPeeringAttachment for more information on using the AcceptTransitGatewayPeeringAttachment +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AcceptTransitGatewayPeeringAttachmentRequest method. +// req, resp := client.AcceptTransitGatewayPeeringAttachmentRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AcceptTransitGatewayPeeringAttachment +func (c *EC2) AcceptTransitGatewayPeeringAttachmentRequest(input *AcceptTransitGatewayPeeringAttachmentInput) (req *request.Request, output *AcceptTransitGatewayPeeringAttachmentOutput) { + op := &request.Operation{ + Name: opAcceptTransitGatewayPeeringAttachment, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AcceptTransitGatewayPeeringAttachmentInput{} + } + + output = &AcceptTransitGatewayPeeringAttachmentOutput{} + req = c.newRequest(op, input, output) + return +} + +// AcceptTransitGatewayPeeringAttachment API operation for Amazon Elastic Compute Cloud. +// +// Accepts a transit gateway peering attachment request. The peering attachment +// must be in the pendingAcceptance state. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AcceptTransitGatewayPeeringAttachment for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AcceptTransitGatewayPeeringAttachment +func (c *EC2) AcceptTransitGatewayPeeringAttachment(input *AcceptTransitGatewayPeeringAttachmentInput) (*AcceptTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.AcceptTransitGatewayPeeringAttachmentRequest(input) + return out, req.Send() +} + +// AcceptTransitGatewayPeeringAttachmentWithContext is the same as AcceptTransitGatewayPeeringAttachment with the addition of +// the ability to pass a context and additional request options. +// +// See AcceptTransitGatewayPeeringAttachment for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AcceptTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, input *AcceptTransitGatewayPeeringAttachmentInput, opts ...request.Option) (*AcceptTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.AcceptTransitGatewayPeeringAttachmentRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAcceptTransitGatewayVpcAttachment = "AcceptTransitGatewayVpcAttachment" // AcceptTransitGatewayVpcAttachmentRequest generates a "aws/request.Request" representing the @@ -290,8 +365,8 @@ func (c *EC2) AcceptVpcPeeringConnectionRequest(input *AcceptVpcPeeringConnectio // of the peer VPC. Use DescribeVpcPeeringConnections to view your outstanding // VPC peering connection requests. // -// For an inter-region VPC peering connection request, you must accept the VPC -// peering connection in the region of the accepter VPC. +// For an inter-Region VPC peering connection request, you must accept the VPC +// peering connection in the Region of the accepter VPC. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -463,7 +538,7 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // or from an address pool created from a public IPv4 address range that you // have brought to AWS for use with your AWS resources using bring your own // IP addresses (BYOIP). For more information, see Bring Your Own IP Addresses -// (BYOIP) (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) +// (BYOIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) // in the Amazon Elastic Compute Cloud User Guide. // // [EC2-VPC] If you release an Elastic IP address, you might be able to recover @@ -474,9 +549,9 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // // An Elastic IP address is for use either in the EC2-Classic platform or in // a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic -// per region and 5 Elastic IP addresses for EC2-VPC per region. +// per Region and 5 Elastic IP addresses for EC2-VPC per Region. // -// For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) +// For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -551,8 +626,9 @@ func (c *EC2) AllocateHostsRequest(input *AllocateHostsInput) (req *request.Requ // AllocateHosts API operation for Amazon Elastic Compute Cloud. // -// Allocates a Dedicated Host to your account. At a minimum, specify the instance -// size type, Availability Zone, and quantity of hosts to allocate. +// Allocates a Dedicated Host to your account. At a minimum, specify the supported +// instance type or instance family, the Availability Zone in which to allocate +// the host, and the number of hosts to allocate. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -708,7 +784,7 @@ func (c *EC2) AssignIpv6AddressesRequest(input *AssignIpv6AddressesInput) (req * // CIDR block range. You can assign as many IPv6 addresses to a network interface // as you can assign private IPv4 addresses, and the limit varies per instance // type. For information, see IP Addresses Per Network Interface Per Instance -// Type (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) +// Type (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -778,7 +854,6 @@ func (c *EC2) AssignPrivateIpAddressesRequest(input *AssignPrivateIpAddressesInp output = &AssignPrivateIpAddressesOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -791,9 +866,9 @@ func (c *EC2) AssignPrivateIpAddressesRequest(input *AssignPrivateIpAddressesInp // the number of secondary IP addresses to be automatically assigned within // the subnet's CIDR block range. The number of secondary IP addresses that // you can assign to an instance varies by instance type. For information about -// instance types, see Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) +// instance types, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. For more information about -// Elastic IP addresses, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) +// Elastic IP addresses, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // // When you move a secondary private IP address to another network interface, @@ -879,7 +954,7 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // Before you can use an Elastic IP address, you must allocate it to your account. // // An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) +// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // // [EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is @@ -896,6 +971,9 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // an Elastic IP address with an instance or network interface that has an existing // Elastic IP address. // +// You cannot associate an Elastic IP address with an interface in a different +// network border group. +// // This is an idempotent operation. If you perform the operation more than once, // Amazon EC2 doesn't return an error, and you may be charged for each time // the Elastic IP address is remapped to the same instance. For more information, @@ -1062,7 +1140,7 @@ func (c *EC2) AssociateDhcpOptionsRequest(input *AssociateDhcpOptionsInput) (req // its DHCP lease. You can explicitly renew the lease using the operating system // on the instance. // -// For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1212,13 +1290,14 @@ func (c *EC2) AssociateRouteTableRequest(input *AssociateRouteTableInput) (req * // AssociateRouteTable API operation for Amazon Elastic Compute Cloud. // -// Associates a subnet with a route table. The subnet and route table must be -// in the same VPC. This association causes traffic originating from the subnet -// to be routed according to the routes in the route table. The action returns -// an association ID, which you need in order to disassociate the route table -// from the subnet later. A route table can be associated with multiple subnets. +// Associates a subnet in your VPC or an internet gateway or virtual private +// gateway attached to your VPC with a route table in your VPC. This association +// causes traffic from the subnet or gateway to be routed according to the routes +// in the route table. The action returns an association ID, which you need +// in order to disassociate the route table later. A route table can be associated +// with multiple subnets. // -// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1325,6 +1404,85 @@ func (c *EC2) AssociateSubnetCidrBlockWithContext(ctx aws.Context, input *Associ return out, req.Send() } +const opAssociateTransitGatewayMulticastDomain = "AssociateTransitGatewayMulticastDomain" + +// AssociateTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the +// client's request for the AssociateTransitGatewayMulticastDomain operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateTransitGatewayMulticastDomain for more information on using the AssociateTransitGatewayMulticastDomain +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the AssociateTransitGatewayMulticastDomainRequest method. +// req, resp := client.AssociateTransitGatewayMulticastDomainRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateTransitGatewayMulticastDomain +func (c *EC2) AssociateTransitGatewayMulticastDomainRequest(input *AssociateTransitGatewayMulticastDomainInput) (req *request.Request, output *AssociateTransitGatewayMulticastDomainOutput) { + op := &request.Operation{ + Name: opAssociateTransitGatewayMulticastDomain, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateTransitGatewayMulticastDomainInput{} + } + + output = &AssociateTransitGatewayMulticastDomainOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateTransitGatewayMulticastDomain API operation for Amazon Elastic Compute Cloud. +// +// Associates the specified subnets and transit gateway attachments with the +// specified transit gateway multicast domain. +// +// The transit gateway attachment must be in the available state before you +// can add a resource. Use DescribeTransitGatewayAttachments (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html) +// to see the state of the attachment. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateTransitGatewayMulticastDomain for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateTransitGatewayMulticastDomain +func (c *EC2) AssociateTransitGatewayMulticastDomain(input *AssociateTransitGatewayMulticastDomainInput) (*AssociateTransitGatewayMulticastDomainOutput, error) { + req, out := c.AssociateTransitGatewayMulticastDomainRequest(input) + return out, req.Send() +} + +// AssociateTransitGatewayMulticastDomainWithContext is the same as AssociateTransitGatewayMulticastDomain with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateTransitGatewayMulticastDomain for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateTransitGatewayMulticastDomainWithContext(ctx aws.Context, input *AssociateTransitGatewayMulticastDomainInput, opts ...request.Option) (*AssociateTransitGatewayMulticastDomainOutput, error) { + req, out := c.AssociateTransitGatewayMulticastDomainRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateTransitGatewayRouteTable = "AssociateTransitGatewayRouteTable" // AssociateTransitGatewayRouteTableRequest generates a "aws/request.Request" representing the @@ -1449,7 +1607,7 @@ func (c *EC2) AssociateVpcCidrBlockRequest(input *AssociateVpcCidrBlockInput) (r // IPv6 CIDR block size is fixed at /56. // // For more information about associating CIDR blocks with your VPC and applicable -// restrictions, see VPC and Subnet Sizing (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#VPC_Sizing) +// restrictions, see VPC and Subnet Sizing (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1610,9 +1768,10 @@ func (c *EC2) AttachInternetGatewayRequest(input *AttachInternetGatewayInput) (r // AttachInternetGateway API operation for Amazon Elastic Compute Cloud. // -// Attaches an internet gateway to a VPC, enabling connectivity between the -// internet and the VPC. For more information about your VPC and internet gateway, -// see the Amazon Virtual Private Cloud User Guide (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). +// Attaches an internet gateway or a virtual private gateway to a VPC, enabling +// connectivity between the internet and the VPC. For more information about +// your VPC and internet gateway, see the Amazon Virtual Private Cloud User +// Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1763,15 +1922,12 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // Attaches an EBS volume to a running or stopped instance and exposes it to // the instance with the specified device name. // -// Encrypted EBS volumes may only be attached to instances that support Amazon -// EBS encryption. For more information, see Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// Encrypted EBS volumes must be attached to instances that support Amazon EBS +// encryption. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For a list of supported device names, see Attaching an EBS Volume to an Instance -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html). -// Any device names that aren't reserved for instance store volumes can be used -// for EBS volumes. For more information, see Amazon EC2 Instance Store (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) -// in the Amazon Elastic Compute Cloud User Guide. +// After you attach an EBS volume, you must make it available. For more information, +// see Making an EBS Volume Available For Use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). // // If a volume has an AWS Marketplace product code: // @@ -1785,8 +1941,7 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the product. For example, you can't detach a volume from a Windows instance // and attach it to a Linux instance. // -// For more information about EBS volumes, see Attaching Amazon EBS Volumes -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) +// For more information, see Attaching Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1864,8 +2019,8 @@ func (c *EC2) AttachVpnGatewayRequest(input *AttachVpnGatewayInput) (req *reques // Attaches a virtual private gateway to a VPC. You can attach one virtual private // gateway to one VPC at a time. // -// For more information, see AWS Managed VPN Connections (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2017,25 +2172,24 @@ func (c *EC2) AuthorizeSecurityGroupEgressRequest(input *AuthorizeSecurityGroupE // AuthorizeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [EC2-VPC only] Adds one or more egress rules to a security group for use -// with a VPC. Specifically, this action permits instances to send traffic to -// one or more destination IPv4 or IPv6 CIDR address ranges, or to one or more -// destination security groups for the same VPC. This action doesn't apply to -// security groups for use in EC2-Classic. For more information, see Security -// Groups for Your VPC (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) -// in the Amazon Virtual Private Cloud User Guide. For more information about -// security group limits, see Amazon VPC Limits (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html). +// [VPC only] Adds the specified egress rules to a security group for use with +// a VPC. // -// Each rule consists of the protocol (for example, TCP), plus either a CIDR -// range or a source group. For the TCP and UDP protocols, you must also specify -// the destination port or port range. For the ICMP protocol, you must also -// specify the ICMP type and code. You can use -1 for the type or code to mean -// all types or all codes. You can optionally specify a description for the -// rule. +// An outbound rule permits instances to send traffic to the specified IPv4 +// or IPv6 CIDR address ranges, or to the instances associated with the specified +// destination security groups. +// +// You specify a protocol for each rule (for example, TCP). For the TCP and +// UDP protocols, you must also specify the destination port or port range. +// For the ICMP protocol, you must also specify the ICMP type and code. You +// can use -1 for the type or code to mean all types or all codes. // // Rule changes are propagated to affected instances as quickly as possible. // However, a small delay might occur. // +// For more information about VPC security group limits, see Amazon VPC Limits +// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2109,25 +2263,22 @@ func (c *EC2) AuthorizeSecurityGroupIngressRequest(input *AuthorizeSecurityGroup // AuthorizeSecurityGroupIngress API operation for Amazon Elastic Compute Cloud. // -// Adds one or more ingress rules to a security group. +// Adds the specified ingress rules to a security group. +// +// An inbound rule permits instances to receive traffic from the specified IPv4 +// or IPv6 CIDR address ranges, or from the instances associated with the specified +// destination security groups. +// +// You specify a protocol for each rule (for example, TCP). For TCP and UDP, +// you must also specify the destination port or port range. For ICMP/ICMPv6, +// you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean +// all types or all codes. // // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. // -// [EC2-Classic] This action gives one or more IPv4 CIDR address ranges permission -// to access a security group in your account, or gives one or more security -// groups (called the source groups) permission to access a security group for -// your account. A source group can be for your own AWS account, or another. -// You can have up to 100 rules per group. -// -// [EC2-VPC] This action gives one or more IPv4 or IPv6 CIDR address ranges -// permission to access a security group in your VPC, or gives one or more other -// security groups (called the source groups) permission to access a security -// group for your VPC. The security groups must all be for the same VPC or a -// peer VPC in a VPC peering connection. For more information about VPC security -// group limits, see Amazon VPC Limits (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html). -// -// You can optionally specify a description for the security group rule. +// For more information about VPC security group limits, see Amazon VPC Limits +// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2444,7 +2595,7 @@ func (c *EC2) CancelConversionTaskRequest(input *CancelConversionTaskInput) (req // and returns an exception. // // For more information, see Importing a Virtual Machine Using the Amazon EC2 -// CLI (http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html). +// CLI (https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2673,7 +2824,7 @@ func (c *EC2) CancelReservedInstancesListingRequest(input *CancelReservedInstanc // Cancels the specified Reserved Instance listing in the Reserved Instance // Marketplace. // -// For more information, see Reserved Instance Marketplace (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) +// For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2982,7 +3133,7 @@ func (c *EC2) CopyFpgaImageRequest(input *CopyFpgaImageInput) (req *request.Requ // CopyFpgaImage API operation for Amazon Elastic Compute Cloud. // -// Copies the specified Amazon FPGA Image (AFI) to the current region. +// Copies the specified Amazon FPGA Image (AFI) to the current Region. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3056,8 +3207,8 @@ func (c *EC2) CopyImageRequest(input *CopyImageInput) (req *request.Request, out // CopyImage API operation for Amazon Elastic Compute Cloud. // -// Initiates the copy of an AMI from the specified source region to the current -// region. You specify the destination region by using its endpoint when making +// Initiates the copy of an AMI from the specified source Region to the current +// Region. You specify the destination Region by using its endpoint when making // the request. // // Copies of encrypted backing snapshots for the AMI are encrypted. Copies of @@ -3066,7 +3217,7 @@ func (c *EC2) CopyImageRequest(input *CopyImageInput) (req *request.Request, out // backing snapshot. // // For more information about the prerequisites and limits when copying an AMI, -// see Copying an AMI (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) +// see Copying an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3142,16 +3293,15 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // CopySnapshot API operation for Amazon Elastic Compute Cloud. // // Copies a point-in-time snapshot of an EBS volume and stores it in Amazon -// S3. You can copy the snapshot within the same region or from one region to +// S3. You can copy the snapshot within the same Region or from one Region to // another. You can use the snapshot to create EBS volumes or Amazon Machine -// Images (AMIs). The snapshot is copied to the regional endpoint that you send -// the HTTP request to. +// Images (AMIs). // // Copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted -// snapshots remain unencrypted, unless the Encrypted flag is specified during -// the snapshot copy operation. By default, encrypted snapshot copies use the -// default AWS Key Management Service (AWS KMS) customer master key (CMK); however, -// you can specify a non-default CMK with the KmsKeyId parameter. +// snapshots remain unencrypted, unless you enable encryption for the snapshot +// copy operation. By default, encrypted snapshot copies use the default AWS +// Key Management Service (AWS KMS) customer master key (CMK); however, you +// can specify a different CMK. // // To copy an encrypted snapshot that has been shared from another account, // you must have permissions for the CMK used to encrypt the snapshot. @@ -3159,7 +3309,7 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // Snapshots created by copying another snapshot have an arbitrary volume ID // that should not be used for any purpose. // -// For more information, see Copying an Amazon EBS Snapshot (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) +// For more information, see Copying an Amazon EBS Snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3242,7 +3392,7 @@ func (c *EC2) CreateCapacityReservationRequest(input *CreateCapacityReservationI // Regional RI discounts for that usage. By creating Capacity Reservations, // you ensure that you always have access to Amazon EC2 capacity when you need // it, for as long as you need it. For more information, see Capacity Reservations -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) // in the Amazon Elastic Compute Cloud User Guide. // // Your request to create a Capacity Reservation could fail if Amazon EC2 does @@ -3256,7 +3406,7 @@ func (c *EC2) CreateCapacityReservationRequest(input *CreateCapacityReservationI // Instance limit for the selected instance type. If your request fails due // to limit constraints, increase your On-Demand Instance limit for the required // instance type and try again. For more information about increasing your instance -// limits, see Amazon EC2 Service Limits (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) +// limits, see Amazon EC2 Service Limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3409,8 +3559,8 @@ func (c *EC2) CreateClientVpnRouteRequest(input *CreateClientVpnRouteInput) (req // // Adds a route to a network to a Client VPN endpoint. Each Client VPN endpoint // has a route table that describes the available destination network routes. -// Each route in the route table specifies the path for traffic to specific resources -// or networks. +// Each route in the route table specifies the path for traffic to specific +// resources or networks. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3488,7 +3638,7 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // gateway is the appliance at your end of the VPN connection. (The device on // the AWS side of the VPN connection is the virtual private gateway.) You must // provide the Internet-routable IP address of the customer gateway's external -// interface. The IP address must be static and may be behind a device performing +// interface. The IP address must be static and can be behind a device performing // network address translation (NAT). // // For devices that use Border Gateway Protocol (BGP), you can also provide @@ -3497,18 +3647,16 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // a private ASN (in the 64512 - 65534 range). // // Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with -// the exception of 7224, which is reserved in the us-east-1 region, and 9059, -// which is reserved in the eu-west-1 region. +// the exception of 7224, which is reserved in the us-east-1 Region, and 9059, +// which is reserved in the eu-west-1 Region. // -// For more information about VPN customer gateways, see AWS Managed VPN Connections -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) in the -// Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // -// You cannot create more than one customer gateway with the same VPN type, -// IP address, and BGP ASN parameter values. If you run an identical request -// more than one time, the first request creates the customer gateway, and subsequent -// requests return information about the existing customer gateway. The subsequent -// requests do not create new customer gateway resources. +// To create more than one customer gateway with the same VPN type, IP address, +// and BGP ASN, specify a unique device name for each customer gateway. Identical +// requests return information about the existing customer gateway and do not +// create new customer gateways. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3585,7 +3733,7 @@ func (c *EC2) CreateDefaultSubnetRequest(input *CreateDefaultSubnetInput) (req * // Creates a default subnet with a size /20 IPv4 CIDR block in the specified // Availability Zone in your default VPC. You can have only one default subnet // per Availability Zone. For more information, see Creating a Default Subnet -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html#create-default-subnet) +// (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-subnet) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3662,7 +3810,7 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques // // Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet // in each Availability Zone. For more information about the components of a -// default VPC, see Default VPC and Default Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html) +// default VPC, see Default VPC and Default Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) // in the Amazon Virtual Private Cloud User Guide. You cannot specify the components // of the default VPC yourself. // @@ -3755,12 +3903,12 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // * domain-name-servers - The IP addresses of up to four domain name servers, // or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. // If specifying more than one domain name server, specify the IP addresses -// in a single parameter, separated by commas. ITo have your instance to -// receive a custom DNS hostname as specified in domain-name, you must set -// domain-name-servers to a custom DNS server. +// in a single parameter, separated by commas. To have your instance receive +// a custom DNS hostname as specified in domain-name, you must set domain-name-servers +// to a custom DNS server. // // * domain-name - If you're using AmazonProvidedDNS in us-east-1, specify -// ec2.internal. If you're using AmazonProvidedDNS in another region, specify +// ec2.internal. If you're using AmazonProvidedDNS in another Region, specify // region.compute.internal (for example, ap-northeast-1.compute.internal). // Otherwise, specify a domain name (for example, MyCompany.com). This value // is used to complete unqualified DNS hostnames. Important: Some Linux operating @@ -3783,7 +3931,7 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // only a DNS server that we provide (AmazonProvidedDNS). If you create a set // of options, and if your VPC has an internet gateway, make sure to set the // domain-name-servers option either to AmazonProvidedDNS or to a domain name -// server of your choice. For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// server of your choice. For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3940,7 +4088,7 @@ func (c *EC2) CreateFleetRequest(input *CreateFleetInput) (req *request.Request, // You can create a single EC2 Fleet that includes multiple launch specifications // that vary by instance type, AMI, Availability Zone, or subnet. // -// For more information, see Launching an EC2 Fleet (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html) +// For more information, see Launching an EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4020,7 +4168,7 @@ func (c *EC2) CreateFlowLogsRequest(input *CreateFlowLogsInput) (req *request.Re // // Flow log data for a monitored network interface is recorded as flow log records, // which are log events consisting of fields that describe the traffic flow. -// For more information, see Flow Log Records (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records) +// For more information, see Flow Log Records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) // in the Amazon Virtual Private Cloud User Guide. // // When publishing to CloudWatch Logs, flow log records are published to a log @@ -4029,7 +4177,7 @@ func (c *EC2) CreateFlowLogsRequest(input *CreateFlowLogsInput) (req *request.Re // interfaces are published to a single log file object that is stored in the // specified bucket. // -// For more information, see VPC Flow Logs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html) +// For more information, see VPC Flow Logs (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4110,8 +4258,8 @@ func (c *EC2) CreateFpgaImageRequest(input *CreateFpgaImageInput) (req *request. // use, check the output logs. // // An AFI contains the FPGA bitstream that is ready to download to an FPGA. -// You can securely deploy an AFI on one or more FPGA-accelerated instances. -// For more information, see the AWS FPGA Hardware Development Kit (https://github.com/aws/aws-fpga/). +// You can securely deploy an AFI on multiple FPGA-accelerated instances. For +// more information, see the AWS FPGA Hardware Development Kit (https://github.com/aws/aws-fpga/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4193,7 +4341,7 @@ func (c *EC2) CreateImageRequest(input *CreateImageInput) (req *request.Request, // mapping information for those volumes. When you launch an instance from this // new AMI, the instance automatically launches with those additional volumes. // -// For more information, see Creating Amazon EBS-Backed Linux AMIs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html) +// For more information, see Creating Amazon EBS-Backed Linux AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4272,7 +4420,7 @@ func (c *EC2) CreateInstanceExportTaskRequest(input *CreateInstanceExportTaskInp // // For information about the supported operating systems, image formats, and // known limitations for the types of instances you can export, see Exporting -// an Instance as a VM Using VM Import/Export (http://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) +// an Instance as a VM Using VM Import/Export (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) // in the VM Import/Export User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4351,7 +4499,7 @@ func (c *EC2) CreateInternetGatewayRequest(input *CreateInternetGatewayInput) (r // gateway, you attach it to a VPC using AttachInternetGateway. // // For more information about your VPC and internet gateway, see the Amazon -// Virtual Private Cloud User Guide (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). +// Virtual Private Cloud User Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4430,13 +4578,13 @@ func (c *EC2) CreateKeyPairRequest(input *CreateKeyPairInput) (req *request.Requ // private key is returned as an unencrypted PEM encoded PKCS#1 private key. // If a key with the specified name already exists, Amazon EC2 returns an error. // -// You can have up to five thousand key pairs per region. +// You can have up to five thousand key pairs per Region. // -// The key pair returned to you is available only in the region in which you +// The key pair returned to you is available only in the Region in which you // create it. If you prefer, you can create your own key pair using a third-party -// tool and upload it to any region using ImportKeyPair. +// tool and upload it to any Region using ImportKeyPair. // -// For more information, see Key Pairs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) +// For more information, see Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4621,6 +4769,154 @@ func (c *EC2) CreateLaunchTemplateVersionWithContext(ctx aws.Context, input *Cre return out, req.Send() } +const opCreateLocalGatewayRoute = "CreateLocalGatewayRoute" + +// CreateLocalGatewayRouteRequest generates a "aws/request.Request" representing the +// client's request for the CreateLocalGatewayRoute operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateLocalGatewayRoute for more information on using the CreateLocalGatewayRoute +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateLocalGatewayRouteRequest method. +// req, resp := client.CreateLocalGatewayRouteRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateLocalGatewayRoute +func (c *EC2) CreateLocalGatewayRouteRequest(input *CreateLocalGatewayRouteInput) (req *request.Request, output *CreateLocalGatewayRouteOutput) { + op := &request.Operation{ + Name: opCreateLocalGatewayRoute, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateLocalGatewayRouteInput{} + } + + output = &CreateLocalGatewayRouteOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateLocalGatewayRoute API operation for Amazon Elastic Compute Cloud. +// +// Creates a static route for the specified local gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateLocalGatewayRoute for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateLocalGatewayRoute +func (c *EC2) CreateLocalGatewayRoute(input *CreateLocalGatewayRouteInput) (*CreateLocalGatewayRouteOutput, error) { + req, out := c.CreateLocalGatewayRouteRequest(input) + return out, req.Send() +} + +// CreateLocalGatewayRouteWithContext is the same as CreateLocalGatewayRoute with the addition of +// the ability to pass a context and additional request options. +// +// See CreateLocalGatewayRoute for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateLocalGatewayRouteWithContext(ctx aws.Context, input *CreateLocalGatewayRouteInput, opts ...request.Option) (*CreateLocalGatewayRouteOutput, error) { + req, out := c.CreateLocalGatewayRouteRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateLocalGatewayRouteTableVpcAssociation = "CreateLocalGatewayRouteTableVpcAssociation" + +// CreateLocalGatewayRouteTableVpcAssociationRequest generates a "aws/request.Request" representing the +// client's request for the CreateLocalGatewayRouteTableVpcAssociation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateLocalGatewayRouteTableVpcAssociation for more information on using the CreateLocalGatewayRouteTableVpcAssociation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateLocalGatewayRouteTableVpcAssociationRequest method. +// req, resp := client.CreateLocalGatewayRouteTableVpcAssociationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateLocalGatewayRouteTableVpcAssociation +func (c *EC2) CreateLocalGatewayRouteTableVpcAssociationRequest(input *CreateLocalGatewayRouteTableVpcAssociationInput) (req *request.Request, output *CreateLocalGatewayRouteTableVpcAssociationOutput) { + op := &request.Operation{ + Name: opCreateLocalGatewayRouteTableVpcAssociation, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateLocalGatewayRouteTableVpcAssociationInput{} + } + + output = &CreateLocalGatewayRouteTableVpcAssociationOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateLocalGatewayRouteTableVpcAssociation API operation for Amazon Elastic Compute Cloud. +// +// Associates the specified VPC with the specified local gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateLocalGatewayRouteTableVpcAssociation for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateLocalGatewayRouteTableVpcAssociation +func (c *EC2) CreateLocalGatewayRouteTableVpcAssociation(input *CreateLocalGatewayRouteTableVpcAssociationInput) (*CreateLocalGatewayRouteTableVpcAssociationOutput, error) { + req, out := c.CreateLocalGatewayRouteTableVpcAssociationRequest(input) + return out, req.Send() +} + +// CreateLocalGatewayRouteTableVpcAssociationWithContext is the same as CreateLocalGatewayRouteTableVpcAssociation with the addition of +// the ability to pass a context and additional request options. +// +// See CreateLocalGatewayRouteTableVpcAssociation for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateLocalGatewayRouteTableVpcAssociationWithContext(ctx aws.Context, input *CreateLocalGatewayRouteTableVpcAssociationInput, opts ...request.Option) (*CreateLocalGatewayRouteTableVpcAssociationOutput, error) { + req, out := c.CreateLocalGatewayRouteTableVpcAssociationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateNatGateway = "CreateNatGateway" // CreateNatGatewayRequest generates a "aws/request.Request" representing the @@ -4670,7 +4966,7 @@ func (c *EC2) CreateNatGatewayRequest(input *CreateNatGatewayInput) (req *reques // the IP address range of the subnet. Internet-bound traffic from a private // subnet can be routed to the NAT gateway, therefore enabling instances in // the private subnet to connect to the internet. For more information, see -// NAT Gateways (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html) +// NAT Gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4748,7 +5044,7 @@ func (c *EC2) CreateNetworkAclRequest(input *CreateNetworkAclInput) (req *reques // Creates a network ACL in a VPC. Network ACLs provide an optional layer of // security (in addition to security groups) for the instances in your VPC. // -// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4839,7 +5135,7 @@ func (c *EC2) CreateNetworkAclEntryRequest(input *CreateNetworkAclEntryInput) (r // After you add an entry, you can't modify it; you must either replace it, // or create an entry and delete the old one. // -// For more information about network ACLs, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4917,7 +5213,7 @@ func (c *EC2) CreateNetworkInterfaceRequest(input *CreateNetworkInterfaceInput) // Creates a network interface in the specified subnet. // // For more information about network interfaces, see Elastic Network Interfaces -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) in the +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html) in the // Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5081,7 +5377,7 @@ func (c *EC2) CreatePlacementGroupRequest(input *CreatePlacementGroupInput) (req // instances in one partition do not share the same hardware with instances // in another partition. // -// For more information, see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5161,9 +5457,8 @@ func (c *EC2) CreateReservedInstancesListingRequest(input *CreateReservedInstanc // listing at a time. To get a list of your Standard Reserved Instances, you // can use the DescribeReservedInstances operation. // -// Only Standard Reserved Instances with a capacity reservation can be sold -// in the Reserved Instance Marketplace. Convertible Reserved Instances and -// Standard Reserved Instances with a regional benefit cannot be sold. +// Only Standard Reserved Instances can be sold in the Reserved Instance Marketplace. +// Convertible Reserved Instances cannot be sold. // // The Reserved Instance Marketplace matches sellers who want to resell Standard // Reserved Instance capacity that they no longer need with buyers who want @@ -5178,7 +5473,7 @@ func (c *EC2) CreateReservedInstancesListingRequest(input *CreateReservedInstanc // for purchase. To view the details of your Standard Reserved Instance listing, // you can use the DescribeReservedInstancesListings operation. // -// For more information, see Reserved Instance Marketplace (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) +// For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5257,7 +5552,7 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // // You must specify one of the following targets: internet gateway or virtual // private gateway, NAT instance, NAT gateway, VPC peering connection, network -// interface, or egress-only internet gateway. +// interface, egress-only internet gateway, or transit gateway. // // When determining how to route traffic, we use the route with the most specific // match. For example, traffic is destined for the IPv4 address 192.0.2.3, and @@ -5271,7 +5566,7 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // route in the list covers a smaller number of IP addresses and is therefore // more specific, so we use that route to determine where to target the traffic. // -// For more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information about route tables, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5349,7 +5644,7 @@ func (c *EC2) CreateRouteTableRequest(input *CreateRouteTableInput) (req *reques // Creates a route table for the specified VPC. After you create a route table, // you can add routes and associate the table with a subnet. // -// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5426,17 +5721,13 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // // Creates a security group. // -// A security group is for use with instances either in the EC2-Classic platform -// or in a specific VPC. For more information, see Amazon EC2 Security Groups -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) +// A security group acts as a virtual firewall for your instance to control +// inbound and outbound traffic. For more information, see Amazon EC2 Security +// Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) // in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your -// VPC (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) +// VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) // in the Amazon Virtual Private Cloud User Guide. // -// EC2-Classic: You can have up to 500 security groups. -// -// EC2-VPC: You can create up to 500 security groups per VPC. -// // When you create a security group, you specify a friendly name of your choice. // You can have a security group for use in EC2-Classic with the same name as // a security group for use in a VPC. However, you can't have two security groups @@ -5452,6 +5743,9 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // You can add or remove rules from your security groups using AuthorizeSecurityGroupIngress, // AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress. // +// For more information about VPC security group limits, see Amazon VPC Limits +// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -5550,11 +5844,11 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // protected. // // You can tag your snapshots during creation. For more information, see Tagging -// Your Amazon EC2 Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Amazon Elastic Block Store (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) -// and Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) +// and Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5585,6 +5879,83 @@ func (c *EC2) CreateSnapshotWithContext(ctx aws.Context, input *CreateSnapshotIn return out, req.Send() } +const opCreateSnapshots = "CreateSnapshots" + +// CreateSnapshotsRequest generates a "aws/request.Request" representing the +// client's request for the CreateSnapshots operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateSnapshots for more information on using the CreateSnapshots +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateSnapshotsRequest method. +// req, resp := client.CreateSnapshotsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateSnapshots +func (c *EC2) CreateSnapshotsRequest(input *CreateSnapshotsInput) (req *request.Request, output *CreateSnapshotsOutput) { + op := &request.Operation{ + Name: opCreateSnapshots, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateSnapshotsInput{} + } + + output = &CreateSnapshotsOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateSnapshots API operation for Amazon Elastic Compute Cloud. +// +// Creates crash-consistent snapshots of multiple EBS volumes and stores the +// data in S3. Volumes are chosen by specifying an instance. Any attached volumes +// will produce one snapshot each that is crash-consistent across the instance. +// Boot volumes can be excluded by changing the parameters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateSnapshots for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateSnapshots +func (c *EC2) CreateSnapshots(input *CreateSnapshotsInput) (*CreateSnapshotsOutput, error) { + req, out := c.CreateSnapshotsRequest(input) + return out, req.Send() +} + +// CreateSnapshotsWithContext is the same as CreateSnapshots with the addition of +// the ability to pass a context and additional request options. +// +// See CreateSnapshots for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateSnapshotsWithContext(ctx aws.Context, input *CreateSnapshotsInput, opts ...request.Option) (*CreateSnapshotsOutput, error) { + req, out := c.CreateSnapshotsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateSpotDatafeedSubscription = "CreateSpotDatafeedSubscription" // CreateSpotDatafeedSubscriptionRequest generates a "aws/request.Request" representing the @@ -5631,7 +6002,7 @@ func (c *EC2) CreateSpotDatafeedSubscriptionRequest(input *CreateSpotDatafeedSub // // Creates a data feed for Spot Instances, enabling you to view Spot Instance // usage logs. You can create one data feed per AWS account. For more information, -// see Spot Instance Data Feed (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) +// see Spot Instance Data Feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5731,7 +6102,7 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // It's therefore possible to have a subnet with no running instances (they're // all stopped), but no remaining IP addresses available. // -// For more information about subnets, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// For more information about subnets, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5807,14 +6178,14 @@ func (c *EC2) CreateTagsRequest(input *CreateTagsInput) (req *request.Request, o // CreateTags API operation for Amazon Elastic Compute Cloud. // -// Adds or overwrites one or more tags for the specified Amazon EC2 resource +// Adds or overwrites the specified tags for the specified Amazon EC2 resource // or resources. Each resource can have a maximum of 50 tags. Each tag consists // of a key and optional value. Tag keys must be unique per resource. // -// For more information about tags, see Tagging Your Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// For more information about tags, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. For more information about // creating IAM policies that control users' access to resources based on tags, -// see Supported Resource-Level Permissions for Amazon EC2 API Actions (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-iam-actions-resources.html) +// see Supported Resource-Level Permissions for Amazon EC2 API Actions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-iam-actions-resources.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5845,6 +6216,336 @@ func (c *EC2) CreateTagsWithContext(ctx aws.Context, input *CreateTagsInput, opt return out, req.Send() } +const opCreateTrafficMirrorFilter = "CreateTrafficMirrorFilter" + +// CreateTrafficMirrorFilterRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorFilter for more information on using the CreateTrafficMirrorFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorFilterRequest method. +// req, resp := client.CreateTrafficMirrorFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilter +func (c *EC2) CreateTrafficMirrorFilterRequest(input *CreateTrafficMirrorFilterInput) (req *request.Request, output *CreateTrafficMirrorFilterOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorFilterInput{} + } + + output = &CreateTrafficMirrorFilterOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorFilter API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror filter. +// +// A Traffic Mirror filter is a set of rules that defines the traffic to mirror. +// +// By default, no traffic is mirrored. To mirror traffic, use CreateTrafficMirrorFilterRule +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilterRule.htm) +// to add Traffic Mirror rules to the filter. The rules you add define what +// traffic gets mirrored. You can also use ModifyTrafficMirrorFilterNetworkServices +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyTrafficMirrorFilterNetworkServices.html) +// to mirror supported network services. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorFilter for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilter +func (c *EC2) CreateTrafficMirrorFilter(input *CreateTrafficMirrorFilterInput) (*CreateTrafficMirrorFilterOutput, error) { + req, out := c.CreateTrafficMirrorFilterRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorFilterWithContext is the same as CreateTrafficMirrorFilter with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorFilterWithContext(ctx aws.Context, input *CreateTrafficMirrorFilterInput, opts ...request.Option) (*CreateTrafficMirrorFilterOutput, error) { + req, out := c.CreateTrafficMirrorFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorFilterRule = "CreateTrafficMirrorFilterRule" + +// CreateTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorFilterRule for more information on using the CreateTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorFilterRuleRequest method. +// req, resp := client.CreateTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilterRule +func (c *EC2) CreateTrafficMirrorFilterRuleRequest(input *CreateTrafficMirrorFilterRuleInput) (req *request.Request, output *CreateTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorFilterRuleInput{} + } + + output = &CreateTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror filter rule. +// +// A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror. +// +// You need the Traffic Mirror filter ID when you create the rule. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilterRule +func (c *EC2) CreateTrafficMirrorFilterRule(input *CreateTrafficMirrorFilterRuleInput) (*CreateTrafficMirrorFilterRuleOutput, error) { + req, out := c.CreateTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorFilterRuleWithContext is the same as CreateTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *CreateTrafficMirrorFilterRuleInput, opts ...request.Option) (*CreateTrafficMirrorFilterRuleOutput, error) { + req, out := c.CreateTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorSession = "CreateTrafficMirrorSession" + +// CreateTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorSession for more information on using the CreateTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorSessionRequest method. +// req, resp := client.CreateTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorSession +func (c *EC2) CreateTrafficMirrorSessionRequest(input *CreateTrafficMirrorSessionInput) (req *request.Request, output *CreateTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorSessionInput{} + } + + output = &CreateTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror session. +// +// A Traffic Mirror session actively copies packets from a Traffic Mirror source +// to a Traffic Mirror target. Create a filter, and then assign it to the session +// to define a subset of the traffic to mirror, for example all TCP traffic. +// +// The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) +// can be in the same VPC, or in a different VPC connected via VPC peering or +// a transit gateway. +// +// By default, no traffic is mirrored. Use CreateTrafficMirrorFilter (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorFilter.htm) +// to create filter rules that specify the traffic to mirror. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorSession +func (c *EC2) CreateTrafficMirrorSession(input *CreateTrafficMirrorSessionInput) (*CreateTrafficMirrorSessionOutput, error) { + req, out := c.CreateTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorSessionWithContext is the same as CreateTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorSessionWithContext(ctx aws.Context, input *CreateTrafficMirrorSessionInput, opts ...request.Option) (*CreateTrafficMirrorSessionOutput, error) { + req, out := c.CreateTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorTarget = "CreateTrafficMirrorTarget" + +// CreateTrafficMirrorTargetRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorTarget operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorTarget for more information on using the CreateTrafficMirrorTarget +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorTargetRequest method. +// req, resp := client.CreateTrafficMirrorTargetRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorTarget +func (c *EC2) CreateTrafficMirrorTargetRequest(input *CreateTrafficMirrorTargetInput) (req *request.Request, output *CreateTrafficMirrorTargetOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorTarget, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorTargetInput{} + } + + output = &CreateTrafficMirrorTargetOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorTarget API operation for Amazon Elastic Compute Cloud. +// +// Creates a target for your Traffic Mirror session. +// +// A Traffic Mirror target is the destination for mirrored traffic. The Traffic +// Mirror source and the Traffic Mirror target (monitoring appliances) can be +// in the same VPC, or in different VPCs connected via VPC peering or a transit +// gateway. +// +// A Traffic Mirror target can be a network interface, or a Network Load Balancer. +// +// To use the target in a Traffic Mirror session, use CreateTrafficMirrorSession +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTrafficMirrorSession.htm). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorTarget for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorTarget +func (c *EC2) CreateTrafficMirrorTarget(input *CreateTrafficMirrorTargetInput) (*CreateTrafficMirrorTargetOutput, error) { + req, out := c.CreateTrafficMirrorTargetRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorTargetWithContext is the same as CreateTrafficMirrorTarget with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorTarget for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorTargetWithContext(ctx aws.Context, input *CreateTrafficMirrorTargetInput, opts ...request.Option) (*CreateTrafficMirrorTargetOutput, error) { + req, out := c.CreateTrafficMirrorTargetRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateTransitGateway = "CreateTransitGateway" // CreateTransitGatewayRequest generates a "aws/request.Request" representing the @@ -5938,6 +6639,164 @@ func (c *EC2) CreateTransitGatewayWithContext(ctx aws.Context, input *CreateTran return out, req.Send() } +const opCreateTransitGatewayMulticastDomain = "CreateTransitGatewayMulticastDomain" + +// CreateTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the +// client's request for the CreateTransitGatewayMulticastDomain operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTransitGatewayMulticastDomain for more information on using the CreateTransitGatewayMulticastDomain +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTransitGatewayMulticastDomainRequest method. +// req, resp := client.CreateTransitGatewayMulticastDomainRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayMulticastDomain +func (c *EC2) CreateTransitGatewayMulticastDomainRequest(input *CreateTransitGatewayMulticastDomainInput) (req *request.Request, output *CreateTransitGatewayMulticastDomainOutput) { + op := &request.Operation{ + Name: opCreateTransitGatewayMulticastDomain, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTransitGatewayMulticastDomainInput{} + } + + output = &CreateTransitGatewayMulticastDomainOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTransitGatewayMulticastDomain API operation for Amazon Elastic Compute Cloud. +// +// Creates a multicast domain using the specified transit gateway. +// +// The transit gateway must be in the available state before you create a domain. +// Use DescribeTransitGateways (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGateways.html) +// to see the state of transit gateway. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTransitGatewayMulticastDomain for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayMulticastDomain +func (c *EC2) CreateTransitGatewayMulticastDomain(input *CreateTransitGatewayMulticastDomainInput) (*CreateTransitGatewayMulticastDomainOutput, error) { + req, out := c.CreateTransitGatewayMulticastDomainRequest(input) + return out, req.Send() +} + +// CreateTransitGatewayMulticastDomainWithContext is the same as CreateTransitGatewayMulticastDomain with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTransitGatewayMulticastDomain for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTransitGatewayMulticastDomainWithContext(ctx aws.Context, input *CreateTransitGatewayMulticastDomainInput, opts ...request.Option) (*CreateTransitGatewayMulticastDomainOutput, error) { + req, out := c.CreateTransitGatewayMulticastDomainRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTransitGatewayPeeringAttachment = "CreateTransitGatewayPeeringAttachment" + +// CreateTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the +// client's request for the CreateTransitGatewayPeeringAttachment operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTransitGatewayPeeringAttachment for more information on using the CreateTransitGatewayPeeringAttachment +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTransitGatewayPeeringAttachmentRequest method. +// req, resp := client.CreateTransitGatewayPeeringAttachmentRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayPeeringAttachment +func (c *EC2) CreateTransitGatewayPeeringAttachmentRequest(input *CreateTransitGatewayPeeringAttachmentInput) (req *request.Request, output *CreateTransitGatewayPeeringAttachmentOutput) { + op := &request.Operation{ + Name: opCreateTransitGatewayPeeringAttachment, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTransitGatewayPeeringAttachmentInput{} + } + + output = &CreateTransitGatewayPeeringAttachmentOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTransitGatewayPeeringAttachment API operation for Amazon Elastic Compute Cloud. +// +// Requests a transit gateway peering attachment between the specified transit +// gateway (requester) and a peer transit gateway (accepter). The transit gateways +// must be in different Regions. The peer transit gateway can be in your account +// or a different AWS account. +// +// After you create the peering attachment, the owner of the accepter transit +// gateway must accept the attachment request. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTransitGatewayPeeringAttachment for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTransitGatewayPeeringAttachment +func (c *EC2) CreateTransitGatewayPeeringAttachment(input *CreateTransitGatewayPeeringAttachmentInput) (*CreateTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.CreateTransitGatewayPeeringAttachmentRequest(input) + return out, req.Send() +} + +// CreateTransitGatewayPeeringAttachmentWithContext is the same as CreateTransitGatewayPeeringAttachment with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTransitGatewayPeeringAttachment for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, input *CreateTransitGatewayPeeringAttachmentInput, opts ...request.Option) (*CreateTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.CreateTransitGatewayPeeringAttachmentRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateTransitGatewayRoute = "CreateTransitGatewayRoute" // CreateTransitGatewayRouteRequest generates a "aws/request.Request" representing the @@ -6213,23 +7072,23 @@ func (c *EC2) CreateVolumeRequest(input *CreateVolumeInput) (req *request.Reques // // Creates an EBS volume that can be attached to an instance in the same Availability // Zone. The volume is created in the regional endpoint that you send the HTTP -// request to. For more information see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html). +// request to. For more information see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html). // // You can create a new empty volume or restore a volume from an EBS snapshot. // Any AWS Marketplace product codes from the snapshot are propagated to the // volume. // -// You can create encrypted volumes with the Encrypted parameter. Encrypted -// volumes may only be attached to instances that support Amazon EBS encryption. -// Volumes that are created from encrypted snapshots are also automatically -// encrypted. For more information, see Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// You can create encrypted volumes. Encrypted volumes must be attached to instances +// that support Amazon EBS encryption. Volumes that are created from encrypted +// snapshots are also automatically encrypted. For more information, see Amazon +// EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // // You can tag your volumes during creation. For more information, see Tagging -// Your Amazon EC2 Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Creating an Amazon EBS Volume (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) +// For more information, see Creating an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6307,7 +7166,7 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can // create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 // netmask (65,536 IPv4 addresses). For more information about how large to -// make your VPC, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// make your VPC, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. @@ -6316,12 +7175,12 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // // By default, each instance you launch in the VPC has the default DHCP options, // which include only a default DNS server that we provide (AmazonProvidedDNS). -// For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // You can specify the instance tenancy value for the VPC when you create it. // You can't change this value for the VPC after you create it. For more information, -// see Dedicated Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) +// see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6398,14 +7257,14 @@ func (c *EC2) CreateVpcEndpointRequest(input *CreateVpcEndpointInput) (req *requ // // Creates a VPC endpoint for a specified service. An endpoint enables you to // create a private connection between your VPC and the service. The service -// may be provided by AWS, an AWS Marketplace partner, or another AWS account. -// For more information, see VPC Endpoints (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) +// may be provided by AWS, an AWS Marketplace Partner, or another AWS account. +// For more information, see VPC Endpoints (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html) // in the Amazon Virtual Private Cloud User Guide. // // A gateway endpoint serves as a target for a route in your route table for // traffic destined for the AWS service. You can specify an endpoint policy -// to attach to the endpoint that will control access to the service from your -// VPC. You can also specify the VPC route tables that use the endpoint. +// to attach to the endpoint, which will control access to the service from +// your VPC. You can also specify the VPC route tables that use the endpoint. // // An interface endpoint is a network interface in your subnet that serves as // an endpoint for communicating with the specified service. You can specify @@ -6489,7 +7348,7 @@ func (c *EC2) CreateVpcEndpointConnectionNotificationRequest(input *CreateVpcEnd // Creates a connection notification for a specified VPC endpoint or VPC endpoint // service. A connection notification notifies you of specific endpoint events. // You must create an SNS topic to receive notifications. For more information, -// see Create a Topic (http://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) +// see Create a Topic (https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) // in the Amazon Simple Notification Service Developer Guide. // // You can create a connection notification for interface endpoints only. @@ -6572,7 +7431,12 @@ func (c *EC2) CreateVpcEndpointServiceConfigurationRequest(input *CreateVpcEndpo // // To create an endpoint service configuration, you must first create a Network // Load Balancer for your service. For more information, see VPC Endpoint Services -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/endpoint-service.html) +// (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html) +// in the Amazon Virtual Private Cloud User Guide. +// +// If you set the private DNS name, you must prove that you own the private +// DNS domain name. For more information, see VPC Endpoint Service Private DNS +// Name Verification (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6654,7 +7518,7 @@ func (c *EC2) CreateVpcPeeringConnectionRequest(input *CreateVpcPeeringConnectio // CIDR blocks. // // Limitations and rules apply to a VPC peering connection. For more information, -// see the limitations (http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/vpc-peering-basics.html#vpc-peering-limitations) +// see the limitations (https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html#vpc-peering-limitations) // section in the VPC Peering Guide. // // The owner of the accepter VPC must accept the peering request to activate @@ -6737,7 +7601,7 @@ func (c *EC2) CreateVpnConnectionRequest(input *CreateVpnConnectionInput) (req * // CreateVpnConnection API operation for Amazon Elastic Compute Cloud. // // Creates a VPN connection between an existing virtual private gateway and -// a VPN customer gateway. The only supported connection type is ipsec.1. +// a VPN customer gateway. The supported connection type is ipsec.1. // // The response includes information that you need to give to your network administrator // to configure your customer gateway. @@ -6753,8 +7617,8 @@ func (c *EC2) CreateVpnConnectionRequest(input *CreateVpnConnectionInput) (req * // This is an idempotent operation. If you perform the operation more than once, // Amazon EC2 doesn't return an error. // -// For more information, see AWS Managed VPN Connections (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6834,9 +7698,8 @@ func (c *EC2) CreateVpnConnectionRouteRequest(input *CreateVpnConnectionRouteInp // traffic to be routed from the virtual private gateway to the VPN customer // gateway. // -// For more information about VPN connections, see AWS Managed VPN Connections -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) in the -// Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6914,9 +7777,8 @@ func (c *EC2) CreateVpnGatewayRequest(input *CreateVpnGatewayInput) (req *reques // on the VPC side of your VPN connection. You can create a virtual private // gateway before creating the VPC itself. // -// For more information about virtual private gateways, see AWS Managed VPN -// Connections (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7858,6 +8720,154 @@ func (c *EC2) DeleteLaunchTemplateVersionsWithContext(ctx aws.Context, input *De return out, req.Send() } +const opDeleteLocalGatewayRoute = "DeleteLocalGatewayRoute" + +// DeleteLocalGatewayRouteRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLocalGatewayRoute operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteLocalGatewayRoute for more information on using the DeleteLocalGatewayRoute +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteLocalGatewayRouteRequest method. +// req, resp := client.DeleteLocalGatewayRouteRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteLocalGatewayRoute +func (c *EC2) DeleteLocalGatewayRouteRequest(input *DeleteLocalGatewayRouteInput) (req *request.Request, output *DeleteLocalGatewayRouteOutput) { + op := &request.Operation{ + Name: opDeleteLocalGatewayRoute, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteLocalGatewayRouteInput{} + } + + output = &DeleteLocalGatewayRouteOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteLocalGatewayRoute API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified route from the specified local gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteLocalGatewayRoute for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteLocalGatewayRoute +func (c *EC2) DeleteLocalGatewayRoute(input *DeleteLocalGatewayRouteInput) (*DeleteLocalGatewayRouteOutput, error) { + req, out := c.DeleteLocalGatewayRouteRequest(input) + return out, req.Send() +} + +// DeleteLocalGatewayRouteWithContext is the same as DeleteLocalGatewayRoute with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteLocalGatewayRoute for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteLocalGatewayRouteWithContext(ctx aws.Context, input *DeleteLocalGatewayRouteInput, opts ...request.Option) (*DeleteLocalGatewayRouteOutput, error) { + req, out := c.DeleteLocalGatewayRouteRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteLocalGatewayRouteTableVpcAssociation = "DeleteLocalGatewayRouteTableVpcAssociation" + +// DeleteLocalGatewayRouteTableVpcAssociationRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLocalGatewayRouteTableVpcAssociation operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteLocalGatewayRouteTableVpcAssociation for more information on using the DeleteLocalGatewayRouteTableVpcAssociation +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteLocalGatewayRouteTableVpcAssociationRequest method. +// req, resp := client.DeleteLocalGatewayRouteTableVpcAssociationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteLocalGatewayRouteTableVpcAssociation +func (c *EC2) DeleteLocalGatewayRouteTableVpcAssociationRequest(input *DeleteLocalGatewayRouteTableVpcAssociationInput) (req *request.Request, output *DeleteLocalGatewayRouteTableVpcAssociationOutput) { + op := &request.Operation{ + Name: opDeleteLocalGatewayRouteTableVpcAssociation, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteLocalGatewayRouteTableVpcAssociationInput{} + } + + output = &DeleteLocalGatewayRouteTableVpcAssociationOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteLocalGatewayRouteTableVpcAssociation API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified association between a VPC and local gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteLocalGatewayRouteTableVpcAssociation for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteLocalGatewayRouteTableVpcAssociation +func (c *EC2) DeleteLocalGatewayRouteTableVpcAssociation(input *DeleteLocalGatewayRouteTableVpcAssociationInput) (*DeleteLocalGatewayRouteTableVpcAssociationOutput, error) { + req, out := c.DeleteLocalGatewayRouteTableVpcAssociationRequest(input) + return out, req.Send() +} + +// DeleteLocalGatewayRouteTableVpcAssociationWithContext is the same as DeleteLocalGatewayRouteTableVpcAssociation with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteLocalGatewayRouteTableVpcAssociation for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteLocalGatewayRouteTableVpcAssociationWithContext(ctx aws.Context, input *DeleteLocalGatewayRouteTableVpcAssociationInput, opts ...request.Option) (*DeleteLocalGatewayRouteTableVpcAssociationOutput, error) { + req, out := c.DeleteLocalGatewayRouteTableVpcAssociationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteNatGateway = "DeleteNatGateway" // DeleteNatGatewayRequest generates a "aws/request.Request" representing the @@ -8286,7 +9296,7 @@ func (c *EC2) DeletePlacementGroupRequest(input *DeletePlacementGroupInput) (req // // Deletes the specified placement group. You must terminate all instances in // the placement group before you can delete the placement group. For more information, -// see Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8317,6 +9327,80 @@ func (c *EC2) DeletePlacementGroupWithContext(ctx aws.Context, input *DeletePlac return out, req.Send() } +const opDeleteQueuedReservedInstances = "DeleteQueuedReservedInstances" + +// DeleteQueuedReservedInstancesRequest generates a "aws/request.Request" representing the +// client's request for the DeleteQueuedReservedInstances operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteQueuedReservedInstances for more information on using the DeleteQueuedReservedInstances +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteQueuedReservedInstancesRequest method. +// req, resp := client.DeleteQueuedReservedInstancesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteQueuedReservedInstances +func (c *EC2) DeleteQueuedReservedInstancesRequest(input *DeleteQueuedReservedInstancesInput) (req *request.Request, output *DeleteQueuedReservedInstancesOutput) { + op := &request.Operation{ + Name: opDeleteQueuedReservedInstances, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteQueuedReservedInstancesInput{} + } + + output = &DeleteQueuedReservedInstancesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteQueuedReservedInstances API operation for Amazon Elastic Compute Cloud. +// +// Deletes the queued purchases for the specified Reserved Instances. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteQueuedReservedInstances for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteQueuedReservedInstances +func (c *EC2) DeleteQueuedReservedInstances(input *DeleteQueuedReservedInstancesInput) (*DeleteQueuedReservedInstancesOutput, error) { + req, out := c.DeleteQueuedReservedInstancesRequest(input) + return out, req.Send() +} + +// DeleteQueuedReservedInstancesWithContext is the same as DeleteQueuedReservedInstances with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteQueuedReservedInstances for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteQueuedReservedInstancesWithContext(ctx aws.Context, input *DeleteQueuedReservedInstancesInput, opts ...request.Option) (*DeleteQueuedReservedInstancesOutput, error) { + req, out := c.DeleteQueuedReservedInstancesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteRoute = "DeleteRoute" // DeleteRouteRequest generates a "aws/request.Request" representing the @@ -8606,7 +9690,7 @@ func (c *EC2) DeleteSnapshotRequest(input *DeleteSnapshotInput) (req *request.Re // a registered AMI. You must first de-register the AMI before you can delete // the snapshot. // -// For more information, see Deleting an Amazon EBS Snapshot (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) +// For more information, see Deleting an Amazon EBS Snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8836,7 +9920,7 @@ func (c *EC2) DeleteTagsRequest(input *DeleteTagsInput) (req *request.Request, o // Deletes the specified set of tags from the specified set of resources. // // To list the current tags, use DescribeTags. For more information about tags, -// see Tagging Your Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -8867,6 +9951,308 @@ func (c *EC2) DeleteTagsWithContext(ctx aws.Context, input *DeleteTagsInput, opt return out, req.Send() } +const opDeleteTrafficMirrorFilter = "DeleteTrafficMirrorFilter" + +// DeleteTrafficMirrorFilterRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorFilter for more information on using the DeleteTrafficMirrorFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorFilterRequest method. +// req, resp := client.DeleteTrafficMirrorFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilter +func (c *EC2) DeleteTrafficMirrorFilterRequest(input *DeleteTrafficMirrorFilterInput) (req *request.Request, output *DeleteTrafficMirrorFilterOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorFilterInput{} + } + + output = &DeleteTrafficMirrorFilterOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorFilter API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror filter. +// +// You cannot delete a Traffic Mirror filter that is in use by a Traffic Mirror +// session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorFilter for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilter +func (c *EC2) DeleteTrafficMirrorFilter(input *DeleteTrafficMirrorFilterInput) (*DeleteTrafficMirrorFilterOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorFilterWithContext is the same as DeleteTrafficMirrorFilter with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorFilterWithContext(ctx aws.Context, input *DeleteTrafficMirrorFilterInput, opts ...request.Option) (*DeleteTrafficMirrorFilterOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorFilterRule = "DeleteTrafficMirrorFilterRule" + +// DeleteTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorFilterRule for more information on using the DeleteTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorFilterRuleRequest method. +// req, resp := client.DeleteTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilterRule +func (c *EC2) DeleteTrafficMirrorFilterRuleRequest(input *DeleteTrafficMirrorFilterRuleInput) (req *request.Request, output *DeleteTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorFilterRuleInput{} + } + + output = &DeleteTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror rule. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilterRule +func (c *EC2) DeleteTrafficMirrorFilterRule(input *DeleteTrafficMirrorFilterRuleInput) (*DeleteTrafficMirrorFilterRuleOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorFilterRuleWithContext is the same as DeleteTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *DeleteTrafficMirrorFilterRuleInput, opts ...request.Option) (*DeleteTrafficMirrorFilterRuleOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorSession = "DeleteTrafficMirrorSession" + +// DeleteTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorSession for more information on using the DeleteTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorSessionRequest method. +// req, resp := client.DeleteTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorSession +func (c *EC2) DeleteTrafficMirrorSessionRequest(input *DeleteTrafficMirrorSessionInput) (req *request.Request, output *DeleteTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorSessionInput{} + } + + output = &DeleteTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorSession +func (c *EC2) DeleteTrafficMirrorSession(input *DeleteTrafficMirrorSessionInput) (*DeleteTrafficMirrorSessionOutput, error) { + req, out := c.DeleteTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorSessionWithContext is the same as DeleteTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorSessionWithContext(ctx aws.Context, input *DeleteTrafficMirrorSessionInput, opts ...request.Option) (*DeleteTrafficMirrorSessionOutput, error) { + req, out := c.DeleteTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorTarget = "DeleteTrafficMirrorTarget" + +// DeleteTrafficMirrorTargetRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorTarget operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorTarget for more information on using the DeleteTrafficMirrorTarget +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorTargetRequest method. +// req, resp := client.DeleteTrafficMirrorTargetRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorTarget +func (c *EC2) DeleteTrafficMirrorTargetRequest(input *DeleteTrafficMirrorTargetInput) (req *request.Request, output *DeleteTrafficMirrorTargetOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorTarget, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorTargetInput{} + } + + output = &DeleteTrafficMirrorTargetOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorTarget API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror target. +// +// You cannot delete a Traffic Mirror target that is in use by a Traffic Mirror +// session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorTarget for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorTarget +func (c *EC2) DeleteTrafficMirrorTarget(input *DeleteTrafficMirrorTargetInput) (*DeleteTrafficMirrorTargetOutput, error) { + req, out := c.DeleteTrafficMirrorTargetRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorTargetWithContext is the same as DeleteTrafficMirrorTarget with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorTarget for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorTargetWithContext(ctx aws.Context, input *DeleteTrafficMirrorTargetInput, opts ...request.Option) (*DeleteTrafficMirrorTargetOutput, error) { + req, out := c.DeleteTrafficMirrorTargetRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteTransitGateway = "DeleteTransitGateway" // DeleteTransitGatewayRequest generates a "aws/request.Request" representing the @@ -8941,6 +10327,154 @@ func (c *EC2) DeleteTransitGatewayWithContext(ctx aws.Context, input *DeleteTran return out, req.Send() } +const opDeleteTransitGatewayMulticastDomain = "DeleteTransitGatewayMulticastDomain" + +// DeleteTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTransitGatewayMulticastDomain operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTransitGatewayMulticastDomain for more information on using the DeleteTransitGatewayMulticastDomain +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTransitGatewayMulticastDomainRequest method. +// req, resp := client.DeleteTransitGatewayMulticastDomainRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayMulticastDomain +func (c *EC2) DeleteTransitGatewayMulticastDomainRequest(input *DeleteTransitGatewayMulticastDomainInput) (req *request.Request, output *DeleteTransitGatewayMulticastDomainOutput) { + op := &request.Operation{ + Name: opDeleteTransitGatewayMulticastDomain, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTransitGatewayMulticastDomainInput{} + } + + output = &DeleteTransitGatewayMulticastDomainOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTransitGatewayMulticastDomain API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified transit gateway multicast domain. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTransitGatewayMulticastDomain for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayMulticastDomain +func (c *EC2) DeleteTransitGatewayMulticastDomain(input *DeleteTransitGatewayMulticastDomainInput) (*DeleteTransitGatewayMulticastDomainOutput, error) { + req, out := c.DeleteTransitGatewayMulticastDomainRequest(input) + return out, req.Send() +} + +// DeleteTransitGatewayMulticastDomainWithContext is the same as DeleteTransitGatewayMulticastDomain with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTransitGatewayMulticastDomain for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTransitGatewayMulticastDomainWithContext(ctx aws.Context, input *DeleteTransitGatewayMulticastDomainInput, opts ...request.Option) (*DeleteTransitGatewayMulticastDomainOutput, error) { + req, out := c.DeleteTransitGatewayMulticastDomainRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTransitGatewayPeeringAttachment = "DeleteTransitGatewayPeeringAttachment" + +// DeleteTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTransitGatewayPeeringAttachment operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTransitGatewayPeeringAttachment for more information on using the DeleteTransitGatewayPeeringAttachment +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTransitGatewayPeeringAttachmentRequest method. +// req, resp := client.DeleteTransitGatewayPeeringAttachmentRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayPeeringAttachment +func (c *EC2) DeleteTransitGatewayPeeringAttachmentRequest(input *DeleteTransitGatewayPeeringAttachmentInput) (req *request.Request, output *DeleteTransitGatewayPeeringAttachmentOutput) { + op := &request.Operation{ + Name: opDeleteTransitGatewayPeeringAttachment, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTransitGatewayPeeringAttachmentInput{} + } + + output = &DeleteTransitGatewayPeeringAttachmentOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTransitGatewayPeeringAttachment API operation for Amazon Elastic Compute Cloud. +// +// Deletes a transit gateway peering attachment. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTransitGatewayPeeringAttachment for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTransitGatewayPeeringAttachment +func (c *EC2) DeleteTransitGatewayPeeringAttachment(input *DeleteTransitGatewayPeeringAttachmentInput) (*DeleteTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.DeleteTransitGatewayPeeringAttachmentRequest(input) + return out, req.Send() +} + +// DeleteTransitGatewayPeeringAttachmentWithContext is the same as DeleteTransitGatewayPeeringAttachment with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTransitGatewayPeeringAttachment for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, input *DeleteTransitGatewayPeeringAttachmentInput, opts ...request.Option) (*DeleteTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.DeleteTransitGatewayPeeringAttachmentRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteTransitGatewayRoute = "DeleteTransitGatewayRoute" // DeleteTransitGatewayRouteRequest generates a "aws/request.Request" representing the @@ -9215,7 +10749,7 @@ func (c *EC2) DeleteVolumeRequest(input *DeleteVolumeInput) (req *request.Reques // // The volume can remain in the deleting state for several minutes. // -// For more information, see Deleting an Amazon EBS Volume (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) +// For more information, see Deleting an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10035,6 +11569,156 @@ func (c *EC2) DeregisterImageWithContext(ctx aws.Context, input *DeregisterImage return out, req.Send() } +const opDeregisterTransitGatewayMulticastGroupMembers = "DeregisterTransitGatewayMulticastGroupMembers" + +// DeregisterTransitGatewayMulticastGroupMembersRequest generates a "aws/request.Request" representing the +// client's request for the DeregisterTransitGatewayMulticastGroupMembers operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeregisterTransitGatewayMulticastGroupMembers for more information on using the DeregisterTransitGatewayMulticastGroupMembers +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeregisterTransitGatewayMulticastGroupMembersRequest method. +// req, resp := client.DeregisterTransitGatewayMulticastGroupMembersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterTransitGatewayMulticastGroupMembers +func (c *EC2) DeregisterTransitGatewayMulticastGroupMembersRequest(input *DeregisterTransitGatewayMulticastGroupMembersInput) (req *request.Request, output *DeregisterTransitGatewayMulticastGroupMembersOutput) { + op := &request.Operation{ + Name: opDeregisterTransitGatewayMulticastGroupMembers, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeregisterTransitGatewayMulticastGroupMembersInput{} + } + + output = &DeregisterTransitGatewayMulticastGroupMembersOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeregisterTransitGatewayMulticastGroupMembers API operation for Amazon Elastic Compute Cloud. +// +// Deregisters the specified members (network interfaces) from the transit gateway +// multicast group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeregisterTransitGatewayMulticastGroupMembers for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterTransitGatewayMulticastGroupMembers +func (c *EC2) DeregisterTransitGatewayMulticastGroupMembers(input *DeregisterTransitGatewayMulticastGroupMembersInput) (*DeregisterTransitGatewayMulticastGroupMembersOutput, error) { + req, out := c.DeregisterTransitGatewayMulticastGroupMembersRequest(input) + return out, req.Send() +} + +// DeregisterTransitGatewayMulticastGroupMembersWithContext is the same as DeregisterTransitGatewayMulticastGroupMembers with the addition of +// the ability to pass a context and additional request options. +// +// See DeregisterTransitGatewayMulticastGroupMembers for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeregisterTransitGatewayMulticastGroupMembersWithContext(ctx aws.Context, input *DeregisterTransitGatewayMulticastGroupMembersInput, opts ...request.Option) (*DeregisterTransitGatewayMulticastGroupMembersOutput, error) { + req, out := c.DeregisterTransitGatewayMulticastGroupMembersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeregisterTransitGatewayMulticastGroupSources = "DeregisterTransitGatewayMulticastGroupSources" + +// DeregisterTransitGatewayMulticastGroupSourcesRequest generates a "aws/request.Request" representing the +// client's request for the DeregisterTransitGatewayMulticastGroupSources operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeregisterTransitGatewayMulticastGroupSources for more information on using the DeregisterTransitGatewayMulticastGroupSources +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeregisterTransitGatewayMulticastGroupSourcesRequest method. +// req, resp := client.DeregisterTransitGatewayMulticastGroupSourcesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterTransitGatewayMulticastGroupSources +func (c *EC2) DeregisterTransitGatewayMulticastGroupSourcesRequest(input *DeregisterTransitGatewayMulticastGroupSourcesInput) (req *request.Request, output *DeregisterTransitGatewayMulticastGroupSourcesOutput) { + op := &request.Operation{ + Name: opDeregisterTransitGatewayMulticastGroupSources, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeregisterTransitGatewayMulticastGroupSourcesInput{} + } + + output = &DeregisterTransitGatewayMulticastGroupSourcesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeregisterTransitGatewayMulticastGroupSources API operation for Amazon Elastic Compute Cloud. +// +// Deregisters the specified sources (network interfaces) from the transit gateway +// multicast group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeregisterTransitGatewayMulticastGroupSources for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeregisterTransitGatewayMulticastGroupSources +func (c *EC2) DeregisterTransitGatewayMulticastGroupSources(input *DeregisterTransitGatewayMulticastGroupSourcesInput) (*DeregisterTransitGatewayMulticastGroupSourcesOutput, error) { + req, out := c.DeregisterTransitGatewayMulticastGroupSourcesRequest(input) + return out, req.Send() +} + +// DeregisterTransitGatewayMulticastGroupSourcesWithContext is the same as DeregisterTransitGatewayMulticastGroupSources with the addition of +// the ability to pass a context and additional request options. +// +// See DeregisterTransitGatewayMulticastGroupSources for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeregisterTransitGatewayMulticastGroupSourcesWithContext(ctx aws.Context, input *DeregisterTransitGatewayMulticastGroupSourcesInput, opts ...request.Option) (*DeregisterTransitGatewayMulticastGroupSourcesOutput, error) { + req, out := c.DeregisterTransitGatewayMulticastGroupSourcesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeAccountAttributes = "DescribeAccountAttributes" // DescribeAccountAttributesRequest generates a "aws/request.Request" representing the @@ -10087,8 +11771,10 @@ func (c *EC2) DescribeAccountAttributesRequest(input *DescribeAccountAttributesI // // * default-vpc: The ID of the default VPC for your account, or none. // -// * max-instances: The maximum number of On-Demand Instances that you can -// run. +// * max-instances: This attribute is no longer supported. The returned value +// does not reflect your actual vCPU limit for running On-Demand Instances. +// For more information, see On-Demand Instance Limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-on-demand-instances.html#ec2-on-demand-instances-limits) +// in the Amazon Elastic Compute Cloud User Guide. // // * vpc-max-security-groups-per-interface: The maximum number of security // groups that you can assign to a network interface. @@ -10171,10 +11857,10 @@ func (c *EC2) DescribeAddressesRequest(input *DescribeAddressesInput) (req *requ // DescribeAddresses API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your Elastic IP addresses. +// Describes the specified Elastic IP addresses or all of your Elastic IP addresses. // // An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) +// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10250,8 +11936,8 @@ func (c *EC2) DescribeAggregateIdFormatRequest(input *DescribeAggregateIdFormatI // DescribeAggregateIdFormat API operation for Amazon Elastic Compute Cloud. // // Describes the longer ID format settings for all resource types in a specific -// region. This request is useful for performing a quick audit to determine -// whether a specific region is fully opted in for longer IDs (17-character +// Region. This request is useful for performing a quick audit to determine +// whether a specific Region is fully opted in for longer IDs (17-character // IDs). // // This request only returns information about resource types that support longer @@ -10337,12 +12023,13 @@ func (c *EC2) DescribeAvailabilityZonesRequest(input *DescribeAvailabilityZonesI // DescribeAvailabilityZones API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of the Availability Zones that are available to you. -// The results include zones only for the region you're currently using. If -// there is an event impacting an Availability Zone, you can use this request -// to view the state and any provided message for that Availability Zone. +// Describes the Availability Zones and Local Zones that are available to you. +// If there is an event impacting an Availability Zone or Local Zone, you can +// use this request to view the state and any provided messages for that Availability +// Zone or Local Zone. // -// For more information, see Regions and Availability Zones (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) +// For more information about Availability Zones and Local Zones, see Regions +// and Availability Zones (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -10417,7 +12104,7 @@ func (c *EC2) DescribeBundleTasksRequest(input *DescribeBundleTasksInput) (req * // DescribeBundleTasks API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your bundling tasks. +// Describes the specified bundle tasks or all of your bundle tasks. // // Completed bundle tasks are listed for only a limited time. If your bundle // task is no longer in the list, you can still register an AMI from it. Just @@ -10483,6 +12170,12 @@ func (c *EC2) DescribeByoipCidrsRequest(input *DescribeByoipCidrsInput) (req *re Name: opDescribeByoipCidrs, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10529,6 +12222,58 @@ func (c *EC2) DescribeByoipCidrsWithContext(ctx aws.Context, input *DescribeByoi return out, req.Send() } +// DescribeByoipCidrsPages iterates over the pages of a DescribeByoipCidrs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeByoipCidrs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeByoipCidrs operation. +// pageNum := 0 +// err := client.DescribeByoipCidrsPages(params, +// func(page *ec2.DescribeByoipCidrsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeByoipCidrsPages(input *DescribeByoipCidrsInput, fn func(*DescribeByoipCidrsOutput, bool) bool) error { + return c.DescribeByoipCidrsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeByoipCidrsPagesWithContext same as DescribeByoipCidrsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeByoipCidrsPagesWithContext(ctx aws.Context, input *DescribeByoipCidrsInput, fn func(*DescribeByoipCidrsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeByoipCidrsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeByoipCidrsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeByoipCidrsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeCapacityReservations = "DescribeCapacityReservations" // DescribeCapacityReservationsRequest generates a "aws/request.Request" representing the @@ -10560,6 +12305,12 @@ func (c *EC2) DescribeCapacityReservationsRequest(input *DescribeCapacityReserva Name: opDescribeCapacityReservations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10604,6 +12355,58 @@ func (c *EC2) DescribeCapacityReservationsWithContext(ctx aws.Context, input *De return out, req.Send() } +// DescribeCapacityReservationsPages iterates over the pages of a DescribeCapacityReservations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCapacityReservations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCapacityReservations operation. +// pageNum := 0 +// err := client.DescribeCapacityReservationsPages(params, +// func(page *ec2.DescribeCapacityReservationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeCapacityReservationsPages(input *DescribeCapacityReservationsInput, fn func(*DescribeCapacityReservationsOutput, bool) bool) error { + return c.DescribeCapacityReservationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCapacityReservationsPagesWithContext same as DescribeCapacityReservationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCapacityReservationsPagesWithContext(ctx aws.Context, input *DescribeCapacityReservationsInput, fn func(*DescribeCapacityReservationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCapacityReservationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCapacityReservationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCapacityReservationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClassicLinkInstances = "DescribeClassicLinkInstances" // DescribeClassicLinkInstancesRequest generates a "aws/request.Request" representing the @@ -10635,6 +12438,12 @@ func (c *EC2) DescribeClassicLinkInstancesRequest(input *DescribeClassicLinkInst Name: opDescribeClassicLinkInstances, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10681,6 +12490,58 @@ func (c *EC2) DescribeClassicLinkInstancesWithContext(ctx aws.Context, input *De return out, req.Send() } +// DescribeClassicLinkInstancesPages iterates over the pages of a DescribeClassicLinkInstances operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClassicLinkInstances method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClassicLinkInstances operation. +// pageNum := 0 +// err := client.DescribeClassicLinkInstancesPages(params, +// func(page *ec2.DescribeClassicLinkInstancesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClassicLinkInstancesPages(input *DescribeClassicLinkInstancesInput, fn func(*DescribeClassicLinkInstancesOutput, bool) bool) error { + return c.DescribeClassicLinkInstancesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClassicLinkInstancesPagesWithContext same as DescribeClassicLinkInstancesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClassicLinkInstancesPagesWithContext(ctx aws.Context, input *DescribeClassicLinkInstancesInput, fn func(*DescribeClassicLinkInstancesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClassicLinkInstancesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClassicLinkInstancesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClassicLinkInstancesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClientVpnAuthorizationRules = "DescribeClientVpnAuthorizationRules" // DescribeClientVpnAuthorizationRulesRequest generates a "aws/request.Request" representing the @@ -10712,6 +12573,12 @@ func (c *EC2) DescribeClientVpnAuthorizationRulesRequest(input *DescribeClientVp Name: opDescribeClientVpnAuthorizationRules, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10755,6 +12622,58 @@ func (c *EC2) DescribeClientVpnAuthorizationRulesWithContext(ctx aws.Context, in return out, req.Send() } +// DescribeClientVpnAuthorizationRulesPages iterates over the pages of a DescribeClientVpnAuthorizationRules operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClientVpnAuthorizationRules method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClientVpnAuthorizationRules operation. +// pageNum := 0 +// err := client.DescribeClientVpnAuthorizationRulesPages(params, +// func(page *ec2.DescribeClientVpnAuthorizationRulesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClientVpnAuthorizationRulesPages(input *DescribeClientVpnAuthorizationRulesInput, fn func(*DescribeClientVpnAuthorizationRulesOutput, bool) bool) error { + return c.DescribeClientVpnAuthorizationRulesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClientVpnAuthorizationRulesPagesWithContext same as DescribeClientVpnAuthorizationRulesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClientVpnAuthorizationRulesPagesWithContext(ctx aws.Context, input *DescribeClientVpnAuthorizationRulesInput, fn func(*DescribeClientVpnAuthorizationRulesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClientVpnAuthorizationRulesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClientVpnAuthorizationRulesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClientVpnAuthorizationRulesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClientVpnConnections = "DescribeClientVpnConnections" // DescribeClientVpnConnectionsRequest generates a "aws/request.Request" representing the @@ -10786,6 +12705,12 @@ func (c *EC2) DescribeClientVpnConnectionsRequest(input *DescribeClientVpnConnec Name: opDescribeClientVpnConnections, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10830,6 +12755,58 @@ func (c *EC2) DescribeClientVpnConnectionsWithContext(ctx aws.Context, input *De return out, req.Send() } +// DescribeClientVpnConnectionsPages iterates over the pages of a DescribeClientVpnConnections operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClientVpnConnections method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClientVpnConnections operation. +// pageNum := 0 +// err := client.DescribeClientVpnConnectionsPages(params, +// func(page *ec2.DescribeClientVpnConnectionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClientVpnConnectionsPages(input *DescribeClientVpnConnectionsInput, fn func(*DescribeClientVpnConnectionsOutput, bool) bool) error { + return c.DescribeClientVpnConnectionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClientVpnConnectionsPagesWithContext same as DescribeClientVpnConnectionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClientVpnConnectionsPagesWithContext(ctx aws.Context, input *DescribeClientVpnConnectionsInput, fn func(*DescribeClientVpnConnectionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClientVpnConnectionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClientVpnConnectionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClientVpnConnectionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClientVpnEndpoints = "DescribeClientVpnEndpoints" // DescribeClientVpnEndpointsRequest generates a "aws/request.Request" representing the @@ -10861,6 +12838,12 @@ func (c *EC2) DescribeClientVpnEndpointsRequest(input *DescribeClientVpnEndpoint Name: opDescribeClientVpnEndpoints, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10904,6 +12887,58 @@ func (c *EC2) DescribeClientVpnEndpointsWithContext(ctx aws.Context, input *Desc return out, req.Send() } +// DescribeClientVpnEndpointsPages iterates over the pages of a DescribeClientVpnEndpoints operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClientVpnEndpoints method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClientVpnEndpoints operation. +// pageNum := 0 +// err := client.DescribeClientVpnEndpointsPages(params, +// func(page *ec2.DescribeClientVpnEndpointsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClientVpnEndpointsPages(input *DescribeClientVpnEndpointsInput, fn func(*DescribeClientVpnEndpointsOutput, bool) bool) error { + return c.DescribeClientVpnEndpointsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClientVpnEndpointsPagesWithContext same as DescribeClientVpnEndpointsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClientVpnEndpointsPagesWithContext(ctx aws.Context, input *DescribeClientVpnEndpointsInput, fn func(*DescribeClientVpnEndpointsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClientVpnEndpointsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClientVpnEndpointsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClientVpnEndpointsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClientVpnRoutes = "DescribeClientVpnRoutes" // DescribeClientVpnRoutesRequest generates a "aws/request.Request" representing the @@ -10935,6 +12970,12 @@ func (c *EC2) DescribeClientVpnRoutesRequest(input *DescribeClientVpnRoutesInput Name: opDescribeClientVpnRoutes, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -10978,6 +13019,58 @@ func (c *EC2) DescribeClientVpnRoutesWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribeClientVpnRoutesPages iterates over the pages of a DescribeClientVpnRoutes operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClientVpnRoutes method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClientVpnRoutes operation. +// pageNum := 0 +// err := client.DescribeClientVpnRoutesPages(params, +// func(page *ec2.DescribeClientVpnRoutesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClientVpnRoutesPages(input *DescribeClientVpnRoutesInput, fn func(*DescribeClientVpnRoutesOutput, bool) bool) error { + return c.DescribeClientVpnRoutesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClientVpnRoutesPagesWithContext same as DescribeClientVpnRoutesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClientVpnRoutesPagesWithContext(ctx aws.Context, input *DescribeClientVpnRoutesInput, fn func(*DescribeClientVpnRoutesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClientVpnRoutesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClientVpnRoutesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClientVpnRoutesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeClientVpnTargetNetworks = "DescribeClientVpnTargetNetworks" // DescribeClientVpnTargetNetworksRequest generates a "aws/request.Request" representing the @@ -11009,6 +13102,12 @@ func (c *EC2) DescribeClientVpnTargetNetworksRequest(input *DescribeClientVpnTar Name: opDescribeClientVpnTargetNetworks, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11052,6 +13151,133 @@ func (c *EC2) DescribeClientVpnTargetNetworksWithContext(ctx aws.Context, input return out, req.Send() } +// DescribeClientVpnTargetNetworksPages iterates over the pages of a DescribeClientVpnTargetNetworks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeClientVpnTargetNetworks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeClientVpnTargetNetworks operation. +// pageNum := 0 +// err := client.DescribeClientVpnTargetNetworksPages(params, +// func(page *ec2.DescribeClientVpnTargetNetworksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeClientVpnTargetNetworksPages(input *DescribeClientVpnTargetNetworksInput, fn func(*DescribeClientVpnTargetNetworksOutput, bool) bool) error { + return c.DescribeClientVpnTargetNetworksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeClientVpnTargetNetworksPagesWithContext same as DescribeClientVpnTargetNetworksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeClientVpnTargetNetworksPagesWithContext(ctx aws.Context, input *DescribeClientVpnTargetNetworksInput, fn func(*DescribeClientVpnTargetNetworksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeClientVpnTargetNetworksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeClientVpnTargetNetworksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeClientVpnTargetNetworksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeCoipPools = "DescribeCoipPools" + +// DescribeCoipPoolsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCoipPools operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCoipPools for more information on using the DescribeCoipPools +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeCoipPoolsRequest method. +// req, resp := client.DescribeCoipPoolsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCoipPools +func (c *EC2) DescribeCoipPoolsRequest(input *DescribeCoipPoolsInput) (req *request.Request, output *DescribeCoipPoolsOutput) { + op := &request.Operation{ + Name: opDescribeCoipPools, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeCoipPoolsInput{} + } + + output = &DescribeCoipPoolsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCoipPools API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified customer-owned address pools or all of your customer-owned +// address pools. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeCoipPools for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCoipPools +func (c *EC2) DescribeCoipPools(input *DescribeCoipPoolsInput) (*DescribeCoipPoolsOutput, error) { + req, out := c.DescribeCoipPoolsRequest(input) + return out, req.Send() +} + +// DescribeCoipPoolsWithContext is the same as DescribeCoipPools with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCoipPools for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCoipPoolsWithContext(ctx aws.Context, input *DescribeCoipPoolsInput, opts ...request.Option) (*DescribeCoipPoolsOutput, error) { + req, out := c.DescribeCoipPoolsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeConversionTasks = "DescribeConversionTasks" // DescribeConversionTasksRequest generates a "aws/request.Request" representing the @@ -11096,11 +13322,11 @@ func (c *EC2) DescribeConversionTasksRequest(input *DescribeConversionTasksInput // DescribeConversionTasks API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your conversion tasks. For more information, see -// the VM Import/Export User Guide (http://docs.aws.amazon.com/vm-import/latest/userguide/). +// Describes the specified conversion tasks or all your conversion tasks. For +// more information, see the VM Import/Export User Guide (https://docs.aws.amazon.com/vm-import/latest/userguide/). // // For information about the import manifest referenced by this API action, -// see VM Import Manifest (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). +// see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11176,9 +13402,8 @@ func (c *EC2) DescribeCustomerGatewaysRequest(input *DescribeCustomerGatewaysInp // // Describes one or more of your VPN customer gateways. // -// For more information about VPN customer gateways, see AWS Managed VPN Connections -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) in the -// Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11239,6 +13464,12 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * Name: opDescribeDhcpOptions, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11254,7 +13485,7 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * // // Describes one or more of your DHCP options sets. // -// For more information, see DHCP Options Sets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11285,6 +13516,58 @@ func (c *EC2) DescribeDhcpOptionsWithContext(ctx aws.Context, input *DescribeDhc return out, req.Send() } +// DescribeDhcpOptionsPages iterates over the pages of a DescribeDhcpOptions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeDhcpOptions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeDhcpOptions operation. +// pageNum := 0 +// err := client.DescribeDhcpOptionsPages(params, +// func(page *ec2.DescribeDhcpOptionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeDhcpOptionsPages(input *DescribeDhcpOptionsInput, fn func(*DescribeDhcpOptionsOutput, bool) bool) error { + return c.DescribeDhcpOptionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeDhcpOptionsPagesWithContext same as DescribeDhcpOptionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeDhcpOptionsPagesWithContext(ctx aws.Context, input *DescribeDhcpOptionsInput, fn func(*DescribeDhcpOptionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDhcpOptionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDhcpOptionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDhcpOptionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeEgressOnlyInternetGateways = "DescribeEgressOnlyInternetGateways" // DescribeEgressOnlyInternetGatewaysRequest generates a "aws/request.Request" representing the @@ -11316,6 +13599,12 @@ func (c *EC2) DescribeEgressOnlyInternetGatewaysRequest(input *DescribeEgressOnl Name: opDescribeEgressOnlyInternetGateways, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11359,6 +13648,58 @@ func (c *EC2) DescribeEgressOnlyInternetGatewaysWithContext(ctx aws.Context, inp return out, req.Send() } +// DescribeEgressOnlyInternetGatewaysPages iterates over the pages of a DescribeEgressOnlyInternetGateways operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeEgressOnlyInternetGateways method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeEgressOnlyInternetGateways operation. +// pageNum := 0 +// err := client.DescribeEgressOnlyInternetGatewaysPages(params, +// func(page *ec2.DescribeEgressOnlyInternetGatewaysOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeEgressOnlyInternetGatewaysPages(input *DescribeEgressOnlyInternetGatewaysInput, fn func(*DescribeEgressOnlyInternetGatewaysOutput, bool) bool) error { + return c.DescribeEgressOnlyInternetGatewaysPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeEgressOnlyInternetGatewaysPagesWithContext same as DescribeEgressOnlyInternetGatewaysPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeEgressOnlyInternetGatewaysPagesWithContext(ctx aws.Context, input *DescribeEgressOnlyInternetGatewaysInput, fn func(*DescribeEgressOnlyInternetGatewaysOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeEgressOnlyInternetGatewaysInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeEgressOnlyInternetGatewaysRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeEgressOnlyInternetGatewaysOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeElasticGpus = "DescribeElasticGpus" // DescribeElasticGpusRequest generates a "aws/request.Request" representing the @@ -11405,7 +13746,7 @@ func (c *EC2) DescribeElasticGpusRequest(input *DescribeElasticGpusInput) (req * // // Describes the Elastic Graphics accelerator associated with your instances. // For more information about Elastic Graphics, see Amazon Elastic Graphics -// (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html). +// (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11435,6 +13776,138 @@ func (c *EC2) DescribeElasticGpusWithContext(ctx aws.Context, input *DescribeEla return out, req.Send() } +const opDescribeExportImageTasks = "DescribeExportImageTasks" + +// DescribeExportImageTasksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeExportImageTasks operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeExportImageTasks for more information on using the DescribeExportImageTasks +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeExportImageTasksRequest method. +// req, resp := client.DescribeExportImageTasksRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeExportImageTasks +func (c *EC2) DescribeExportImageTasksRequest(input *DescribeExportImageTasksInput) (req *request.Request, output *DescribeExportImageTasksOutput) { + op := &request.Operation{ + Name: opDescribeExportImageTasks, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeExportImageTasksInput{} + } + + output = &DescribeExportImageTasksOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeExportImageTasks API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified export image tasks or all your export image tasks. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeExportImageTasks for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeExportImageTasks +func (c *EC2) DescribeExportImageTasks(input *DescribeExportImageTasksInput) (*DescribeExportImageTasksOutput, error) { + req, out := c.DescribeExportImageTasksRequest(input) + return out, req.Send() +} + +// DescribeExportImageTasksWithContext is the same as DescribeExportImageTasks with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeExportImageTasks for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeExportImageTasksWithContext(ctx aws.Context, input *DescribeExportImageTasksInput, opts ...request.Option) (*DescribeExportImageTasksOutput, error) { + req, out := c.DescribeExportImageTasksRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeExportImageTasksPages iterates over the pages of a DescribeExportImageTasks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeExportImageTasks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeExportImageTasks operation. +// pageNum := 0 +// err := client.DescribeExportImageTasksPages(params, +// func(page *ec2.DescribeExportImageTasksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeExportImageTasksPages(input *DescribeExportImageTasksInput, fn func(*DescribeExportImageTasksOutput, bool) bool) error { + return c.DescribeExportImageTasksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeExportImageTasksPagesWithContext same as DescribeExportImageTasksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeExportImageTasksPagesWithContext(ctx aws.Context, input *DescribeExportImageTasksInput, fn func(*DescribeExportImageTasksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeExportImageTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeExportImageTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeExportImageTasksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeExportTasks = "DescribeExportTasks" // DescribeExportTasksRequest generates a "aws/request.Request" representing the @@ -11479,7 +13952,8 @@ func (c *EC2) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req * // DescribeExportTasks API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your export tasks. +// Describes the specified export instance tasks or all your export instance +// tasks. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11509,6 +13983,138 @@ func (c *EC2) DescribeExportTasksWithContext(ctx aws.Context, input *DescribeExp return out, req.Send() } +const opDescribeFastSnapshotRestores = "DescribeFastSnapshotRestores" + +// DescribeFastSnapshotRestoresRequest generates a "aws/request.Request" representing the +// client's request for the DescribeFastSnapshotRestores operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeFastSnapshotRestores for more information on using the DescribeFastSnapshotRestores +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeFastSnapshotRestoresRequest method. +// req, resp := client.DescribeFastSnapshotRestoresRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeFastSnapshotRestores +func (c *EC2) DescribeFastSnapshotRestoresRequest(input *DescribeFastSnapshotRestoresInput) (req *request.Request, output *DescribeFastSnapshotRestoresOutput) { + op := &request.Operation{ + Name: opDescribeFastSnapshotRestores, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeFastSnapshotRestoresInput{} + } + + output = &DescribeFastSnapshotRestoresOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeFastSnapshotRestores API operation for Amazon Elastic Compute Cloud. +// +// Describes the state of fast snapshot restores for your snapshots. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeFastSnapshotRestores for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeFastSnapshotRestores +func (c *EC2) DescribeFastSnapshotRestores(input *DescribeFastSnapshotRestoresInput) (*DescribeFastSnapshotRestoresOutput, error) { + req, out := c.DescribeFastSnapshotRestoresRequest(input) + return out, req.Send() +} + +// DescribeFastSnapshotRestoresWithContext is the same as DescribeFastSnapshotRestores with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeFastSnapshotRestores for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeFastSnapshotRestoresWithContext(ctx aws.Context, input *DescribeFastSnapshotRestoresInput, opts ...request.Option) (*DescribeFastSnapshotRestoresOutput, error) { + req, out := c.DescribeFastSnapshotRestoresRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeFastSnapshotRestoresPages iterates over the pages of a DescribeFastSnapshotRestores operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeFastSnapshotRestores method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeFastSnapshotRestores operation. +// pageNum := 0 +// err := client.DescribeFastSnapshotRestoresPages(params, +// func(page *ec2.DescribeFastSnapshotRestoresOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeFastSnapshotRestoresPages(input *DescribeFastSnapshotRestoresInput, fn func(*DescribeFastSnapshotRestoresOutput, bool) bool) error { + return c.DescribeFastSnapshotRestoresPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeFastSnapshotRestoresPagesWithContext same as DescribeFastSnapshotRestoresPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeFastSnapshotRestoresPagesWithContext(ctx aws.Context, input *DescribeFastSnapshotRestoresInput, fn func(*DescribeFastSnapshotRestoresOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeFastSnapshotRestoresInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeFastSnapshotRestoresRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeFastSnapshotRestoresOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeFleetHistory = "DescribeFleetHistory" // DescribeFleetHistoryRequest generates a "aws/request.Request" representing the @@ -11555,6 +14161,10 @@ func (c *EC2) DescribeFleetHistoryRequest(input *DescribeFleetHistoryInput) (req // // Describes the events for the specified EC2 Fleet during the specified time. // +// EC2 Fleet events are delayed by up to 30 seconds before they can be described. +// This ensures that you can query by the last evaluated time and not miss a +// recorded event. EC2 Fleet events are available for 48 hours. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -11688,6 +14298,12 @@ func (c *EC2) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Re Name: opDescribeFleets, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11701,7 +14317,7 @@ func (c *EC2) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Re // DescribeFleets API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your EC2 Fleets. +// Describes the specified EC2 Fleets or all of your EC2 Fleets. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11731,6 +14347,58 @@ func (c *EC2) DescribeFleetsWithContext(ctx aws.Context, input *DescribeFleetsIn return out, req.Send() } +// DescribeFleetsPages iterates over the pages of a DescribeFleets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeFleets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeFleets operation. +// pageNum := 0 +// err := client.DescribeFleetsPages(params, +// func(page *ec2.DescribeFleetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeFleetsPages(input *DescribeFleetsInput, fn func(*DescribeFleetsOutput, bool) bool) error { + return c.DescribeFleetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeFleetsPagesWithContext same as DescribeFleetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeFleetsPagesWithContext(ctx aws.Context, input *DescribeFleetsInput, fn func(*DescribeFleetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeFleetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeFleetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeFleetsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeFlowLogs = "DescribeFlowLogs" // DescribeFlowLogsRequest generates a "aws/request.Request" representing the @@ -11762,6 +14430,12 @@ func (c *EC2) DescribeFlowLogsRequest(input *DescribeFlowLogsInput) (req *reques Name: opDescribeFlowLogs, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11807,6 +14481,58 @@ func (c *EC2) DescribeFlowLogsWithContext(ctx aws.Context, input *DescribeFlowLo return out, req.Send() } +// DescribeFlowLogsPages iterates over the pages of a DescribeFlowLogs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeFlowLogs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeFlowLogs operation. +// pageNum := 0 +// err := client.DescribeFlowLogsPages(params, +// func(page *ec2.DescribeFlowLogsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeFlowLogsPages(input *DescribeFlowLogsInput, fn func(*DescribeFlowLogsOutput, bool) bool) error { + return c.DescribeFlowLogsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeFlowLogsPagesWithContext same as DescribeFlowLogsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeFlowLogsPagesWithContext(ctx aws.Context, input *DescribeFlowLogsInput, fn func(*DescribeFlowLogsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeFlowLogsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeFlowLogsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeFlowLogsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeFpgaImageAttribute = "DescribeFpgaImageAttribute" // DescribeFpgaImageAttributeRequest generates a "aws/request.Request" representing the @@ -11912,6 +14638,12 @@ func (c *EC2) DescribeFpgaImagesRequest(input *DescribeFpgaImagesInput) (req *re Name: opDescribeFpgaImages, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -11925,9 +14657,9 @@ func (c *EC2) DescribeFpgaImagesRequest(input *DescribeFpgaImagesInput) (req *re // DescribeFpgaImages API operation for Amazon Elastic Compute Cloud. // -// Describes one or more available Amazon FPGA Images (AFIs). These include -// public AFIs, private AFIs that you own, and AFIs owned by other AWS accounts -// for which you have load permissions. +// Describes the Amazon FPGA Images (AFIs) available to you. These include public +// AFIs, private AFIs that you own, and AFIs owned by other AWS accounts for +// which you have load permissions. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -11957,6 +14689,58 @@ func (c *EC2) DescribeFpgaImagesWithContext(ctx aws.Context, input *DescribeFpga return out, req.Send() } +// DescribeFpgaImagesPages iterates over the pages of a DescribeFpgaImages operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeFpgaImages method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeFpgaImages operation. +// pageNum := 0 +// err := client.DescribeFpgaImagesPages(params, +// func(page *ec2.DescribeFpgaImagesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeFpgaImagesPages(input *DescribeFpgaImagesInput, fn func(*DescribeFpgaImagesOutput, bool) bool) error { + return c.DescribeFpgaImagesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeFpgaImagesPagesWithContext same as DescribeFpgaImagesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeFpgaImagesPagesWithContext(ctx aws.Context, input *DescribeFpgaImagesInput, fn func(*DescribeFpgaImagesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeFpgaImagesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeFpgaImagesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeFpgaImagesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeHostReservationOfferings = "DescribeHostReservationOfferings" // DescribeHostReservationOfferingsRequest generates a "aws/request.Request" representing the @@ -11988,6 +14772,12 @@ func (c *EC2) DescribeHostReservationOfferingsRequest(input *DescribeHostReserva Name: opDescribeHostReservationOfferings, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12003,12 +14793,12 @@ func (c *EC2) DescribeHostReservationOfferingsRequest(input *DescribeHostReserva // // Describes the Dedicated Host reservations that are available to purchase. // -// The results describe all the Dedicated Host reservation offerings, including -// offerings that may not match the instance family and Region of your Dedicated +// The results describe all of the Dedicated Host reservation offerings, including +// offerings that might not match the instance family and Region of your Dedicated // Hosts. When purchasing an offering, ensure that the instance family and Region // of the offering matches that of the Dedicated Hosts with which it is to be // associated. For more information about supported instance types, see Dedicated -// Hosts Overview (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html) +// Hosts Overview (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12039,6 +14829,58 @@ func (c *EC2) DescribeHostReservationOfferingsWithContext(ctx aws.Context, input return out, req.Send() } +// DescribeHostReservationOfferingsPages iterates over the pages of a DescribeHostReservationOfferings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeHostReservationOfferings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeHostReservationOfferings operation. +// pageNum := 0 +// err := client.DescribeHostReservationOfferingsPages(params, +// func(page *ec2.DescribeHostReservationOfferingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeHostReservationOfferingsPages(input *DescribeHostReservationOfferingsInput, fn func(*DescribeHostReservationOfferingsOutput, bool) bool) error { + return c.DescribeHostReservationOfferingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeHostReservationOfferingsPagesWithContext same as DescribeHostReservationOfferingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeHostReservationOfferingsPagesWithContext(ctx aws.Context, input *DescribeHostReservationOfferingsInput, fn func(*DescribeHostReservationOfferingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeHostReservationOfferingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeHostReservationOfferingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeHostReservationOfferingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeHostReservations = "DescribeHostReservations" // DescribeHostReservationsRequest generates a "aws/request.Request" representing the @@ -12070,6 +14912,12 @@ func (c *EC2) DescribeHostReservationsRequest(input *DescribeHostReservationsInp Name: opDescribeHostReservations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12113,6 +14961,58 @@ func (c *EC2) DescribeHostReservationsWithContext(ctx aws.Context, input *Descri return out, req.Send() } +// DescribeHostReservationsPages iterates over the pages of a DescribeHostReservations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeHostReservations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeHostReservations operation. +// pageNum := 0 +// err := client.DescribeHostReservationsPages(params, +// func(page *ec2.DescribeHostReservationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeHostReservationsPages(input *DescribeHostReservationsInput, fn func(*DescribeHostReservationsOutput, bool) bool) error { + return c.DescribeHostReservationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeHostReservationsPagesWithContext same as DescribeHostReservationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeHostReservationsPagesWithContext(ctx aws.Context, input *DescribeHostReservationsInput, fn func(*DescribeHostReservationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeHostReservationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeHostReservationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeHostReservationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeHosts = "DescribeHosts" // DescribeHostsRequest generates a "aws/request.Request" representing the @@ -12144,6 +15044,12 @@ func (c *EC2) DescribeHostsRequest(input *DescribeHostsInput) (req *request.Requ Name: opDescribeHosts, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12157,7 +15063,7 @@ func (c *EC2) DescribeHostsRequest(input *DescribeHostsInput) (req *request.Requ // DescribeHosts API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your Dedicated Hosts. +// Describes the specified Dedicated Hosts or all your Dedicated Hosts. // // The results describe only the Dedicated Hosts in the Region you're currently // using. All listed instances consume capacity on your Dedicated Host. Dedicated @@ -12191,6 +15097,58 @@ func (c *EC2) DescribeHostsWithContext(ctx aws.Context, input *DescribeHostsInpu return out, req.Send() } +// DescribeHostsPages iterates over the pages of a DescribeHosts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeHosts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeHosts operation. +// pageNum := 0 +// err := client.DescribeHostsPages(params, +// func(page *ec2.DescribeHostsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeHostsPages(input *DescribeHostsInput, fn func(*DescribeHostsOutput, bool) bool) error { + return c.DescribeHostsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeHostsPagesWithContext same as DescribeHostsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeHostsPagesWithContext(ctx aws.Context, input *DescribeHostsInput, fn func(*DescribeHostsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeHostsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeHostsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeHostsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeIamInstanceProfileAssociations = "DescribeIamInstanceProfileAssociations" // DescribeIamInstanceProfileAssociationsRequest generates a "aws/request.Request" representing the @@ -12222,6 +15180,12 @@ func (c *EC2) DescribeIamInstanceProfileAssociationsRequest(input *DescribeIamIn Name: opDescribeIamInstanceProfileAssociations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12265,6 +15229,58 @@ func (c *EC2) DescribeIamInstanceProfileAssociationsWithContext(ctx aws.Context, return out, req.Send() } +// DescribeIamInstanceProfileAssociationsPages iterates over the pages of a DescribeIamInstanceProfileAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIamInstanceProfileAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIamInstanceProfileAssociations operation. +// pageNum := 0 +// err := client.DescribeIamInstanceProfileAssociationsPages(params, +// func(page *ec2.DescribeIamInstanceProfileAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeIamInstanceProfileAssociationsPages(input *DescribeIamInstanceProfileAssociationsInput, fn func(*DescribeIamInstanceProfileAssociationsOutput, bool) bool) error { + return c.DescribeIamInstanceProfileAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIamInstanceProfileAssociationsPagesWithContext same as DescribeIamInstanceProfileAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIamInstanceProfileAssociationsPagesWithContext(ctx aws.Context, input *DescribeIamInstanceProfileAssociationsInput, fn func(*DescribeIamInstanceProfileAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIamInstanceProfileAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIamInstanceProfileAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIamInstanceProfileAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeIdFormat = "DescribeIdFormat" // DescribeIdFormatRequest generates a "aws/request.Request" representing the @@ -12309,7 +15325,7 @@ func (c *EC2) DescribeIdFormatRequest(input *DescribeIdFormatInput) (req *reques // DescribeIdFormat API operation for Amazon Elastic Compute Cloud. // -// Describes the ID format settings for your resources on a per-region basis, +// Describes the ID format settings for your resources on a per-Region basis, // for example, to view which resource types are enabled for longer IDs. This // request only returns information about resource types whose ID formats can // be modified; it does not return information about other resource types. @@ -12405,7 +15421,7 @@ func (c *EC2) DescribeIdentityIdFormatRequest(input *DescribeIdentityIdFormatInp // IAM role, or root user. For example, you can view the resource types that // are enabled for longer IDs. This request only returns information about resource // types whose ID formats can be modified; it does not return information about -// other resource types. For more information, see Resource IDs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) +// other resource types. For more information, see Resource IDs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) // in the Amazon Elastic Compute Cloud User Guide. // // The following resource types support longer IDs: bundle | conversion-task @@ -12566,13 +15582,17 @@ func (c *EC2) DescribeImagesRequest(input *DescribeImagesInput) (req *request.Re // DescribeImages API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. -// Images available to you include public images, private images that you own, -// and private images owned by other AWS accounts but for which you have explicit +// Describes the specified images (AMIs, AKIs, and ARIs) available to you or +// all of the images available to you. +// +// The images available to you include public images, private images that you +// own, and private images owned by other AWS accounts for which you have explicit // launch permissions. // -// Deregistered images are included in the returned results for an unspecified -// interval after deregistration. +// Recently deregistered images appear in the returned results for a short interval +// and then return empty results. After all instances that reference a deregistered +// AMI are terminated, specifying the ID of the image results in an error indicating +// that the AMI ID cannot be found. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -12633,6 +15653,12 @@ func (c *EC2) DescribeImportImageTasksRequest(input *DescribeImportImageTasksInp Name: opDescribeImportImageTasks, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12677,6 +15703,58 @@ func (c *EC2) DescribeImportImageTasksWithContext(ctx aws.Context, input *Descri return out, req.Send() } +// DescribeImportImageTasksPages iterates over the pages of a DescribeImportImageTasks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeImportImageTasks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeImportImageTasks operation. +// pageNum := 0 +// err := client.DescribeImportImageTasksPages(params, +// func(page *ec2.DescribeImportImageTasksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeImportImageTasksPages(input *DescribeImportImageTasksInput, fn func(*DescribeImportImageTasksOutput, bool) bool) error { + return c.DescribeImportImageTasksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeImportImageTasksPagesWithContext same as DescribeImportImageTasksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeImportImageTasksPagesWithContext(ctx aws.Context, input *DescribeImportImageTasksInput, fn func(*DescribeImportImageTasksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeImportImageTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImportImageTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeImportImageTasksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeImportSnapshotTasks = "DescribeImportSnapshotTasks" // DescribeImportSnapshotTasksRequest generates a "aws/request.Request" representing the @@ -12708,6 +15786,12 @@ func (c *EC2) DescribeImportSnapshotTasksRequest(input *DescribeImportSnapshotTa Name: opDescribeImportSnapshotTasks, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12751,6 +15835,58 @@ func (c *EC2) DescribeImportSnapshotTasksWithContext(ctx aws.Context, input *Des return out, req.Send() } +// DescribeImportSnapshotTasksPages iterates over the pages of a DescribeImportSnapshotTasks operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeImportSnapshotTasks method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeImportSnapshotTasks operation. +// pageNum := 0 +// err := client.DescribeImportSnapshotTasksPages(params, +// func(page *ec2.DescribeImportSnapshotTasksOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeImportSnapshotTasksPages(input *DescribeImportSnapshotTasksInput, fn func(*DescribeImportSnapshotTasksOutput, bool) bool) error { + return c.DescribeImportSnapshotTasksPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeImportSnapshotTasksPagesWithContext same as DescribeImportSnapshotTasksPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeImportSnapshotTasksPagesWithContext(ctx aws.Context, input *DescribeImportSnapshotTasksInput, fn func(*DescribeImportSnapshotTasksOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeImportSnapshotTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImportSnapshotTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeImportSnapshotTasksOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceAttribute = "DescribeInstanceAttribute" // DescribeInstanceAttributeRequest generates a "aws/request.Request" representing the @@ -12860,6 +15996,12 @@ func (c *EC2) DescribeInstanceCreditSpecificationsRequest(input *DescribeInstanc Name: opDescribeInstanceCreditSpecifications, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -12873,19 +16015,19 @@ func (c *EC2) DescribeInstanceCreditSpecificationsRequest(input *DescribeInstanc // DescribeInstanceCreditSpecifications API operation for Amazon Elastic Compute Cloud. // -// Describes the credit option for CPU usage of one or more of your T2 or T3 +// Describes the credit option for CPU usage of the specified burstable performance // instances. The credit options are standard and unlimited. // -// If you do not specify an instance ID, Amazon EC2 returns T2 and T3 instances -// with the unlimited credit option, as well as instances that were previously -// configured as T2 or T3 with the unlimited credit option. For example, if -// you resize a T2 instance, while it is configured as unlimited, to an M4 instance, -// Amazon EC2 returns the M4 instance. +// If you do not specify an instance ID, Amazon EC2 returns burstable performance +// instances with the unlimited credit option, as well as instances that were +// previously configured as T2, T3, and T3a with the unlimited credit option. +// For example, if you resize a T2 instance, while it is configured as unlimited, +// to an M4 instance, Amazon EC2 returns the M4 instance. // // If you specify one or more instance IDs, Amazon EC2 returns the credit option // (standard or unlimited) of those instances. If you specify an instance ID -// that is not valid, such as an instance that is not a T2 or T3 instance, an -// error is returned. +// that is not valid, such as an instance that is not a burstable performance +// instance, an error is returned. // // Recently terminated instances might appear in the returned results. This // interval is usually less than one hour. @@ -12895,7 +16037,7 @@ func (c *EC2) DescribeInstanceCreditSpecificationsRequest(input *DescribeInstanc // all, the call fails. If you specify only instance IDs in an unaffected zone, // the call works normally. // -// For more information, see Burstable Performance Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12926,6 +16068,58 @@ func (c *EC2) DescribeInstanceCreditSpecificationsWithContext(ctx aws.Context, i return out, req.Send() } +// DescribeInstanceCreditSpecificationsPages iterates over the pages of a DescribeInstanceCreditSpecifications operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceCreditSpecifications method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceCreditSpecifications operation. +// pageNum := 0 +// err := client.DescribeInstanceCreditSpecificationsPages(params, +// func(page *ec2.DescribeInstanceCreditSpecificationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeInstanceCreditSpecificationsPages(input *DescribeInstanceCreditSpecificationsInput, fn func(*DescribeInstanceCreditSpecificationsOutput, bool) bool) error { + return c.DescribeInstanceCreditSpecificationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceCreditSpecificationsPagesWithContext same as DescribeInstanceCreditSpecificationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceCreditSpecificationsPagesWithContext(ctx aws.Context, input *DescribeInstanceCreditSpecificationsInput, fn func(*DescribeInstanceCreditSpecificationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceCreditSpecificationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceCreditSpecificationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceCreditSpecificationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceStatus = "DescribeInstanceStatus" // DescribeInstanceStatusRequest generates a "aws/request.Request" representing the @@ -12976,27 +16170,27 @@ func (c *EC2) DescribeInstanceStatusRequest(input *DescribeInstanceStatusInput) // DescribeInstanceStatus API operation for Amazon Elastic Compute Cloud. // -// Describes the status of one or more instances. By default, only running instances -// are described, unless you specifically indicate to return the status of all -// instances. +// Describes the status of the specified instances or all of your instances. +// By default, only running instances are described, unless you specifically +// indicate to return the status of all instances. // // Instance status includes the following components: // // * Status checks - Amazon EC2 performs status checks on running EC2 instances // to identify hardware and software issues. For more information, see Status -// Checks for Your Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html) -// and Troubleshooting Instances with Failed Status Checks (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html) +// Checks for Your Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html) +// and Troubleshooting Instances with Failed Status Checks (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html) // in the Amazon Elastic Compute Cloud User Guide. // // * Scheduled events - Amazon EC2 can schedule events (such as reboot, stop, // or terminate) for your instances related to hardware issues, software // updates, or system maintenance. For more information, see Scheduled Events -// for Your Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html) +// for Your Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html) // in the Amazon Elastic Compute Cloud User Guide. // // * Instance state - You can manage your instances from the moment you launch // them through their termination. For more information, see Instance Lifecycle -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13038,7 +16232,7 @@ func (c *EC2) DescribeInstanceStatusWithContext(ctx aws.Context, input *Describe // // Example iterating over at most 3 pages of a DescribeInstanceStatus operation. // pageNum := 0 // err := client.DescribeInstanceStatusPages(params, -// func(page *DescribeInstanceStatusOutput, lastPage bool) bool { +// func(page *ec2.DescribeInstanceStatusOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -13070,13 +16264,166 @@ func (c *EC2) DescribeInstanceStatusPagesWithContext(ctx aws.Context, input *Des }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeInstanceStatusOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeInstanceStatusOutput), !p.HasNextPage()) { + break + } } + return p.Err() } +const opDescribeInstanceTypeOfferings = "DescribeInstanceTypeOfferings" + +// DescribeInstanceTypeOfferingsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceTypeOfferings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceTypeOfferings for more information on using the DescribeInstanceTypeOfferings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInstanceTypeOfferingsRequest method. +// req, resp := client.DescribeInstanceTypeOfferingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTypeOfferings +func (c *EC2) DescribeInstanceTypeOfferingsRequest(input *DescribeInstanceTypeOfferingsInput) (req *request.Request, output *DescribeInstanceTypeOfferingsOutput) { + op := &request.Operation{ + Name: opDescribeInstanceTypeOfferings, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeInstanceTypeOfferingsInput{} + } + + output = &DescribeInstanceTypeOfferingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceTypeOfferings API operation for Amazon Elastic Compute Cloud. +// +// Returns a list of all instance types offered. The results can be filtered +// by location (Region or Availability Zone). If no location is specified, the +// instance types offered in the current Region are returned. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceTypeOfferings for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTypeOfferings +func (c *EC2) DescribeInstanceTypeOfferings(input *DescribeInstanceTypeOfferingsInput) (*DescribeInstanceTypeOfferingsOutput, error) { + req, out := c.DescribeInstanceTypeOfferingsRequest(input) + return out, req.Send() +} + +// DescribeInstanceTypeOfferingsWithContext is the same as DescribeInstanceTypeOfferings with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceTypeOfferings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTypeOfferingsWithContext(ctx aws.Context, input *DescribeInstanceTypeOfferingsInput, opts ...request.Option) (*DescribeInstanceTypeOfferingsOutput, error) { + req, out := c.DescribeInstanceTypeOfferingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeInstanceTypes = "DescribeInstanceTypes" + +// DescribeInstanceTypesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceTypes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceTypes for more information on using the DescribeInstanceTypes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeInstanceTypesRequest method. +// req, resp := client.DescribeInstanceTypesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTypes +func (c *EC2) DescribeInstanceTypesRequest(input *DescribeInstanceTypesInput) (req *request.Request, output *DescribeInstanceTypesOutput) { + op := &request.Operation{ + Name: opDescribeInstanceTypes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeInstanceTypesInput{} + } + + output = &DescribeInstanceTypesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceTypes API operation for Amazon Elastic Compute Cloud. +// +// Returns a list of all instance types offered in your current AWS Region. +// The results can be filtered by the attributes of the instance types. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceTypes for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTypes +func (c *EC2) DescribeInstanceTypes(input *DescribeInstanceTypesInput) (*DescribeInstanceTypesOutput, error) { + req, out := c.DescribeInstanceTypesRequest(input) + return out, req.Send() +} + +// DescribeInstanceTypesWithContext is the same as DescribeInstanceTypes with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceTypes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTypesWithContext(ctx aws.Context, input *DescribeInstanceTypesInput, opts ...request.Option) (*DescribeInstanceTypesOutput, error) { + req, out := c.DescribeInstanceTypesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeInstances = "DescribeInstances" // DescribeInstancesRequest generates a "aws/request.Request" representing the @@ -13127,7 +16474,7 @@ func (c *EC2) DescribeInstancesRequest(input *DescribeInstancesInput) (req *requ // DescribeInstances API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your instances. +// Describes the specified instances or all of AWS account's instances. // // If you specify one or more instance IDs, Amazon EC2 returns information for // those instances. If you do not specify instance IDs, Amazon EC2 returns information @@ -13183,7 +16530,7 @@ func (c *EC2) DescribeInstancesWithContext(ctx aws.Context, input *DescribeInsta // // Example iterating over at most 3 pages of a DescribeInstances operation. // pageNum := 0 // err := client.DescribeInstancesPages(params, -// func(page *DescribeInstancesOutput, lastPage bool) bool { +// func(page *ec2.DescribeInstancesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -13215,10 +16562,12 @@ func (c *EC2) DescribeInstancesPagesWithContext(ctx aws.Context, input *Describe }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeInstancesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeInstancesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -13253,6 +16602,12 @@ func (c *EC2) DescribeInternetGatewaysRequest(input *DescribeInternetGatewaysInp Name: opDescribeInternetGateways, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13296,6 +16651,58 @@ func (c *EC2) DescribeInternetGatewaysWithContext(ctx aws.Context, input *Descri return out, req.Send() } +// DescribeInternetGatewaysPages iterates over the pages of a DescribeInternetGateways operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInternetGateways method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInternetGateways operation. +// pageNum := 0 +// err := client.DescribeInternetGatewaysPages(params, +// func(page *ec2.DescribeInternetGatewaysOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeInternetGatewaysPages(input *DescribeInternetGatewaysInput, fn func(*DescribeInternetGatewaysOutput, bool) bool) error { + return c.DescribeInternetGatewaysPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInternetGatewaysPagesWithContext same as DescribeInternetGatewaysPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInternetGatewaysPagesWithContext(ctx aws.Context, input *DescribeInternetGatewaysInput, fn func(*DescribeInternetGatewaysOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInternetGatewaysInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInternetGatewaysRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInternetGatewaysOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeKeyPairs = "DescribeKeyPairs" // DescribeKeyPairsRequest generates a "aws/request.Request" representing the @@ -13340,9 +16747,9 @@ func (c *EC2) DescribeKeyPairsRequest(input *DescribeKeyPairsInput) (req *reques // DescribeKeyPairs API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your key pairs. +// Describes the specified key pairs or all of your key pairs. // -// For more information about key pairs, see Key Pairs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) +// For more information about key pairs, see Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13404,6 +16811,12 @@ func (c *EC2) DescribeLaunchTemplateVersionsRequest(input *DescribeLaunchTemplat Name: opDescribeLaunchTemplateVersions, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13448,6 +16861,58 @@ func (c *EC2) DescribeLaunchTemplateVersionsWithContext(ctx aws.Context, input * return out, req.Send() } +// DescribeLaunchTemplateVersionsPages iterates over the pages of a DescribeLaunchTemplateVersions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLaunchTemplateVersions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLaunchTemplateVersions operation. +// pageNum := 0 +// err := client.DescribeLaunchTemplateVersionsPages(params, +// func(page *ec2.DescribeLaunchTemplateVersionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLaunchTemplateVersionsPages(input *DescribeLaunchTemplateVersionsInput, fn func(*DescribeLaunchTemplateVersionsOutput, bool) bool) error { + return c.DescribeLaunchTemplateVersionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLaunchTemplateVersionsPagesWithContext same as DescribeLaunchTemplateVersionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLaunchTemplateVersionsPagesWithContext(ctx aws.Context, input *DescribeLaunchTemplateVersionsInput, fn func(*DescribeLaunchTemplateVersionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLaunchTemplateVersionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLaunchTemplateVersionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLaunchTemplateVersionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeLaunchTemplates = "DescribeLaunchTemplates" // DescribeLaunchTemplatesRequest generates a "aws/request.Request" representing the @@ -13479,6 +16944,12 @@ func (c *EC2) DescribeLaunchTemplatesRequest(input *DescribeLaunchTemplatesInput Name: opDescribeLaunchTemplates, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13522,6 +16993,506 @@ func (c *EC2) DescribeLaunchTemplatesWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribeLaunchTemplatesPages iterates over the pages of a DescribeLaunchTemplates operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLaunchTemplates method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLaunchTemplates operation. +// pageNum := 0 +// err := client.DescribeLaunchTemplatesPages(params, +// func(page *ec2.DescribeLaunchTemplatesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeLaunchTemplatesPages(input *DescribeLaunchTemplatesInput, fn func(*DescribeLaunchTemplatesOutput, bool) bool) error { + return c.DescribeLaunchTemplatesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeLaunchTemplatesPagesWithContext same as DescribeLaunchTemplatesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLaunchTemplatesPagesWithContext(ctx aws.Context, input *DescribeLaunchTemplatesInput, fn func(*DescribeLaunchTemplatesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLaunchTemplatesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLaunchTemplatesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLaunchTemplatesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations = "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations" + +// DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations for more information on using the DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest method. +// req, resp := client.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations +func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest(input *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) (req *request.Request, output *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput) { + op := &request.Operation{ + Name: opDescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput{} + } + + output = &DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations API operation for Amazon Elastic Compute Cloud. +// +// Describes the associations between virtual interface groups and local gateway +// route tables. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations +func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations(input *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) (*DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput, error) { + req, out := c.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsWithContext is the same as DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput, opts ...request.Option) (*DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput, error) { + req, out := c.DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeLocalGatewayRouteTableVpcAssociations = "DescribeLocalGatewayRouteTableVpcAssociations" + +// DescribeLocalGatewayRouteTableVpcAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGatewayRouteTableVpcAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGatewayRouteTableVpcAssociations for more information on using the DescribeLocalGatewayRouteTableVpcAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewayRouteTableVpcAssociationsRequest method. +// req, resp := client.DescribeLocalGatewayRouteTableVpcAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTableVpcAssociations +func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsRequest(input *DescribeLocalGatewayRouteTableVpcAssociationsInput) (req *request.Request, output *DescribeLocalGatewayRouteTableVpcAssociationsOutput) { + op := &request.Operation{ + Name: opDescribeLocalGatewayRouteTableVpcAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewayRouteTableVpcAssociationsInput{} + } + + output = &DescribeLocalGatewayRouteTableVpcAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGatewayRouteTableVpcAssociations API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified associations between VPCs and local gateway route +// tables. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGatewayRouteTableVpcAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTableVpcAssociations +func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociations(input *DescribeLocalGatewayRouteTableVpcAssociationsInput) (*DescribeLocalGatewayRouteTableVpcAssociationsOutput, error) { + req, out := c.DescribeLocalGatewayRouteTableVpcAssociationsRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewayRouteTableVpcAssociationsWithContext is the same as DescribeLocalGatewayRouteTableVpcAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGatewayRouteTableVpcAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTableVpcAssociationsWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTableVpcAssociationsInput, opts ...request.Option) (*DescribeLocalGatewayRouteTableVpcAssociationsOutput, error) { + req, out := c.DescribeLocalGatewayRouteTableVpcAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeLocalGatewayRouteTables = "DescribeLocalGatewayRouteTables" + +// DescribeLocalGatewayRouteTablesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGatewayRouteTables operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGatewayRouteTables for more information on using the DescribeLocalGatewayRouteTables +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewayRouteTablesRequest method. +// req, resp := client.DescribeLocalGatewayRouteTablesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTables +func (c *EC2) DescribeLocalGatewayRouteTablesRequest(input *DescribeLocalGatewayRouteTablesInput) (req *request.Request, output *DescribeLocalGatewayRouteTablesOutput) { + op := &request.Operation{ + Name: opDescribeLocalGatewayRouteTables, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewayRouteTablesInput{} + } + + output = &DescribeLocalGatewayRouteTablesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGatewayRouteTables API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more local gateway route tables. By default, all local gateway +// route tables are described. Alternatively, you can filter the results. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGatewayRouteTables for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayRouteTables +func (c *EC2) DescribeLocalGatewayRouteTables(input *DescribeLocalGatewayRouteTablesInput) (*DescribeLocalGatewayRouteTablesOutput, error) { + req, out := c.DescribeLocalGatewayRouteTablesRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewayRouteTablesWithContext is the same as DescribeLocalGatewayRouteTables with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGatewayRouteTables for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayRouteTablesWithContext(ctx aws.Context, input *DescribeLocalGatewayRouteTablesInput, opts ...request.Option) (*DescribeLocalGatewayRouteTablesOutput, error) { + req, out := c.DescribeLocalGatewayRouteTablesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeLocalGatewayVirtualInterfaceGroups = "DescribeLocalGatewayVirtualInterfaceGroups" + +// DescribeLocalGatewayVirtualInterfaceGroupsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGatewayVirtualInterfaceGroups operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGatewayVirtualInterfaceGroups for more information on using the DescribeLocalGatewayVirtualInterfaceGroups +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewayVirtualInterfaceGroupsRequest method. +// req, resp := client.DescribeLocalGatewayVirtualInterfaceGroupsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayVirtualInterfaceGroups +func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsRequest(input *DescribeLocalGatewayVirtualInterfaceGroupsInput) (req *request.Request, output *DescribeLocalGatewayVirtualInterfaceGroupsOutput) { + op := &request.Operation{ + Name: opDescribeLocalGatewayVirtualInterfaceGroups, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewayVirtualInterfaceGroupsInput{} + } + + output = &DescribeLocalGatewayVirtualInterfaceGroupsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGatewayVirtualInterfaceGroups API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified local gateway virtual interface groups. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGatewayVirtualInterfaceGroups for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayVirtualInterfaceGroups +func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroups(input *DescribeLocalGatewayVirtualInterfaceGroupsInput) (*DescribeLocalGatewayVirtualInterfaceGroupsOutput, error) { + req, out := c.DescribeLocalGatewayVirtualInterfaceGroupsRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewayVirtualInterfaceGroupsWithContext is the same as DescribeLocalGatewayVirtualInterfaceGroups with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGatewayVirtualInterfaceGroups for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayVirtualInterfaceGroupsWithContext(ctx aws.Context, input *DescribeLocalGatewayVirtualInterfaceGroupsInput, opts ...request.Option) (*DescribeLocalGatewayVirtualInterfaceGroupsOutput, error) { + req, out := c.DescribeLocalGatewayVirtualInterfaceGroupsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeLocalGatewayVirtualInterfaces = "DescribeLocalGatewayVirtualInterfaces" + +// DescribeLocalGatewayVirtualInterfacesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGatewayVirtualInterfaces operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGatewayVirtualInterfaces for more information on using the DescribeLocalGatewayVirtualInterfaces +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewayVirtualInterfacesRequest method. +// req, resp := client.DescribeLocalGatewayVirtualInterfacesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayVirtualInterfaces +func (c *EC2) DescribeLocalGatewayVirtualInterfacesRequest(input *DescribeLocalGatewayVirtualInterfacesInput) (req *request.Request, output *DescribeLocalGatewayVirtualInterfacesOutput) { + op := &request.Operation{ + Name: opDescribeLocalGatewayVirtualInterfaces, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewayVirtualInterfacesInput{} + } + + output = &DescribeLocalGatewayVirtualInterfacesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGatewayVirtualInterfaces API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified local gateway virtual interfaces. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGatewayVirtualInterfaces for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGatewayVirtualInterfaces +func (c *EC2) DescribeLocalGatewayVirtualInterfaces(input *DescribeLocalGatewayVirtualInterfacesInput) (*DescribeLocalGatewayVirtualInterfacesOutput, error) { + req, out := c.DescribeLocalGatewayVirtualInterfacesRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewayVirtualInterfacesWithContext is the same as DescribeLocalGatewayVirtualInterfaces with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGatewayVirtualInterfaces for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewayVirtualInterfacesWithContext(ctx aws.Context, input *DescribeLocalGatewayVirtualInterfacesInput, opts ...request.Option) (*DescribeLocalGatewayVirtualInterfacesOutput, error) { + req, out := c.DescribeLocalGatewayVirtualInterfacesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeLocalGateways = "DescribeLocalGateways" + +// DescribeLocalGatewaysRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLocalGateways operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLocalGateways for more information on using the DescribeLocalGateways +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeLocalGatewaysRequest method. +// req, resp := client.DescribeLocalGatewaysRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGateways +func (c *EC2) DescribeLocalGatewaysRequest(input *DescribeLocalGatewaysInput) (req *request.Request, output *DescribeLocalGatewaysOutput) { + op := &request.Operation{ + Name: opDescribeLocalGateways, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLocalGatewaysInput{} + } + + output = &DescribeLocalGatewaysOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLocalGateways API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more local gateways. By default, all local gateways are +// described. Alternatively, you can filter the results. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLocalGateways for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLocalGateways +func (c *EC2) DescribeLocalGateways(input *DescribeLocalGatewaysInput) (*DescribeLocalGatewaysOutput, error) { + req, out := c.DescribeLocalGatewaysRequest(input) + return out, req.Send() +} + +// DescribeLocalGatewaysWithContext is the same as DescribeLocalGateways with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLocalGateways for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLocalGatewaysWithContext(ctx aws.Context, input *DescribeLocalGatewaysInput, opts ...request.Option) (*DescribeLocalGatewaysOutput, error) { + req, out := c.DescribeLocalGatewaysRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeMovingAddresses = "DescribeMovingAddresses" // DescribeMovingAddressesRequest generates a "aws/request.Request" representing the @@ -13553,6 +17524,12 @@ func (c *EC2) DescribeMovingAddressesRequest(input *DescribeMovingAddressesInput Name: opDescribeMovingAddresses, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13598,6 +17575,58 @@ func (c *EC2) DescribeMovingAddressesWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribeMovingAddressesPages iterates over the pages of a DescribeMovingAddresses operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeMovingAddresses method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeMovingAddresses operation. +// pageNum := 0 +// err := client.DescribeMovingAddressesPages(params, +// func(page *ec2.DescribeMovingAddressesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeMovingAddressesPages(input *DescribeMovingAddressesInput, fn func(*DescribeMovingAddressesOutput, bool) bool) error { + return c.DescribeMovingAddressesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeMovingAddressesPagesWithContext same as DescribeMovingAddressesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeMovingAddressesPagesWithContext(ctx aws.Context, input *DescribeMovingAddressesInput, fn func(*DescribeMovingAddressesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeMovingAddressesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeMovingAddressesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeMovingAddressesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeNatGateways = "DescribeNatGateways" // DescribeNatGatewaysRequest generates a "aws/request.Request" representing the @@ -13689,7 +17718,7 @@ func (c *EC2) DescribeNatGatewaysWithContext(ctx aws.Context, input *DescribeNat // // Example iterating over at most 3 pages of a DescribeNatGateways operation. // pageNum := 0 // err := client.DescribeNatGatewaysPages(params, -// func(page *DescribeNatGatewaysOutput, lastPage bool) bool { +// func(page *ec2.DescribeNatGatewaysOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -13721,10 +17750,12 @@ func (c *EC2) DescribeNatGatewaysPagesWithContext(ctx aws.Context, input *Descri }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeNatGatewaysOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeNatGatewaysOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -13759,6 +17790,12 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * Name: opDescribeNetworkAcls, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13774,7 +17811,7 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * // // Describes one or more of your network ACLs. // -// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -13805,6 +17842,58 @@ func (c *EC2) DescribeNetworkAclsWithContext(ctx aws.Context, input *DescribeNet return out, req.Send() } +// DescribeNetworkAclsPages iterates over the pages of a DescribeNetworkAcls operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeNetworkAcls method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeNetworkAcls operation. +// pageNum := 0 +// err := client.DescribeNetworkAclsPages(params, +// func(page *ec2.DescribeNetworkAclsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeNetworkAclsPages(input *DescribeNetworkAclsInput, fn func(*DescribeNetworkAclsOutput, bool) bool) error { + return c.DescribeNetworkAclsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeNetworkAclsPagesWithContext same as DescribeNetworkAclsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkAclsPagesWithContext(ctx aws.Context, input *DescribeNetworkAclsInput, fn func(*DescribeNetworkAclsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeNetworkAclsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeNetworkAclsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeNetworkAclsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeNetworkInterfaceAttribute = "DescribeNetworkInterfaceAttribute" // DescribeNetworkInterfaceAttributeRequest generates a "aws/request.Request" representing the @@ -13911,6 +18000,12 @@ func (c *EC2) DescribeNetworkInterfacePermissionsRequest(input *DescribeNetworkI Name: opDescribeNetworkInterfacePermissions, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -13954,6 +18049,58 @@ func (c *EC2) DescribeNetworkInterfacePermissionsWithContext(ctx aws.Context, in return out, req.Send() } +// DescribeNetworkInterfacePermissionsPages iterates over the pages of a DescribeNetworkInterfacePermissions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeNetworkInterfacePermissions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeNetworkInterfacePermissions operation. +// pageNum := 0 +// err := client.DescribeNetworkInterfacePermissionsPages(params, +// func(page *ec2.DescribeNetworkInterfacePermissionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeNetworkInterfacePermissionsPages(input *DescribeNetworkInterfacePermissionsInput, fn func(*DescribeNetworkInterfacePermissionsOutput, bool) bool) error { + return c.DescribeNetworkInterfacePermissionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeNetworkInterfacePermissionsPagesWithContext same as DescribeNetworkInterfacePermissionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeNetworkInterfacePermissionsPagesWithContext(ctx aws.Context, input *DescribeNetworkInterfacePermissionsInput, fn func(*DescribeNetworkInterfacePermissionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeNetworkInterfacePermissionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeNetworkInterfacePermissionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeNetworkInterfacePermissionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeNetworkInterfaces = "DescribeNetworkInterfaces" // DescribeNetworkInterfacesRequest generates a "aws/request.Request" representing the @@ -14045,7 +18192,7 @@ func (c *EC2) DescribeNetworkInterfacesWithContext(ctx aws.Context, input *Descr // // Example iterating over at most 3 pages of a DescribeNetworkInterfaces operation. // pageNum := 0 // err := client.DescribeNetworkInterfacesPages(params, -// func(page *DescribeNetworkInterfacesOutput, lastPage bool) bool { +// func(page *ec2.DescribeNetworkInterfacesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -14077,10 +18224,12 @@ func (c *EC2) DescribeNetworkInterfacesPagesWithContext(ctx aws.Context, input * }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeNetworkInterfacesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeNetworkInterfacesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -14128,8 +18277,8 @@ func (c *EC2) DescribePlacementGroupsRequest(input *DescribePlacementGroupsInput // DescribePlacementGroups API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your placement groups. For more information, see -// Placement Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) +// Describes the specified placement groups or all of your placement groups. +// For more information, see Placement Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14191,6 +18340,12 @@ func (c *EC2) DescribePrefixListsRequest(input *DescribePrefixListsInput) (req * Name: opDescribePrefixLists, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -14239,6 +18394,58 @@ func (c *EC2) DescribePrefixListsWithContext(ctx aws.Context, input *DescribePre return out, req.Send() } +// DescribePrefixListsPages iterates over the pages of a DescribePrefixLists operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribePrefixLists method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribePrefixLists operation. +// pageNum := 0 +// err := client.DescribePrefixListsPages(params, +// func(page *ec2.DescribePrefixListsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribePrefixListsPages(input *DescribePrefixListsInput, fn func(*DescribePrefixListsOutput, bool) bool) error { + return c.DescribePrefixListsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribePrefixListsPagesWithContext same as DescribePrefixListsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribePrefixListsPagesWithContext(ctx aws.Context, input *DescribePrefixListsInput, fn func(*DescribePrefixListsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribePrefixListsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribePrefixListsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribePrefixListsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribePrincipalIdFormat = "DescribePrincipalIdFormat" // DescribePrincipalIdFormatRequest generates a "aws/request.Request" representing the @@ -14270,6 +18477,12 @@ func (c *EC2) DescribePrincipalIdFormatRequest(input *DescribePrincipalIdFormatI Name: opDescribePrincipalIdFormat, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -14327,6 +18540,58 @@ func (c *EC2) DescribePrincipalIdFormatWithContext(ctx aws.Context, input *Descr return out, req.Send() } +// DescribePrincipalIdFormatPages iterates over the pages of a DescribePrincipalIdFormat operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribePrincipalIdFormat method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribePrincipalIdFormat operation. +// pageNum := 0 +// err := client.DescribePrincipalIdFormatPages(params, +// func(page *ec2.DescribePrincipalIdFormatOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribePrincipalIdFormatPages(input *DescribePrincipalIdFormatInput, fn func(*DescribePrincipalIdFormatOutput, bool) bool) error { + return c.DescribePrincipalIdFormatPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribePrincipalIdFormatPagesWithContext same as DescribePrincipalIdFormatPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribePrincipalIdFormatPagesWithContext(ctx aws.Context, input *DescribePrincipalIdFormatInput, fn func(*DescribePrincipalIdFormatOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribePrincipalIdFormatInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribePrincipalIdFormatRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribePrincipalIdFormatOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribePublicIpv4Pools = "DescribePublicIpv4Pools" // DescribePublicIpv4PoolsRequest generates a "aws/request.Request" representing the @@ -14358,6 +18623,12 @@ func (c *EC2) DescribePublicIpv4PoolsRequest(input *DescribePublicIpv4PoolsInput Name: opDescribePublicIpv4Pools, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -14401,6 +18672,58 @@ func (c *EC2) DescribePublicIpv4PoolsWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribePublicIpv4PoolsPages iterates over the pages of a DescribePublicIpv4Pools operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribePublicIpv4Pools method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribePublicIpv4Pools operation. +// pageNum := 0 +// err := client.DescribePublicIpv4PoolsPages(params, +// func(page *ec2.DescribePublicIpv4PoolsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribePublicIpv4PoolsPages(input *DescribePublicIpv4PoolsInput, fn func(*DescribePublicIpv4PoolsOutput, bool) bool) error { + return c.DescribePublicIpv4PoolsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribePublicIpv4PoolsPagesWithContext same as DescribePublicIpv4PoolsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribePublicIpv4PoolsPagesWithContext(ctx aws.Context, input *DescribePublicIpv4PoolsInput, fn func(*DescribePublicIpv4PoolsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribePublicIpv4PoolsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribePublicIpv4PoolsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribePublicIpv4PoolsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeRegions = "DescribeRegions" // DescribeRegionsRequest generates a "aws/request.Request" representing the @@ -14445,10 +18768,14 @@ func (c *EC2) DescribeRegionsRequest(input *DescribeRegionsInput) (req *request. // DescribeRegions API operation for Amazon Elastic Compute Cloud. // -// Describes one or more regions that are currently available to you. +// Describes the Regions that are enabled for your account, or all Regions. // -// For a list of the regions supported by Amazon EC2, see Regions and Endpoints -// (http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). +// For a list of the Regions supported by Amazon EC2, see Regions and Endpoints +// (https://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). +// +// For information about enabling and disabling Regions for your account, see +// Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) +// in the AWS General Reference. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -14524,7 +18851,7 @@ func (c *EC2) DescribeReservedInstancesRequest(input *DescribeReservedInstancesI // // Describes one or more of the Reserved Instances that you purchased. // -// For more information about Reserved Instances, see Reserved Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) +// For more information about Reserved Instances, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14619,7 +18946,7 @@ func (c *EC2) DescribeReservedInstancesListingsRequest(input *DescribeReservedIn // demand is met. You are charged based on the total price of all of the listings // that you purchase. // -// For more information, see Reserved Instance Marketplace (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) +// For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14705,7 +19032,7 @@ func (c *EC2) DescribeReservedInstancesModificationsRequest(input *DescribeReser // requests is returned. If a modification ID is specified, only information // about the specific modification is returned. // -// For more information, see Modifying Reserved Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) +// For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14747,7 +19074,7 @@ func (c *EC2) DescribeReservedInstancesModificationsWithContext(ctx aws.Context, // // Example iterating over at most 3 pages of a DescribeReservedInstancesModifications operation. // pageNum := 0 // err := client.DescribeReservedInstancesModificationsPages(params, -// func(page *DescribeReservedInstancesModificationsOutput, lastPage bool) bool { +// func(page *ec2.DescribeReservedInstancesModificationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -14779,10 +19106,12 @@ func (c *EC2) DescribeReservedInstancesModificationsPagesWithContext(ctx aws.Con }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeReservedInstancesModificationsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeReservedInstancesModificationsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -14846,7 +19175,7 @@ func (c *EC2) DescribeReservedInstancesOfferingsRequest(input *DescribeReservedI // Marketplace, they will be excluded from these results. This is to ensure // that you do not purchase your own Reserved Instances. // -// For more information, see Reserved Instance Marketplace (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) +// For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -14888,7 +19217,7 @@ func (c *EC2) DescribeReservedInstancesOfferingsWithContext(ctx aws.Context, inp // // Example iterating over at most 3 pages of a DescribeReservedInstancesOfferings operation. // pageNum := 0 // err := client.DescribeReservedInstancesOfferingsPages(params, -// func(page *DescribeReservedInstancesOfferingsOutput, lastPage bool) bool { +// func(page *ec2.DescribeReservedInstancesOfferingsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -14920,10 +19249,12 @@ func (c *EC2) DescribeReservedInstancesOfferingsPagesWithContext(ctx aws.Context }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeReservedInstancesOfferingsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeReservedInstancesOfferingsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -14984,7 +19315,7 @@ func (c *EC2) DescribeRouteTablesRequest(input *DescribeRouteTablesInput) (req * // with the main route table. This command does not return the subnet ID for // implicit associations. // -// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15026,7 +19357,7 @@ func (c *EC2) DescribeRouteTablesWithContext(ctx aws.Context, input *DescribeRou // // Example iterating over at most 3 pages of a DescribeRouteTables operation. // pageNum := 0 // err := client.DescribeRouteTablesPages(params, -// func(page *DescribeRouteTablesOutput, lastPage bool) bool { +// func(page *ec2.DescribeRouteTablesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -15058,10 +19389,12 @@ func (c *EC2) DescribeRouteTablesPagesWithContext(ctx aws.Context, input *Descri }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeRouteTablesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeRouteTablesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -15096,6 +19429,12 @@ func (c *EC2) DescribeScheduledInstanceAvailabilityRequest(input *DescribeSchedu Name: opDescribeScheduledInstanceAvailability, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -15147,6 +19486,58 @@ func (c *EC2) DescribeScheduledInstanceAvailabilityWithContext(ctx aws.Context, return out, req.Send() } +// DescribeScheduledInstanceAvailabilityPages iterates over the pages of a DescribeScheduledInstanceAvailability operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeScheduledInstanceAvailability method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeScheduledInstanceAvailability operation. +// pageNum := 0 +// err := client.DescribeScheduledInstanceAvailabilityPages(params, +// func(page *ec2.DescribeScheduledInstanceAvailabilityOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeScheduledInstanceAvailabilityPages(input *DescribeScheduledInstanceAvailabilityInput, fn func(*DescribeScheduledInstanceAvailabilityOutput, bool) bool) error { + return c.DescribeScheduledInstanceAvailabilityPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeScheduledInstanceAvailabilityPagesWithContext same as DescribeScheduledInstanceAvailabilityPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeScheduledInstanceAvailabilityPagesWithContext(ctx aws.Context, input *DescribeScheduledInstanceAvailabilityInput, fn func(*DescribeScheduledInstanceAvailabilityOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeScheduledInstanceAvailabilityInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeScheduledInstanceAvailabilityRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeScheduledInstanceAvailabilityOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeScheduledInstances = "DescribeScheduledInstances" // DescribeScheduledInstancesRequest generates a "aws/request.Request" representing the @@ -15178,6 +19569,12 @@ func (c *EC2) DescribeScheduledInstancesRequest(input *DescribeScheduledInstance Name: opDescribeScheduledInstances, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -15191,7 +19588,7 @@ func (c *EC2) DescribeScheduledInstancesRequest(input *DescribeScheduledInstance // DescribeScheduledInstances API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your Scheduled Instances. +// Describes the specified Scheduled Instances or all your Scheduled Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15221,6 +19618,58 @@ func (c *EC2) DescribeScheduledInstancesWithContext(ctx aws.Context, input *Desc return out, req.Send() } +// DescribeScheduledInstancesPages iterates over the pages of a DescribeScheduledInstances operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeScheduledInstances method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeScheduledInstances operation. +// pageNum := 0 +// err := client.DescribeScheduledInstancesPages(params, +// func(page *ec2.DescribeScheduledInstancesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeScheduledInstancesPages(input *DescribeScheduledInstancesInput, fn func(*DescribeScheduledInstancesOutput, bool) bool) error { + return c.DescribeScheduledInstancesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeScheduledInstancesPagesWithContext same as DescribeScheduledInstancesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeScheduledInstancesPagesWithContext(ctx aws.Context, input *DescribeScheduledInstancesInput, fn func(*DescribeScheduledInstancesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeScheduledInstancesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeScheduledInstancesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeScheduledInstancesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeSecurityGroupReferences = "DescribeSecurityGroupReferences" // DescribeSecurityGroupReferencesRequest generates a "aws/request.Request" representing the @@ -15265,7 +19714,7 @@ func (c *EC2) DescribeSecurityGroupReferencesRequest(input *DescribeSecurityGrou // DescribeSecurityGroupReferences API operation for Amazon Elastic Compute Cloud. // -// [EC2-VPC only] Describes the VPCs on the other side of a VPC peering connection +// [VPC only] Describes the VPCs on the other side of a VPC peering connection // that are referencing the security groups you've specified in this request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15346,13 +19795,13 @@ func (c *EC2) DescribeSecurityGroupsRequest(input *DescribeSecurityGroupsInput) // DescribeSecurityGroups API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your security groups. +// Describes the specified security groups or all of your security groups. // // A security group is for use with instances either in the EC2-Classic platform // or in a specific VPC. For more information, see Amazon EC2 Security Groups -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) // in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your -// VPC (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) +// VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15394,7 +19843,7 @@ func (c *EC2) DescribeSecurityGroupsWithContext(ctx aws.Context, input *Describe // // Example iterating over at most 3 pages of a DescribeSecurityGroups operation. // pageNum := 0 // err := client.DescribeSecurityGroupsPages(params, -// func(page *DescribeSecurityGroupsOutput, lastPage bool) bool { +// func(page *ec2.DescribeSecurityGroupsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -15426,10 +19875,12 @@ func (c *EC2) DescribeSecurityGroupsPagesWithContext(ctx aws.Context, input *Des }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeSecurityGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeSecurityGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -15480,7 +19931,7 @@ func (c *EC2) DescribeSnapshotAttributeRequest(input *DescribeSnapshotAttributeI // Describes the specified attribute of the specified snapshot. You can specify // only one attribute at a time. // -// For more information about EBS snapshots, see Amazon EBS Snapshots (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) +// For more information about EBS snapshots, see Amazon EBS Snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15561,10 +20012,12 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // DescribeSnapshots API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of the EBS snapshots available to you. Available snapshots -// include public snapshots available for any AWS account to launch, private -// snapshots that you own, and private snapshots owned by another AWS account -// but for which you've been given explicit create volume permissions. +// Describes the specified EBS snapshots available to you or all of the EBS +// snapshots available to you. +// +// The snapshots available to you include public snapshots, private snapshots +// that you own, and private snapshots owned by other AWS accounts for which +// you have explicit create volume permissions. // // The create volume permissions fall into the following categories: // @@ -15605,7 +20058,7 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // a NextToken value that can be passed to a subsequent DescribeSnapshots request // to retrieve the remaining results. // -// For more information about EBS snapshots, see Amazon EBS Snapshots (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) +// For more information about EBS snapshots, see Amazon EBS Snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15647,7 +20100,7 @@ func (c *EC2) DescribeSnapshotsWithContext(ctx aws.Context, input *DescribeSnaps // // Example iterating over at most 3 pages of a DescribeSnapshots operation. // pageNum := 0 // err := client.DescribeSnapshotsPages(params, -// func(page *DescribeSnapshotsOutput, lastPage bool) bool { +// func(page *ec2.DescribeSnapshotsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -15679,10 +20132,12 @@ func (c *EC2) DescribeSnapshotsPagesWithContext(ctx aws.Context, input *Describe }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeSnapshotsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeSnapshotsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -15731,7 +20186,7 @@ func (c *EC2) DescribeSpotDatafeedSubscriptionRequest(input *DescribeSpotDatafee // DescribeSpotDatafeedSubscription API operation for Amazon Elastic Compute Cloud. // // Describes the data feed for Spot Instances. For more information, see Spot -// Instance Data Feed (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) +// Instance Data Feed (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16009,7 +20464,7 @@ func (c *EC2) DescribeSpotFleetRequestsWithContext(ctx aws.Context, input *Descr // // Example iterating over at most 3 pages of a DescribeSpotFleetRequests operation. // pageNum := 0 // err := client.DescribeSpotFleetRequestsPages(params, -// func(page *DescribeSpotFleetRequestsOutput, lastPage bool) bool { +// func(page *ec2.DescribeSpotFleetRequestsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -16041,10 +20496,12 @@ func (c *EC2) DescribeSpotFleetRequestsPagesWithContext(ctx aws.Context, input * }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeSpotFleetRequestsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeSpotFleetRequestsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -16079,6 +20536,12 @@ func (c *EC2) DescribeSpotInstanceRequestsRequest(input *DescribeSpotInstanceReq Name: opDescribeSpotInstanceRequests, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16138,6 +20601,58 @@ func (c *EC2) DescribeSpotInstanceRequestsWithContext(ctx aws.Context, input *De return out, req.Send() } +// DescribeSpotInstanceRequestsPages iterates over the pages of a DescribeSpotInstanceRequests operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeSpotInstanceRequests method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeSpotInstanceRequests operation. +// pageNum := 0 +// err := client.DescribeSpotInstanceRequestsPages(params, +// func(page *ec2.DescribeSpotInstanceRequestsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeSpotInstanceRequestsPages(input *DescribeSpotInstanceRequestsInput, fn func(*DescribeSpotInstanceRequestsOutput, bool) bool) error { + return c.DescribeSpotInstanceRequestsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeSpotInstanceRequestsPagesWithContext same as DescribeSpotInstanceRequestsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeSpotInstanceRequestsPagesWithContext(ctx aws.Context, input *DescribeSpotInstanceRequestsInput, fn func(*DescribeSpotInstanceRequestsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeSpotInstanceRequestsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeSpotInstanceRequestsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeSpotInstanceRequestsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeSpotPriceHistory = "DescribeSpotPriceHistory" // DescribeSpotPriceHistoryRequest generates a "aws/request.Request" representing the @@ -16189,7 +20704,7 @@ func (c *EC2) DescribeSpotPriceHistoryRequest(input *DescribeSpotPriceHistoryInp // DescribeSpotPriceHistory API operation for Amazon Elastic Compute Cloud. // // Describes the Spot price history. For more information, see Spot Instance -// Pricing History (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances-history.html) +// Pricing History (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances-history.html) // in the Amazon EC2 User Guide for Linux Instances. // // When you specify a start and end time, this operation returns the prices @@ -16236,7 +20751,7 @@ func (c *EC2) DescribeSpotPriceHistoryWithContext(ctx aws.Context, input *Descri // // Example iterating over at most 3 pages of a DescribeSpotPriceHistory operation. // pageNum := 0 // err := client.DescribeSpotPriceHistoryPages(params, -// func(page *DescribeSpotPriceHistoryOutput, lastPage bool) bool { +// func(page *ec2.DescribeSpotPriceHistoryOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -16268,10 +20783,12 @@ func (c *EC2) DescribeSpotPriceHistoryPagesWithContext(ctx aws.Context, input *D }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeSpotPriceHistoryOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeSpotPriceHistoryOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -16306,6 +20823,12 @@ func (c *EC2) DescribeStaleSecurityGroupsRequest(input *DescribeStaleSecurityGro Name: opDescribeStaleSecurityGroups, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16319,10 +20842,10 @@ func (c *EC2) DescribeStaleSecurityGroupsRequest(input *DescribeStaleSecurityGro // DescribeStaleSecurityGroups API operation for Amazon Elastic Compute Cloud. // -// [EC2-VPC only] Describes the stale security group rules for security groups -// in a specified VPC. Rules are stale when they reference a deleted security -// group in a peer VPC, or a security group in a peer VPC for which the VPC -// peering connection has been deleted. +// [VPC only] Describes the stale security group rules for security groups in +// a specified VPC. Rules are stale when they reference a deleted security group +// in a peer VPC, or a security group in a peer VPC for which the VPC peering +// connection has been deleted. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16352,6 +20875,58 @@ func (c *EC2) DescribeStaleSecurityGroupsWithContext(ctx aws.Context, input *Des return out, req.Send() } +// DescribeStaleSecurityGroupsPages iterates over the pages of a DescribeStaleSecurityGroups operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeStaleSecurityGroups method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeStaleSecurityGroups operation. +// pageNum := 0 +// err := client.DescribeStaleSecurityGroupsPages(params, +// func(page *ec2.DescribeStaleSecurityGroupsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeStaleSecurityGroupsPages(input *DescribeStaleSecurityGroupsInput, fn func(*DescribeStaleSecurityGroupsOutput, bool) bool) error { + return c.DescribeStaleSecurityGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeStaleSecurityGroupsPagesWithContext same as DescribeStaleSecurityGroupsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeStaleSecurityGroupsPagesWithContext(ctx aws.Context, input *DescribeStaleSecurityGroupsInput, fn func(*DescribeStaleSecurityGroupsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeStaleSecurityGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeStaleSecurityGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeStaleSecurityGroupsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeSubnets = "DescribeSubnets" // DescribeSubnetsRequest generates a "aws/request.Request" representing the @@ -16383,6 +20958,12 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. Name: opDescribeSubnets, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16398,7 +20979,7 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. // // Describes one or more of your subnets. // -// For more information, see Your VPC and Subnets (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// For more information, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16429,6 +21010,58 @@ func (c *EC2) DescribeSubnetsWithContext(ctx aws.Context, input *DescribeSubnets return out, req.Send() } +// DescribeSubnetsPages iterates over the pages of a DescribeSubnets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeSubnets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeSubnets operation. +// pageNum := 0 +// err := client.DescribeSubnetsPages(params, +// func(page *ec2.DescribeSubnetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeSubnetsPages(input *DescribeSubnetsInput, fn func(*DescribeSubnetsOutput, bool) bool) error { + return c.DescribeSubnetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeSubnetsPagesWithContext same as DescribeSubnetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeSubnetsPagesWithContext(ctx aws.Context, input *DescribeSubnetsInput, fn func(*DescribeSubnetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeSubnetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeSubnetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeSubnetsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTags = "DescribeTags" // DescribeTagsRequest generates a "aws/request.Request" representing the @@ -16479,9 +21112,9 @@ func (c *EC2) DescribeTagsRequest(input *DescribeTagsInput) (req *request.Reques // DescribeTags API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of the tags for your EC2 resources. +// Describes the specified tags for your EC2 resources. // -// For more information about tags, see Tagging Your Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// For more information about tags, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16523,7 +21156,7 @@ func (c *EC2) DescribeTagsWithContext(ctx aws.Context, input *DescribeTagsInput, // // Example iterating over at most 3 pages of a DescribeTags operation. // pageNum := 0 // err := client.DescribeTagsPages(params, -// func(page *DescribeTagsOutput, lastPage bool) bool { +// func(page *ec2.DescribeTagsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -16555,10 +21188,409 @@ func (c *EC2) DescribeTagsPagesWithContext(ctx aws.Context, input *DescribeTagsI }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeTagsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeTagsOutput), !p.HasNextPage()) { + break + } } + + return p.Err() +} + +const opDescribeTrafficMirrorFilters = "DescribeTrafficMirrorFilters" + +// DescribeTrafficMirrorFiltersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorFilters operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorFilters for more information on using the DescribeTrafficMirrorFilters +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorFiltersRequest method. +// req, resp := client.DescribeTrafficMirrorFiltersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorFilters +func (c *EC2) DescribeTrafficMirrorFiltersRequest(input *DescribeTrafficMirrorFiltersInput) (req *request.Request, output *DescribeTrafficMirrorFiltersOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorFilters, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorFiltersInput{} + } + + output = &DescribeTrafficMirrorFiltersOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorFilters API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Traffic Mirror filters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorFilters for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorFilters +func (c *EC2) DescribeTrafficMirrorFilters(input *DescribeTrafficMirrorFiltersInput) (*DescribeTrafficMirrorFiltersOutput, error) { + req, out := c.DescribeTrafficMirrorFiltersRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorFiltersWithContext is the same as DescribeTrafficMirrorFilters with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorFilters for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorFiltersWithContext(ctx aws.Context, input *DescribeTrafficMirrorFiltersInput, opts ...request.Option) (*DescribeTrafficMirrorFiltersOutput, error) { + req, out := c.DescribeTrafficMirrorFiltersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorFiltersPages iterates over the pages of a DescribeTrafficMirrorFilters operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorFilters method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorFilters operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorFiltersPages(params, +// func(page *ec2.DescribeTrafficMirrorFiltersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorFiltersPages(input *DescribeTrafficMirrorFiltersInput, fn func(*DescribeTrafficMirrorFiltersOutput, bool) bool) error { + return c.DescribeTrafficMirrorFiltersPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorFiltersPagesWithContext same as DescribeTrafficMirrorFiltersPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorFiltersPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorFiltersInput, fn func(*DescribeTrafficMirrorFiltersOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorFiltersInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorFiltersRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTrafficMirrorFiltersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeTrafficMirrorSessions = "DescribeTrafficMirrorSessions" + +// DescribeTrafficMirrorSessionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorSessions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorSessions for more information on using the DescribeTrafficMirrorSessions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorSessionsRequest method. +// req, resp := client.DescribeTrafficMirrorSessionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorSessions +func (c *EC2) DescribeTrafficMirrorSessionsRequest(input *DescribeTrafficMirrorSessionsInput) (req *request.Request, output *DescribeTrafficMirrorSessionsOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorSessions, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorSessionsInput{} + } + + output = &DescribeTrafficMirrorSessionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorSessions API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror +// sessions are described. Alternatively, you can filter the results. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorSessions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorSessions +func (c *EC2) DescribeTrafficMirrorSessions(input *DescribeTrafficMirrorSessionsInput) (*DescribeTrafficMirrorSessionsOutput, error) { + req, out := c.DescribeTrafficMirrorSessionsRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorSessionsWithContext is the same as DescribeTrafficMirrorSessions with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorSessions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorSessionsWithContext(ctx aws.Context, input *DescribeTrafficMirrorSessionsInput, opts ...request.Option) (*DescribeTrafficMirrorSessionsOutput, error) { + req, out := c.DescribeTrafficMirrorSessionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorSessionsPages iterates over the pages of a DescribeTrafficMirrorSessions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorSessions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorSessions operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorSessionsPages(params, +// func(page *ec2.DescribeTrafficMirrorSessionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorSessionsPages(input *DescribeTrafficMirrorSessionsInput, fn func(*DescribeTrafficMirrorSessionsOutput, bool) bool) error { + return c.DescribeTrafficMirrorSessionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorSessionsPagesWithContext same as DescribeTrafficMirrorSessionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorSessionsPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorSessionsInput, fn func(*DescribeTrafficMirrorSessionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorSessionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorSessionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTrafficMirrorSessionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeTrafficMirrorTargets = "DescribeTrafficMirrorTargets" + +// DescribeTrafficMirrorTargetsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorTargets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorTargets for more information on using the DescribeTrafficMirrorTargets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorTargetsRequest method. +// req, resp := client.DescribeTrafficMirrorTargetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorTargets +func (c *EC2) DescribeTrafficMirrorTargetsRequest(input *DescribeTrafficMirrorTargetsInput) (req *request.Request, output *DescribeTrafficMirrorTargetsOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorTargets, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorTargetsInput{} + } + + output = &DescribeTrafficMirrorTargetsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorTargets API operation for Amazon Elastic Compute Cloud. +// +// Information about one or more Traffic Mirror targets. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorTargets for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorTargets +func (c *EC2) DescribeTrafficMirrorTargets(input *DescribeTrafficMirrorTargetsInput) (*DescribeTrafficMirrorTargetsOutput, error) { + req, out := c.DescribeTrafficMirrorTargetsRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorTargetsWithContext is the same as DescribeTrafficMirrorTargets with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorTargets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorTargetsWithContext(ctx aws.Context, input *DescribeTrafficMirrorTargetsInput, opts ...request.Option) (*DescribeTrafficMirrorTargetsOutput, error) { + req, out := c.DescribeTrafficMirrorTargetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorTargetsPages iterates over the pages of a DescribeTrafficMirrorTargets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorTargets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorTargets operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorTargetsPages(params, +// func(page *ec2.DescribeTrafficMirrorTargetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorTargetsPages(input *DescribeTrafficMirrorTargetsInput, fn func(*DescribeTrafficMirrorTargetsOutput, bool) bool) error { + return c.DescribeTrafficMirrorTargetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorTargetsPagesWithContext same as DescribeTrafficMirrorTargetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorTargetsPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorTargetsInput, fn func(*DescribeTrafficMirrorTargetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorTargetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorTargetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTrafficMirrorTargetsOutput), !p.HasNextPage()) { + break + } + } + return p.Err() } @@ -16593,6 +21625,12 @@ func (c *EC2) DescribeTransitGatewayAttachmentsRequest(input *DescribeTransitGat Name: opDescribeTransitGatewayAttachments, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16639,6 +21677,206 @@ func (c *EC2) DescribeTransitGatewayAttachmentsWithContext(ctx aws.Context, inpu return out, req.Send() } +// DescribeTransitGatewayAttachmentsPages iterates over the pages of a DescribeTransitGatewayAttachments operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayAttachments method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayAttachments operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayAttachmentsPages(params, +// func(page *ec2.DescribeTransitGatewayAttachmentsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayAttachmentsPages(input *DescribeTransitGatewayAttachmentsInput, fn func(*DescribeTransitGatewayAttachmentsOutput, bool) bool) error { + return c.DescribeTransitGatewayAttachmentsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayAttachmentsPagesWithContext same as DescribeTransitGatewayAttachmentsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayAttachmentsPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayAttachmentsInput, fn func(*DescribeTransitGatewayAttachmentsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayAttachmentsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayAttachmentsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayAttachmentsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeTransitGatewayMulticastDomains = "DescribeTransitGatewayMulticastDomains" + +// DescribeTransitGatewayMulticastDomainsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTransitGatewayMulticastDomains operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTransitGatewayMulticastDomains for more information on using the DescribeTransitGatewayMulticastDomains +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTransitGatewayMulticastDomainsRequest method. +// req, resp := client.DescribeTransitGatewayMulticastDomainsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayMulticastDomains +func (c *EC2) DescribeTransitGatewayMulticastDomainsRequest(input *DescribeTransitGatewayMulticastDomainsInput) (req *request.Request, output *DescribeTransitGatewayMulticastDomainsOutput) { + op := &request.Operation{ + Name: opDescribeTransitGatewayMulticastDomains, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeTransitGatewayMulticastDomainsInput{} + } + + output = &DescribeTransitGatewayMulticastDomainsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTransitGatewayMulticastDomains API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more transit gateway multicast domains. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTransitGatewayMulticastDomains for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayMulticastDomains +func (c *EC2) DescribeTransitGatewayMulticastDomains(input *DescribeTransitGatewayMulticastDomainsInput) (*DescribeTransitGatewayMulticastDomainsOutput, error) { + req, out := c.DescribeTransitGatewayMulticastDomainsRequest(input) + return out, req.Send() +} + +// DescribeTransitGatewayMulticastDomainsWithContext is the same as DescribeTransitGatewayMulticastDomains with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTransitGatewayMulticastDomains for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayMulticastDomainsWithContext(ctx aws.Context, input *DescribeTransitGatewayMulticastDomainsInput, opts ...request.Option) (*DescribeTransitGatewayMulticastDomainsOutput, error) { + req, out := c.DescribeTransitGatewayMulticastDomainsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeTransitGatewayPeeringAttachments = "DescribeTransitGatewayPeeringAttachments" + +// DescribeTransitGatewayPeeringAttachmentsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTransitGatewayPeeringAttachments operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTransitGatewayPeeringAttachments for more information on using the DescribeTransitGatewayPeeringAttachments +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTransitGatewayPeeringAttachmentsRequest method. +// req, resp := client.DescribeTransitGatewayPeeringAttachmentsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayPeeringAttachments +func (c *EC2) DescribeTransitGatewayPeeringAttachmentsRequest(input *DescribeTransitGatewayPeeringAttachmentsInput) (req *request.Request, output *DescribeTransitGatewayPeeringAttachmentsOutput) { + op := &request.Operation{ + Name: opDescribeTransitGatewayPeeringAttachments, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeTransitGatewayPeeringAttachmentsInput{} + } + + output = &DescribeTransitGatewayPeeringAttachmentsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTransitGatewayPeeringAttachments API operation for Amazon Elastic Compute Cloud. +// +// Describes your transit gateway peering attachments. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTransitGatewayPeeringAttachments for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTransitGatewayPeeringAttachments +func (c *EC2) DescribeTransitGatewayPeeringAttachments(input *DescribeTransitGatewayPeeringAttachmentsInput) (*DescribeTransitGatewayPeeringAttachmentsOutput, error) { + req, out := c.DescribeTransitGatewayPeeringAttachmentsRequest(input) + return out, req.Send() +} + +// DescribeTransitGatewayPeeringAttachmentsWithContext is the same as DescribeTransitGatewayPeeringAttachments with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTransitGatewayPeeringAttachments for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayPeeringAttachmentsWithContext(ctx aws.Context, input *DescribeTransitGatewayPeeringAttachmentsInput, opts ...request.Option) (*DescribeTransitGatewayPeeringAttachmentsOutput, error) { + req, out := c.DescribeTransitGatewayPeeringAttachmentsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeTransitGatewayRouteTables = "DescribeTransitGatewayRouteTables" // DescribeTransitGatewayRouteTablesRequest generates a "aws/request.Request" representing the @@ -16670,6 +21908,12 @@ func (c *EC2) DescribeTransitGatewayRouteTablesRequest(input *DescribeTransitGat Name: opDescribeTransitGatewayRouteTables, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16714,6 +21958,58 @@ func (c *EC2) DescribeTransitGatewayRouteTablesWithContext(ctx aws.Context, inpu return out, req.Send() } +// DescribeTransitGatewayRouteTablesPages iterates over the pages of a DescribeTransitGatewayRouteTables operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayRouteTables method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayRouteTables operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayRouteTablesPages(params, +// func(page *ec2.DescribeTransitGatewayRouteTablesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayRouteTablesPages(input *DescribeTransitGatewayRouteTablesInput, fn func(*DescribeTransitGatewayRouteTablesOutput, bool) bool) error { + return c.DescribeTransitGatewayRouteTablesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayRouteTablesPagesWithContext same as DescribeTransitGatewayRouteTablesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayRouteTablesPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayRouteTablesInput, fn func(*DescribeTransitGatewayRouteTablesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayRouteTablesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayRouteTablesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayRouteTablesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTransitGatewayVpcAttachments = "DescribeTransitGatewayVpcAttachments" // DescribeTransitGatewayVpcAttachmentsRequest generates a "aws/request.Request" representing the @@ -16745,6 +22041,12 @@ func (c *EC2) DescribeTransitGatewayVpcAttachmentsRequest(input *DescribeTransit Name: opDescribeTransitGatewayVpcAttachments, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16789,6 +22091,58 @@ func (c *EC2) DescribeTransitGatewayVpcAttachmentsWithContext(ctx aws.Context, i return out, req.Send() } +// DescribeTransitGatewayVpcAttachmentsPages iterates over the pages of a DescribeTransitGatewayVpcAttachments operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGatewayVpcAttachments method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGatewayVpcAttachments operation. +// pageNum := 0 +// err := client.DescribeTransitGatewayVpcAttachmentsPages(params, +// func(page *ec2.DescribeTransitGatewayVpcAttachmentsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewayVpcAttachmentsPages(input *DescribeTransitGatewayVpcAttachmentsInput, fn func(*DescribeTransitGatewayVpcAttachmentsOutput, bool) bool) error { + return c.DescribeTransitGatewayVpcAttachmentsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewayVpcAttachmentsPagesWithContext same as DescribeTransitGatewayVpcAttachmentsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewayVpcAttachmentsPagesWithContext(ctx aws.Context, input *DescribeTransitGatewayVpcAttachmentsInput, fn func(*DescribeTransitGatewayVpcAttachmentsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewayVpcAttachmentsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewayVpcAttachmentsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewayVpcAttachmentsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeTransitGateways = "DescribeTransitGateways" // DescribeTransitGatewaysRequest generates a "aws/request.Request" representing the @@ -16820,6 +22174,12 @@ func (c *EC2) DescribeTransitGatewaysRequest(input *DescribeTransitGatewaysInput Name: opDescribeTransitGateways, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -16864,6 +22224,58 @@ func (c *EC2) DescribeTransitGatewaysWithContext(ctx aws.Context, input *Describ return out, req.Send() } +// DescribeTransitGatewaysPages iterates over the pages of a DescribeTransitGateways operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTransitGateways method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTransitGateways operation. +// pageNum := 0 +// err := client.DescribeTransitGatewaysPages(params, +// func(page *ec2.DescribeTransitGatewaysOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTransitGatewaysPages(input *DescribeTransitGatewaysInput, fn func(*DescribeTransitGatewaysOutput, bool) bool) error { + return c.DescribeTransitGatewaysPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTransitGatewaysPagesWithContext same as DescribeTransitGatewaysPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTransitGatewaysPagesWithContext(ctx aws.Context, input *DescribeTransitGatewaysInput, fn func(*DescribeTransitGatewaysOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTransitGatewaysInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTransitGatewaysRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeTransitGatewaysOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVolumeAttribute = "DescribeVolumeAttribute" // DescribeVolumeAttributeRequest generates a "aws/request.Request" representing the @@ -16911,7 +22323,7 @@ func (c *EC2) DescribeVolumeAttributeRequest(input *DescribeVolumeAttributeInput // Describes the specified attribute of the specified volume. You can specify // only one attribute at a time. // -// For more information about EBS volumes, see Amazon EBS Volumes (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) +// For more information about EBS volumes, see Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -17010,7 +22422,7 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // If the status is insufficient-data, then the checks may still be taking place // on your volume at the time. We recommend that you retry the request. For // more information about volume status, see Monitoring the Status of Your Volumes -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html) // in the Amazon Elastic Compute Cloud User Guide. // // Events: Reflect the cause of a volume status and may require you to take @@ -17068,7 +22480,7 @@ func (c *EC2) DescribeVolumeStatusWithContext(ctx aws.Context, input *DescribeVo // // Example iterating over at most 3 pages of a DescribeVolumeStatus operation. // pageNum := 0 // err := client.DescribeVolumeStatusPages(params, -// func(page *DescribeVolumeStatusOutput, lastPage bool) bool { +// func(page *ec2.DescribeVolumeStatusOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -17100,10 +22512,12 @@ func (c *EC2) DescribeVolumeStatusPagesWithContext(ctx aws.Context, input *Descr }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeVolumeStatusOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeVolumeStatusOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -17157,7 +22571,7 @@ func (c *EC2) DescribeVolumesRequest(input *DescribeVolumesInput) (req *request. // DescribeVolumes API operation for Amazon Elastic Compute Cloud. // -// Describes the specified EBS volumes. +// Describes the specified EBS volumes or all of your EBS volumes. // // If you are describing a long list of volumes, you can paginate the output // to make the list more manageable. The MaxResults parameter sets the maximum @@ -17166,7 +22580,7 @@ func (c *EC2) DescribeVolumesRequest(input *DescribeVolumesInput) (req *request. // a NextToken value that can be passed to a subsequent DescribeVolumes request // to retrieve the remaining results. // -// For more information about EBS volumes, see Amazon EBS Volumes (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) +// For more information about EBS volumes, see Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -17208,7 +22622,7 @@ func (c *EC2) DescribeVolumesWithContext(ctx aws.Context, input *DescribeVolumes // // Example iterating over at most 3 pages of a DescribeVolumes operation. // pageNum := 0 // err := client.DescribeVolumesPages(params, -// func(page *DescribeVolumesOutput, lastPage bool) bool { +// func(page *ec2.DescribeVolumesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -17240,10 +22654,12 @@ func (c *EC2) DescribeVolumesPagesWithContext(ctx aws.Context, input *DescribeVo }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeVolumesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeVolumesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -17278,6 +22694,12 @@ func (c *EC2) DescribeVolumesModificationsRequest(input *DescribeVolumesModifica Name: opDescribeVolumesModifications, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17302,8 +22724,8 @@ func (c *EC2) DescribeVolumesModificationsRequest(input *DescribeVolumesModifica // // You can also use CloudWatch Events to check the status of a modification // to an EBS volume. For information about CloudWatch Events, see the Amazon -// CloudWatch Events User Guide (http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// For more information, see Monitoring Volume Modifications" (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods) +// CloudWatch Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). +// For more information, see Monitoring Volume Modifications" (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -17334,6 +22756,58 @@ func (c *EC2) DescribeVolumesModificationsWithContext(ctx aws.Context, input *De return out, req.Send() } +// DescribeVolumesModificationsPages iterates over the pages of a DescribeVolumesModifications operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVolumesModifications method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVolumesModifications operation. +// pageNum := 0 +// err := client.DescribeVolumesModificationsPages(params, +// func(page *ec2.DescribeVolumesModificationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVolumesModificationsPages(input *DescribeVolumesModificationsInput, fn func(*DescribeVolumesModificationsOutput, bool) bool) error { + return c.DescribeVolumesModificationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVolumesModificationsPagesWithContext same as DescribeVolumesModificationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVolumesModificationsPagesWithContext(ctx aws.Context, input *DescribeVolumesModificationsInput, fn func(*DescribeVolumesModificationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVolumesModificationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVolumesModificationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVolumesModificationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcAttribute = "DescribeVpcAttribute" // DescribeVpcAttributeRequest generates a "aws/request.Request" representing the @@ -17514,6 +22988,12 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportRequest(input *DescribeVpcClassicL Name: opDescribeVpcClassicLinkDnsSupport, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17532,7 +23012,7 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportRequest(input *DescribeVpcClassicL // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private // IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -17563,6 +23043,58 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportWithContext(ctx aws.Context, input return out, req.Send() } +// DescribeVpcClassicLinkDnsSupportPages iterates over the pages of a DescribeVpcClassicLinkDnsSupport operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcClassicLinkDnsSupport method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcClassicLinkDnsSupport operation. +// pageNum := 0 +// err := client.DescribeVpcClassicLinkDnsSupportPages(params, +// func(page *ec2.DescribeVpcClassicLinkDnsSupportOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcClassicLinkDnsSupportPages(input *DescribeVpcClassicLinkDnsSupportInput, fn func(*DescribeVpcClassicLinkDnsSupportOutput, bool) bool) error { + return c.DescribeVpcClassicLinkDnsSupportPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcClassicLinkDnsSupportPagesWithContext same as DescribeVpcClassicLinkDnsSupportPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcClassicLinkDnsSupportPagesWithContext(ctx aws.Context, input *DescribeVpcClassicLinkDnsSupportInput, fn func(*DescribeVpcClassicLinkDnsSupportOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcClassicLinkDnsSupportInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcClassicLinkDnsSupportRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcClassicLinkDnsSupportOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcEndpointConnectionNotifications = "DescribeVpcEndpointConnectionNotifications" // DescribeVpcEndpointConnectionNotificationsRequest generates a "aws/request.Request" representing the @@ -17594,6 +23126,12 @@ func (c *EC2) DescribeVpcEndpointConnectionNotificationsRequest(input *DescribeV Name: opDescribeVpcEndpointConnectionNotifications, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17638,6 +23176,58 @@ func (c *EC2) DescribeVpcEndpointConnectionNotificationsWithContext(ctx aws.Cont return out, req.Send() } +// DescribeVpcEndpointConnectionNotificationsPages iterates over the pages of a DescribeVpcEndpointConnectionNotifications operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcEndpointConnectionNotifications method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcEndpointConnectionNotifications operation. +// pageNum := 0 +// err := client.DescribeVpcEndpointConnectionNotificationsPages(params, +// func(page *ec2.DescribeVpcEndpointConnectionNotificationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcEndpointConnectionNotificationsPages(input *DescribeVpcEndpointConnectionNotificationsInput, fn func(*DescribeVpcEndpointConnectionNotificationsOutput, bool) bool) error { + return c.DescribeVpcEndpointConnectionNotificationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcEndpointConnectionNotificationsPagesWithContext same as DescribeVpcEndpointConnectionNotificationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcEndpointConnectionNotificationsPagesWithContext(ctx aws.Context, input *DescribeVpcEndpointConnectionNotificationsInput, fn func(*DescribeVpcEndpointConnectionNotificationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcEndpointConnectionNotificationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcEndpointConnectionNotificationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcEndpointConnectionNotificationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcEndpointConnections = "DescribeVpcEndpointConnections" // DescribeVpcEndpointConnectionsRequest generates a "aws/request.Request" representing the @@ -17669,6 +23259,12 @@ func (c *EC2) DescribeVpcEndpointConnectionsRequest(input *DescribeVpcEndpointCo Name: opDescribeVpcEndpointConnections, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17713,6 +23309,58 @@ func (c *EC2) DescribeVpcEndpointConnectionsWithContext(ctx aws.Context, input * return out, req.Send() } +// DescribeVpcEndpointConnectionsPages iterates over the pages of a DescribeVpcEndpointConnections operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcEndpointConnections method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcEndpointConnections operation. +// pageNum := 0 +// err := client.DescribeVpcEndpointConnectionsPages(params, +// func(page *ec2.DescribeVpcEndpointConnectionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcEndpointConnectionsPages(input *DescribeVpcEndpointConnectionsInput, fn func(*DescribeVpcEndpointConnectionsOutput, bool) bool) error { + return c.DescribeVpcEndpointConnectionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcEndpointConnectionsPagesWithContext same as DescribeVpcEndpointConnectionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcEndpointConnectionsPagesWithContext(ctx aws.Context, input *DescribeVpcEndpointConnectionsInput, fn func(*DescribeVpcEndpointConnectionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcEndpointConnectionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcEndpointConnectionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcEndpointConnectionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcEndpointServiceConfigurations = "DescribeVpcEndpointServiceConfigurations" // DescribeVpcEndpointServiceConfigurationsRequest generates a "aws/request.Request" representing the @@ -17744,6 +23392,12 @@ func (c *EC2) DescribeVpcEndpointServiceConfigurationsRequest(input *DescribeVpc Name: opDescribeVpcEndpointServiceConfigurations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17787,6 +23441,58 @@ func (c *EC2) DescribeVpcEndpointServiceConfigurationsWithContext(ctx aws.Contex return out, req.Send() } +// DescribeVpcEndpointServiceConfigurationsPages iterates over the pages of a DescribeVpcEndpointServiceConfigurations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcEndpointServiceConfigurations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcEndpointServiceConfigurations operation. +// pageNum := 0 +// err := client.DescribeVpcEndpointServiceConfigurationsPages(params, +// func(page *ec2.DescribeVpcEndpointServiceConfigurationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcEndpointServiceConfigurationsPages(input *DescribeVpcEndpointServiceConfigurationsInput, fn func(*DescribeVpcEndpointServiceConfigurationsOutput, bool) bool) error { + return c.DescribeVpcEndpointServiceConfigurationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcEndpointServiceConfigurationsPagesWithContext same as DescribeVpcEndpointServiceConfigurationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcEndpointServiceConfigurationsPagesWithContext(ctx aws.Context, input *DescribeVpcEndpointServiceConfigurationsInput, fn func(*DescribeVpcEndpointServiceConfigurationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcEndpointServiceConfigurationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcEndpointServiceConfigurationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcEndpointServiceConfigurationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcEndpointServicePermissions = "DescribeVpcEndpointServicePermissions" // DescribeVpcEndpointServicePermissionsRequest generates a "aws/request.Request" representing the @@ -17818,6 +23524,12 @@ func (c *EC2) DescribeVpcEndpointServicePermissionsRequest(input *DescribeVpcEnd Name: opDescribeVpcEndpointServicePermissions, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -17862,6 +23574,58 @@ func (c *EC2) DescribeVpcEndpointServicePermissionsWithContext(ctx aws.Context, return out, req.Send() } +// DescribeVpcEndpointServicePermissionsPages iterates over the pages of a DescribeVpcEndpointServicePermissions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcEndpointServicePermissions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcEndpointServicePermissions operation. +// pageNum := 0 +// err := client.DescribeVpcEndpointServicePermissionsPages(params, +// func(page *ec2.DescribeVpcEndpointServicePermissionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcEndpointServicePermissionsPages(input *DescribeVpcEndpointServicePermissionsInput, fn func(*DescribeVpcEndpointServicePermissionsOutput, bool) bool) error { + return c.DescribeVpcEndpointServicePermissionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcEndpointServicePermissionsPagesWithContext same as DescribeVpcEndpointServicePermissionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcEndpointServicePermissionsPagesWithContext(ctx aws.Context, input *DescribeVpcEndpointServicePermissionsInput, fn func(*DescribeVpcEndpointServicePermissionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcEndpointServicePermissionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcEndpointServicePermissionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcEndpointServicePermissionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcEndpointServices = "DescribeVpcEndpointServices" // DescribeVpcEndpointServicesRequest generates a "aws/request.Request" representing the @@ -17967,6 +23731,12 @@ func (c *EC2) DescribeVpcEndpointsRequest(input *DescribeVpcEndpointsInput) (req Name: opDescribeVpcEndpoints, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -18010,6 +23780,58 @@ func (c *EC2) DescribeVpcEndpointsWithContext(ctx aws.Context, input *DescribeVp return out, req.Send() } +// DescribeVpcEndpointsPages iterates over the pages of a DescribeVpcEndpoints operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcEndpoints method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcEndpoints operation. +// pageNum := 0 +// err := client.DescribeVpcEndpointsPages(params, +// func(page *ec2.DescribeVpcEndpointsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcEndpointsPages(input *DescribeVpcEndpointsInput, fn func(*DescribeVpcEndpointsOutput, bool) bool) error { + return c.DescribeVpcEndpointsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcEndpointsPagesWithContext same as DescribeVpcEndpointsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcEndpointsPagesWithContext(ctx aws.Context, input *DescribeVpcEndpointsInput, fn func(*DescribeVpcEndpointsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcEndpointsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcEndpointsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcEndpointsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcPeeringConnections = "DescribeVpcPeeringConnections" // DescribeVpcPeeringConnectionsRequest generates a "aws/request.Request" representing the @@ -18041,6 +23863,12 @@ func (c *EC2) DescribeVpcPeeringConnectionsRequest(input *DescribeVpcPeeringConn Name: opDescribeVpcPeeringConnections, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -18084,6 +23912,58 @@ func (c *EC2) DescribeVpcPeeringConnectionsWithContext(ctx aws.Context, input *D return out, req.Send() } +// DescribeVpcPeeringConnectionsPages iterates over the pages of a DescribeVpcPeeringConnections operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcPeeringConnections method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcPeeringConnections operation. +// pageNum := 0 +// err := client.DescribeVpcPeeringConnectionsPages(params, +// func(page *ec2.DescribeVpcPeeringConnectionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcPeeringConnectionsPages(input *DescribeVpcPeeringConnectionsInput, fn func(*DescribeVpcPeeringConnectionsOutput, bool) bool) error { + return c.DescribeVpcPeeringConnectionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcPeeringConnectionsPagesWithContext same as DescribeVpcPeeringConnectionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcPeeringConnectionsPagesWithContext(ctx aws.Context, input *DescribeVpcPeeringConnectionsInput, fn func(*DescribeVpcPeeringConnectionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcPeeringConnectionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcPeeringConnectionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcPeeringConnectionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpcs = "DescribeVpcs" // DescribeVpcsRequest generates a "aws/request.Request" representing the @@ -18115,6 +23995,12 @@ func (c *EC2) DescribeVpcsRequest(input *DescribeVpcsInput) (req *request.Reques Name: opDescribeVpcs, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -18158,6 +24044,58 @@ func (c *EC2) DescribeVpcsWithContext(ctx aws.Context, input *DescribeVpcsInput, return out, req.Send() } +// DescribeVpcsPages iterates over the pages of a DescribeVpcs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeVpcs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeVpcs operation. +// pageNum := 0 +// err := client.DescribeVpcsPages(params, +// func(page *ec2.DescribeVpcsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeVpcsPages(input *DescribeVpcsInput, fn func(*DescribeVpcsOutput, bool) bool) error { + return c.DescribeVpcsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeVpcsPagesWithContext same as DescribeVpcsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeVpcsPagesWithContext(ctx aws.Context, input *DescribeVpcsInput, fn func(*DescribeVpcsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeVpcsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeVpcsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeVpcsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeVpnConnections = "DescribeVpnConnections" // DescribeVpnConnectionsRequest generates a "aws/request.Request" representing the @@ -18204,9 +24142,8 @@ func (c *EC2) DescribeVpnConnectionsRequest(input *DescribeVpnConnectionsInput) // // Describes one or more of your VPN connections. // -// For more information about VPN connections, see AWS Managed VPN Connections -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) in the -// Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -18282,9 +24219,8 @@ func (c *EC2) DescribeVpnGatewaysRequest(input *DescribeVpnGatewaysInput) (req * // // Describes one or more of your virtual private gateways. // -// For more information about virtual private gateways, see AWS Managed VPN -// Connections (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see AWS Site-to-Site VPN (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html) +// in the AWS Site-to-Site VPN User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -18598,7 +24534,7 @@ func (c *EC2) DetachVolumeRequest(input *DetachVolumeInput) (req *request.Reques // When a volume with an AWS Marketplace product code is detached from an instance, // the product code is no longer associated with the instance. // -// For more information, see Detaching an Amazon EBS Volume (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) +// For more information, see Detaching an Amazon EBS Volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -18711,6 +24647,164 @@ func (c *EC2) DetachVpnGatewayWithContext(ctx aws.Context, input *DetachVpnGatew return out, req.Send() } +const opDisableEbsEncryptionByDefault = "DisableEbsEncryptionByDefault" + +// DisableEbsEncryptionByDefaultRequest generates a "aws/request.Request" representing the +// client's request for the DisableEbsEncryptionByDefault operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableEbsEncryptionByDefault for more information on using the DisableEbsEncryptionByDefault +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisableEbsEncryptionByDefaultRequest method. +// req, resp := client.DisableEbsEncryptionByDefaultRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableEbsEncryptionByDefault +func (c *EC2) DisableEbsEncryptionByDefaultRequest(input *DisableEbsEncryptionByDefaultInput) (req *request.Request, output *DisableEbsEncryptionByDefaultOutput) { + op := &request.Operation{ + Name: opDisableEbsEncryptionByDefault, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableEbsEncryptionByDefaultInput{} + } + + output = &DisableEbsEncryptionByDefaultOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. +// +// Disables EBS encryption by default for your account in the current Region. +// +// After you disable encryption by default, you can still create encrypted volumes +// by enabling encryption when you create each volume. +// +// Disabling encryption by default does not change the encryption status of +// your existing volumes. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableEbsEncryptionByDefault for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableEbsEncryptionByDefault +func (c *EC2) DisableEbsEncryptionByDefault(input *DisableEbsEncryptionByDefaultInput) (*DisableEbsEncryptionByDefaultOutput, error) { + req, out := c.DisableEbsEncryptionByDefaultRequest(input) + return out, req.Send() +} + +// DisableEbsEncryptionByDefaultWithContext is the same as DisableEbsEncryptionByDefault with the addition of +// the ability to pass a context and additional request options. +// +// See DisableEbsEncryptionByDefault for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableEbsEncryptionByDefaultWithContext(ctx aws.Context, input *DisableEbsEncryptionByDefaultInput, opts ...request.Option) (*DisableEbsEncryptionByDefaultOutput, error) { + req, out := c.DisableEbsEncryptionByDefaultRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisableFastSnapshotRestores = "DisableFastSnapshotRestores" + +// DisableFastSnapshotRestoresRequest generates a "aws/request.Request" representing the +// client's request for the DisableFastSnapshotRestores operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableFastSnapshotRestores for more information on using the DisableFastSnapshotRestores +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisableFastSnapshotRestoresRequest method. +// req, resp := client.DisableFastSnapshotRestoresRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableFastSnapshotRestores +func (c *EC2) DisableFastSnapshotRestoresRequest(input *DisableFastSnapshotRestoresInput) (req *request.Request, output *DisableFastSnapshotRestoresOutput) { + op := &request.Operation{ + Name: opDisableFastSnapshotRestores, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableFastSnapshotRestoresInput{} + } + + output = &DisableFastSnapshotRestoresOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableFastSnapshotRestores API operation for Amazon Elastic Compute Cloud. +// +// Disables fast snapshot restores for the specified snapshots in the specified +// Availability Zones. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableFastSnapshotRestores for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableFastSnapshotRestores +func (c *EC2) DisableFastSnapshotRestores(input *DisableFastSnapshotRestoresInput) (*DisableFastSnapshotRestoresOutput, error) { + req, out := c.DisableFastSnapshotRestoresRequest(input) + return out, req.Send() +} + +// DisableFastSnapshotRestoresWithContext is the same as DisableFastSnapshotRestores with the addition of +// the ability to pass a context and additional request options. +// +// See DisableFastSnapshotRestores for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableFastSnapshotRestoresWithContext(ctx aws.Context, input *DisableFastSnapshotRestoresInput, opts ...request.Option) (*DisableFastSnapshotRestoresOutput, error) { + req, out := c.DisableFastSnapshotRestoresRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableTransitGatewayRouteTablePropagation = "DisableTransitGatewayRouteTablePropagation" // DisableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -18984,7 +25078,7 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin // Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve // to public IP addresses when addressed between a linked EC2-Classic instance // and instances in the VPC to which it's linked. For more information, see -// ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -19064,7 +25158,7 @@ func (c *EC2) DisassociateAddressRequest(input *DisassociateAddressInput) (req * // it's associated with. // // An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) +// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. // // This is an idempotent operation. If you perform the operation more than once, @@ -19307,7 +25401,7 @@ func (c *EC2) DisassociateRouteTableRequest(input *DisassociateRouteTableInput) // // After you perform this action, the subnet no longer uses the routes in the // route table. Instead, it uses the routes in the VPC's main route table. For -// more information about route tables, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// more information about route tables, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -19414,6 +25508,80 @@ func (c *EC2) DisassociateSubnetCidrBlockWithContext(ctx aws.Context, input *Dis return out, req.Send() } +const opDisassociateTransitGatewayMulticastDomain = "DisassociateTransitGatewayMulticastDomain" + +// DisassociateTransitGatewayMulticastDomainRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateTransitGatewayMulticastDomain operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateTransitGatewayMulticastDomain for more information on using the DisassociateTransitGatewayMulticastDomain +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DisassociateTransitGatewayMulticastDomainRequest method. +// req, resp := client.DisassociateTransitGatewayMulticastDomainRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateTransitGatewayMulticastDomain +func (c *EC2) DisassociateTransitGatewayMulticastDomainRequest(input *DisassociateTransitGatewayMulticastDomainInput) (req *request.Request, output *DisassociateTransitGatewayMulticastDomainOutput) { + op := &request.Operation{ + Name: opDisassociateTransitGatewayMulticastDomain, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateTransitGatewayMulticastDomainInput{} + } + + output = &DisassociateTransitGatewayMulticastDomainOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateTransitGatewayMulticastDomain API operation for Amazon Elastic Compute Cloud. +// +// Disassociates the specified subnets from the transit gateway multicast domain. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateTransitGatewayMulticastDomain for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateTransitGatewayMulticastDomain +func (c *EC2) DisassociateTransitGatewayMulticastDomain(input *DisassociateTransitGatewayMulticastDomainInput) (*DisassociateTransitGatewayMulticastDomainOutput, error) { + req, out := c.DisassociateTransitGatewayMulticastDomainRequest(input) + return out, req.Send() +} + +// DisassociateTransitGatewayMulticastDomainWithContext is the same as DisassociateTransitGatewayMulticastDomain with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateTransitGatewayMulticastDomain for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateTransitGatewayMulticastDomainWithContext(ctx aws.Context, input *DisassociateTransitGatewayMulticastDomainInput, opts ...request.Option) (*DisassociateTransitGatewayMulticastDomainOutput, error) { + req, out := c.DisassociateTransitGatewayMulticastDomainRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisassociateTransitGatewayRouteTable = "DisassociateTransitGatewayRouteTable" // DisassociateTransitGatewayRouteTableRequest generates a "aws/request.Request" representing the @@ -19568,6 +25736,175 @@ func (c *EC2) DisassociateVpcCidrBlockWithContext(ctx aws.Context, input *Disass return out, req.Send() } +const opEnableEbsEncryptionByDefault = "EnableEbsEncryptionByDefault" + +// EnableEbsEncryptionByDefaultRequest generates a "aws/request.Request" representing the +// client's request for the EnableEbsEncryptionByDefault operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableEbsEncryptionByDefault for more information on using the EnableEbsEncryptionByDefault +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the EnableEbsEncryptionByDefaultRequest method. +// req, resp := client.EnableEbsEncryptionByDefaultRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableEbsEncryptionByDefault +func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDefaultInput) (req *request.Request, output *EnableEbsEncryptionByDefaultOutput) { + op := &request.Operation{ + Name: opEnableEbsEncryptionByDefault, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableEbsEncryptionByDefaultInput{} + } + + output = &EnableEbsEncryptionByDefaultOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. +// +// Enables EBS encryption by default for your account in the current Region. +// +// After you enable encryption by default, the EBS volumes that you create are +// are always encrypted, either using the default CMK or the CMK that you specified +// when you created each volume. For more information, see Amazon EBS Encryption +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// You can specify the default CMK for encryption by default using ModifyEbsDefaultKmsKeyId +// or ResetEbsDefaultKmsKeyId. +// +// Enabling encryption by default has no effect on the encryption status of +// your existing volumes. +// +// After you enable encryption by default, you can no longer launch instances +// using instance types that do not support encryption. For more information, +// see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableEbsEncryptionByDefault for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableEbsEncryptionByDefault +func (c *EC2) EnableEbsEncryptionByDefault(input *EnableEbsEncryptionByDefaultInput) (*EnableEbsEncryptionByDefaultOutput, error) { + req, out := c.EnableEbsEncryptionByDefaultRequest(input) + return out, req.Send() +} + +// EnableEbsEncryptionByDefaultWithContext is the same as EnableEbsEncryptionByDefault with the addition of +// the ability to pass a context and additional request options. +// +// See EnableEbsEncryptionByDefault for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableEbsEncryptionByDefaultWithContext(ctx aws.Context, input *EnableEbsEncryptionByDefaultInput, opts ...request.Option) (*EnableEbsEncryptionByDefaultOutput, error) { + req, out := c.EnableEbsEncryptionByDefaultRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opEnableFastSnapshotRestores = "EnableFastSnapshotRestores" + +// EnableFastSnapshotRestoresRequest generates a "aws/request.Request" representing the +// client's request for the EnableFastSnapshotRestores operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableFastSnapshotRestores for more information on using the EnableFastSnapshotRestores +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the EnableFastSnapshotRestoresRequest method. +// req, resp := client.EnableFastSnapshotRestoresRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableFastSnapshotRestores +func (c *EC2) EnableFastSnapshotRestoresRequest(input *EnableFastSnapshotRestoresInput) (req *request.Request, output *EnableFastSnapshotRestoresOutput) { + op := &request.Operation{ + Name: opEnableFastSnapshotRestores, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableFastSnapshotRestoresInput{} + } + + output = &EnableFastSnapshotRestoresOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableFastSnapshotRestores API operation for Amazon Elastic Compute Cloud. +// +// Enables fast snapshot restores for the specified snapshots in the specified +// Availability Zones. +// +// You get the full benefit of fast snapshot restores after they enter the enabled +// state. To get the current state of fast snapshot restores, use DescribeFastSnapshotRestores. +// To disable fast snapshot restores, use DisableFastSnapshotRestores. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableFastSnapshotRestores for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableFastSnapshotRestores +func (c *EC2) EnableFastSnapshotRestores(input *EnableFastSnapshotRestoresInput) (*EnableFastSnapshotRestoresOutput, error) { + req, out := c.EnableFastSnapshotRestoresRequest(input) + return out, req.Send() +} + +// EnableFastSnapshotRestoresWithContext is the same as EnableFastSnapshotRestores with the addition of +// the ability to pass a context and additional request options. +// +// See EnableFastSnapshotRestores for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableFastSnapshotRestoresWithContext(ctx aws.Context, input *EnableFastSnapshotRestoresInput, opts ...request.Option) (*EnableFastSnapshotRestoresOutput, error) { + req, out := c.EnableFastSnapshotRestoresRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableTransitGatewayRouteTablePropagation = "EnableTransitGatewayRouteTablePropagation" // EnableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -19844,7 +26181,7 @@ func (c *EC2) EnableVpcClassicLinkRequest(input *EnableVpcClassicLinkInput) (req // You cannot enable your VPC for ClassicLink if any of your VPC route tables // have existing routes for address ranges within the 10.0.0.0/8 IP address // range, excluding local routes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 -// IP address ranges. For more information, see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// IP address ranges. For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -19924,7 +26261,7 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private // IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) +// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20107,6 +26444,82 @@ func (c *EC2) ExportClientVpnClientConfigurationWithContext(ctx aws.Context, inp return out, req.Send() } +const opExportImage = "ExportImage" + +// ExportImageRequest generates a "aws/request.Request" representing the +// client's request for the ExportImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ExportImage for more information on using the ExportImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ExportImageRequest method. +// req, resp := client.ExportImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportImage +func (c *EC2) ExportImageRequest(input *ExportImageInput) (req *request.Request, output *ExportImageOutput) { + op := &request.Operation{ + Name: opExportImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ExportImageInput{} + } + + output = &ExportImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// ExportImage API operation for Amazon Elastic Compute Cloud. +// +// Exports an Amazon Machine Image (AMI) to a VM file. For more information, +// see Exporting a VM Directory from an Amazon Machine Image (AMI) (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport_image.html) +// in the VM Import/Export User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ExportImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportImage +func (c *EC2) ExportImage(input *ExportImageInput) (*ExportImageOutput, error) { + req, out := c.ExportImageRequest(input) + return out, req.Send() +} + +// ExportImageWithContext is the same as ExportImage with the addition of +// the ability to pass a context and additional request options. +// +// See ExportImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ExportImageWithContext(ctx aws.Context, input *ExportImageInput, opts ...request.Option) (*ExportImageOutput, error) { + req, out := c.ExportImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opExportTransitGatewayRoutes = "ExportTransitGatewayRoutes" // ExportTransitGatewayRoutesRequest generates a "aws/request.Request" representing the @@ -20183,6 +26596,158 @@ func (c *EC2) ExportTransitGatewayRoutesWithContext(ctx aws.Context, input *Expo return out, req.Send() } +const opGetCapacityReservationUsage = "GetCapacityReservationUsage" + +// GetCapacityReservationUsageRequest generates a "aws/request.Request" representing the +// client's request for the GetCapacityReservationUsage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCapacityReservationUsage for more information on using the GetCapacityReservationUsage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCapacityReservationUsageRequest method. +// req, resp := client.GetCapacityReservationUsageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCapacityReservationUsage +func (c *EC2) GetCapacityReservationUsageRequest(input *GetCapacityReservationUsageInput) (req *request.Request, output *GetCapacityReservationUsageOutput) { + op := &request.Operation{ + Name: opGetCapacityReservationUsage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetCapacityReservationUsageInput{} + } + + output = &GetCapacityReservationUsageOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCapacityReservationUsage API operation for Amazon Elastic Compute Cloud. +// +// Gets usage information about a Capacity Reservation. If the Capacity Reservation +// is shared, it shows usage information for the Capacity Reservation owner +// and each AWS account that is currently using the shared capacity. If the +// Capacity Reservation is not shared, it shows only the Capacity Reservation +// owner's usage. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetCapacityReservationUsage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCapacityReservationUsage +func (c *EC2) GetCapacityReservationUsage(input *GetCapacityReservationUsageInput) (*GetCapacityReservationUsageOutput, error) { + req, out := c.GetCapacityReservationUsageRequest(input) + return out, req.Send() +} + +// GetCapacityReservationUsageWithContext is the same as GetCapacityReservationUsage with the addition of +// the ability to pass a context and additional request options. +// +// See GetCapacityReservationUsage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetCapacityReservationUsageWithContext(ctx aws.Context, input *GetCapacityReservationUsageInput, opts ...request.Option) (*GetCapacityReservationUsageOutput, error) { + req, out := c.GetCapacityReservationUsageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetCoipPoolUsage = "GetCoipPoolUsage" + +// GetCoipPoolUsageRequest generates a "aws/request.Request" representing the +// client's request for the GetCoipPoolUsage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCoipPoolUsage for more information on using the GetCoipPoolUsage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCoipPoolUsageRequest method. +// req, resp := client.GetCoipPoolUsageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCoipPoolUsage +func (c *EC2) GetCoipPoolUsageRequest(input *GetCoipPoolUsageInput) (req *request.Request, output *GetCoipPoolUsageOutput) { + op := &request.Operation{ + Name: opGetCoipPoolUsage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetCoipPoolUsageInput{} + } + + output = &GetCoipPoolUsageOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCoipPoolUsage API operation for Amazon Elastic Compute Cloud. +// +// Describes the allocations from the specified customer-owned address pool. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetCoipPoolUsage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCoipPoolUsage +func (c *EC2) GetCoipPoolUsage(input *GetCoipPoolUsageInput) (*GetCoipPoolUsageOutput, error) { + req, out := c.GetCoipPoolUsageRequest(input) + return out, req.Send() +} + +// GetCoipPoolUsageWithContext is the same as GetCoipPoolUsage with the addition of +// the ability to pass a context and additional request options. +// +// See GetCoipPoolUsage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetCoipPoolUsageWithContext(ctx aws.Context, input *GetCoipPoolUsageInput, opts ...request.Option) (*GetCoipPoolUsageOutput, error) { + req, out := c.GetCoipPoolUsageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetConsoleOutput = "GetConsoleOutput" // GetConsoleOutputRequest generates a "aws/request.Request" representing the @@ -20242,7 +26807,7 @@ func (c *EC2) GetConsoleOutputRequest(input *GetConsoleOutputInput) (req *reques // during the instance lifecycle. This option is supported on instance types // that use the Nitro hypervisor. // -// For more information, see Instance Console Output (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output) +// For more information, see Instance Console Output (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20349,6 +26914,241 @@ func (c *EC2) GetConsoleScreenshotWithContext(ctx aws.Context, input *GetConsole return out, req.Send() } +const opGetDefaultCreditSpecification = "GetDefaultCreditSpecification" + +// GetDefaultCreditSpecificationRequest generates a "aws/request.Request" representing the +// client's request for the GetDefaultCreditSpecification operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetDefaultCreditSpecification for more information on using the GetDefaultCreditSpecification +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetDefaultCreditSpecificationRequest method. +// req, resp := client.GetDefaultCreditSpecificationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDefaultCreditSpecification +func (c *EC2) GetDefaultCreditSpecificationRequest(input *GetDefaultCreditSpecificationInput) (req *request.Request, output *GetDefaultCreditSpecificationOutput) { + op := &request.Operation{ + Name: opGetDefaultCreditSpecification, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetDefaultCreditSpecificationInput{} + } + + output = &GetDefaultCreditSpecificationOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetDefaultCreditSpecification API operation for Amazon Elastic Compute Cloud. +// +// Describes the default credit option for CPU usage of a burstable performance +// instance family. +// +// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetDefaultCreditSpecification for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDefaultCreditSpecification +func (c *EC2) GetDefaultCreditSpecification(input *GetDefaultCreditSpecificationInput) (*GetDefaultCreditSpecificationOutput, error) { + req, out := c.GetDefaultCreditSpecificationRequest(input) + return out, req.Send() +} + +// GetDefaultCreditSpecificationWithContext is the same as GetDefaultCreditSpecification with the addition of +// the ability to pass a context and additional request options. +// +// See GetDefaultCreditSpecification for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetDefaultCreditSpecificationWithContext(ctx aws.Context, input *GetDefaultCreditSpecificationInput, opts ...request.Option) (*GetDefaultCreditSpecificationOutput, error) { + req, out := c.GetDefaultCreditSpecificationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetEbsDefaultKmsKeyId = "GetEbsDefaultKmsKeyId" + +// GetEbsDefaultKmsKeyIdRequest generates a "aws/request.Request" representing the +// client's request for the GetEbsDefaultKmsKeyId operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetEbsDefaultKmsKeyId for more information on using the GetEbsDefaultKmsKeyId +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetEbsDefaultKmsKeyIdRequest method. +// req, resp := client.GetEbsDefaultKmsKeyIdRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetEbsDefaultKmsKeyId +func (c *EC2) GetEbsDefaultKmsKeyIdRequest(input *GetEbsDefaultKmsKeyIdInput) (req *request.Request, output *GetEbsDefaultKmsKeyIdOutput) { + op := &request.Operation{ + Name: opGetEbsDefaultKmsKeyId, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetEbsDefaultKmsKeyIdInput{} + } + + output = &GetEbsDefaultKmsKeyIdOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. +// +// Describes the default customer master key (CMK) for EBS encryption by default +// for your account in this Region. You can change the default CMK for encryption +// by default using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetEbsDefaultKmsKeyId for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetEbsDefaultKmsKeyId +func (c *EC2) GetEbsDefaultKmsKeyId(input *GetEbsDefaultKmsKeyIdInput) (*GetEbsDefaultKmsKeyIdOutput, error) { + req, out := c.GetEbsDefaultKmsKeyIdRequest(input) + return out, req.Send() +} + +// GetEbsDefaultKmsKeyIdWithContext is the same as GetEbsDefaultKmsKeyId with the addition of +// the ability to pass a context and additional request options. +// +// See GetEbsDefaultKmsKeyId for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetEbsDefaultKmsKeyIdWithContext(ctx aws.Context, input *GetEbsDefaultKmsKeyIdInput, opts ...request.Option) (*GetEbsDefaultKmsKeyIdOutput, error) { + req, out := c.GetEbsDefaultKmsKeyIdRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetEbsEncryptionByDefault = "GetEbsEncryptionByDefault" + +// GetEbsEncryptionByDefaultRequest generates a "aws/request.Request" representing the +// client's request for the GetEbsEncryptionByDefault operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetEbsEncryptionByDefault for more information on using the GetEbsEncryptionByDefault +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetEbsEncryptionByDefaultRequest method. +// req, resp := client.GetEbsEncryptionByDefaultRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetEbsEncryptionByDefault +func (c *EC2) GetEbsEncryptionByDefaultRequest(input *GetEbsEncryptionByDefaultInput) (req *request.Request, output *GetEbsEncryptionByDefaultOutput) { + op := &request.Operation{ + Name: opGetEbsEncryptionByDefault, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetEbsEncryptionByDefaultInput{} + } + + output = &GetEbsEncryptionByDefaultOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. +// +// Describes whether EBS encryption by default is enabled for your account in +// the current Region. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetEbsEncryptionByDefault for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetEbsEncryptionByDefault +func (c *EC2) GetEbsEncryptionByDefault(input *GetEbsEncryptionByDefaultInput) (*GetEbsEncryptionByDefaultOutput, error) { + req, out := c.GetEbsEncryptionByDefaultRequest(input) + return out, req.Send() +} + +// GetEbsEncryptionByDefaultWithContext is the same as GetEbsEncryptionByDefault with the addition of +// the ability to pass a context and additional request options. +// +// See GetEbsEncryptionByDefault for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetEbsEncryptionByDefaultWithContext(ctx aws.Context, input *GetEbsEncryptionByDefaultInput, opts ...request.Option) (*GetEbsEncryptionByDefaultOutput, error) { + req, out := c.GetEbsEncryptionByDefaultRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetHostReservationPurchasePreview = "GetHostReservationPurchasePreview" // GetHostReservationPurchasePreviewRequest generates a "aws/request.Request" representing the @@ -20551,8 +27351,8 @@ func (c *EC2) GetPasswordDataRequest(input *GetPasswordDataInput) (req *request. // // The Windows password is generated at boot by the EC2Config service or EC2Launch // scripts (Windows Server 2016 and later). This usually only happens the first -// time an instance is launched. For more information, see EC2Config (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_WinAMI.html) -// and EC2Launch (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch.html) +// time an instance is launched. For more information, see EC2Config (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_WinAMI.html) +// and EC2Launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch.html) // in the Amazon Elastic Compute Cloud User Guide. // // For the EC2Config service, the password is not generated for rebundled AMIs @@ -20702,6 +27502,12 @@ func (c *EC2) GetTransitGatewayAttachmentPropagationsRequest(input *GetTransitGa Name: opGetTransitGatewayAttachmentPropagations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -20746,6 +27552,133 @@ func (c *EC2) GetTransitGatewayAttachmentPropagationsWithContext(ctx aws.Context return out, req.Send() } +// GetTransitGatewayAttachmentPropagationsPages iterates over the pages of a GetTransitGatewayAttachmentPropagations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayAttachmentPropagations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayAttachmentPropagations operation. +// pageNum := 0 +// err := client.GetTransitGatewayAttachmentPropagationsPages(params, +// func(page *ec2.GetTransitGatewayAttachmentPropagationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetTransitGatewayAttachmentPropagationsPages(input *GetTransitGatewayAttachmentPropagationsInput, fn func(*GetTransitGatewayAttachmentPropagationsOutput, bool) bool) error { + return c.GetTransitGatewayAttachmentPropagationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayAttachmentPropagationsPagesWithContext same as GetTransitGatewayAttachmentPropagationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayAttachmentPropagationsPagesWithContext(ctx aws.Context, input *GetTransitGatewayAttachmentPropagationsInput, fn func(*GetTransitGatewayAttachmentPropagationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayAttachmentPropagationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayAttachmentPropagationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayAttachmentPropagationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetTransitGatewayMulticastDomainAssociations = "GetTransitGatewayMulticastDomainAssociations" + +// GetTransitGatewayMulticastDomainAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the GetTransitGatewayMulticastDomainAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetTransitGatewayMulticastDomainAssociations for more information on using the GetTransitGatewayMulticastDomainAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetTransitGatewayMulticastDomainAssociationsRequest method. +// req, resp := client.GetTransitGatewayMulticastDomainAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetTransitGatewayMulticastDomainAssociations +func (c *EC2) GetTransitGatewayMulticastDomainAssociationsRequest(input *GetTransitGatewayMulticastDomainAssociationsInput) (req *request.Request, output *GetTransitGatewayMulticastDomainAssociationsOutput) { + op := &request.Operation{ + Name: opGetTransitGatewayMulticastDomainAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetTransitGatewayMulticastDomainAssociationsInput{} + } + + output = &GetTransitGatewayMulticastDomainAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetTransitGatewayMulticastDomainAssociations API operation for Amazon Elastic Compute Cloud. +// +// Gets information about the associations for the transit gateway multicast +// domain. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetTransitGatewayMulticastDomainAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetTransitGatewayMulticastDomainAssociations +func (c *EC2) GetTransitGatewayMulticastDomainAssociations(input *GetTransitGatewayMulticastDomainAssociationsInput) (*GetTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.GetTransitGatewayMulticastDomainAssociationsRequest(input) + return out, req.Send() +} + +// GetTransitGatewayMulticastDomainAssociationsWithContext is the same as GetTransitGatewayMulticastDomainAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See GetTransitGatewayMulticastDomainAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayMulticastDomainAssociationsWithContext(ctx aws.Context, input *GetTransitGatewayMulticastDomainAssociationsInput, opts ...request.Option) (*GetTransitGatewayMulticastDomainAssociationsOutput, error) { + req, out := c.GetTransitGatewayMulticastDomainAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetTransitGatewayRouteTableAssociations = "GetTransitGatewayRouteTableAssociations" // GetTransitGatewayRouteTableAssociationsRequest generates a "aws/request.Request" representing the @@ -20777,6 +27710,12 @@ func (c *EC2) GetTransitGatewayRouteTableAssociationsRequest(input *GetTransitGa Name: opGetTransitGatewayRouteTableAssociations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -20821,6 +27760,58 @@ func (c *EC2) GetTransitGatewayRouteTableAssociationsWithContext(ctx aws.Context return out, req.Send() } +// GetTransitGatewayRouteTableAssociationsPages iterates over the pages of a GetTransitGatewayRouteTableAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayRouteTableAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayRouteTableAssociations operation. +// pageNum := 0 +// err := client.GetTransitGatewayRouteTableAssociationsPages(params, +// func(page *ec2.GetTransitGatewayRouteTableAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetTransitGatewayRouteTableAssociationsPages(input *GetTransitGatewayRouteTableAssociationsInput, fn func(*GetTransitGatewayRouteTableAssociationsOutput, bool) bool) error { + return c.GetTransitGatewayRouteTableAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayRouteTableAssociationsPagesWithContext same as GetTransitGatewayRouteTableAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayRouteTableAssociationsPagesWithContext(ctx aws.Context, input *GetTransitGatewayRouteTableAssociationsInput, fn func(*GetTransitGatewayRouteTableAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayRouteTableAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayRouteTableAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayRouteTableAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetTransitGatewayRouteTablePropagations = "GetTransitGatewayRouteTablePropagations" // GetTransitGatewayRouteTablePropagationsRequest generates a "aws/request.Request" representing the @@ -20852,6 +27843,12 @@ func (c *EC2) GetTransitGatewayRouteTablePropagationsRequest(input *GetTransitGa Name: opGetTransitGatewayRouteTablePropagations, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -20896,6 +27893,58 @@ func (c *EC2) GetTransitGatewayRouteTablePropagationsWithContext(ctx aws.Context return out, req.Send() } +// GetTransitGatewayRouteTablePropagationsPages iterates over the pages of a GetTransitGatewayRouteTablePropagations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetTransitGatewayRouteTablePropagations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetTransitGatewayRouteTablePropagations operation. +// pageNum := 0 +// err := client.GetTransitGatewayRouteTablePropagationsPages(params, +// func(page *ec2.GetTransitGatewayRouteTablePropagationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) GetTransitGatewayRouteTablePropagationsPages(input *GetTransitGatewayRouteTablePropagationsInput, fn func(*GetTransitGatewayRouteTablePropagationsOutput, bool) bool) error { + return c.GetTransitGatewayRouteTablePropagationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetTransitGatewayRouteTablePropagationsPagesWithContext same as GetTransitGatewayRouteTablePropagationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetTransitGatewayRouteTablePropagationsPagesWithContext(ctx aws.Context, input *GetTransitGatewayRouteTablePropagationsInput, fn func(*GetTransitGatewayRouteTablePropagationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetTransitGatewayRouteTablePropagationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetTransitGatewayRouteTablePropagationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetTransitGatewayRouteTablePropagationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opImportClientVpnClientCertificateRevocationList = "ImportClientVpnClientCertificateRevocationList" // ImportClientVpnClientCertificateRevocationListRequest generates a "aws/request.Request" representing the @@ -21020,7 +28069,7 @@ func (c *EC2) ImportImageRequest(input *ImportImageInput) (req *request.Request, // // Import single or multi-volume disk images or EBS snapshots into an Amazon // Machine Image (AMI). For more information, see Importing a VM as an Image -// Using VM Import/Export (http://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html) +// Using VM Import/Export (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html) // in the VM Import/Export User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -21098,10 +28147,10 @@ func (c *EC2) ImportInstanceRequest(input *ImportInstanceInput) (req *request.Re // Creates an import instance task using metadata from the specified disk image. // ImportInstance only supports single-volume VMs. To import multi-volume VMs, // use ImportImage. For more information, see Importing a Virtual Machine Using -// the Amazon EC2 CLI (http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html). +// the Amazon EC2 CLI (https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html). // // For information about the import manifest referenced by this API action, -// see VM Import Manifest (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). +// see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -21181,7 +28230,7 @@ func (c *EC2) ImportKeyPairRequest(input *ImportKeyPairInput) (req *request.Requ // you create the key pair and give AWS just the public key. The private key // is never transferred between you and AWS. // -// For more information about key pairs, see Key Pairs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) +// For more information about key pairs, see Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -21331,10 +28380,10 @@ func (c *EC2) ImportVolumeRequest(input *ImportVolumeInput) (req *request.Reques // ImportVolume API operation for Amazon Elastic Compute Cloud. // // Creates an import volume task using metadata from the specified disk image.For -// more information, see Importing Disks to Amazon EBS (http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/importing-your-volumes-into-amazon-ebs.html). +// more information, see Importing Disks to Amazon EBS (https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/importing-your-volumes-into-amazon-ebs.html). // // For information about the import manifest referenced by this API action, -// see VM Import Manifest (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). +// see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -21520,6 +28569,181 @@ func (c *EC2) ModifyClientVpnEndpointWithContext(ctx aws.Context, input *ModifyC return out, req.Send() } +const opModifyDefaultCreditSpecification = "ModifyDefaultCreditSpecification" + +// ModifyDefaultCreditSpecificationRequest generates a "aws/request.Request" representing the +// client's request for the ModifyDefaultCreditSpecification operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyDefaultCreditSpecification for more information on using the ModifyDefaultCreditSpecification +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyDefaultCreditSpecificationRequest method. +// req, resp := client.ModifyDefaultCreditSpecificationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyDefaultCreditSpecification +func (c *EC2) ModifyDefaultCreditSpecificationRequest(input *ModifyDefaultCreditSpecificationInput) (req *request.Request, output *ModifyDefaultCreditSpecificationOutput) { + op := &request.Operation{ + Name: opModifyDefaultCreditSpecification, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyDefaultCreditSpecificationInput{} + } + + output = &ModifyDefaultCreditSpecificationOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyDefaultCreditSpecification API operation for Amazon Elastic Compute Cloud. +// +// Modifies the default credit option for CPU usage of burstable performance +// instances. The default credit option is set at the account level per AWS +// Region, and is specified per instance family. All new burstable performance +// instances in the account launch using the default credit option. +// +// ModifyDefaultCreditSpecification is an asynchronous operation, which works +// at an AWS Region level and modifies the credit option for each Availability +// Zone. All zones in a Region are updated within five minutes. But if instances +// are launched during this operation, they might not get the new credit option +// until the zone is updated. To verify whether the update has occurred, you +// can call GetDefaultCreditSpecification and check DefaultCreditSpecification +// for updates. +// +// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyDefaultCreditSpecification for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyDefaultCreditSpecification +func (c *EC2) ModifyDefaultCreditSpecification(input *ModifyDefaultCreditSpecificationInput) (*ModifyDefaultCreditSpecificationOutput, error) { + req, out := c.ModifyDefaultCreditSpecificationRequest(input) + return out, req.Send() +} + +// ModifyDefaultCreditSpecificationWithContext is the same as ModifyDefaultCreditSpecification with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyDefaultCreditSpecification for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyDefaultCreditSpecificationWithContext(ctx aws.Context, input *ModifyDefaultCreditSpecificationInput, opts ...request.Option) (*ModifyDefaultCreditSpecificationOutput, error) { + req, out := c.ModifyDefaultCreditSpecificationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyEbsDefaultKmsKeyId = "ModifyEbsDefaultKmsKeyId" + +// ModifyEbsDefaultKmsKeyIdRequest generates a "aws/request.Request" representing the +// client's request for the ModifyEbsDefaultKmsKeyId operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyEbsDefaultKmsKeyId for more information on using the ModifyEbsDefaultKmsKeyId +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyEbsDefaultKmsKeyIdRequest method. +// req, resp := client.ModifyEbsDefaultKmsKeyIdRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyEbsDefaultKmsKeyId +func (c *EC2) ModifyEbsDefaultKmsKeyIdRequest(input *ModifyEbsDefaultKmsKeyIdInput) (req *request.Request, output *ModifyEbsDefaultKmsKeyIdOutput) { + op := &request.Operation{ + Name: opModifyEbsDefaultKmsKeyId, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyEbsDefaultKmsKeyIdInput{} + } + + output = &ModifyEbsDefaultKmsKeyIdOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. +// +// Changes the default customer master key (CMK) for EBS encryption by default +// for your account in this Region. +// +// AWS creates a unique AWS managed CMK in each Region for use with encryption +// by default. If you change the default CMK to a symmetric customer managed +// CMK, it is used instead of the AWS managed CMK. To reset the default CMK +// to the AWS managed CMK for EBS, use ResetEbsDefaultKmsKeyId. Amazon EBS does +// not support asymmetric CMKs. +// +// If you delete or disable the customer managed CMK that you specified for +// use with encryption by default, your instances will fail to launch. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyEbsDefaultKmsKeyId for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyEbsDefaultKmsKeyId +func (c *EC2) ModifyEbsDefaultKmsKeyId(input *ModifyEbsDefaultKmsKeyIdInput) (*ModifyEbsDefaultKmsKeyIdOutput, error) { + req, out := c.ModifyEbsDefaultKmsKeyIdRequest(input) + return out, req.Send() +} + +// ModifyEbsDefaultKmsKeyIdWithContext is the same as ModifyEbsDefaultKmsKeyId with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyEbsDefaultKmsKeyId for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyEbsDefaultKmsKeyIdWithContext(ctx aws.Context, input *ModifyEbsDefaultKmsKeyIdInput, opts ...request.Option) (*ModifyEbsDefaultKmsKeyIdOutput, error) { + req, out := c.ModifyEbsDefaultKmsKeyIdRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyFleet = "ModifyFleet" // ModifyFleetRequest generates a "aws/request.Request" representing the @@ -21566,8 +28790,35 @@ func (c *EC2) ModifyFleetRequest(input *ModifyFleetInput) (req *request.Request, // // Modifies the specified EC2 Fleet. // +// You can only modify an EC2 Fleet request of type maintain. +// // While the EC2 Fleet is being modified, it is in the modifying state. // +// To scale up your EC2 Fleet, increase its target capacity. The EC2 Fleet launches +// the additional Spot Instances according to the allocation strategy for the +// EC2 Fleet request. If the allocation strategy is lowest-price, the EC2 Fleet +// launches instances using the Spot Instance pool with the lowest price. If +// the allocation strategy is diversified, the EC2 Fleet distributes the instances +// across the Spot Instance pools. If the allocation strategy is capacity-optimized, +// EC2 Fleet launches instances from Spot Instance pools with optimal capacity +// for the number of instances that are launching. +// +// To scale down your EC2 Fleet, decrease its target capacity. First, the EC2 +// Fleet cancels any open requests that exceed the new target capacity. You +// can request that the EC2 Fleet terminate Spot Instances until the size of +// the fleet no longer exceeds the new target capacity. If the allocation strategy +// is lowest-price, the EC2 Fleet terminates the instances with the highest +// price per unit. If the allocation strategy is capacity-optimized, the EC2 +// Fleet terminates the instances in the Spot Instance pools that have the least +// available Spot Instance capacity. If the allocation strategy is diversified, +// the EC2 Fleet terminates instances across the Spot Instance pools. Alternatively, +// you can request that the EC2 Fleet keep the fleet at its current size, but +// not replace any Spot Instances that are interrupted or that you terminate +// manually. +// +// If you are finished with your EC2 Fleet for now, but will use it again later, +// you can set the target capacity to 0. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21722,6 +28973,10 @@ func (c *EC2) ModifyHostsRequest(input *ModifyHostsInput) (req *request.Request, // no host ID is provided, the instance is launched onto a suitable host with // auto-placement enabled. // +// You can also use this API action to modify a Dedicated Host to support either +// multiple instance types in an instance family, or to support a specific instance +// type only. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21795,7 +29050,7 @@ func (c *EC2) ModifyIdFormatRequest(input *ModifyIdFormatInput) (req *request.Re // ModifyIdFormat API operation for Amazon Elastic Compute Cloud. // -// Modifies the ID format for the specified resource on a per-region basis. +// Modifies the ID format for the specified resource on a per-Region basis. // You can specify that resources should receive longer IDs (17-character IDs) // when they are created. // @@ -21812,7 +29067,7 @@ func (c *EC2) ModifyIdFormatRequest(input *ModifyIdFormatInput) (req *request.Re // to the entire AWS account. By default, an IAM user defaults to the same settings // as the root user. If you're using this action as the root user, then these // settings apply to the entire account, unless an IAM user explicitly overrides -// these settings for themselves. For more information, see Resource IDs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) +// these settings for themselves. For more information, see Resource IDs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) // in the Amazon Elastic Compute Cloud User Guide. // // Resources created with longer IDs are visible to all IAM roles and users, @@ -21906,7 +29161,7 @@ func (c *EC2) ModifyIdentityIdFormatRequest(input *ModifyIdentityIdFormatInput) // | security-group | subnet | subnet-cidr-block-association | vpc | vpc-cidr-block-association // | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway. // -// For more information, see Resource IDs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) +// For more information, see Resource IDs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html) // in the Amazon Elastic Compute Cloud User Guide. // // This setting applies to the principal specified in the request; it does not @@ -22083,7 +29338,7 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput // we recommend that you use the ModifyNetworkInterfaceAttribute action. // // To modify some attributes, the instance must be stopped. For more information, -// see Modifying Attributes of a Stopped Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) +// see Modifying Attributes of a Stopped Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -22235,10 +29490,10 @@ func (c *EC2) ModifyInstanceCreditSpecificationRequest(input *ModifyInstanceCred // ModifyInstanceCreditSpecification API operation for Amazon Elastic Compute Cloud. // -// Modifies the credit option for CPU usage on a running or stopped T2 or T3 -// instance. The credit options are standard and unlimited. +// Modifies the credit option for CPU usage on a running or stopped burstable +// performance instance. The credit options are standard and unlimited. // -// For more information, see Burstable Performance Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) +// For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -22269,6 +29524,160 @@ func (c *EC2) ModifyInstanceCreditSpecificationWithContext(ctx aws.Context, inpu return out, req.Send() } +const opModifyInstanceEventStartTime = "ModifyInstanceEventStartTime" + +// ModifyInstanceEventStartTimeRequest generates a "aws/request.Request" representing the +// client's request for the ModifyInstanceEventStartTime operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyInstanceEventStartTime for more information on using the ModifyInstanceEventStartTime +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyInstanceEventStartTimeRequest method. +// req, resp := client.ModifyInstanceEventStartTimeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceEventStartTime +func (c *EC2) ModifyInstanceEventStartTimeRequest(input *ModifyInstanceEventStartTimeInput) (req *request.Request, output *ModifyInstanceEventStartTimeOutput) { + op := &request.Operation{ + Name: opModifyInstanceEventStartTime, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyInstanceEventStartTimeInput{} + } + + output = &ModifyInstanceEventStartTimeOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyInstanceEventStartTime API operation for Amazon Elastic Compute Cloud. +// +// Modifies the start time for a scheduled Amazon EC2 instance event. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyInstanceEventStartTime for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceEventStartTime +func (c *EC2) ModifyInstanceEventStartTime(input *ModifyInstanceEventStartTimeInput) (*ModifyInstanceEventStartTimeOutput, error) { + req, out := c.ModifyInstanceEventStartTimeRequest(input) + return out, req.Send() +} + +// ModifyInstanceEventStartTimeWithContext is the same as ModifyInstanceEventStartTime with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyInstanceEventStartTime for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyInstanceEventStartTimeWithContext(ctx aws.Context, input *ModifyInstanceEventStartTimeInput, opts ...request.Option) (*ModifyInstanceEventStartTimeOutput, error) { + req, out := c.ModifyInstanceEventStartTimeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyInstanceMetadataOptions = "ModifyInstanceMetadataOptions" + +// ModifyInstanceMetadataOptionsRequest generates a "aws/request.Request" representing the +// client's request for the ModifyInstanceMetadataOptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyInstanceMetadataOptions for more information on using the ModifyInstanceMetadataOptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyInstanceMetadataOptionsRequest method. +// req, resp := client.ModifyInstanceMetadataOptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceMetadataOptions +func (c *EC2) ModifyInstanceMetadataOptionsRequest(input *ModifyInstanceMetadataOptionsInput) (req *request.Request, output *ModifyInstanceMetadataOptionsOutput) { + op := &request.Operation{ + Name: opModifyInstanceMetadataOptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyInstanceMetadataOptionsInput{} + } + + output = &ModifyInstanceMetadataOptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyInstanceMetadataOptions API operation for Amazon Elastic Compute Cloud. +// +// Modify the instance metadata parameters on a running or stopped instance. +// When you modify the parameters on a stopped instance, they are applied when +// the instance is started. When you modify the parameters on a running instance, +// the API responds with a state of “pending”. After the parameter modifications +// are successfully applied to the instance, the state of the modifications +// changes from “pending” to “applied” in subsequent describe-instances +// API calls. For more information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyInstanceMetadataOptions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceMetadataOptions +func (c *EC2) ModifyInstanceMetadataOptions(input *ModifyInstanceMetadataOptionsInput) (*ModifyInstanceMetadataOptionsOutput, error) { + req, out := c.ModifyInstanceMetadataOptionsRequest(input) + return out, req.Send() +} + +// ModifyInstanceMetadataOptionsWithContext is the same as ModifyInstanceMetadataOptions with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyInstanceMetadataOptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyInstanceMetadataOptionsWithContext(ctx aws.Context, input *ModifyInstanceMetadataOptionsInput, opts ...request.Option) (*ModifyInstanceMetadataOptionsOutput, error) { + req, out := c.ModifyInstanceMetadataOptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyInstancePlacement = "ModifyInstancePlacement" // ModifyInstancePlacementRequest generates a "aws/request.Request" representing the @@ -22316,7 +29725,7 @@ func (c *EC2) ModifyInstancePlacementRequest(input *ModifyInstancePlacementInput // Modifies the placement attributes for a specified instance. You can do the // following: // -// * Modify the affinity between an instance and a Dedicated Host (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html). +// * Modify the affinity between an instance and a Dedicated Host (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html). // When affinity is set to host and the instance is not associated with a // specific Dedicated Host, the next time the instance is launched, it is // automatically associated with the host on which it lands. If the instance @@ -22327,7 +29736,7 @@ func (c *EC2) ModifyInstancePlacementRequest(input *ModifyInstancePlacementInput // * Change the instance tenancy of an instance from host to dedicated, or // from dedicated to host. // -// * Move an instance to or from a placement group (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html). +// * Move an instance to or from a placement group (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html). // // At least one attribute for affinity, host ID, tenancy, or placement group // name must be specified in the request. Affinity and tenancy can be modified @@ -22486,7 +29895,8 @@ func (c *EC2) ModifyNetworkInterfaceAttributeRequest(input *ModifyNetworkInterfa // ModifyNetworkInterfaceAttribute API operation for Amazon Elastic Compute Cloud. // // Modifies the specified network interface attribute. You can specify only -// one attribute at a time. +// one attribute at a time. You can use this action to attach and detach security +// groups from an existing EC2 instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -22565,7 +29975,7 @@ func (c *EC2) ModifyReservedInstancesRequest(input *ModifyReservedInstancesInput // Instances to be modified must be identical, except for Availability Zone, // network platform, and instance type. // -// For more information, see Modifying Reserved Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) +// For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -22643,16 +30053,16 @@ func (c *EC2) ModifySnapshotAttributeRequest(input *ModifySnapshotAttributeInput // // Adds or removes permission settings for the specified snapshot. You may add // or remove specified AWS account IDs from a snapshot's list of create volume -// permissions, but you cannot do both in a single API call. If you need to -// both add and remove account IDs for a snapshot, you must use multiple API -// calls. +// permissions, but you cannot do both in a single operation. If you need to +// both add and remove account IDs for a snapshot, you must use multiple operations. +// You can make up to 500 modifications to a snapshot in a single operation. // // Encrypted snapshots and snapshots with AWS Marketplace product codes cannot // be made public. Snapshots encrypted with your default CMK cannot be shared // with other accounts. // // For more information about modifying snapshot permissions, see Sharing Snapshots -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -22729,24 +30139,31 @@ func (c *EC2) ModifySpotFleetRequestRequest(input *ModifySpotFleetRequestInput) // // Modifies the specified Spot Fleet request. // +// You can only modify a Spot Fleet request of type maintain. +// // While the Spot Fleet request is being modified, it is in the modifying state. // // To scale up your Spot Fleet, increase its target capacity. The Spot Fleet // launches the additional Spot Instances according to the allocation strategy // for the Spot Fleet request. If the allocation strategy is lowestPrice, the -// Spot Fleet launches instances using the Spot pool with the lowest price. -// If the allocation strategy is diversified, the Spot Fleet distributes the -// instances across the Spot pools. +// Spot Fleet launches instances using the Spot Instance pool with the lowest +// price. If the allocation strategy is diversified, the Spot Fleet distributes +// the instances across the Spot Instance pools. If the allocation strategy +// is capacityOptimized, Spot Fleet launches instances from Spot Instance pools +// with optimal capacity for the number of instances that are launching. // // To scale down your Spot Fleet, decrease its target capacity. First, the Spot // Fleet cancels any open requests that exceed the new target capacity. You // can request that the Spot Fleet terminate Spot Instances until the size of // the fleet no longer exceeds the new target capacity. If the allocation strategy // is lowestPrice, the Spot Fleet terminates the instances with the highest -// price per unit. If the allocation strategy is diversified, the Spot Fleet -// terminates instances across the Spot pools. Alternatively, you can request -// that the Spot Fleet keep the fleet at its current size, but not replace any -// Spot Instances that are interrupted or that you terminate manually. +// price per unit. If the allocation strategy is capacityOptimized, the Spot +// Fleet terminates the instances in the Spot Instance pools that have the least +// available Spot Instance capacity. If the allocation strategy is diversified, +// the Spot Fleet terminates instances across the Spot Instance pools. Alternatively, +// you can request that the Spot Fleet keep the fleet at its current size, but +// not replace any Spot Instances that are interrupted or that you terminate +// manually. // // If you are finished with your Spot Fleet for now, but will use it again later, // you can set the target capacity to 0. @@ -22854,6 +30271,241 @@ func (c *EC2) ModifySubnetAttributeWithContext(ctx aws.Context, input *ModifySub return out, req.Send() } +const opModifyTrafficMirrorFilterNetworkServices = "ModifyTrafficMirrorFilterNetworkServices" + +// ModifyTrafficMirrorFilterNetworkServicesRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorFilterNetworkServices operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorFilterNetworkServices for more information on using the ModifyTrafficMirrorFilterNetworkServices +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorFilterNetworkServicesRequest method. +// req, resp := client.ModifyTrafficMirrorFilterNetworkServicesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterNetworkServices +func (c *EC2) ModifyTrafficMirrorFilterNetworkServicesRequest(input *ModifyTrafficMirrorFilterNetworkServicesInput) (req *request.Request, output *ModifyTrafficMirrorFilterNetworkServicesOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorFilterNetworkServices, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorFilterNetworkServicesInput{} + } + + output = &ModifyTrafficMirrorFilterNetworkServicesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorFilterNetworkServices API operation for Amazon Elastic Compute Cloud. +// +// Allows or restricts mirroring network services. +// +// By default, Amazon DNS network services are not eligible for Traffic Mirror. +// Use AddNetworkServices to add network services to a Traffic Mirror filter. +// When a network service is added to the Traffic Mirror filter, all traffic +// related to that network service will be mirrored. When you no longer want +// to mirror network services, use RemoveNetworkServices to remove the network +// services from the Traffic Mirror filter. +// +// For information about filter rule properties, see Network Services (https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html) +// in the Traffic Mirroring User Guide . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorFilterNetworkServices for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterNetworkServices +func (c *EC2) ModifyTrafficMirrorFilterNetworkServices(input *ModifyTrafficMirrorFilterNetworkServicesInput) (*ModifyTrafficMirrorFilterNetworkServicesOutput, error) { + req, out := c.ModifyTrafficMirrorFilterNetworkServicesRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorFilterNetworkServicesWithContext is the same as ModifyTrafficMirrorFilterNetworkServices with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorFilterNetworkServices for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorFilterNetworkServicesWithContext(ctx aws.Context, input *ModifyTrafficMirrorFilterNetworkServicesInput, opts ...request.Option) (*ModifyTrafficMirrorFilterNetworkServicesOutput, error) { + req, out := c.ModifyTrafficMirrorFilterNetworkServicesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyTrafficMirrorFilterRule = "ModifyTrafficMirrorFilterRule" + +// ModifyTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorFilterRule for more information on using the ModifyTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorFilterRuleRequest method. +// req, resp := client.ModifyTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterRule +func (c *EC2) ModifyTrafficMirrorFilterRuleRequest(input *ModifyTrafficMirrorFilterRuleInput) (req *request.Request, output *ModifyTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorFilterRuleInput{} + } + + output = &ModifyTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Modifies the specified Traffic Mirror rule. +// +// DestinationCidrBlock and SourceCidrBlock must both be an IPv4 range or an +// IPv6 range. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterRule +func (c *EC2) ModifyTrafficMirrorFilterRule(input *ModifyTrafficMirrorFilterRuleInput) (*ModifyTrafficMirrorFilterRuleOutput, error) { + req, out := c.ModifyTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorFilterRuleWithContext is the same as ModifyTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *ModifyTrafficMirrorFilterRuleInput, opts ...request.Option) (*ModifyTrafficMirrorFilterRuleOutput, error) { + req, out := c.ModifyTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyTrafficMirrorSession = "ModifyTrafficMirrorSession" + +// ModifyTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorSession for more information on using the ModifyTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorSessionRequest method. +// req, resp := client.ModifyTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorSession +func (c *EC2) ModifyTrafficMirrorSessionRequest(input *ModifyTrafficMirrorSessionInput) (req *request.Request, output *ModifyTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorSessionInput{} + } + + output = &ModifyTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Modifies a Traffic Mirror session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorSession +func (c *EC2) ModifyTrafficMirrorSession(input *ModifyTrafficMirrorSessionInput) (*ModifyTrafficMirrorSessionOutput, error) { + req, out := c.ModifyTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorSessionWithContext is the same as ModifyTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorSessionWithContext(ctx aws.Context, input *ModifyTrafficMirrorSessionInput, opts ...request.Option) (*ModifyTrafficMirrorSessionOutput, error) { + req, out := c.ModifyTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyTransitGatewayVpcAttachment = "ModifyTransitGatewayVpcAttachment" // ModifyTransitGatewayVpcAttachmentRequest generates a "aws/request.Request" representing the @@ -22977,29 +30629,29 @@ func (c *EC2) ModifyVolumeRequest(input *ModifyVolumeInput) (req *request.Reques // current-generation EC2 instance type, you may be able to apply these changes // without stopping the instance or detaching the volume from it. For more information // about modifying an EBS volume running Linux, see Modifying the Size, IOPS, -// or Type of an EBS Volume on Linux (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html). +// or Type of an EBS Volume on Linux (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html). // For more information about modifying an EBS volume running Windows, see Modifying -// the Size, IOPS, or Type of an EBS Volume on Windows (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). +// the Size, IOPS, or Type of an EBS Volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). // // When you complete a resize operation on your volume, you need to extend the // volume's file-system size to take advantage of the new storage capacity. // For information about extending a Linux file system, see Extending a Linux -// File System (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux). +// File System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux). // For information about extending a Windows file system, see Extending a Windows -// File System (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). +// File System (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). // // You can use CloudWatch Events to check the status of a modification to an // EBS volume. For information about CloudWatch Events, see the Amazon CloudWatch -// Events User Guide (http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// You can also track the status of a modification using the DescribeVolumesModifications -// API. For information about tracking status changes using either method, see -// Monitoring Volume Modifications (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). +// Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). +// You can also track the status of a modification using DescribeVolumesModifications. +// For information about tracking status changes using either method, see Monitoring +// Volume Modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). // // With previous-generation instance types, resizing an EBS volume may require // detaching and reattaching the volume or stopping and restarting the instance. // For more information, see Modifying the Size, IOPS, or Type of an EBS Volume -// on Linux (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html) -// and Modifying the Size, IOPS, or Type of an EBS Volume on Windows (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). +// on Linux (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html) +// and Modifying the Size, IOPS, or Type of an EBS Volume on Windows (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html). // // If you reach the maximum volume modification rate per volume limit, you will // need to wait at least six hours before applying further modifications to @@ -23238,7 +30890,7 @@ func (c *EC2) ModifyVpcEndpointRequest(input *ModifyVpcEndpointInput) (req *requ // // Modifies attributes of a specified VPC endpoint. The attributes that you // can modify depend on the type of VPC endpoint (interface or gateway). For -// more information, see VPC Endpoints (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) +// more information, see VPC Endpoints (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -23394,6 +31046,11 @@ func (c *EC2) ModifyVpcEndpointServiceConfigurationRequest(input *ModifyVpcEndpo // acceptance is required for requests to connect to your endpoint service through // an interface VPC endpoint. // +// If you set or modify the private DNS name, you must prove that you own the +// private DNS domain name. For more information, see VPC Endpoint Service Private +// DNS Name Verification (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) +// in the Amazon Virtual Private Cloud User Guide. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -23466,7 +31123,7 @@ func (c *EC2) ModifyVpcEndpointServicePermissionsRequest(input *ModifyVpcEndpoin // ModifyVpcEndpointServicePermissions API operation for Amazon Elastic Compute Cloud. // -// Modifies the permissions for your VPC endpoint service (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/endpoint-service.html). +// Modifies the permissions for your VPC endpoint service (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html). // You can add or remove permissions for service consumers (IAM users, IAM roles, // and AWS accounts) to connect to your endpoint service. // @@ -23563,11 +31220,11 @@ func (c *EC2) ModifyVpcPeeringConnectionOptionsRequest(input *ModifyVpcPeeringCo // If the peered VPCs are in the same AWS account, you can enable DNS resolution // for queries from the local VPC. This ensures that queries from the local // VPC resolve to private IP addresses in the peer VPC. This option is not available -// if the peered VPCs are in different AWS accounts or different regions. For +// if the peered VPCs are in different AWS accounts or different Regions. For // peered VPCs in different AWS accounts, each AWS account owner must initiate // a separate request to modify the peering connection options. For inter-region -// peering connections, you must use the region for the requester VPC to modify -// the requester VPC peering options and the region for the accepter VPC to +// peering connections, you must use the Region for the requester VPC to modify +// the requester VPC peering options and the Region for the accepter VPC to // modify the accepter VPC peering options. To verify which VPCs are the accepter // and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections // command. @@ -23652,7 +31309,7 @@ func (c *EC2) ModifyVpcTenancyRequest(input *ModifyVpcTenancyInput) (req *reques // into the VPC have a tenancy of default, unless you specify otherwise during // launch. The tenancy of any existing instances in the VPC is not affected. // -// For more information, see Dedicated Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) +// For more information, see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -23683,6 +31340,271 @@ func (c *EC2) ModifyVpcTenancyWithContext(ctx aws.Context, input *ModifyVpcTenan return out, req.Send() } +const opModifyVpnConnection = "ModifyVpnConnection" + +// ModifyVpnConnectionRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnConnection operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnConnection for more information on using the ModifyVpnConnection +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnConnectionRequest method. +// req, resp := client.ModifyVpnConnectionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnConnection +func (c *EC2) ModifyVpnConnectionRequest(input *ModifyVpnConnectionInput) (req *request.Request, output *ModifyVpnConnectionOutput) { + op := &request.Operation{ + Name: opModifyVpnConnection, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnConnectionInput{} + } + + output = &ModifyVpnConnectionOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnConnection API operation for Amazon Elastic Compute Cloud. +// +// Modifies the target gateway of an AWS Site-to-Site VPN connection. The following +// migration options are available: +// +// * An existing virtual private gateway to a new virtual private gateway +// +// * An existing virtual private gateway to a transit gateway +// +// * An existing transit gateway to a new transit gateway +// +// * An existing transit gateway to a virtual private gateway +// +// Before you perform the migration to the new gateway, you must configure the +// new gateway. Use CreateVpnGateway to create a virtual private gateway, or +// CreateTransitGateway to create a transit gateway. +// +// This step is required when you migrate from a virtual private gateway with +// static routes to a transit gateway. +// +// You must delete the static routes before you migrate to the new gateway. +// +// Keep a copy of the static route before you delete it. You will need to add +// back these routes to the transit gateway after the VPN connection migration +// is complete. +// +// After you migrate to the new gateway, you might need to modify your VPC route +// table. Use CreateRoute and DeleteRoute to make the changes described in VPN +// Gateway Target Modification Required VPC Route Table Updates (https://docs.aws.amazon.com/vpn/latest/s2svpn/modify-vpn-target.html#step-update-routing) +// in the AWS Site-to-Site VPN User Guide. +// +// When the new gateway is a transit gateway, modify the transit gateway route +// table to allow traffic between the VPC and the AWS Site-to-Site VPN connection. +// Use CreateTransitGatewayRoute to add the routes. +// +// If you deleted VPN static routes, you must add the static routes to the transit +// gateway route table. +// +// After you perform this operation, the AWS VPN endpoint's IP addresses on +// the AWS side and the tunnel options remain intact. Your s2slong; connection +// will be temporarily unavailable for approximately 10 minutes while we provision +// the new endpoints +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnConnection for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnConnection +func (c *EC2) ModifyVpnConnection(input *ModifyVpnConnectionInput) (*ModifyVpnConnectionOutput, error) { + req, out := c.ModifyVpnConnectionRequest(input) + return out, req.Send() +} + +// ModifyVpnConnectionWithContext is the same as ModifyVpnConnection with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnConnection for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnConnectionWithContext(ctx aws.Context, input *ModifyVpnConnectionInput, opts ...request.Option) (*ModifyVpnConnectionOutput, error) { + req, out := c.ModifyVpnConnectionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyVpnTunnelCertificate = "ModifyVpnTunnelCertificate" + +// ModifyVpnTunnelCertificateRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnTunnelCertificate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnTunnelCertificate for more information on using the ModifyVpnTunnelCertificate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnTunnelCertificateRequest method. +// req, resp := client.ModifyVpnTunnelCertificateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelCertificate +func (c *EC2) ModifyVpnTunnelCertificateRequest(input *ModifyVpnTunnelCertificateInput) (req *request.Request, output *ModifyVpnTunnelCertificateOutput) { + op := &request.Operation{ + Name: opModifyVpnTunnelCertificate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnTunnelCertificateInput{} + } + + output = &ModifyVpnTunnelCertificateOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnTunnelCertificate API operation for Amazon Elastic Compute Cloud. +// +// Modifies the VPN tunnel endpoint certificate. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnTunnelCertificate for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelCertificate +func (c *EC2) ModifyVpnTunnelCertificate(input *ModifyVpnTunnelCertificateInput) (*ModifyVpnTunnelCertificateOutput, error) { + req, out := c.ModifyVpnTunnelCertificateRequest(input) + return out, req.Send() +} + +// ModifyVpnTunnelCertificateWithContext is the same as ModifyVpnTunnelCertificate with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnTunnelCertificate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnTunnelCertificateWithContext(ctx aws.Context, input *ModifyVpnTunnelCertificateInput, opts ...request.Option) (*ModifyVpnTunnelCertificateOutput, error) { + req, out := c.ModifyVpnTunnelCertificateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyVpnTunnelOptions = "ModifyVpnTunnelOptions" + +// ModifyVpnTunnelOptionsRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnTunnelOptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnTunnelOptions for more information on using the ModifyVpnTunnelOptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnTunnelOptionsRequest method. +// req, resp := client.ModifyVpnTunnelOptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelOptions +func (c *EC2) ModifyVpnTunnelOptionsRequest(input *ModifyVpnTunnelOptionsInput) (req *request.Request, output *ModifyVpnTunnelOptionsOutput) { + op := &request.Operation{ + Name: opModifyVpnTunnelOptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnTunnelOptionsInput{} + } + + output = &ModifyVpnTunnelOptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnTunnelOptions API operation for Amazon Elastic Compute Cloud. +// +// Modifies the options for a VPN tunnel in an AWS Site-to-Site VPN connection. +// You can modify multiple options for a tunnel in a single request, but you +// can only modify one tunnel at a time. For more information, see Site-to-Site +// VPN Tunnel Options for Your Site-to-Site VPN Connection (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNTunnels.html) +// in the AWS Site-to-Site VPN User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnTunnelOptions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelOptions +func (c *EC2) ModifyVpnTunnelOptions(input *ModifyVpnTunnelOptionsInput) (*ModifyVpnTunnelOptionsOutput, error) { + req, out := c.ModifyVpnTunnelOptionsRequest(input) + return out, req.Send() +} + +// ModifyVpnTunnelOptionsWithContext is the same as ModifyVpnTunnelOptions with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnTunnelOptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnTunnelOptionsWithContext(ctx aws.Context, input *ModifyVpnTunnelOptionsInput, opts ...request.Option) (*ModifyVpnTunnelOptionsOutput, error) { + req, out := c.ModifyVpnTunnelOptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opMonitorInstances = "MonitorInstances" // MonitorInstancesRequest generates a "aws/request.Request" representing the @@ -23729,7 +31651,7 @@ func (c *EC2) MonitorInstancesRequest(input *MonitorInstancesInput) (req *reques // // Enables detailed monitoring for a running instance. Otherwise, basic monitoring // is enabled. For more information, see Monitoring Your Instances and Volumes -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) // in the Amazon Elastic Compute Cloud User Guide. // // To disable detailed monitoring, see . @@ -23894,7 +31816,7 @@ func (c *EC2) ProvisionByoipCidrRequest(input *ProvisionByoipCidrInput) (req *re // it. You must ensure that the address range is registered to you and that // you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise // the address range. For more information, see Bring Your Own IP Addresses -// (BYOIP) (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) +// (BYOIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) // in the Amazon Elastic Compute Cloud User Guide. // // Provisioning an address range is an asynchronous operation, so the call returns @@ -24060,8 +31982,11 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn // offerings that match your specifications. After you've purchased a Reserved // Instance, you can check for your new Reserved Instance with DescribeReservedInstances. // -// For more information, see Reserved Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) -// and Reserved Instance Marketplace (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) +// To queue a purchase for a future date and time, specify a purchase time. +// If you do not specify a purchase time, the default is the current time. +// +// For more information, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) +// and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -24136,7 +32061,7 @@ func (c *EC2) PurchaseScheduledInstancesRequest(input *PurchaseScheduledInstance // PurchaseScheduledInstances API operation for Amazon Elastic Compute Cloud. // -// Purchases one or more Scheduled Instances with the specified schedule. +// Purchases the Scheduled Instances with the specified schedule. // // Scheduled Instances enable you to purchase Amazon EC2 compute capacity by // the hour for a one-year term. Before you can purchase a Scheduled Instance, @@ -24220,7 +32145,7 @@ func (c *EC2) RebootInstancesRequest(input *RebootInstancesInput) (req *request. // RebootInstances API operation for Amazon Elastic Compute Cloud. // -// Requests a reboot of one or more instances. This operation is asynchronous; +// Requests a reboot of the specified instances. This operation is asynchronous; // it only queues a request to reboot the specified instances. The operation // succeeds if the instances are valid and belong to you. Requests to reboot // terminated instances are ignored. @@ -24229,7 +32154,7 @@ func (c *EC2) RebootInstancesRequest(input *RebootInstancesInput) (req *request. // performs a hard reboot. // // For more information about troubleshooting, see Getting Console Output and -// Rebooting Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html) +// Rebooting Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -24306,7 +32231,7 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // // Registers an AMI. When you're creating an AMI, this is the final step you // must complete before you can launch an instance from the AMI. For more information -// about creating AMIs, see Creating Your Own AMIs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) +// about creating AMIs, see Creating Your Own AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) // in the Amazon Elastic Compute Cloud User Guide. // // For Amazon EBS-backed instances, CreateImage creates and registers the AMI @@ -24315,22 +32240,30 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // You can also use RegisterImage to create an Amazon EBS-backed Linux AMI from // a snapshot of a root device volume. You specify the snapshot using the block // device mapping. For more information, see Launching a Linux Instance from -// a Backup (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) +// a Backup (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html) // in the Amazon Elastic Compute Cloud User Guide. // // You can't register an image where a secondary (non-root) snapshot has AWS // Marketplace product codes. // -// Some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE -// Linux Enterprise Server (SLES), use the EC2 billing product code associated -// with an AMI to verify the subscription status for package updates. Creating -// an AMI from an EBS snapshot does not maintain this billing code, and instances -// launched from such an AMI are not able to connect to package update infrastructure. -// If you purchase a Reserved Instance offering for one of these Linux distributions -// and launch instances using an AMI that does not contain the required billing -// code, your Reserved Instance is not applied to these instances. +// Windows and some Linux distributions, such as Red Hat Enterprise Linux (RHEL) +// and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code +// associated with an AMI to verify the subscription status for package updates. +// To create a new AMI for operating systems that require a billing product +// code, do the following: // -// To create an AMI for operating systems that require a billing code, see CreateImage. +// Launch an instance from an existing AMI with that billing product code. +// +// Customize the instance. +// +// Create a new AMI from the instance using CreateImage to preserve the billing +// product code association. +// +// If you purchase a Reserved Instance to apply to an On-Demand Instance that +// was launched from an AMI with a billing product code, make sure that the +// Reserved Instance has the matching billing product code. If you purchase +// a Reserved Instance without the matching billing product code, the Reserved +// Instance will not be applied to the On-Demand Instance. // // If needed, you can deregister an AMI at any time. Any modifications you make // to an AMI backed by an instance store volume invalidates its registration. @@ -24365,6 +32298,244 @@ func (c *EC2) RegisterImageWithContext(ctx aws.Context, input *RegisterImageInpu return out, req.Send() } +const opRegisterTransitGatewayMulticastGroupMembers = "RegisterTransitGatewayMulticastGroupMembers" + +// RegisterTransitGatewayMulticastGroupMembersRequest generates a "aws/request.Request" representing the +// client's request for the RegisterTransitGatewayMulticastGroupMembers operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterTransitGatewayMulticastGroupMembers for more information on using the RegisterTransitGatewayMulticastGroupMembers +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RegisterTransitGatewayMulticastGroupMembersRequest method. +// req, resp := client.RegisterTransitGatewayMulticastGroupMembersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterTransitGatewayMulticastGroupMembers +func (c *EC2) RegisterTransitGatewayMulticastGroupMembersRequest(input *RegisterTransitGatewayMulticastGroupMembersInput) (req *request.Request, output *RegisterTransitGatewayMulticastGroupMembersOutput) { + op := &request.Operation{ + Name: opRegisterTransitGatewayMulticastGroupMembers, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RegisterTransitGatewayMulticastGroupMembersInput{} + } + + output = &RegisterTransitGatewayMulticastGroupMembersOutput{} + req = c.newRequest(op, input, output) + return +} + +// RegisterTransitGatewayMulticastGroupMembers API operation for Amazon Elastic Compute Cloud. +// +// Registers members (network interfaces) with the transit gateway multicast +// group. A member is a network interface associated with a supported EC2 instance +// that receives multicast traffic. For information about supported instances, +// see Multicast Consideration (https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-limits.html#multicast-limits) +// in Amazon VPC Transit Gateways. +// +// After you add the members, use SearchTransitGatewayMulticastGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html) +// to verify that the members were added to the transit gateway multicast group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RegisterTransitGatewayMulticastGroupMembers for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterTransitGatewayMulticastGroupMembers +func (c *EC2) RegisterTransitGatewayMulticastGroupMembers(input *RegisterTransitGatewayMulticastGroupMembersInput) (*RegisterTransitGatewayMulticastGroupMembersOutput, error) { + req, out := c.RegisterTransitGatewayMulticastGroupMembersRequest(input) + return out, req.Send() +} + +// RegisterTransitGatewayMulticastGroupMembersWithContext is the same as RegisterTransitGatewayMulticastGroupMembers with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterTransitGatewayMulticastGroupMembers for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RegisterTransitGatewayMulticastGroupMembersWithContext(ctx aws.Context, input *RegisterTransitGatewayMulticastGroupMembersInput, opts ...request.Option) (*RegisterTransitGatewayMulticastGroupMembersOutput, error) { + req, out := c.RegisterTransitGatewayMulticastGroupMembersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRegisterTransitGatewayMulticastGroupSources = "RegisterTransitGatewayMulticastGroupSources" + +// RegisterTransitGatewayMulticastGroupSourcesRequest generates a "aws/request.Request" representing the +// client's request for the RegisterTransitGatewayMulticastGroupSources operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterTransitGatewayMulticastGroupSources for more information on using the RegisterTransitGatewayMulticastGroupSources +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RegisterTransitGatewayMulticastGroupSourcesRequest method. +// req, resp := client.RegisterTransitGatewayMulticastGroupSourcesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterTransitGatewayMulticastGroupSources +func (c *EC2) RegisterTransitGatewayMulticastGroupSourcesRequest(input *RegisterTransitGatewayMulticastGroupSourcesInput) (req *request.Request, output *RegisterTransitGatewayMulticastGroupSourcesOutput) { + op := &request.Operation{ + Name: opRegisterTransitGatewayMulticastGroupSources, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RegisterTransitGatewayMulticastGroupSourcesInput{} + } + + output = &RegisterTransitGatewayMulticastGroupSourcesOutput{} + req = c.newRequest(op, input, output) + return +} + +// RegisterTransitGatewayMulticastGroupSources API operation for Amazon Elastic Compute Cloud. +// +// Registers sources (network interfaces) with the specified transit gateway +// multicast group. +// +// A multicast source is a network interface attached to a supported instance +// that sends multicast traffic. For information about supported instances, +// see Multicast Considerations (https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-limits.html#multicast-limits) +// in Amazon VPC Transit Gateways. +// +// After you add the source, use SearchTransitGatewayMulticastGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SearchTransitGatewayMulticastGroups.html) +// to verify that the source was added to the multicast group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RegisterTransitGatewayMulticastGroupSources for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegisterTransitGatewayMulticastGroupSources +func (c *EC2) RegisterTransitGatewayMulticastGroupSources(input *RegisterTransitGatewayMulticastGroupSourcesInput) (*RegisterTransitGatewayMulticastGroupSourcesOutput, error) { + req, out := c.RegisterTransitGatewayMulticastGroupSourcesRequest(input) + return out, req.Send() +} + +// RegisterTransitGatewayMulticastGroupSourcesWithContext is the same as RegisterTransitGatewayMulticastGroupSources with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterTransitGatewayMulticastGroupSources for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RegisterTransitGatewayMulticastGroupSourcesWithContext(ctx aws.Context, input *RegisterTransitGatewayMulticastGroupSourcesInput, opts ...request.Option) (*RegisterTransitGatewayMulticastGroupSourcesOutput, error) { + req, out := c.RegisterTransitGatewayMulticastGroupSourcesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRejectTransitGatewayPeeringAttachment = "RejectTransitGatewayPeeringAttachment" + +// RejectTransitGatewayPeeringAttachmentRequest generates a "aws/request.Request" representing the +// client's request for the RejectTransitGatewayPeeringAttachment operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RejectTransitGatewayPeeringAttachment for more information on using the RejectTransitGatewayPeeringAttachment +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the RejectTransitGatewayPeeringAttachmentRequest method. +// req, resp := client.RejectTransitGatewayPeeringAttachmentRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RejectTransitGatewayPeeringAttachment +func (c *EC2) RejectTransitGatewayPeeringAttachmentRequest(input *RejectTransitGatewayPeeringAttachmentInput) (req *request.Request, output *RejectTransitGatewayPeeringAttachmentOutput) { + op := &request.Operation{ + Name: opRejectTransitGatewayPeeringAttachment, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &RejectTransitGatewayPeeringAttachmentInput{} + } + + output = &RejectTransitGatewayPeeringAttachmentOutput{} + req = c.newRequest(op, input, output) + return +} + +// RejectTransitGatewayPeeringAttachment API operation for Amazon Elastic Compute Cloud. +// +// Rejects a transit gateway peering attachment request. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation RejectTransitGatewayPeeringAttachment for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RejectTransitGatewayPeeringAttachment +func (c *EC2) RejectTransitGatewayPeeringAttachment(input *RejectTransitGatewayPeeringAttachmentInput) (*RejectTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.RejectTransitGatewayPeeringAttachmentRequest(input) + return out, req.Send() +} + +// RejectTransitGatewayPeeringAttachmentWithContext is the same as RejectTransitGatewayPeeringAttachment with the addition of +// the ability to pass a context and additional request options. +// +// See RejectTransitGatewayPeeringAttachment for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) RejectTransitGatewayPeeringAttachmentWithContext(ctx aws.Context, input *RejectTransitGatewayPeeringAttachmentInput, opts ...request.Option) (*RejectTransitGatewayPeeringAttachmentOutput, error) { + req, out := c.RejectTransitGatewayPeeringAttachmentRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opRejectTransitGatewayVpcAttachment = "RejectTransitGatewayVpcAttachment" // RejectTransitGatewayVpcAttachmentRequest generates a "aws/request.Request" representing the @@ -24897,7 +33068,7 @@ func (c *EC2) ReplaceNetworkAclAssociationRequest(input *ReplaceNetworkAclAssoci // // Changes which network ACL a subnet is associated with. By default when you // create a subnet, it's automatically associated with the default network ACL. -// For more information, see Network ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // This is an idempotent operation. @@ -24976,8 +33147,8 @@ func (c *EC2) ReplaceNetworkAclEntryRequest(input *ReplaceNetworkAclEntryInput) // ReplaceNetworkAclEntry API operation for Amazon Elastic Compute Cloud. // // Replaces an entry (rule) in a network ACL. For more information, see Network -// ACLs (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) in +// the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -25053,11 +33224,11 @@ func (c *EC2) ReplaceRouteRequest(input *ReplaceRouteInput) (req *request.Reques // ReplaceRoute API operation for Amazon Elastic Compute Cloud. // // Replaces an existing route within a route table in a VPC. You must provide -// only one of the following: internet gateway or virtual private gateway, NAT -// instance, NAT gateway, VPC peering connection, network interface, or egress-only -// internet gateway. +// only one of the following: internet gateway, virtual private gateway, NAT +// instance, NAT gateway, VPC peering connection, network interface, egress-only +// internet gateway, or transit gateway. // -// For more information, see Route Tables (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -25132,15 +33303,15 @@ func (c *EC2) ReplaceRouteTableAssociationRequest(input *ReplaceRouteTableAssoci // ReplaceRouteTableAssociation API operation for Amazon Elastic Compute Cloud. // -// Changes the route table associated with a given subnet in a VPC. After the -// operation completes, the subnet uses the routes in the new route table it's -// associated with. For more information about route tables, see Route Tables -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// Changes the route table associated with a given subnet, internet gateway, +// or virtual private gateway in a VPC. After the operation completes, the subnet +// or gateway uses the routes in the new route table. For more information about +// route tables, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // -// You can also use ReplaceRouteTableAssociation to change which table is the -// main route table in the VPC. You just specify the main route table's association -// ID and the route table to be the new main route table. +// You can also use this operation to change which table is the main route table +// in the VPC. Specify the main route table's association ID and the route table +// ID of the new main route table. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -25378,10 +33549,10 @@ func (c *EC2) RequestSpotFleetRequest(input *RequestSpotFleetInput) (req *reques // You can submit a single request that includes multiple launch specifications // that vary by instance type, AMI, Availability Zone, or subnet. // -// By default, the Spot Fleet requests Spot Instances in the Spot pool where -// the price per unit is the lowest. Each launch specification can include its -// own instance weighting that reflects the value of the instance type to your -// application workload. +// By default, the Spot Fleet requests Spot Instances in the Spot Instance pool +// where the price per unit is the lowest. Each launch specification can include +// its own instance weighting that reflects the value of the instance type to +// your application workload. // // Alternatively, you can specify that the Spot Fleet distribute the target // capacity across the Spot pools included in its launch specifications. By @@ -25392,7 +33563,7 @@ func (c *EC2) RequestSpotFleetRequest(input *RequestSpotFleetInput) (req *reques // types in a Spot Fleet request because only the instance resource type is // supported. // -// For more information, see Spot Fleet Requests (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html) +// For more information, see Spot Fleet Requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -25469,7 +33640,7 @@ func (c *EC2) RequestSpotInstancesRequest(input *RequestSpotInstancesInput) (req // // Creates a Spot Instance request. // -// For more information, see Spot Instance Requests (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html) +// For more information, see Spot Instance Requests (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html) // in the Amazon EC2 User Guide for Linux Instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -25500,6 +33671,86 @@ func (c *EC2) RequestSpotInstancesWithContext(ctx aws.Context, input *RequestSpo return out, req.Send() } +const opResetEbsDefaultKmsKeyId = "ResetEbsDefaultKmsKeyId" + +// ResetEbsDefaultKmsKeyIdRequest generates a "aws/request.Request" representing the +// client's request for the ResetEbsDefaultKmsKeyId operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ResetEbsDefaultKmsKeyId for more information on using the ResetEbsDefaultKmsKeyId +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ResetEbsDefaultKmsKeyIdRequest method. +// req, resp := client.ResetEbsDefaultKmsKeyIdRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ResetEbsDefaultKmsKeyId +func (c *EC2) ResetEbsDefaultKmsKeyIdRequest(input *ResetEbsDefaultKmsKeyIdInput) (req *request.Request, output *ResetEbsDefaultKmsKeyIdOutput) { + op := &request.Operation{ + Name: opResetEbsDefaultKmsKeyId, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ResetEbsDefaultKmsKeyIdInput{} + } + + output = &ResetEbsDefaultKmsKeyIdOutput{} + req = c.newRequest(op, input, output) + return +} + +// ResetEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. +// +// Resets the default customer master key (CMK) for EBS encryption for your +// account in this Region to the AWS managed CMK for EBS. +// +// After resetting the default CMK to the AWS managed CMK, you can continue +// to encrypt by a customer managed CMK by specifying it when you create the +// volume. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ResetEbsDefaultKmsKeyId for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ResetEbsDefaultKmsKeyId +func (c *EC2) ResetEbsDefaultKmsKeyId(input *ResetEbsDefaultKmsKeyIdInput) (*ResetEbsDefaultKmsKeyIdOutput, error) { + req, out := c.ResetEbsDefaultKmsKeyIdRequest(input) + return out, req.Send() +} + +// ResetEbsDefaultKmsKeyIdWithContext is the same as ResetEbsDefaultKmsKeyId with the addition of +// the ability to pass a context and additional request options. +// +// See ResetEbsDefaultKmsKeyId for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ResetEbsDefaultKmsKeyIdWithContext(ctx aws.Context, input *ResetEbsDefaultKmsKeyIdInput, opts ...request.Option) (*ResetEbsDefaultKmsKeyIdOutput, error) { + req, out := c.ResetEbsDefaultKmsKeyIdRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opResetFpgaImageAttribute = "ResetFpgaImageAttribute" // ResetFpgaImageAttributeRequest generates a "aws/request.Request" representing the @@ -25704,7 +33955,7 @@ func (c *EC2) ResetInstanceAttributeRequest(input *ResetInstanceAttributeInput) // The sourceDestCheck attribute controls whether source/destination checking // is enabled. The default value is true, which means checking is enabled. This // value must be false for a NAT instance to perform NAT. For more information, -// see NAT Instances (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) +// see NAT Instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -25859,7 +34110,7 @@ func (c *EC2) ResetSnapshotAttributeRequest(input *ResetSnapshotAttributeInput) // Resets permission settings for the specified snapshot. // // For more information about modifying snapshot permissions, see Sharing Snapshots -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26086,10 +34337,10 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // RevokeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [EC2-VPC only] Removes one or more egress rules from a security group for -// EC2-VPC. This action doesn't apply to security groups for use in EC2-Classic. -// To remove a rule, the values that you specify (for example, ports) must match -// the existing rule's values exactly. +// [VPC only] Removes the specified egress rules from a security group for EC2-VPC. +// This action doesn't apply to security groups for use in EC2-Classic. To remove +// a rule, the values that you specify (for example, ports) must match the existing +// rule's values exactly. // // Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source // security group. For the TCP and UDP protocols, you must also specify the @@ -26173,13 +34424,13 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // RevokeSecurityGroupIngress API operation for Amazon Elastic Compute Cloud. // -// Removes one or more ingress rules from a security group. To remove a rule, +// Removes the specified ingress rules from a security group. To remove a rule, // the values that you specify (for example, ports) must match the existing // rule's values exactly. // -// [EC2-Classic security groups only] If the values you specify do not match -// the existing rule's values, no error is returned. Use DescribeSecurityGroups -// to verify that the rule has been removed. +// [EC2-Classic only] If the values you specify do not match the existing rule's +// values, no error is returned. Use DescribeSecurityGroups to verify that the +// rule has been removed. // // Each rule consists of the protocol and the CIDR range or source security // group. For the TCP and UDP protocols, you must also specify the destination @@ -26277,22 +34528,22 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // // * Some instance types must be launched into a VPC. If you do not have // a default VPC, or if you do not specify a subnet ID, the request fails. -// For more information, see Instance Types Available Only in a VPC (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). +// For more information, see Instance Types Available Only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). // // * [EC2-VPC] All instances have a network interface with a primary private // IPv4 address. If you don't specify this address, we choose one from the // IPv4 range of your subnet. // // * Not all instance types support IPv6 addresses. For more information, -// see Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). +// see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). // // * If you don't specify a security group ID, we use the default security -// group. For more information, see Security Groups (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html). +// group. For more information, see Security Groups (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html). // // * If any of the AMIs have a product code attached for which the user has // not subscribed, the request fails. // -// You can create a launch template (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html), +// You can create a launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html), // which is a resource that contains the parameters to launch an instance. When // you launch an instance using RunInstances, you can specify the launch template // instead of specifying the launch parameters. @@ -26304,17 +34555,17 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // An instance is ready for you to use when it's in the running state. You can // check the state of your instance using DescribeInstances. You can tag instances // and EBS volumes during launch, after launch, or both. For more information, -// see CreateTags and Tagging Your Amazon EC2 Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html). +// see CreateTags and Tagging Your Amazon EC2 Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html). // // Linux instances have access to the public key of the key pair at boot. You // can use this key to provide secure access to the instance. Amazon EC2 public // images use this feature to provide secure access without passwords. For more -// information, see Key Pairs (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) +// information, see Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) // in the Amazon Elastic Compute Cloud User Guide. // // For troubleshooting, see What To Do If An Instance Immediately Terminates -// (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), -// and Troubleshooting Connecting to Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html) +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), +// and Troubleshooting Connecting to Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26398,7 +34649,7 @@ func (c *EC2) RunScheduledInstancesRequest(input *RunScheduledInstancesInput) (r // can't stop or reboot a Scheduled Instance, but you can terminate it as needed. // If you terminate a Scheduled Instance before the current scheduled time period // ends, you can launch it again after a few minutes. For more information, -// see Scheduled Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html) +// see Scheduled Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26429,6 +34680,155 @@ func (c *EC2) RunScheduledInstancesWithContext(ctx aws.Context, input *RunSchedu return out, req.Send() } +const opSearchLocalGatewayRoutes = "SearchLocalGatewayRoutes" + +// SearchLocalGatewayRoutesRequest generates a "aws/request.Request" representing the +// client's request for the SearchLocalGatewayRoutes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See SearchLocalGatewayRoutes for more information on using the SearchLocalGatewayRoutes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SearchLocalGatewayRoutesRequest method. +// req, resp := client.SearchLocalGatewayRoutesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SearchLocalGatewayRoutes +func (c *EC2) SearchLocalGatewayRoutesRequest(input *SearchLocalGatewayRoutesInput) (req *request.Request, output *SearchLocalGatewayRoutesOutput) { + op := &request.Operation{ + Name: opSearchLocalGatewayRoutes, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SearchLocalGatewayRoutesInput{} + } + + output = &SearchLocalGatewayRoutesOutput{} + req = c.newRequest(op, input, output) + return +} + +// SearchLocalGatewayRoutes API operation for Amazon Elastic Compute Cloud. +// +// Searches for routes in the specified local gateway route table. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation SearchLocalGatewayRoutes for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SearchLocalGatewayRoutes +func (c *EC2) SearchLocalGatewayRoutes(input *SearchLocalGatewayRoutesInput) (*SearchLocalGatewayRoutesOutput, error) { + req, out := c.SearchLocalGatewayRoutesRequest(input) + return out, req.Send() +} + +// SearchLocalGatewayRoutesWithContext is the same as SearchLocalGatewayRoutes with the addition of +// the ability to pass a context and additional request options. +// +// See SearchLocalGatewayRoutes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SearchLocalGatewayRoutesWithContext(ctx aws.Context, input *SearchLocalGatewayRoutesInput, opts ...request.Option) (*SearchLocalGatewayRoutesOutput, error) { + req, out := c.SearchLocalGatewayRoutesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opSearchTransitGatewayMulticastGroups = "SearchTransitGatewayMulticastGroups" + +// SearchTransitGatewayMulticastGroupsRequest generates a "aws/request.Request" representing the +// client's request for the SearchTransitGatewayMulticastGroups operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See SearchTransitGatewayMulticastGroups for more information on using the SearchTransitGatewayMulticastGroups +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SearchTransitGatewayMulticastGroupsRequest method. +// req, resp := client.SearchTransitGatewayMulticastGroupsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SearchTransitGatewayMulticastGroups +func (c *EC2) SearchTransitGatewayMulticastGroupsRequest(input *SearchTransitGatewayMulticastGroupsInput) (req *request.Request, output *SearchTransitGatewayMulticastGroupsOutput) { + op := &request.Operation{ + Name: opSearchTransitGatewayMulticastGroups, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SearchTransitGatewayMulticastGroupsInput{} + } + + output = &SearchTransitGatewayMulticastGroupsOutput{} + req = c.newRequest(op, input, output) + return +} + +// SearchTransitGatewayMulticastGroups API operation for Amazon Elastic Compute Cloud. +// +// Searches one or more transit gateway multicast groups and returns the group +// membership information. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation SearchTransitGatewayMulticastGroups for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SearchTransitGatewayMulticastGroups +func (c *EC2) SearchTransitGatewayMulticastGroups(input *SearchTransitGatewayMulticastGroupsInput) (*SearchTransitGatewayMulticastGroupsOutput, error) { + req, out := c.SearchTransitGatewayMulticastGroupsRequest(input) + return out, req.Send() +} + +// SearchTransitGatewayMulticastGroupsWithContext is the same as SearchTransitGatewayMulticastGroups with the addition of +// the ability to pass a context and additional request options. +// +// See SearchTransitGatewayMulticastGroups for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SearchTransitGatewayMulticastGroupsWithContext(ctx aws.Context, input *SearchTransitGatewayMulticastGroupsInput, opts ...request.Option) (*SearchTransitGatewayMulticastGroupsOutput, error) { + req, out := c.SearchTransitGatewayMulticastGroupsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opSearchTransitGatewayRoutes = "SearchTransitGatewayRoutes" // SearchTransitGatewayRoutesRequest generates a "aws/request.Request" representing the @@ -26503,6 +34903,98 @@ func (c *EC2) SearchTransitGatewayRoutesWithContext(ctx aws.Context, input *Sear return out, req.Send() } +const opSendDiagnosticInterrupt = "SendDiagnosticInterrupt" + +// SendDiagnosticInterruptRequest generates a "aws/request.Request" representing the +// client's request for the SendDiagnosticInterrupt operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See SendDiagnosticInterrupt for more information on using the SendDiagnosticInterrupt +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SendDiagnosticInterruptRequest method. +// req, resp := client.SendDiagnosticInterruptRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SendDiagnosticInterrupt +func (c *EC2) SendDiagnosticInterruptRequest(input *SendDiagnosticInterruptInput) (req *request.Request, output *SendDiagnosticInterruptOutput) { + op := &request.Operation{ + Name: opSendDiagnosticInterrupt, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SendDiagnosticInterruptInput{} + } + + output = &SendDiagnosticInterruptOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// SendDiagnosticInterrupt API operation for Amazon Elastic Compute Cloud. +// +// Sends a diagnostic interrupt to the specified Amazon EC2 instance to trigger +// a kernel panic (on Linux instances), or a blue screen/stop error (on Windows +// instances). For instances based on Intel and AMD processors, the interrupt +// is received as a non-maskable interrupt (NMI). +// +// In general, the operating system crashes and reboots when a kernel panic +// or stop error is triggered. The operating system can also be configured to +// perform diagnostic tasks, such as generating a memory dump file, loading +// a secondary kernel, or obtaining a call trace. +// +// Before sending a diagnostic interrupt to your instance, ensure that its operating +// system is configured to perform the required diagnostic tasks. +// +// For more information about configuring your operating system to generate +// a crash dump when a kernel panic or stop error occurs, see Send a Diagnostic +// Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html) +// (Linux instances) or Send a Diagnostic Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/diagnostic-interrupt.html) +// (Windows instances). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation SendDiagnosticInterrupt for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SendDiagnosticInterrupt +func (c *EC2) SendDiagnosticInterrupt(input *SendDiagnosticInterruptInput) (*SendDiagnosticInterruptOutput, error) { + req, out := c.SendDiagnosticInterruptRequest(input) + return out, req.Send() +} + +// SendDiagnosticInterruptWithContext is the same as SendDiagnosticInterrupt with the addition of +// the ability to pass a context and additional request options. +// +// See SendDiagnosticInterrupt for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SendDiagnosticInterruptWithContext(ctx aws.Context, input *SendDiagnosticInterruptInput, opts ...request.Option) (*SendDiagnosticInterruptOutput, error) { + req, out := c.SendDiagnosticInterruptRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStartInstances = "StartInstances" // StartInstancesRequest generates a "aws/request.Request" representing the @@ -26568,7 +35060,7 @@ func (c *EC2) StartInstancesRequest(input *StartInstancesInput) (req *request.Re // Performing this operation on an instance that uses an instance store as its // root device returns an error. // -// For more information, see Stopping Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html) +// For more information, see Stopping Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26599,6 +35091,89 @@ func (c *EC2) StartInstancesWithContext(ctx aws.Context, input *StartInstancesIn return out, req.Send() } +const opStartVpcEndpointServicePrivateDnsVerification = "StartVpcEndpointServicePrivateDnsVerification" + +// StartVpcEndpointServicePrivateDnsVerificationRequest generates a "aws/request.Request" representing the +// client's request for the StartVpcEndpointServicePrivateDnsVerification operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartVpcEndpointServicePrivateDnsVerification for more information on using the StartVpcEndpointServicePrivateDnsVerification +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartVpcEndpointServicePrivateDnsVerificationRequest method. +// req, resp := client.StartVpcEndpointServicePrivateDnsVerificationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartVpcEndpointServicePrivateDnsVerification +func (c *EC2) StartVpcEndpointServicePrivateDnsVerificationRequest(input *StartVpcEndpointServicePrivateDnsVerificationInput) (req *request.Request, output *StartVpcEndpointServicePrivateDnsVerificationOutput) { + op := &request.Operation{ + Name: opStartVpcEndpointServicePrivateDnsVerification, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartVpcEndpointServicePrivateDnsVerificationInput{} + } + + output = &StartVpcEndpointServicePrivateDnsVerificationOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartVpcEndpointServicePrivateDnsVerification API operation for Amazon Elastic Compute Cloud. +// +// Initiates the verification process to prove that the service provider owns +// the private DNS name domain for the endpoint service. +// +// The service provider must successfully perform the verification before the +// consumer can use the name to access the service. +// +// Before the service provider runs this command, they must add a record to +// the DNS server. For more information, see Adding a TXT Record to Your Domain's +// DNS Server (https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html#add-dns-txt-record) +// in the Amazon VPC User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation StartVpcEndpointServicePrivateDnsVerification for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartVpcEndpointServicePrivateDnsVerification +func (c *EC2) StartVpcEndpointServicePrivateDnsVerification(input *StartVpcEndpointServicePrivateDnsVerificationInput) (*StartVpcEndpointServicePrivateDnsVerificationOutput, error) { + req, out := c.StartVpcEndpointServicePrivateDnsVerificationRequest(input) + return out, req.Send() +} + +// StartVpcEndpointServicePrivateDnsVerificationWithContext is the same as StartVpcEndpointServicePrivateDnsVerification with the addition of +// the ability to pass a context and additional request options. +// +// See StartVpcEndpointServicePrivateDnsVerification for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) StartVpcEndpointServicePrivateDnsVerificationWithContext(ctx aws.Context, input *StartVpcEndpointServicePrivateDnsVerificationInput, opts ...request.Option) (*StartVpcEndpointServicePrivateDnsVerificationOutput, error) { + req, out := c.StartVpcEndpointServicePrivateDnsVerificationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStopInstances = "StopInstances" // StopInstancesRequest generates a "aws/request.Request" representing the @@ -26646,9 +35221,9 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // Stops an Amazon EBS-backed instance. // // You can use the Stop action to hibernate an instance if the instance is enabled -// for hibernation (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) -// and it meets the hibernation prerequisites (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// For more information, see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) +// and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. // // We don't charge usage for a stopped instance, or data transfer fees; however, @@ -26663,7 +35238,7 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // // You can't start, stop, or hibernate Spot Instances, and you can't stop or // hibernate instance store-backed instances. For information about using hibernation -// for Spot Instances, see Hibernating Interrupted Spot Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances) +// for Spot Instances, see Hibernating Interrupted Spot Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances) // in the Amazon Elastic Compute Cloud User Guide. // // When you stop or hibernate an instance, we shut it down. You can restart @@ -26679,13 +35254,13 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // an instance, the root device and any other devices attached during the instance // launch are automatically deleted. For more information about the differences // between rebooting, stopping, hibernating, and terminating instances, see -// Instance Lifecycle (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) +// Instance Lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // // When you stop an instance, we attempt to shut it down forcibly after a short // while. If your instance appears stuck in the stopping state after a period // of time, there may be an issue with the underlying host computer. For more -// information, see Troubleshooting Stopping Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html) +// information, see Troubleshooting Stopping Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26836,8 +35411,8 @@ func (c *EC2) TerminateInstancesRequest(input *TerminateInstancesInput) (req *re // TerminateInstances API operation for Amazon Elastic Compute Cloud. // -// Shuts down one or more instances. This operation is idempotent; if you terminate -// an instance more than once, each call succeeds. +// Shuts down the specified instances. This operation is idempotent; if you +// terminate an instance more than once, each call succeeds. // // If you specify multiple instances and the request fails (for example, because // of a single incorrect instance ID), none of the instances are terminated. @@ -26855,11 +35430,11 @@ func (c *EC2) TerminateInstancesRequest(input *TerminateInstancesInput) (req *re // an instance, any attached EBS volumes with the DeleteOnTermination block // device mapping parameter set to true are automatically deleted. For more // information about the differences between stopping and terminating instances, -// see Instance Lifecycle (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) +// see Instance Lifecycle (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon Elastic Compute Cloud User Guide. // // For more information about troubleshooting, see Troubleshooting Terminating -// Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html) +// Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -27084,7 +35659,7 @@ func (c *EC2) UnmonitorInstancesRequest(input *UnmonitorInstancesInput) (req *re // UnmonitorInstances API operation for Amazon Elastic Compute Cloud. // // Disables detailed monitoring for a running instance. For more information, -// see Monitoring Your Instances and Volumes (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) +// see Monitoring Your Instances and Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -27159,7 +35734,7 @@ func (c *EC2) UpdateSecurityGroupRuleDescriptionsEgressRequest(input *UpdateSecu // UpdateSecurityGroupRuleDescriptionsEgress API operation for Amazon Elastic Compute Cloud. // -// [EC2-VPC only] Updates the description of an egress (outbound) security group +// [VPC only] Updates the description of an egress (outbound) security group // rule. You can replace an existing description, or add a description to a // rule that did not have one previously. // @@ -27452,6 +36027,79 @@ func (s *AcceptReservedInstancesExchangeQuoteOutput) SetExchangeId(v string) *Ac return s } +type AcceptTransitGatewayPeeringAttachmentInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the transit gateway attachment. + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s AcceptTransitGatewayPeeringAttachmentInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AcceptTransitGatewayPeeringAttachmentInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AcceptTransitGatewayPeeringAttachmentInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AcceptTransitGatewayPeeringAttachmentInput"} + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *AcceptTransitGatewayPeeringAttachmentInput) SetDryRun(v bool) *AcceptTransitGatewayPeeringAttachmentInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *AcceptTransitGatewayPeeringAttachmentInput) SetTransitGatewayAttachmentId(v string) *AcceptTransitGatewayPeeringAttachmentInput { + s.TransitGatewayAttachmentId = &v + return s +} + +type AcceptTransitGatewayPeeringAttachmentOutput struct { + _ struct{} `type:"structure"` + + // The transit gateway peering attachment. + TransitGatewayPeeringAttachment *TransitGatewayPeeringAttachment `locationName:"transitGatewayPeeringAttachment" type:"structure"` +} + +// String returns the string representation +func (s AcceptTransitGatewayPeeringAttachmentOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AcceptTransitGatewayPeeringAttachmentOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPeeringAttachment sets the TransitGatewayPeeringAttachment field's value. +func (s *AcceptTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAttachment(v *TransitGatewayPeeringAttachment) *AcceptTransitGatewayPeeringAttachmentOutput { + s.TransitGatewayPeeringAttachment = v + return s +} + type AcceptTransitGatewayVpcAttachmentInput struct { _ struct{} `type:"structure"` @@ -27534,7 +36182,7 @@ type AcceptVpcEndpointConnectionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the endpoint service. + // The ID of the VPC endpoint service. // // ServiceId is a required field ServiceId *string `type:"string" required:"true"` @@ -27678,7 +36326,7 @@ type AccountAttribute struct { // The name of the account attribute. AttributeName *string `locationName:"attributeName" type:"string"` - // One or more values for the account attribute. + // The values for the account attribute. AttributeValues []*AccountAttributeValue `locationName:"attributeValueSet" locationNameList:"item" type:"list"` } @@ -27792,6 +36440,12 @@ type Address struct { // VPC. AssociationId *string `locationName:"associationId" type:"string"` + // The customer-owned IP address. + CustomerOwnedIp *string `locationName:"customerOwnedIp" type:"string"` + + // The ID of the customer-owned address pool. + CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` + // Indicates whether this Elastic IP address is for use with instances in EC2-Classic // (standard) or instances in a VPC (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` @@ -27799,6 +36453,9 @@ type Address struct { // The ID of the instance that the address is associated with (if any). InstanceId *string `locationName:"instanceId" type:"string"` + // The name of the location from which the IP address is advertised. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + // The ID of the network interface. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` @@ -27840,6 +36497,18 @@ func (s *Address) SetAssociationId(v string) *Address { return s } +// SetCustomerOwnedIp sets the CustomerOwnedIp field's value. +func (s *Address) SetCustomerOwnedIp(v string) *Address { + s.CustomerOwnedIp = &v + return s +} + +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *Address) SetCustomerOwnedIpv4Pool(v string) *Address { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetDomain sets the Domain field's value. func (s *Address) SetDomain(v string) *Address { s.Domain = &v @@ -27852,6 +36521,12 @@ func (s *Address) SetInstanceId(v string) *Address { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *Address) SetNetworkBorderGroup(v string) *Address { + s.NetworkBorderGroup = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *Address) SetNetworkInterfaceId(v string) *Address { s.NetworkInterfaceId = &v @@ -27891,7 +36566,8 @@ func (s *Address) SetTags(v []*Tag) *Address { type AdvertiseByoipCidrInput struct { _ struct{} `type:"structure"` - // The IPv4 address range, in CIDR notation. + // The IPv4 address range, in CIDR notation. This must be the exact range that + // you provisioned. You can't advertise only a portion of the provisioned range. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -27968,6 +36644,11 @@ type AllocateAddressInput struct { // pool. Address *string `type:"string"` + // The ID of a customer-owned address pool. Use this parameter to let Amazon + // EC2 select an address from the address pool. Alternatively, specify a specific + // address from the address pool. + CustomerOwnedIpv4Pool *string `type:"string"` + // Set to vpc to allocate the address for use with instances in a VPC. // // Default: The address is for use with instances in EC2-Classic. @@ -27979,6 +36660,17 @@ type AllocateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The location from which the IP address is advertised. Use this parameter + // to limit the address to this location. + // + // Use DescribeVpcs (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVpcs.html) + // to view the network border groups. + // + // You cannot use a network border group with EC2 Classic. If you attempt this + // operation on EC2 classic, you will receive an InvalidParameterCombination + // error. For more information, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). + NetworkBorderGroup *string `type:"string"` + // The ID of an address pool that you own. Use this parameter to let Amazon // EC2 select an address from the address pool. To specify a specific address // from the address pool, use the Address parameter instead. @@ -28001,6 +36693,12 @@ func (s *AllocateAddressInput) SetAddress(v string) *AllocateAddressInput { return s } +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *AllocateAddressInput) SetCustomerOwnedIpv4Pool(v string) *AllocateAddressInput { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetDomain sets the Domain field's value. func (s *AllocateAddressInput) SetDomain(v string) *AllocateAddressInput { s.Domain = &v @@ -28013,6 +36711,12 @@ func (s *AllocateAddressInput) SetDryRun(v bool) *AllocateAddressInput { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *AllocateAddressInput) SetNetworkBorderGroup(v string) *AllocateAddressInput { + s.NetworkBorderGroup = &v + return s +} + // SetPublicIpv4Pool sets the PublicIpv4Pool field's value. func (s *AllocateAddressInput) SetPublicIpv4Pool(v string) *AllocateAddressInput { s.PublicIpv4Pool = &v @@ -28026,10 +36730,19 @@ type AllocateAddressOutput struct { // IP address for use with instances in a VPC. AllocationId *string `locationName:"allocationId" type:"string"` + // The customer-owned IP address. + CustomerOwnedIp *string `locationName:"customerOwnedIp" type:"string"` + + // The ID of the customer-owned address pool. + CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` + // Indicates whether this Elastic IP address is for use with instances in EC2-Classic // (standard) or instances in a VPC (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` + // The location from which the IP address is advertised. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + // The Elastic IP address. PublicIp *string `locationName:"publicIp" type:"string"` @@ -28053,12 +36766,30 @@ func (s *AllocateAddressOutput) SetAllocationId(v string) *AllocateAddressOutput return s } +// SetCustomerOwnedIp sets the CustomerOwnedIp field's value. +func (s *AllocateAddressOutput) SetCustomerOwnedIp(v string) *AllocateAddressOutput { + s.CustomerOwnedIp = &v + return s +} + +// SetCustomerOwnedIpv4Pool sets the CustomerOwnedIpv4Pool field's value. +func (s *AllocateAddressOutput) SetCustomerOwnedIpv4Pool(v string) *AllocateAddressOutput { + s.CustomerOwnedIpv4Pool = &v + return s +} + // SetDomain sets the Domain field's value. func (s *AllocateAddressOutput) SetDomain(v string) *AllocateAddressOutput { s.Domain = &v return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *AllocateAddressOutput) SetNetworkBorderGroup(v string) *AllocateAddressOutput { + s.NetworkBorderGroup = &v + return s +} + // SetPublicIp sets the PublicIp field's value. func (s *AllocateAddressOutput) SetPublicIp(v string) *AllocateAddressOutput { s.PublicIp = &v @@ -28074,29 +36805,49 @@ func (s *AllocateAddressOutput) SetPublicIpv4Pool(v string) *AllocateAddressOutp type AllocateHostsInput struct { _ struct{} `type:"structure"` - // This is enabled by default. This property allows instances to be automatically - // placed onto available Dedicated Hosts, when you are launching instances without - // specifying a host ID. + // Indicates whether the host accepts any untargeted instance launches that + // match its instance type configuration, or if it only accepts Host tenancy + // instance launches that specify its unique host ID. For more information, + // see Understanding Instance Placement and Host Affinity (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) + // in the Amazon EC2 User Guide for Linux Instances. // - // Default: Enabled + // Default: on AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` - // The Availability Zone for the Dedicated Hosts. + // The Availability Zone in which to allocate the Dedicated Host. // // AvailabilityZone is a required field AvailabilityZone *string `locationName:"availabilityZone" type:"string" required:"true"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` - // Specify the instance type for which to configure your Dedicated Hosts. When - // you specify the instance type, that is the only instance type that you can - // launch onto that host. + // Indicates whether to enable or disable host recovery for the Dedicated Host. + // Host recovery is disabled by default. For more information, see Host Recovery + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) + // in the Amazon Elastic Compute Cloud User Guide. // - // InstanceType is a required field - InstanceType *string `locationName:"instanceType" type:"string" required:"true"` + // Default: off + HostRecovery *string `type:"string" enum:"HostRecovery"` + + // Specifies the instance family to be supported by the Dedicated Hosts. If + // you specify an instance family, the Dedicated Hosts support multiple instance + // types within that instance family. + // + // If you want the Dedicated Hosts to support a specific instance type only, + // omit this parameter and specify InstanceType instead. You cannot specify + // InstanceFamily and InstanceType in the same request. + InstanceFamily *string `type:"string"` + + // Specifies the instance type to be supported by the Dedicated Hosts. If you + // specify an instance type, the Dedicated Hosts support instances of the specified + // instance type only. + // + // If you want the Dedicated Hosts to support multiple instance types in a specific + // instance family, omit this parameter and specify InstanceFamily instead. + // You cannot specify InstanceType and InstanceFamily in the same request. + InstanceType *string `locationName:"instanceType" type:"string"` // The number of Dedicated Hosts to allocate to your account with these parameters. // @@ -28123,9 +36874,6 @@ func (s *AllocateHostsInput) Validate() error { if s.AvailabilityZone == nil { invalidParams.Add(request.NewErrParamRequired("AvailabilityZone")) } - if s.InstanceType == nil { - invalidParams.Add(request.NewErrParamRequired("InstanceType")) - } if s.Quantity == nil { invalidParams.Add(request.NewErrParamRequired("Quantity")) } @@ -28154,6 +36902,18 @@ func (s *AllocateHostsInput) SetClientToken(v string) *AllocateHostsInput { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *AllocateHostsInput) SetHostRecovery(v string) *AllocateHostsInput { + s.HostRecovery = &v + return s +} + +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *AllocateHostsInput) SetInstanceFamily(v string) *AllocateHostsInput { + s.InstanceFamily = &v + return s +} + // SetInstanceType sets the InstanceType field's value. func (s *AllocateHostsInput) SetInstanceType(v string) *AllocateHostsInput { s.InstanceType = &v @@ -28498,6 +37258,12 @@ func (s *AssignPrivateIpAddressesInput) SetSecondaryPrivateIpAddressCount(v int6 type AssignPrivateIpAddressesOutput struct { _ struct{} `type:"structure"` + + // The private IP addresses assigned to the network interface. + AssignedPrivateIpAddresses []*AssignedPrivateIpAddress `locationName:"assignedPrivateIpAddressesSet" locationNameList:"item" type:"list"` + + // The ID of the network interface. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` } // String returns the string representation @@ -28510,6 +37276,42 @@ func (s AssignPrivateIpAddressesOutput) GoString() string { return s.String() } +// SetAssignedPrivateIpAddresses sets the AssignedPrivateIpAddresses field's value. +func (s *AssignPrivateIpAddressesOutput) SetAssignedPrivateIpAddresses(v []*AssignedPrivateIpAddress) *AssignPrivateIpAddressesOutput { + s.AssignedPrivateIpAddresses = v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *AssignPrivateIpAddressesOutput) SetNetworkInterfaceId(v string) *AssignPrivateIpAddressesOutput { + s.NetworkInterfaceId = &v + return s +} + +// Describes the private IP addresses assigned to a network interface. +type AssignedPrivateIpAddress struct { + _ struct{} `type:"structure"` + + // The private IP address assigned to the network interface. + PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` +} + +// String returns the string representation +func (s AssignedPrivateIpAddress) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssignedPrivateIpAddress) GoString() string { + return s.String() +} + +// SetPrivateIpAddress sets the PrivateIpAddress field's value. +func (s *AssignedPrivateIpAddress) SetPrivateIpAddress(v string) *AssignedPrivateIpAddress { + s.PrivateIpAddress = &v + return s +} + type AssociateAddressInput struct { _ struct{} `type:"structure"` @@ -28538,6 +37340,9 @@ type AssociateAddressInput struct { // [EC2-VPC] The ID of the network interface. If the instance has more than // one network interface, you must specify a network interface ID. + // + // For EC2-VPC, you can specify either the instance ID or the network interface + // ID, but not both. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` // [EC2-VPC] The primary or secondary private IP address to associate with the @@ -28545,7 +37350,8 @@ type AssociateAddressInput struct { // address is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // The Elastic IP address. This is required for EC2-Classic. + // The Elastic IP address to associate with the instance. This is required for + // EC2-Classic. PublicIp *string `type:"string"` } @@ -28628,6 +37434,10 @@ func (s *AssociateAddressOutput) SetAssociationId(v string) *AssociateAddressOut type AssociateClientVpnTargetNetworkInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // The ID of the Client VPN endpoint. // // ClientVpnEndpointId is a required field @@ -28671,6 +37481,12 @@ func (s *AssociateClientVpnTargetNetworkInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *AssociateClientVpnTargetNetworkInput) SetClientToken(v string) *AssociateClientVpnTargetNetworkInput { + s.ClientToken = &v + return s +} + // SetClientVpnEndpointId sets the ClientVpnEndpointId field's value. func (s *AssociateClientVpnTargetNetworkInput) SetClientVpnEndpointId(v string) *AssociateClientVpnTargetNetworkInput { s.ClientVpnEndpointId = &v @@ -28884,15 +37700,16 @@ type AssociateRouteTableInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The ID of the internet gateway or virtual private gateway. + GatewayId *string `type:"string"` + // The ID of the route table. // // RouteTableId is a required field RouteTableId *string `locationName:"routeTableId" type:"string" required:"true"` // The ID of the subnet. - // - // SubnetId is a required field - SubnetId *string `locationName:"subnetId" type:"string" required:"true"` + SubnetId *string `locationName:"subnetId" type:"string"` } // String returns the string representation @@ -28911,9 +37728,6 @@ func (s *AssociateRouteTableInput) Validate() error { if s.RouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("RouteTableId")) } - if s.SubnetId == nil { - invalidParams.Add(request.NewErrParamRequired("SubnetId")) - } if invalidParams.Len() > 0 { return invalidParams @@ -28927,6 +37741,12 @@ func (s *AssociateRouteTableInput) SetDryRun(v bool) *AssociateRouteTableInput { return s } +// SetGatewayId sets the GatewayId field's value. +func (s *AssociateRouteTableInput) SetGatewayId(v string) *AssociateRouteTableInput { + s.GatewayId = &v + return s +} + // SetRouteTableId sets the RouteTableId field's value. func (s *AssociateRouteTableInput) SetRouteTableId(v string) *AssociateRouteTableInput { s.RouteTableId = &v @@ -28945,6 +37765,9 @@ type AssociateRouteTableOutput struct { // The route table association ID. This ID is required for disassociating the // route table. AssociationId *string `locationName:"associationId" type:"string"` + + // The state of the association. + AssociationState *RouteTableAssociationState `locationName:"associationState" type:"structure"` } // String returns the string representation @@ -28963,6 +37786,12 @@ func (s *AssociateRouteTableOutput) SetAssociationId(v string) *AssociateRouteTa return s } +// SetAssociationState sets the AssociationState field's value. +func (s *AssociateRouteTableOutput) SetAssociationState(v *RouteTableAssociationState) *AssociateRouteTableOutput { + s.AssociationState = v + return s +} + type AssociateSubnetCidrBlockInput struct { _ struct{} `type:"structure"` @@ -29047,6 +37876,83 @@ func (s *AssociateSubnetCidrBlockOutput) SetSubnetId(v string) *AssociateSubnetC return s } +type AssociateTransitGatewayMulticastDomainInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the subnets to associate with the transit gateway multicast domain. + SubnetIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway attachment to associate with the transit gateway + // multicast domain. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s AssociateTransitGatewayMulticastDomainInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateTransitGatewayMulticastDomainInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *AssociateTransitGatewayMulticastDomainInput { + s.DryRun = &v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *AssociateTransitGatewayMulticastDomainInput) SetSubnetIds(v []*string) *AssociateTransitGatewayMulticastDomainInput { + s.SubnetIds = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *AssociateTransitGatewayMulticastDomainInput) SetTransitGatewayAttachmentId(v string) *AssociateTransitGatewayMulticastDomainInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *AssociateTransitGatewayMulticastDomainInput) SetTransitGatewayMulticastDomainId(v string) *AssociateTransitGatewayMulticastDomainInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type AssociateTransitGatewayMulticastDomainOutput struct { + _ struct{} `type:"structure"` + + // Information about the transit gateway multicast domain associations. + Associations *TransitGatewayMulticastDomainAssociations `locationName:"associations" type:"structure"` +} + +// String returns the string representation +func (s AssociateTransitGatewayMulticastDomainOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssociateTransitGatewayMulticastDomainOutput) GoString() string { + return s.String() +} + +// SetAssociations sets the Associations field's value. +func (s *AssociateTransitGatewayMulticastDomainOutput) SetAssociations(v *TransitGatewayMulticastDomainAssociations) *AssociateTransitGatewayMulticastDomainOutput { + s.Associations = v + return s +} + type AssociateTransitGatewayRouteTableInput struct { _ struct{} `type:"structure"` @@ -29145,6 +38051,14 @@ type AssociateVpcCidrBlockInput struct { // An IPv4 CIDR block to associate with the VPC. CidrBlock *string `type:"string"` + // The name of the location from which we advertise the IPV6 CIDR block. Use + // this parameter to limit the CiDR block to this location. + // + // You must set AmazonProvidedIpv6CidrBlock to true to use this parameter. + // + // You can have one IPv6 CIDR block association per network border group. + Ipv6CidrBlockNetworkBorderGroup *string `type:"string"` + // The ID of the VPC. // // VpcId is a required field @@ -29186,6 +38100,12 @@ func (s *AssociateVpcCidrBlockInput) SetCidrBlock(v string) *AssociateVpcCidrBlo return s } +// SetIpv6CidrBlockNetworkBorderGroup sets the Ipv6CidrBlockNetworkBorderGroup field's value. +func (s *AssociateVpcCidrBlockInput) SetIpv6CidrBlockNetworkBorderGroup(v string) *AssociateVpcCidrBlockInput { + s.Ipv6CidrBlockNetworkBorderGroup = &v + return s +} + // SetVpcId sets the VpcId field's value. func (s *AssociateVpcCidrBlockInput) SetVpcId(v string) *AssociateVpcCidrBlockInput { s.VpcId = &v @@ -29583,7 +38503,6 @@ func (s *AttachNetworkInterfaceOutput) SetAttachmentId(v string) *AttachNetworkI return s } -// Contains the parameters for AttachVolume. type AttachVolumeInput struct { _ struct{} `type:"structure"` @@ -29881,6 +38800,10 @@ type AuthorizeClientVpnIngressInput struct { // who successfully establish a VPN connection access to the network. AuthorizeAllGroups *bool `type:"boolean"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // The ID of the Client VPN endpoint. // // ClientVpnEndpointId is a required field @@ -29940,6 +38863,12 @@ func (s *AuthorizeClientVpnIngressInput) SetAuthorizeAllGroups(v bool) *Authoriz return s } +// SetClientToken sets the ClientToken field's value. +func (s *AuthorizeClientVpnIngressInput) SetClientToken(v string) *AuthorizeClientVpnIngressInput { + s.ClientToken = &v + return s +} + // SetClientVpnEndpointId sets the ClientVpnEndpointId field's value. func (s *AuthorizeClientVpnIngressInput) SetClientVpnEndpointId(v string) *AuthorizeClientVpnIngressInput { s.ClientVpnEndpointId = &v @@ -30007,8 +38936,8 @@ type AuthorizeSecurityGroupEgressInput struct { // GroupId is a required field GroupId *string `locationName:"groupId" type:"string" required:"true"` - // One or more sets of IP permissions. You can't specify a destination security - // group and a CIDR IP address range in the same set of permissions. + // The sets of IP permissions. You can't specify a destination security group + // and a CIDR IP address range in the same set of permissions. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` // Not supported. Use a set of IP permissions to specify the protocol name or @@ -30121,8 +39050,12 @@ func (s AuthorizeSecurityGroupEgressOutput) GoString() string { type AuthorizeSecurityGroupIngressInput struct { _ struct{} `type:"structure"` - // The CIDR IPv4 address range. You can't specify this parameter when specifying - // a source security group. + // The IPv4 address range, in CIDR format. You can't specify this parameter + // when specifying a source security group. To specify an IPv6 address range, + // use a set of IP permissions. + // + // Alternatively, use a set of IP permissions to specify multiple rules and + // a description for the rule. CidrIp *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -30131,9 +39064,12 @@ type AuthorizeSecurityGroupIngressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type number. For the ICMP/ICMPv6 type number, use -1 to specify all types. - // If you specify all ICMP/ICMPv6 types, you must specify all codes. + // The start of port range for the TCP and UDP protocols, or an ICMP type number. + // For the ICMP type number, use -1 to specify all types. If you specify all + // ICMP types, you must specify all codes. + // + // Alternatively, use a set of IP permissions to specify multiple rules and + // a description for the rule. FromPort *int64 `type:"integer"` // The ID of the security group. You must specify either the security group @@ -30145,16 +39081,18 @@ type AuthorizeSecurityGroupIngressInput struct { // either the security group ID or the security group name in the request. GroupName *string `type:"string"` - // One or more sets of IP permissions. Can be used to specify multiple rules - // in a single command. + // The sets of IP permissions. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). - // (VPC only) Use -1 to specify all protocols. If you specify -1, or a protocol - // number other than tcp, udp, icmp, or 58 (ICMPv6), traffic on all ports is - // allowed, regardless of any ports you specify. For tcp, udp, and icmp, you - // must specify a port range. For protocol 58 (ICMPv6), you can optionally specify - // a port range; if you don't, traffic for all types and codes is allowed. + // To specify icmpv6, use a set of IP permissions. + // + // [VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol + // other than tcp, udp, or icmp, traffic on all ports is allowed, regardless + // of any ports you specify. + // + // Alternatively, use a set of IP permissions to specify multiple rules and + // a description for the rule. IpProtocol *string `type:"string"` // [EC2-Classic, default VPC] The name of the source security group. You can't @@ -30166,17 +39104,20 @@ type AuthorizeSecurityGroupIngressInput struct { // be in the same VPC. SourceSecurityGroupName *string `type:"string"` - // [EC2-Classic] The AWS account ID for the source security group, if the source - // security group is in a different account. You can't specify this parameter + // [nondefault VPC] The AWS account ID for the source security group, if the + // source security group is in a different account. You can't specify this parameter // in combination with the following parameters: the CIDR IP address range, // the IP protocol, the start of the port range, and the end of the port range. // Creates rules that grant full ICMP, UDP, and TCP access. To create a rule // with a specific IP protocol and port range, use a set of IP permissions instead. SourceSecurityGroupOwnerId *string `type:"string"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code - // number. For the ICMP/ICMPv6 code number, use -1 to specify all codes. If - // you specify all ICMP/ICMPv6 types, you must specify all codes. + // The end of port range for the TCP and UDP protocols, or an ICMP code number. + // For the ICMP code number, use -1 to specify all codes. If you specify all + // ICMP types, you must specify all codes. + // + // Alternatively, use a set of IP permissions to specify multiple rules and + // a description for the rule. ToPort *int64 `type:"integer"` } @@ -30264,23 +39205,37 @@ func (s AuthorizeSecurityGroupIngressOutput) GoString() string { return s.String() } -// Describes an Availability Zone. +// Describes an Availability Zone or Local Zone. type AvailabilityZone struct { _ struct{} `type:"structure"` - // Any messages about the Availability Zone. + // For Availability Zones, this parameter has the same value as the Region name. + // + // For Local Zones, the name of the associated group, for example us-west-2-lax-1. + GroupName *string `locationName:"groupName" type:"string"` + + // Any messages about the Availability Zone or Local Zone. Messages []*AvailabilityZoneMessage `locationName:"messageSet" locationNameList:"item" type:"list"` - // The name of the region. + // The name of the location from which the address is advertised. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + + // For Availability Zones, this parameter always has the value of opt-in-not-required. + // + // For Local Zones, this parameter is the opt in status. The possible values + // are opted-in, and not-opted-in. + OptInStatus *string `locationName:"optInStatus" type:"string" enum:"AvailabilityZoneOptInStatus"` + + // The name of the Region. RegionName *string `locationName:"regionName" type:"string"` - // The state of the Availability Zone. + // The state of the Availability Zone or Local Zone. State *string `locationName:"zoneState" type:"string" enum:"AvailabilityZoneState"` - // The ID of the Availability Zone. + // The ID of the Availability Zone or Local Zone. ZoneId *string `locationName:"zoneId" type:"string"` - // The name of the Availability Zone. + // The name of the Availability Zone or Local Zone. ZoneName *string `locationName:"zoneName" type:"string"` } @@ -30294,12 +39249,30 @@ func (s AvailabilityZone) GoString() string { return s.String() } +// SetGroupName sets the GroupName field's value. +func (s *AvailabilityZone) SetGroupName(v string) *AvailabilityZone { + s.GroupName = &v + return s +} + // SetMessages sets the Messages field's value. func (s *AvailabilityZone) SetMessages(v []*AvailabilityZoneMessage) *AvailabilityZone { s.Messages = v return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *AvailabilityZone) SetNetworkBorderGroup(v string) *AvailabilityZone { + s.NetworkBorderGroup = &v + return s +} + +// SetOptInStatus sets the OptInStatus field's value. +func (s *AvailabilityZone) SetOptInStatus(v string) *AvailabilityZone { + s.OptInStatus = &v + return s +} + // SetRegionName sets the RegionName field's value. func (s *AvailabilityZone) SetRegionName(v string) *AvailabilityZone { s.RegionName = &v @@ -30324,11 +39297,11 @@ func (s *AvailabilityZone) SetZoneName(v string) *AvailabilityZone { return s } -// Describes a message about an Availability Zone. +// Describes a message about an Availability Zone or Local Zone. type AvailabilityZoneMessage struct { _ struct{} `type:"structure"` - // The message about the Availability Zone. + // The message about the Availability Zone or Local Zone. Message *string `locationName:"message" type:"string"` } @@ -30348,14 +39321,19 @@ func (s *AvailabilityZoneMessage) SetMessage(v string) *AvailabilityZoneMessage return s } -// The capacity information for instances launched onto the Dedicated Host. +// The capacity information for instances that can be launched onto the Dedicated +// Host. type AvailableCapacity struct { _ struct{} `type:"structure"` - // The total number of instances supported by the Dedicated Host. + // The number of instances that can be launched onto the Dedicated Host depending + // on the host's available capacity. For Dedicated Hosts that support multiple + // instance types, this parameter represents the number of instances for each + // instance size that is supported on the host. AvailableInstanceCapacity []*InstanceCapacity `locationName:"availableInstanceCapacity" locationNameList:"item" type:"list"` - // The number of vCPUs available on the Dedicated Host. + // The number of vCPUs available for launching instances onto the Dedicated + // Host. AvailableVCpus *int64 `locationName:"availableVCpus" type:"integer"` } @@ -30887,7 +39865,6 @@ func (s *CancelCapacityReservationOutput) SetReturn(v bool) *CancelCapacityReser return s } -// Contains the parameters for CancelConversionTask. type CancelConversionTaskInput struct { _ struct{} `type:"structure"` @@ -30961,7 +39938,6 @@ func (s CancelConversionTaskOutput) GoString() string { return s.String() } -// Contains the parameters for CancelExportTask. type CancelExportTaskInput struct { _ struct{} `type:"structure"` @@ -31014,7 +39990,6 @@ func (s CancelExportTaskOutput) GoString() string { return s.String() } -// Contains the parameters for CancelImportTask. type CancelImportTaskInput struct { _ struct{} `type:"structure"` @@ -31059,7 +40034,6 @@ func (s *CancelImportTaskInput) SetImportTaskId(v string) *CancelImportTaskInput return s } -// Contains the output for CancelImportTask. type CancelImportTaskOutput struct { _ struct{} `type:"structure"` @@ -31486,10 +40460,16 @@ type CapacityReservation struct { // The Availability Zone in which the capacity is reserved. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + // The Availability Zone ID of the Capacity Reservation. + AvailabilityZoneId *string `locationName:"availabilityZoneId" type:"string"` + // The remaining capacity. Indicates the number of instances that can be launched // in the Capacity Reservation. AvailableInstanceCount *int64 `locationName:"availableInstanceCount" type:"integer"` + // The Amazon Resource Name (ARN) of the Capacity Reservation. + CapacityReservationArn *string `locationName:"capacityReservationArn" type:"string"` + // The ID of the Capacity Reservation. CapacityReservationId *string `locationName:"capacityReservationId" type:"string"` @@ -31544,17 +40524,20 @@ type CapacityReservation struct { // The type of instance for which the Capacity Reservation reserves capacity. InstanceType *string `locationName:"instanceType" type:"string"` + // The ID of the AWS account that owns the Capacity Reservation. + OwnerId *string `locationName:"ownerId" type:"string"` + // The current state of the Capacity Reservation. A Capacity Reservation can // be in one of the following states: // // * active - The Capacity Reservation is active and the capacity is available // for your use. // - // * cancelled - The Capacity Reservation expired automatically at the date + // * expired - The Capacity Reservation expired automatically at the date // and time specified in your request. The reserved capacity is no longer // available for your use. // - // * expired - The Capacity Reservation was manually cancelled. The reserved + // * cancelled - The Capacity Reservation was manually cancelled. The reserved // capacity is no longer available for your use. // // * pending - The Capacity Reservation request was successful but the capacity @@ -31578,7 +40561,8 @@ type CapacityReservation struct { // that is dedicated to a single AWS account. Tenancy *string `locationName:"tenancy" type:"string" enum:"CapacityReservationTenancy"` - // The number of instances for which the Capacity Reservation reserves capacity. + // The total number of instances for which the Capacity Reservation reserves + // capacity. TotalInstanceCount *int64 `locationName:"totalInstanceCount" type:"integer"` } @@ -31598,12 +40582,24 @@ func (s *CapacityReservation) SetAvailabilityZone(v string) *CapacityReservation return s } +// SetAvailabilityZoneId sets the AvailabilityZoneId field's value. +func (s *CapacityReservation) SetAvailabilityZoneId(v string) *CapacityReservation { + s.AvailabilityZoneId = &v + return s +} + // SetAvailableInstanceCount sets the AvailableInstanceCount field's value. func (s *CapacityReservation) SetAvailableInstanceCount(v int64) *CapacityReservation { s.AvailableInstanceCount = &v return s } +// SetCapacityReservationArn sets the CapacityReservationArn field's value. +func (s *CapacityReservation) SetCapacityReservationArn(v string) *CapacityReservation { + s.CapacityReservationArn = &v + return s +} + // SetCapacityReservationId sets the CapacityReservationId field's value. func (s *CapacityReservation) SetCapacityReservationId(v string) *CapacityReservation { s.CapacityReservationId = &v @@ -31658,6 +40654,12 @@ func (s *CapacityReservation) SetInstanceType(v string) *CapacityReservation { return s } +// SetOwnerId sets the OwnerId field's value. +func (s *CapacityReservation) SetOwnerId(v string) *CapacityReservation { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *CapacityReservation) SetState(v string) *CapacityReservation { s.State = &v @@ -31682,12 +40684,105 @@ func (s *CapacityReservation) SetTotalInstanceCount(v int64) *CapacityReservatio return s } +// Describes the strategy for using unused Capacity Reservations for fulfilling +// On-Demand capacity. +// +// This strategy can only be used if the EC2 Fleet is of type instant. +// +// For more information about Capacity Reservations, see On-Demand Capacity +// Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) +// in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity +// Reservations in an EC2 Fleet, see EC2 Fleet Example Configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// in the Amazon Elastic Compute Cloud User Guide. +type CapacityReservationOptions struct { + _ struct{} `type:"structure"` + + // Indicates whether to use unused Capacity Reservations for fulfilling On-Demand + // capacity. + // + // If you specify use-capacity-reservations-first, the fleet uses unused Capacity + // Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. + // If multiple instance pools have unused Capacity Reservations, the On-Demand + // allocation strategy (lowest-price or prioritized) is applied. If the number + // of unused Capacity Reservations is less than the On-Demand target capacity, + // the remaining On-Demand target capacity is launched according to the On-Demand + // allocation strategy (lowest-price or prioritized). + // + // If you do not specify a value, the fleet fulfils the On-Demand capacity according + // to the chosen On-Demand allocation strategy. + UsageStrategy *string `locationName:"usageStrategy" type:"string" enum:"FleetCapacityReservationUsageStrategy"` +} + +// String returns the string representation +func (s CapacityReservationOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CapacityReservationOptions) GoString() string { + return s.String() +} + +// SetUsageStrategy sets the UsageStrategy field's value. +func (s *CapacityReservationOptions) SetUsageStrategy(v string) *CapacityReservationOptions { + s.UsageStrategy = &v + return s +} + +// Describes the strategy for using unused Capacity Reservations for fulfilling +// On-Demand capacity. +// +// This strategy can only be used if the EC2 Fleet is of type instant. +// +// For more information about Capacity Reservations, see On-Demand Capacity +// Reservations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html) +// in the Amazon Elastic Compute Cloud User Guide. For examples of using Capacity +// Reservations in an EC2 Fleet, see EC2 Fleet Example Configurations (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-examples.html) +// in the Amazon Elastic Compute Cloud User Guide. +type CapacityReservationOptionsRequest struct { + _ struct{} `type:"structure"` + + // Indicates whether to use unused Capacity Reservations for fulfilling On-Demand + // capacity. + // + // If you specify use-capacity-reservations-first, the fleet uses unused Capacity + // Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. + // If multiple instance pools have unused Capacity Reservations, the On-Demand + // allocation strategy (lowest-price or prioritized) is applied. If the number + // of unused Capacity Reservations is less than the On-Demand target capacity, + // the remaining On-Demand target capacity is launched according to the On-Demand + // allocation strategy (lowest-price or prioritized). + // + // If you do not specify a value, the fleet fulfils the On-Demand capacity according + // to the chosen On-Demand allocation strategy. + UsageStrategy *string `type:"string" enum:"FleetCapacityReservationUsageStrategy"` +} + +// String returns the string representation +func (s CapacityReservationOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CapacityReservationOptionsRequest) GoString() string { + return s.String() +} + +// SetUsageStrategy sets the UsageStrategy field's value. +func (s *CapacityReservationOptionsRequest) SetUsageStrategy(v string) *CapacityReservationOptionsRequest { + s.UsageStrategy = &v + return s +} + // Describes an instance's Capacity Reservation targeting option. You can specify -// only one option at a time. Use the CapacityReservationPreference parameter -// to configure the instance to run as an On-Demand Instance or to run in any -// open Capacity Reservation that has matching attributes (instance type, platform, -// Availability Zone). Use the CapacityReservationTarget parameter to explicitly -// target a specific Capacity Reservation. +// only one parameter at a time. If you specify CapacityReservationPreference +// and CapacityReservationTarget, the request fails. +// +// Use the CapacityReservationPreference parameter to configure the instance +// to run as an On-Demand Instance or to run in any open Capacity Reservation +// that has matching attributes (instance type, platform, Availability Zone). +// Use the CapacityReservationTarget parameter to explicitly target a specific +// Capacity Reservation. type CapacityReservationSpecification struct { _ struct{} `type:"structure"` @@ -31870,7 +40965,10 @@ func (s *CertificateAuthenticationRequest) SetClientRootCertificateChainArn(v st } // Provides authorization for Amazon to bring a specific IP address range to -// a specific AWS account using bring your own IP addresses (BYOIP). +// a specific AWS account using bring your own IP addresses (BYOIP). For more +// information, see Prepare to Bring Your Address Range to Your AWS Account +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#prepare-for-byoip) +// in the Amazon Elastic Compute Cloud User Guide. type CidrAuthorizationContext struct { _ struct{} `type:"structure"` @@ -32180,8 +41278,8 @@ func (s *ClientData) SetUploadStart(v time.Time) *ClientData { // Describes the authentication methods used by a Client VPN endpoint. Client // VPN supports Active Directory and mutual authentication. For more information, -// see Authentication (vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) -// in the AWS Client VPN Admin Guide. +// see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// in the AWS Client VPN Administrator Guide. type ClientVpnAuthentication struct { _ struct{} `type:"structure"` @@ -32225,8 +41323,8 @@ func (s *ClientVpnAuthentication) SetType(v string) *ClientVpnAuthentication { // Describes the authentication method to be used by a Client VPN endpoint. // Client VPN supports Active Directory and mutual authentication. For more -// information, see Authentication (vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) -// in the AWS Client VPN Admin Guide. +// information, see Authentication (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication) +// in the AWS Client VPN Administrator Guide. type ClientVpnAuthenticationRequest struct { _ struct{} `type:"structure"` @@ -32478,7 +41576,9 @@ type ClientVpnEndpoint struct { // Information about the associated target networks. A target network is a subnet // in a VPC. - AssociatedTargetNetworks []*AssociatedTargetNetwork `locationName:"associatedTargetNetwork" locationNameList:"item" type:"list"` + // + // Deprecated: This property is deprecated. To view the target networks associated with a Client VPN endpoint, call DescribeClientVpnTargetNetworks and inspect the clientVpnTargetNetworks response element. + AssociatedTargetNetworks []*AssociatedTargetNetwork `locationName:"associatedTargetNetwork" locationNameList:"item" deprecated:"true" type:"list"` // Information about the authentication method used by the Client VPN endpoint. AuthenticationOptions []*ClientVpnAuthentication `locationName:"authenticationOptions" locationNameList:"item" type:"list"` @@ -32497,26 +41597,34 @@ type ClientVpnEndpoint struct { // The date and time the Client VPN endpoint was created. CreationTime *string `locationName:"creationTime" type:"string"` - // The date and time the Client VPN endpoint was deleted, if applicable. Information - // about deleted Client VPN endpoints is retained for 24 hours, unless a new - // Client VPN is created with the same name. + // The date and time the Client VPN endpoint was deleted, if applicable. DeletionTime *string `locationName:"deletionTime" type:"string"` // A brief description of the endpoint. Description *string `locationName:"description" type:"string"` - // The DNS name to be used by clients when establishing a connection. + // The DNS name to be used by clients when connecting to the Client VPN endpoint. DnsName *string `locationName:"dnsName" type:"string"` + // Information about the DNS servers to be used for DNS resolution. + DnsServers []*string `locationName:"dnsServer" locationNameList:"item" type:"list"` + // The ARN of the server certificate. ServerCertificateArn *string `locationName:"serverCertificateArn" type:"string"` - // Indicates whether VPN split tunneling is supported. + // Indicates whether split-tunnel is enabled in the AWS Client VPN endpoint. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. SplitTunnel *bool `locationName:"splitTunnel" type:"boolean"` // The current state of the Client VPN endpoint. Status *ClientVpnEndpointStatus `locationName:"status" type:"structure"` + // Any tags assigned to the Client VPN endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The transport protocol used by the Client VPN endpoint. TransportProtocol *string `locationName:"transportProtocol" type:"string" enum:"TransportProtocol"` @@ -32588,6 +41696,12 @@ func (s *ClientVpnEndpoint) SetDnsName(v string) *ClientVpnEndpoint { return s } +// SetDnsServers sets the DnsServers field's value. +func (s *ClientVpnEndpoint) SetDnsServers(v []*string) *ClientVpnEndpoint { + s.DnsServers = v + return s +} + // SetServerCertificateArn sets the ServerCertificateArn field's value. func (s *ClientVpnEndpoint) SetServerCertificateArn(v string) *ClientVpnEndpoint { s.ServerCertificateArn = &v @@ -32606,6 +41720,12 @@ func (s *ClientVpnEndpoint) SetStatus(v *ClientVpnEndpointStatus) *ClientVpnEndp return s } +// SetTags sets the Tags field's value. +func (s *ClientVpnEndpoint) SetTags(v []*Tag) *ClientVpnEndpoint { + s.Tags = v + return s +} + // SetTransportProtocol sets the TransportProtocol field's value. func (s *ClientVpnEndpoint) SetTransportProtocol(v string) *ClientVpnEndpoint { s.TransportProtocol = &v @@ -32778,6 +41898,108 @@ func (s *ClientVpnRouteStatus) SetMessage(v string) *ClientVpnRouteStatus { return s } +// Describes address usage for a customer-owned address pool. +type CoipAddressUsage struct { + _ struct{} `type:"structure"` + + // The allocation ID of the address. + AllocationId *string `locationName:"allocationId" type:"string"` + + // The AWS account ID. + AwsAccountId *string `locationName:"awsAccountId" type:"string"` + + // The AWS service. + AwsService *string `locationName:"awsService" type:"string"` + + // The customer-owned IP address. + CoIp *string `locationName:"coIp" type:"string"` +} + +// String returns the string representation +func (s CoipAddressUsage) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CoipAddressUsage) GoString() string { + return s.String() +} + +// SetAllocationId sets the AllocationId field's value. +func (s *CoipAddressUsage) SetAllocationId(v string) *CoipAddressUsage { + s.AllocationId = &v + return s +} + +// SetAwsAccountId sets the AwsAccountId field's value. +func (s *CoipAddressUsage) SetAwsAccountId(v string) *CoipAddressUsage { + s.AwsAccountId = &v + return s +} + +// SetAwsService sets the AwsService field's value. +func (s *CoipAddressUsage) SetAwsService(v string) *CoipAddressUsage { + s.AwsService = &v + return s +} + +// SetCoIp sets the CoIp field's value. +func (s *CoipAddressUsage) SetCoIp(v string) *CoipAddressUsage { + s.CoIp = &v + return s +} + +// Describes a customer-owned address pool. +type CoipPool struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The address ranges of the address pool. + PoolCidrs []*string `locationName:"poolCidrSet" locationNameList:"item" type:"list"` + + // The ID of the address pool. + PoolId *string `locationName:"poolId" type:"string"` + + // The tags. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CoipPool) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CoipPool) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *CoipPool) SetLocalGatewayRouteTableId(v string) *CoipPool { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetPoolCidrs sets the PoolCidrs field's value. +func (s *CoipPool) SetPoolCidrs(v []*string) *CoipPool { + s.PoolCidrs = v + return s +} + +// SetPoolId sets the PoolId field's value. +func (s *CoipPool) SetPoolId(v string) *CoipPool { + s.PoolId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CoipPool) SetTags(v []*Tag) *CoipPool { + s.Tags = v + return s +} + type ConfirmProductInstanceInput struct { _ struct{} `type:"structure"` @@ -33129,7 +42351,7 @@ type CopyFpgaImageInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // The description for the new AFI. @@ -33149,7 +42371,7 @@ type CopyFpgaImageInput struct { // SourceFpgaImageId is a required field SourceFpgaImageId *string `type:"string" required:"true"` - // The region that contains the source AFI. + // The Region that contains the source AFI. // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` @@ -33245,11 +42467,11 @@ type CopyImageInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) + // request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) // in the Amazon Elastic Compute Cloud User Guide. ClientToken *string `type:"string"` - // A description for the new AMI in the destination region. + // A description for the new AMI in the destination Region. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -33263,41 +42485,38 @@ type CopyImageInput struct { // create an unencrypted copy of an encrypted snapshot. The default CMK for // EBS is used unless you specify a non-default AWS Key Management Service (AWS // KMS) CMK using KmsKeyId. For more information, see Amazon EBS Encryption - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) in - // the Amazon Elastic Compute Cloud User Guide. + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted volume. This parameter is only - // required if you want to use a non-default CMK; if this parameter is not specified, - // the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted - // flag must also be set. + // An identifier for the symmetric AWS Key Management Service (AWS KMS) customer + // master key (CMK) to use when creating the encrypted volume. This parameter + // is only required if you want to use a non-default CMK; if this parameter + // is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, + // the Encrypted flag must also be set. // - // The CMK identifier may be provided in any of the following formats: + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". For example: // - // * Key ID + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab // - // * Key alias, in the form alias/ExampleAlias + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. - // - // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Alias name: alias/ExampleAlias // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias // // AWS parses KmsKeyId asynchronously, meaning that the action you call may // appear to complete even though you provided an invalid identifier. This action // will eventually report failure. // - // The specified CMK must exist in the region that the snapshot is being copied + // The specified CMK must exist in the Region that the snapshot is being copied // to. + // + // Amazon EBS does not support asymmetric CMKs. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` - // The name of the new AMI in the destination region. + // The name of the new AMI in the destination Region. // // Name is a required field Name *string `type:"string" required:"true"` @@ -33307,7 +42526,7 @@ type CopyImageInput struct { // SourceImageId is a required field SourceImageId *string `type:"string" required:"true"` - // The name of the region that contains the AMI to copy. + // The name of the Region that contains the AMI to copy. // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` @@ -33414,20 +42633,19 @@ func (s *CopyImageOutput) SetImageId(v string) *CopyImageOutput { return s } -// Contains the parameters for CopySnapshot. type CopySnapshotInput struct { _ struct{} `type:"structure"` // A description for the EBS snapshot. Description *string `type:"string"` - // The destination region to use in the PresignedUrl parameter of a snapshot + // The destination Region to use in the PresignedUrl parameter of a snapshot // copy operation. This parameter is only valid for specifying the destination - // region in a PresignedUrl parameter, where it is required. + // Region in a PresignedUrl parameter, where it is required. // // The snapshot copy is sent to the regional endpoint that you sent the HTTP // request to (for example, ec2.us-east-1.amazonaws.com). With the AWS CLI, - // this is specified using the --region parameter or the default region in your + // this is specified using the --region parameter or the default Region in your // AWS configuration file. DestinationRegion *string `locationName:"destinationRegion" type:"string"` @@ -33437,57 +42655,50 @@ type CopySnapshotInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Specifies whether the destination snapshot should be encrypted. You can encrypt - // a copy of an unencrypted snapshot, but you cannot use it to create an unencrypted - // copy of an encrypted snapshot. Your default CMK for EBS is used unless you - // specify a non-default AWS Key Management Service (AWS KMS) CMK using KmsKeyId. - // For more information, see Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // To encrypt a copy of an unencrypted snapshot if encryption by default is + // not enabled, enable encryption using this parameter. Otherwise, omit this + // parameter. Encrypted snapshots are encrypted, even if you omit this parameter + // and encryption by default is not enabled. You cannot set this parameter to + // false. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted volume. This parameter is only - // required if you want to use a non-default CMK; if this parameter is not specified, - // the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted - // flag must also be set. + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. // - // The CMK identifier may be provided in any of the following formats: + // You can specify the CMK using any of the following: // - // * Key ID + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key alias + // * Key alias. For example, alias/ExampleAlias. // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. - // - // - // AWS parses KmsKeyId asynchronously, meaning that the action you call may - // appear to complete even though you provided an invalid identifier. The action - // will eventually fail. + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // When you copy an encrypted source snapshot using the Amazon EC2 Query API, // you must supply a pre-signed URL. This parameter is optional for unencrypted - // snapshots. For more information, see Query Requests (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html). + // snapshots. For more information, see Query Requests (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html). // // The PresignedUrl should use the snapshot source endpoint, the CopySnapshot // action, and include the SourceRegion, SourceSnapshotId, and DestinationRegion // parameters. The PresignedUrl must be signed using AWS Signature Version 4. // Because EBS snapshots are stored in Amazon S3, the signing algorithm for // this parameter uses the same logic that is described in Authenticating Requests - // by Using Query Parameters (AWS Signature Version 4) (http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) + // by Using Query Parameters (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html) // in the Amazon Simple Storage Service API Reference. An invalid or improperly // signed PresignedUrl will cause the copy operation to fail asynchronously, // and the snapshot will move to an error state. PresignedUrl *string `locationName:"presignedUrl" type:"string"` - // The ID of the region that contains the snapshot to be copied. + // The ID of the Region that contains the snapshot to be copied. // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` @@ -33496,6 +42707,9 @@ type CopySnapshotInput struct { // // SourceSnapshotId is a required field SourceSnapshotId *string `type:"string" required:"true"` + + // The tags to apply to the new snapshot. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -33572,12 +42786,20 @@ func (s *CopySnapshotInput) SetSourceSnapshotId(v string) *CopySnapshotInput { return s } -// Contains the output of CopySnapshot. +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CopySnapshotInput) SetTagSpecifications(v []*TagSpecification) *CopySnapshotInput { + s.TagSpecifications = v + return s +} + type CopySnapshotOutput struct { _ struct{} `type:"structure"` // The ID of the new snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` + + // Any tags applied to the new snapshot. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -33596,6 +42818,12 @@ func (s *CopySnapshotOutput) SetSnapshotId(v string) *CopySnapshotOutput { return s } +// SetTags sets the Tags field's value. +func (s *CopySnapshotOutput) SetTags(v []*Tag) *CopySnapshotOutput { + s.Tags = v + return s +} + // The CPU options for the instance. type CpuOptions struct { _ struct{} `type:"structure"` @@ -33637,9 +42865,8 @@ type CpuOptionsRequest struct { // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` - // The number of threads per CPU core. To disable Intel Hyper-Threading Technology - // for the instance, specify a value of 1. Otherwise, specify the default value - // of 2. + // The number of threads per CPU core. To disable multithreading for the instance, + // specify a value of 1. Otherwise, specify the default value of 2. ThreadsPerCore *int64 `type:"integer"` } @@ -33669,12 +42896,13 @@ type CreateCapacityReservationInput struct { _ struct{} `type:"structure"` // The Availability Zone in which to create the Capacity Reservation. - // - // AvailabilityZone is a required field - AvailabilityZone *string `type:"string" required:"true"` + AvailabilityZone *string `type:"string"` + + // The ID of the Availability Zone in which to create the Capacity Reservation. + AvailabilityZoneId *string `type:"string"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string"` @@ -33748,7 +42976,7 @@ type CreateCapacityReservationInput struct { InstancePlatform *string `type:"string" required:"true" enum:"CapacityReservationInstancePlatform"` // The instance type for which to reserve capacity. For more information, see - // Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. // // InstanceType is a required field @@ -33781,9 +43009,6 @@ func (s CreateCapacityReservationInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateCapacityReservationInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateCapacityReservationInput"} - if s.AvailabilityZone == nil { - invalidParams.Add(request.NewErrParamRequired("AvailabilityZone")) - } if s.InstanceCount == nil { invalidParams.Add(request.NewErrParamRequired("InstanceCount")) } @@ -33806,6 +43031,12 @@ func (s *CreateCapacityReservationInput) SetAvailabilityZone(v string) *CreateCa return s } +// SetAvailabilityZoneId sets the AvailabilityZoneId field's value. +func (s *CreateCapacityReservationInput) SetAvailabilityZoneId(v string) *CreateCapacityReservationInput { + s.AvailabilityZoneId = &v + return s +} + // SetClientToken sets the ClientToken field's value. func (s *CreateCapacityReservationInput) SetClientToken(v string) *CreateCapacityReservationInput { s.ClientToken = &v @@ -33918,8 +43149,8 @@ type CreateClientVpnEndpointInput struct { // ClientCidrBlock is a required field ClientCidrBlock *string `type:"string" required:"true"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` // Information about the client connection logging options. @@ -33943,8 +43174,7 @@ type CreateClientVpnEndpointInput struct { // Information about the DNS servers to be used for DNS resolution. A Client // VPN endpoint can have up to two DNS servers. If no DNS server is specified, - // the DNS address of the VPC that is to be associated with Client VPN endpoint - // is used as the DNS server. + // the DNS address configured on the device is used for the DNS server. DnsServers []*string `locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -33954,11 +43184,23 @@ type CreateClientVpnEndpointInput struct { DryRun *bool `type:"boolean"` // The ARN of the server certificate. For more information, see the AWS Certificate - // Manager User Guide (acm/latest/userguide/acm-overview.html) . + // Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/). // // ServerCertificateArn is a required field ServerCertificateArn *string `type:"string" required:"true"` + // Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint. + // + // By default, split-tunnel on a VPN endpoint is disabled. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. + SplitTunnel *bool `type:"boolean"` + + // The tags to apply to the Client VPN endpoint during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // The transport protocol to be used by the VPN session. // // Default value: udp @@ -34045,6 +43287,18 @@ func (s *CreateClientVpnEndpointInput) SetServerCertificateArn(v string) *Create return s } +// SetSplitTunnel sets the SplitTunnel field's value. +func (s *CreateClientVpnEndpointInput) SetSplitTunnel(v bool) *CreateClientVpnEndpointInput { + s.SplitTunnel = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateClientVpnEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateClientVpnEndpointInput { + s.TagSpecifications = v + return s +} + // SetTransportProtocol sets the TransportProtocol field's value. func (s *CreateClientVpnEndpointInput) SetTransportProtocol(v string) *CreateClientVpnEndpointInput { s.TransportProtocol = &v @@ -34095,6 +43349,10 @@ func (s *CreateClientVpnEndpointOutput) SetStatus(v *ClientVpnEndpointStatus) *C type CreateClientVpnRouteInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // The ID of the Client VPN endpoint to which to add the route. // // ClientVpnEndpointId is a required field @@ -34160,6 +43418,12 @@ func (s *CreateClientVpnRouteInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *CreateClientVpnRouteInput) SetClientToken(v string) *CreateClientVpnRouteInput { + s.ClientToken = &v + return s +} + // SetClientVpnEndpointId sets the ClientVpnEndpointId field's value. func (s *CreateClientVpnRouteInput) SetClientVpnEndpointId(v string) *CreateClientVpnRouteInput { s.ClientVpnEndpointId = &v @@ -34224,6 +43488,14 @@ type CreateCustomerGatewayInput struct { // BgpAsn is a required field BgpAsn *int64 `type:"integer" required:"true"` + // The Amazon Resource Name (ARN) for the customer gateway certificate. + CertificateArn *string `type:"string"` + + // A name for the customer gateway device. + // + // Length Constraints: Up to 255 characters. + DeviceName *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -34232,9 +43504,7 @@ type CreateCustomerGatewayInput struct { // The Internet-routable IP address for the customer gateway's outside interface. // The address must be static. - // - // PublicIp is a required field - PublicIp *string `locationName:"IpAddress" type:"string" required:"true"` + PublicIp *string `locationName:"IpAddress" type:"string"` // The type of VPN connection that this customer gateway supports (ipsec.1). // @@ -34258,9 +43528,6 @@ func (s *CreateCustomerGatewayInput) Validate() error { if s.BgpAsn == nil { invalidParams.Add(request.NewErrParamRequired("BgpAsn")) } - if s.PublicIp == nil { - invalidParams.Add(request.NewErrParamRequired("PublicIp")) - } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -34277,6 +43544,18 @@ func (s *CreateCustomerGatewayInput) SetBgpAsn(v int64) *CreateCustomerGatewayIn return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *CreateCustomerGatewayInput) SetCertificateArn(v string) *CreateCustomerGatewayInput { + s.CertificateArn = &v + return s +} + +// SetDeviceName sets the DeviceName field's value. +func (s *CreateCustomerGatewayInput) SetDeviceName(v string) *CreateCustomerGatewayInput { + s.DeviceName = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateCustomerGatewayInput) SetDryRun(v bool) *CreateCustomerGatewayInput { s.DryRun = &v @@ -34518,7 +43797,7 @@ type CreateEgressOnlyInternetGatewayInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -34612,16 +43891,16 @@ type CreateFleetError struct { _ struct{} `type:"structure"` // The error code that indicates why the instance could not be launched. For - // more information about error codes, see Error Codes (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + // more information about error codes, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). ErrorCode *string `locationName:"errorCode" type:"string"` // The error message that describes why the instance could not be launched. - // For more information about error messages, see ee Error Codes (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + // For more information about error messages, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). ErrorMessage *string `locationName:"errorMessage" type:"string"` // The launch templates and overrides that were used for launching the instances. - // Any parameters that you specify in the Overrides override the same parameters - // in the launch template. + // The values that you specify in the Overrides replace the values in the launch + // template. LaunchTemplateAndOverrides *LaunchTemplateAndOverridesResponse `locationName:"launchTemplateAndOverrides" type:"structure"` // Indicates if the instance that could not be launched was a Spot Instance @@ -34666,8 +43945,8 @@ func (s *CreateFleetError) SetLifecycle(v string) *CreateFleetError { type CreateFleetInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -34686,7 +43965,7 @@ type CreateFleetInput struct { // LaunchTemplateConfigs is a required field LaunchTemplateConfigs []*FleetLaunchTemplateConfigRequest `locationNameList:"item" type:"list" required:"true"` - // The allocation strategy of On-Demand Instances in an EC2 Fleet. + // Describes the configuration of On-Demand Instances in an EC2 Fleet. OnDemandOptions *OnDemandOptionsRequest `type:"structure"` // Indicates whether EC2 Fleet should replace unhealthy instances. @@ -34697,12 +43976,11 @@ type CreateFleetInput struct { // The key-value pair for tagging the EC2 Fleet request on creation. The value // for ResourceType must be fleet, otherwise the fleet request fails. To tag - // instances at launch, specify the tags in the launch template (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template). - // For information about tagging after launch, see Tagging Your Resources (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // instances at launch, specify the tags in the launch template (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template). + // For information about tagging after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The TotalTargetCapacity, OnDemandTargetCapacity, SpotTargetCapacity, and - // DefaultCapacityType structure. + // The number of units to request. // // TargetCapacitySpecification is a required field TargetCapacitySpecification *TargetCapacitySpecificationRequest `type:"structure" required:"true"` @@ -34717,7 +43995,7 @@ type CreateFleetInput struct { // request, and returns errors for any instances that could not be launched. // A value of request places an asynchronous one-time request without maintaining // capacity or submitting requests in alternative capacity pools if capacity - // is unavailable. For more information, see EC2 Fleet Request Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type) + // is unavailable. For more information, see EC2 Fleet Request Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type) // in the Amazon Elastic Compute Cloud User Guide. Type *string `type:"string" enum:"FleetType"` @@ -34727,7 +44005,7 @@ type CreateFleetInput struct { // The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // At this point, no new EC2 Fleet requests are placed or able to fulfill the - // request. The default end date is 7 days from the current date. + // request. If no value is specified, the request remains until you cancel it. ValidUntil *time.Time `type:"timestamp"` } @@ -34861,15 +44139,15 @@ type CreateFleetInstance struct { InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` // The launch templates and overrides that were used for launching the instances. - // Any parameters that you specify in the Overrides override the same parameters - // in the launch template. + // The values that you specify in the Overrides replace the values in the launch + // template. LaunchTemplateAndOverrides *LaunchTemplateAndOverridesResponse `locationName:"launchTemplateAndOverrides" type:"structure"` // Indicates if the instance that was launched is a Spot Instance or On-Demand // Instance. Lifecycle *string `locationName:"lifecycle" type:"string" enum:"InstanceLifecycle"` - // The value is Windows for Windows instances; otherwise blank. + // The value is Windows for Windows instances. Otherwise, the value is blank. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` } @@ -34960,10 +44238,14 @@ type CreateFlowLogsInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` - // The ARN for the IAM role that's used to post flow logs to a log group. + // The ARN for the IAM role that permits Amazon EC2 to publish flow logs to + // a CloudWatch Logs log group in your account. + // + // If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn + // or LogGroupName. DeliverLogsPermissionArn *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -34973,12 +44255,14 @@ type CreateFlowLogsInput struct { DryRun *bool `type:"boolean"` // Specifies the destination to which the flow log data is to be published. - // Flow log data can be published to an CloudWatch Logs log group or an Amazon + // Flow log data can be published to a CloudWatch Logs log group or an Amazon // S3 bucket. The value specified for this parameter depends on the value specified // for LogDestinationType. // // If LogDestinationType is not specified or cloud-watch-logs, specify the Amazon - // Resource Name (ARN) of the CloudWatch Logs log group. + // Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish + // to a log group called my-logs, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs. + // Alternatively, use LogGroupName instead. // // If LogDestinationType is s3, specify the ARN of the Amazon S3 bucket. You // can also specify a subfolder in the bucket. To specify a subfolder in the @@ -34993,25 +44277,46 @@ type CreateFlowLogsInput struct { // flow log data to CloudWatch Logs, specify cloud-watch-logs. To publish flow // log data to Amazon S3, specify s3. // + // If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn + // or LogGroupName. + // // Default: cloud-watch-logs LogDestinationType *string `type:"string" enum:"LogDestinationType"` - // The name of the log group. + // The fields to include in the flow log record, in the order in which they + // should appear. For a list of available fields, see Flow Log Records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records). + // If you omit this parameter, the flow log is created using the default format. + // If you specify this parameter, you must specify at least one field. + // + // Specify the fields using the ${field-id} format, separated by spaces. For + // the AWS CLI, use single quotation marks (' ') to surround the parameter value. + // + // Only applicable to flow logs that are published to an Amazon S3 bucket. + LogFormat *string `type:"string"` + + // The name of a new or existing CloudWatch Logs log group where Amazon EC2 + // publishes your flow logs. + // + // If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn + // or LogGroupName. LogGroupName *string `type:"string"` - // One or more subnet, network interface, or VPC IDs. + // The ID of the subnet, network interface, or VPC for which you want to create + // a flow log. // // Constraints: Maximum of 1000 resources // // ResourceIds is a required field ResourceIds []*string `locationName:"ResourceId" locationNameList:"item" type:"list" required:"true"` - // The type of resource on which to create the flow log. + // The type of resource for which to create the flow log. For example, if you + // specified a VPC ID for the ResourceId property, specify VPC for this property. // // ResourceType is a required field ResourceType *string `type:"string" required:"true" enum:"FlowLogsResourceType"` - // The type of traffic to log. + // The type of traffic to log. You can log traffic that the resource accepts + // or rejects, or all traffic. // // TrafficType is a required field TrafficType *string `type:"string" required:"true" enum:"TrafficType"` @@ -35076,6 +44381,12 @@ func (s *CreateFlowLogsInput) SetLogDestinationType(v string) *CreateFlowLogsInp return s } +// SetLogFormat sets the LogFormat field's value. +func (s *CreateFlowLogsInput) SetLogFormat(v string) *CreateFlowLogsInput { + s.LogFormat = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *CreateFlowLogsInput) SetLogGroupName(v string) *CreateFlowLogsInput { s.LogGroupName = &v @@ -35146,7 +44457,7 @@ type CreateFpgaImageInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // A description for the AFI. @@ -35169,6 +44480,9 @@ type CreateFpgaImageInput struct { // A name for the AFI. Name *string `type:"string"` + + // The tags to apply to the FPGA image during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation @@ -35230,6 +44544,12 @@ func (s *CreateFpgaImageInput) SetName(v string) *CreateFpgaImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateFpgaImageInput) SetTagSpecifications(v []*TagSpecification) *CreateFpgaImageInput { + s.TagSpecifications = v + return s +} + type CreateFpgaImageOutput struct { _ struct{} `type:"structure"` @@ -35262,13 +44582,12 @@ func (s *CreateFpgaImageOutput) SetFpgaImageId(v string) *CreateFpgaImageOutput return s } -// Contains the parameters for CreateImage. type CreateImageInput struct { _ struct{} `type:"structure"` - // Information about one or more block device mappings. This parameter cannot - // be used to modify the encryption status of existing volumes or snapshots. - // To create an AMI with encrypted snapshots, use the CopyImage action. + // The block device mappings. This parameter cannot be used to modify the encryption + // status of existing volumes or snapshots. To create an AMI with encrypted + // snapshots, use the CopyImage action. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // A description for the new image. @@ -35363,7 +44682,6 @@ func (s *CreateImageInput) SetNoReboot(v bool) *CreateImageInput { return s } -// Contains the output of CreateImage. type CreateImageOutput struct { _ struct{} `type:"structure"` @@ -35387,7 +44705,6 @@ func (s *CreateImageOutput) SetImageId(v string) *CreateImageOutput { return s } -// Contains the parameters for CreateInstanceExportTask. type CreateInstanceExportTaskInput struct { _ struct{} `type:"structure"` @@ -35454,7 +44771,6 @@ func (s *CreateInstanceExportTaskInput) SetTargetEnvironment(v string) *CreateIn return s } -// Contains the output for CreateInstanceExportTask. type CreateInstanceExportTaskOutput struct { _ struct{} `type:"structure"` @@ -35587,10 +44903,13 @@ type CreateKeyPairOutput struct { KeyFingerprint *string `locationName:"keyFingerprint" type:"string"` // An unencrypted PEM encoded RSA private key. - KeyMaterial *string `locationName:"keyMaterial" type:"string"` + KeyMaterial *string `locationName:"keyMaterial" type:"string" sensitive:"true"` // The name of the key pair. KeyName *string `locationName:"keyName" type:"string"` + + // The ID of the key pair. + KeyPairId *string `locationName:"keyPairId" type:"string"` } // String returns the string representation @@ -35621,11 +44940,19 @@ func (s *CreateKeyPairOutput) SetKeyName(v string) *CreateKeyPairOutput { return s } +// SetKeyPairId sets the KeyPairId field's value. +func (s *CreateKeyPairOutput) SetKeyPairId(v string) *CreateKeyPairOutput { + s.KeyPairId = &v + return s +} + type CreateLaunchTemplateInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -35644,6 +44971,9 @@ type CreateLaunchTemplateInput struct { // LaunchTemplateName is a required field LaunchTemplateName *string `min:"3" type:"string" required:"true"` + // The tags to apply to the launch template during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // A description for the first version of the launch template. VersionDescription *string `type:"string"` } @@ -35706,6 +45036,12 @@ func (s *CreateLaunchTemplateInput) SetLaunchTemplateName(v string) *CreateLaunc return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateLaunchTemplateInput) SetTagSpecifications(v []*TagSpecification) *CreateLaunchTemplateInput { + s.TagSpecifications = v + return s +} + // SetVersionDescription sets the VersionDescription field's value. func (s *CreateLaunchTemplateInput) SetVersionDescription(v string) *CreateLaunchTemplateInput { s.VersionDescription = &v @@ -35739,7 +45075,9 @@ type CreateLaunchTemplateVersionInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -35763,7 +45101,9 @@ type CreateLaunchTemplateVersionInput struct { // The version number of the launch template version on which to base the new // version. The new version inherits the same launch parameters as the source - // version, except for parameters that you specify in LaunchTemplateData. + // version, except for parameters that you specify in LaunchTemplateData. Snapshots + // applied to the block device mapping are ignored when creating a new version + // unless they are explicitly included. SourceVersion *string `type:"string"` // A description for the version of the launch template. @@ -35866,6 +45206,195 @@ func (s *CreateLaunchTemplateVersionOutput) SetLaunchTemplateVersion(v *LaunchTe return s } +type CreateLocalGatewayRouteInput struct { + _ struct{} `type:"structure"` + + // The CIDR range used for destination matches. Routing decisions are based + // on the most specific match. + // + // DestinationCidrBlock is a required field + DestinationCidrBlock *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the local gateway route table. + // + // LocalGatewayRouteTableId is a required field + LocalGatewayRouteTableId *string `type:"string" required:"true"` + + // The ID of the virtual interface group. + // + // LocalGatewayVirtualInterfaceGroupId is a required field + LocalGatewayVirtualInterfaceGroupId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateLocalGatewayRouteInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLocalGatewayRouteInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLocalGatewayRouteInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLocalGatewayRouteInput"} + if s.DestinationCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) + } + if s.LocalGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) + } + if s.LocalGatewayVirtualInterfaceGroupId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayVirtualInterfaceGroupId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *CreateLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *CreateLocalGatewayRouteInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateLocalGatewayRouteInput) SetDryRun(v bool) *CreateLocalGatewayRouteInput { + s.DryRun = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *CreateLocalGatewayRouteInput) SetLocalGatewayRouteTableId(v string) *CreateLocalGatewayRouteInput { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceGroupId sets the LocalGatewayVirtualInterfaceGroupId field's value. +func (s *CreateLocalGatewayRouteInput) SetLocalGatewayVirtualInterfaceGroupId(v string) *CreateLocalGatewayRouteInput { + s.LocalGatewayVirtualInterfaceGroupId = &v + return s +} + +type CreateLocalGatewayRouteOutput struct { + _ struct{} `type:"structure"` + + // Information about the route. + Route *LocalGatewayRoute `locationName:"route" type:"structure"` +} + +// String returns the string representation +func (s CreateLocalGatewayRouteOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLocalGatewayRouteOutput) GoString() string { + return s.String() +} + +// SetRoute sets the Route field's value. +func (s *CreateLocalGatewayRouteOutput) SetRoute(v *LocalGatewayRoute) *CreateLocalGatewayRouteOutput { + s.Route = v + return s +} + +type CreateLocalGatewayRouteTableVpcAssociationInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the local gateway route table. + // + // LocalGatewayRouteTableId is a required field + LocalGatewayRouteTableId *string `type:"string" required:"true"` + + // The ID of the VPC. + // + // VpcId is a required field + VpcId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateLocalGatewayRouteTableVpcAssociationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLocalGatewayRouteTableVpcAssociationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLocalGatewayRouteTableVpcAssociationInput"} + if s.LocalGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) + } + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetDryRun(v bool) *CreateLocalGatewayRouteTableVpcAssociationInput { + s.DryRun = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetLocalGatewayRouteTableId(v string) *CreateLocalGatewayRouteTableVpcAssociationInput { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationInput) SetVpcId(v string) *CreateLocalGatewayRouteTableVpcAssociationInput { + s.VpcId = &v + return s +} + +type CreateLocalGatewayRouteTableVpcAssociationOutput struct { + _ struct{} `type:"structure"` + + // Information about the association. + LocalGatewayRouteTableVpcAssociation *LocalGatewayRouteTableVpcAssociation `locationName:"localGatewayRouteTableVpcAssociation" type:"structure"` +} + +// String returns the string representation +func (s CreateLocalGatewayRouteTableVpcAssociationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateLocalGatewayRouteTableVpcAssociationOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTableVpcAssociation sets the LocalGatewayRouteTableVpcAssociation field's value. +func (s *CreateLocalGatewayRouteTableVpcAssociationOutput) SetLocalGatewayRouteTableVpcAssociation(v *LocalGatewayRouteTableVpcAssociation) *CreateLocalGatewayRouteTableVpcAssociationOutput { + s.LocalGatewayRouteTableVpcAssociation = v + return s +} + type CreateNatGatewayInput struct { _ struct{} `type:"structure"` @@ -35877,7 +45406,7 @@ type CreateNatGatewayInput struct { AllocationId *string `type:"string" required:"true"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string"` @@ -36223,6 +45752,11 @@ type CreateNetworkInterfaceInput struct { // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + // Indicates the type of network interface. To create an Elastic Fabric Adapter + // (EFA), specify efa. For more information, see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) + // in the Amazon Elastic Compute Cloud User Guide. + InterfaceType *string `type:"string" enum:"NetworkInterfaceCreationType"` + // The number of IPv6 addresses to assign to a network interface. Amazon EC2 // automatically selects the IPv6 addresses from the subnet range. You can't // use this option if specifying specific IPv6 addresses. If your subnet has @@ -36251,7 +45785,7 @@ type CreateNetworkInterfaceInput struct { // // The number of IP addresses you can assign to a network interface varies by // instance type. For more information, see IP Addresses Per ENI Per Instance - // Type (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) + // Type (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI) // in the Amazon Virtual Private Cloud User Guide. SecondaryPrivateIpAddressCount *int64 `locationName:"secondaryPrivateIpAddressCount" type:"integer"` @@ -36302,6 +45836,12 @@ func (s *CreateNetworkInterfaceInput) SetGroups(v []*string) *CreateNetworkInter return s } +// SetInterfaceType sets the InterfaceType field's value. +func (s *CreateNetworkInterfaceInput) SetInterfaceType(v string) *CreateNetworkInterfaceInput { + s.InterfaceType = &v + return s +} + // SetIpv6AddressCount sets the Ipv6AddressCount field's value. func (s *CreateNetworkInterfaceInput) SetIpv6AddressCount(v int64) *CreateNetworkInterfaceInput { s.Ipv6AddressCount = &v @@ -36545,7 +46085,7 @@ type CreateReservedInstancesListingInput struct { // Unique, case-sensitive identifier you provide to ensure idempotency of your // listings. This helps avoid duplicate listings. For more information, see - // Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // ClientToken is a required field ClientToken *string `locationName:"clientToken" type:"string" required:"true"` @@ -36678,6 +46218,9 @@ type CreateRouteInput struct { // an instance ID unless exactly one network interface is attached. InstanceId *string `locationName:"instanceId" type:"string"` + // The ID of the local gateway. + LocalGatewayId *string `type:"string"` + // [IPv4 traffic only] The ID of a NAT gateway. NatGatewayId *string `locationName:"natGatewayId" type:"string"` @@ -36755,6 +46298,12 @@ func (s *CreateRouteInput) SetInstanceId(v string) *CreateRouteInput { return s } +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *CreateRouteInput) SetLocalGatewayId(v string) *CreateRouteInput { + s.LocalGatewayId = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *CreateRouteInput) SetNatGatewayId(v string) *CreateRouteInput { s.NatGatewayId = &v @@ -36989,7 +46538,6 @@ func (s *CreateSecurityGroupOutput) SetGroupId(v string) *CreateSecurityGroupOut return s } -// Contains the parameters for CreateSnapshot. type CreateSnapshotInput struct { _ struct{} `type:"structure"` @@ -37058,6 +46606,106 @@ func (s *CreateSnapshotInput) SetVolumeId(v string) *CreateSnapshotInput { return s } +type CreateSnapshotsInput struct { + _ struct{} `type:"structure"` + + // Copies the tags from the specified volume to corresponding snapshot. + CopyTagsFromSource *string `type:"string" enum:"CopyTagsFromSource"` + + // A description propagated to every snapshot specified by the instance. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The instance to specify which volumes should be included in the snapshots. + // + // InstanceSpecification is a required field + InstanceSpecification *InstanceSpecification `type:"structure" required:"true"` + + // Tags to apply to every snapshot specified by the instance. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateSnapshotsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateSnapshotsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSnapshotsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSnapshotsInput"} + if s.InstanceSpecification == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceSpecification")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCopyTagsFromSource sets the CopyTagsFromSource field's value. +func (s *CreateSnapshotsInput) SetCopyTagsFromSource(v string) *CreateSnapshotsInput { + s.CopyTagsFromSource = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateSnapshotsInput) SetDescription(v string) *CreateSnapshotsInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateSnapshotsInput) SetDryRun(v bool) *CreateSnapshotsInput { + s.DryRun = &v + return s +} + +// SetInstanceSpecification sets the InstanceSpecification field's value. +func (s *CreateSnapshotsInput) SetInstanceSpecification(v *InstanceSpecification) *CreateSnapshotsInput { + s.InstanceSpecification = v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateSnapshotsInput) SetTagSpecifications(v []*TagSpecification) *CreateSnapshotsInput { + s.TagSpecifications = v + return s +} + +type CreateSnapshotsOutput struct { + _ struct{} `type:"structure"` + + // List of snapshots. + Snapshots []*SnapshotInfo `locationName:"snapshotSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateSnapshotsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateSnapshotsOutput) GoString() string { + return s.String() +} + +// SetSnapshots sets the Snapshots field's value. +func (s *CreateSnapshotsOutput) SetSnapshots(v []*SnapshotInfo) *CreateSnapshotsOutput { + s.Snapshots = v + return s +} + // Contains the parameters for CreateSpotDatafeedSubscription. type CreateSpotDatafeedSubscriptionInput struct { _ struct{} `type:"structure"` @@ -37145,13 +46793,18 @@ func (s *CreateSpotDatafeedSubscriptionOutput) SetSpotDatafeedSubscription(v *Sp type CreateSubnetInput struct { _ struct{} `type:"structure"` - // The Availability Zone for the subnet. + // The Availability Zone or Local Zone for the subnet. // // Default: AWS selects one for you. If you create more than one subnet in your - // VPC, we may not necessarily select a different zone for each subnet. + // VPC, we do not necessarily select a different zone for each subnet. + // + // To create a subnet in a Local Zone, set this value to the Local Zone ID, + // for example us-west-2-lax-1a. For information about the Regions that support + // Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) + // in the Amazon Elastic Compute Cloud User Guide. AvailabilityZone *string `type:"string"` - // The AZ ID of the subnet. + // The AZ ID or the Local Zone ID of the subnet. AvailabilityZoneId *string `type:"string"` // The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24. @@ -37169,6 +46822,9 @@ type CreateSubnetInput struct { // must use a /64 prefix length. Ipv6CidrBlock *string `type:"string"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `type:"string"` + // The ID of the VPC. // // VpcId is a required field @@ -37231,6 +46887,12 @@ func (s *CreateSubnetInput) SetIpv6CidrBlock(v string) *CreateSubnetInput { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *CreateSubnetInput) SetOutpostArn(v string) *CreateSubnetInput { + s.OutpostArn = &v + return s +} + // SetVpcId sets the VpcId field's value. func (s *CreateSubnetInput) SetVpcId(v string) *CreateSubnetInput { s.VpcId = &v @@ -37269,7 +46931,7 @@ type CreateTagsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The IDs of one or more resources, separated by spaces. + // The IDs of the resources, separated by spaces. // // Constraints: Up to 1000 resource IDs. We recommend breaking up this request // into smaller batches. @@ -37277,9 +46939,9 @@ type CreateTagsInput struct { // Resources is a required field Resources []*string `locationName:"ResourceId" type:"list" required:"true"` - // One or more tags. The value parameter is required, but if you don't want - // the tag to have a value, specify the parameter with no value, and we set - // the value to an empty string. + // The tags. The value parameter is required, but if you don't want the tag + // to have a value, specify the parameter with no value, and we set the value + // to an empty string. // // Tags is a required field Tags []*Tag `locationName:"Tag" locationNameList:"item" type:"list" required:"true"` @@ -37343,6 +47005,588 @@ func (s CreateTagsOutput) GoString() string { return s.String() } +type CreateTrafficMirrorFilterInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror filter. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tags to assign to a Traffic Mirror filter. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterInput) SetClientToken(v string) *CreateTrafficMirrorFilterInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorFilterInput) SetDescription(v string) *CreateTrafficMirrorFilterInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorFilterInput) SetDryRun(v bool) *CreateTrafficMirrorFilterInput { + s.DryRun = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorFilterInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorFilterInput { + s.TagSpecifications = v + return s +} + +type CreateTrafficMirrorFilterOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror filter. + TrafficMirrorFilter *TrafficMirrorFilter `locationName:"trafficMirrorFilter" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterOutput) SetClientToken(v string) *CreateTrafficMirrorFilterOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorFilter sets the TrafficMirrorFilter field's value. +func (s *CreateTrafficMirrorFilterOutput) SetTrafficMirrorFilter(v *TrafficMirrorFilter) *CreateTrafficMirrorFilterOutput { + s.TrafficMirrorFilter = v + return s +} + +type CreateTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror rule. + Description *string `type:"string"` + + // The destination CIDR block to assign to the Traffic Mirror rule. + // + // DestinationCidrBlock is a required field + DestinationCidrBlock *string `type:"string" required:"true"` + + // The destination port range. + DestinationPortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The protocol, for example UDP, to assign to the Traffic Mirror rule. + // + // For information about the protocol value, see Protocol Numbers (https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) + // on the Internet Assigned Numbers Authority (IANA) website. + Protocol *int64 `type:"integer"` + + // The action to take (accept | reject) on the filtered traffic. + // + // RuleAction is a required field + RuleAction *string `type:"string" required:"true" enum:"TrafficMirrorRuleAction"` + + // The number of the Traffic Mirror rule. This number must be unique for each + // Traffic Mirror rule in a given direction. The rules are processed in ascending + // order by rule number. + // + // RuleNumber is a required field + RuleNumber *int64 `type:"integer" required:"true"` + + // The source CIDR block to assign to the Traffic Mirror rule. + // + // SourceCidrBlock is a required field + SourceCidrBlock *string `type:"string" required:"true"` + + // The source port range. + SourcePortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // The type of traffic (ingress | egress). + // + // TrafficDirection is a required field + TrafficDirection *string `type:"string" required:"true" enum:"TrafficDirection"` + + // The ID of the filter that this rule is associated with. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTrafficMirrorFilterRuleInput"} + if s.DestinationCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) + } + if s.RuleAction == nil { + invalidParams.Add(request.NewErrParamRequired("RuleAction")) + } + if s.RuleNumber == nil { + invalidParams.Add(request.NewErrParamRequired("RuleNumber")) + } + if s.SourceCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("SourceCidrBlock")) + } + if s.TrafficDirection == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficDirection")) + } + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetClientToken(v string) *CreateTrafficMirrorFilterRuleInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDescription(v string) *CreateTrafficMirrorFilterRuleInput { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDestinationCidrBlock(v string) *CreateTrafficMirrorFilterRuleInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDestinationPortRange(v *TrafficMirrorPortRangeRequest) *CreateTrafficMirrorFilterRuleInput { + s.DestinationPortRange = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDryRun(v bool) *CreateTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetProtocol(v int64) *CreateTrafficMirrorFilterRuleInput { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetRuleAction(v string) *CreateTrafficMirrorFilterRuleInput { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetRuleNumber(v int64) *CreateTrafficMirrorFilterRuleInput { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetSourceCidrBlock(v string) *CreateTrafficMirrorFilterRuleInput { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetSourcePortRange(v *TrafficMirrorPortRangeRequest) *CreateTrafficMirrorFilterRuleInput { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetTrafficDirection(v string) *CreateTrafficMirrorFilterRuleInput { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterId(v string) *CreateTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterId = &v + return s +} + +type CreateTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // The Traffic Mirror rule. + TrafficMirrorFilterRule *TrafficMirrorFilterRule `locationName:"trafficMirrorFilterRule" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterRuleOutput) SetClientToken(v string) *CreateTrafficMirrorFilterRuleOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorFilterRule sets the TrafficMirrorFilterRule field's value. +func (s *CreateTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRule(v *TrafficMirrorFilterRule) *CreateTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRule = v + return s +} + +type CreateTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror session. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the source network interface. + // + // NetworkInterfaceId is a required field + NetworkInterfaceId *string `type:"string" required:"true"` + + // The number of bytes in each packet to mirror. These are bytes after the VXLAN + // header. Do not specify this parameter when you want to mirror the entire + // packet. To mirror a subset of the packet, set this to the length (in bytes) + // that you want to mirror. For example, if you set this value to 100, then + // the first 100 bytes that meet the filter criteria are copied to the target. + // + // If you do not want to mirror the entire packet, use the PacketLength parameter + // to specify the number of bytes in each packet to mirror. + PacketLength *int64 `type:"integer"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + // + // SessionNumber is a required field + SessionNumber *int64 `type:"integer" required:"true"` + + // The tags to assign to a Traffic Mirror session. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` + + // The ID of the Traffic Mirror target. + // + // TrafficMirrorTargetId is a required field + TrafficMirrorTargetId *string `type:"string" required:"true"` + + // The VXLAN ID for the Traffic Mirror session. For more information about the + // VXLAN protocol, see RFC 7348 (https://tools.ietf.org/html/rfc7348). If you + // do not specify a VirtualNetworkId, an account-wide unique id is chosen at + // random. + VirtualNetworkId *int64 `type:"integer"` +} + +// String returns the string representation +func (s CreateTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTrafficMirrorSessionInput"} + if s.NetworkInterfaceId == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceId")) + } + if s.SessionNumber == nil { + invalidParams.Add(request.NewErrParamRequired("SessionNumber")) + } + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + if s.TrafficMirrorTargetId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorTargetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorSessionInput) SetClientToken(v string) *CreateTrafficMirrorSessionInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorSessionInput) SetDescription(v string) *CreateTrafficMirrorSessionInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorSessionInput) SetDryRun(v bool) *CreateTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *CreateTrafficMirrorSessionInput) SetNetworkInterfaceId(v string) *CreateTrafficMirrorSessionInput { + s.NetworkInterfaceId = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *CreateTrafficMirrorSessionInput) SetPacketLength(v int64) *CreateTrafficMirrorSessionInput { + s.PacketLength = &v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *CreateTrafficMirrorSessionInput) SetSessionNumber(v int64) *CreateTrafficMirrorSessionInput { + s.SessionNumber = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorSessionInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorSessionInput { + s.TagSpecifications = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *CreateTrafficMirrorSessionInput) SetTrafficMirrorFilterId(v string) *CreateTrafficMirrorSessionInput { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *CreateTrafficMirrorSessionInput) SetTrafficMirrorTargetId(v string) *CreateTrafficMirrorSessionInput { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *CreateTrafficMirrorSessionInput) SetVirtualNetworkId(v int64) *CreateTrafficMirrorSessionInput { + s.VirtualNetworkId = &v + return s +} + +type CreateTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror session. + TrafficMirrorSession *TrafficMirrorSession `locationName:"trafficMirrorSession" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorSessionOutput) SetClientToken(v string) *CreateTrafficMirrorSessionOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorSession sets the TrafficMirrorSession field's value. +func (s *CreateTrafficMirrorSessionOutput) SetTrafficMirrorSession(v *TrafficMirrorSession) *CreateTrafficMirrorSessionOutput { + s.TrafficMirrorSession = v + return s +} + +type CreateTrafficMirrorTargetInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror target. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The network interface ID that is associated with the target. + NetworkInterfaceId *string `type:"string"` + + // The Amazon Resource Name (ARN) of the Network Load Balancer that is associated + // with the target. + NetworkLoadBalancerArn *string `type:"string"` + + // The tags to assign to the Traffic Mirror target. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateTrafficMirrorTargetInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorTargetInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorTargetInput) SetClientToken(v string) *CreateTrafficMirrorTargetInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorTargetInput) SetDescription(v string) *CreateTrafficMirrorTargetInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorTargetInput) SetDryRun(v bool) *CreateTrafficMirrorTargetInput { + s.DryRun = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *CreateTrafficMirrorTargetInput) SetNetworkInterfaceId(v string) *CreateTrafficMirrorTargetInput { + s.NetworkInterfaceId = &v + return s +} + +// SetNetworkLoadBalancerArn sets the NetworkLoadBalancerArn field's value. +func (s *CreateTrafficMirrorTargetInput) SetNetworkLoadBalancerArn(v string) *CreateTrafficMirrorTargetInput { + s.NetworkLoadBalancerArn = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorTargetInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorTargetInput { + s.TagSpecifications = v + return s +} + +type CreateTrafficMirrorTargetOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror target. + TrafficMirrorTarget *TrafficMirrorTarget `locationName:"trafficMirrorTarget" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorTargetOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorTargetOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorTargetOutput) SetClientToken(v string) *CreateTrafficMirrorTargetOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorTarget sets the TrafficMirrorTarget field's value. +func (s *CreateTrafficMirrorTargetOutput) SetTrafficMirrorTarget(v *TrafficMirrorTarget) *CreateTrafficMirrorTargetOutput { + s.TrafficMirrorTarget = v + return s +} + type CreateTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -37396,6 +47640,88 @@ func (s *CreateTransitGatewayInput) SetTagSpecifications(v []*TagSpecification) return s } +type CreateTransitGatewayMulticastDomainInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tags for the transit gateway multicast domain. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the transit gateway. + // + // TransitGatewayId is a required field + TransitGatewayId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTransitGatewayMulticastDomainInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayMulticastDomainInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayMulticastDomainInput"} + if s.TransitGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *CreateTransitGatewayMulticastDomainInput { + s.DryRun = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTransitGatewayMulticastDomainInput) SetTagSpecifications(v []*TagSpecification) *CreateTransitGatewayMulticastDomainInput { + s.TagSpecifications = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *CreateTransitGatewayMulticastDomainInput) SetTransitGatewayId(v string) *CreateTransitGatewayMulticastDomainInput { + s.TransitGatewayId = &v + return s +} + +type CreateTransitGatewayMulticastDomainOutput struct { + _ struct{} `type:"structure"` + + // Information about the transit gateway multicast domain. + TransitGatewayMulticastDomain *TransitGatewayMulticastDomain `locationName:"transitGatewayMulticastDomain" type:"structure"` +} + +// String returns the string representation +func (s CreateTransitGatewayMulticastDomainOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayMulticastDomainOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayMulticastDomain sets the TransitGatewayMulticastDomain field's value. +func (s *CreateTransitGatewayMulticastDomainOutput) SetTransitGatewayMulticastDomain(v *TransitGatewayMulticastDomain) *CreateTransitGatewayMulticastDomainOutput { + s.TransitGatewayMulticastDomain = v + return s +} + type CreateTransitGatewayOutput struct { _ struct{} `type:"structure"` @@ -37419,10 +47745,134 @@ func (s *CreateTransitGatewayOutput) SetTransitGateway(v *TransitGateway) *Creat return s } +type CreateTransitGatewayPeeringAttachmentInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The AWS account ID of the owner of the peer transit gateway. + // + // PeerAccountId is a required field + PeerAccountId *string `type:"string" required:"true"` + + // The Region where the peer transit gateway is located. + // + // PeerRegion is a required field + PeerRegion *string `type:"string" required:"true"` + + // The ID of the peer transit gateway with which to create the peering attachment. + // + // PeerTransitGatewayId is a required field + PeerTransitGatewayId *string `type:"string" required:"true"` + + // The tags to apply to the transit gateway peering attachment. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the transit gateway. + // + // TransitGatewayId is a required field + TransitGatewayId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTransitGatewayPeeringAttachmentInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayPeeringAttachmentInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTransitGatewayPeeringAttachmentInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTransitGatewayPeeringAttachmentInput"} + if s.PeerAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("PeerAccountId")) + } + if s.PeerRegion == nil { + invalidParams.Add(request.NewErrParamRequired("PeerRegion")) + } + if s.PeerTransitGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("PeerTransitGatewayId")) + } + if s.TransitGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetDryRun(v bool) *CreateTransitGatewayPeeringAttachmentInput { + s.DryRun = &v + return s +} + +// SetPeerAccountId sets the PeerAccountId field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetPeerAccountId(v string) *CreateTransitGatewayPeeringAttachmentInput { + s.PeerAccountId = &v + return s +} + +// SetPeerRegion sets the PeerRegion field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetPeerRegion(v string) *CreateTransitGatewayPeeringAttachmentInput { + s.PeerRegion = &v + return s +} + +// SetPeerTransitGatewayId sets the PeerTransitGatewayId field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetPeerTransitGatewayId(v string) *CreateTransitGatewayPeeringAttachmentInput { + s.PeerTransitGatewayId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetTagSpecifications(v []*TagSpecification) *CreateTransitGatewayPeeringAttachmentInput { + s.TagSpecifications = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *CreateTransitGatewayPeeringAttachmentInput) SetTransitGatewayId(v string) *CreateTransitGatewayPeeringAttachmentInput { + s.TransitGatewayId = &v + return s +} + +type CreateTransitGatewayPeeringAttachmentOutput struct { + _ struct{} `type:"structure"` + + // The transit gateway peering attachment. + TransitGatewayPeeringAttachment *TransitGatewayPeeringAttachment `locationName:"transitGatewayPeeringAttachment" type:"structure"` +} + +// String returns the string representation +func (s CreateTransitGatewayPeeringAttachmentOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTransitGatewayPeeringAttachmentOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPeeringAttachment sets the TransitGatewayPeeringAttachment field's value. +func (s *CreateTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAttachment(v *TransitGatewayPeeringAttachment) *CreateTransitGatewayPeeringAttachmentOutput { + s.TransitGatewayPeeringAttachment = v + return s +} + type CreateTransitGatewayRouteInput struct { _ struct{} `type:"structure"` - // Indicates whether traffic matching this route is to be dropped. + // Indicates whether to drop traffic that matches this route. Blackhole *bool `type:"boolean"` // The CIDR range used for destination matches. Routing decisions are based @@ -37762,12 +48212,10 @@ func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Contains the parameters for CreateVolume. type CreateVolumeInput struct { _ struct{} `type:"structure"` - // The Availability Zone in which to create the volume. Use DescribeAvailabilityZones - // to list the Availability Zones that are currently available to you. + // The Availability Zone in which to create the volume. // // AvailabilityZone is a required field AvailabilityZone *string `type:"string" required:"true"` @@ -37778,53 +48226,50 @@ type CreateVolumeInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Specifies whether the volume should be encrypted. Encrypted Amazon EBS volumes - // may only be attached to instances that support Amazon EBS encryption. Volumes - // that are created from encrypted snapshots are automatically encrypted. There - // is no way to create an encrypted volume from an unencrypted snapshot or vice - // versa. If your AMI uses encrypted volumes, you can only launch it on supported - // instance types. For more information, see Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // Specifies whether the volume should be encrypted. The effect of setting the + // encryption state to true depends on the volume origin (new or from a snapshot), + // starting encryption state, ownership, and whether encryption by default is + // enabled. For more information, see Encryption by Default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) // in the Amazon Elastic Compute Cloud User Guide. + // + // Encrypted Amazon EBS volumes must be attached to instances that support Amazon + // EBS encryption. For more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) to provision for the volume, // with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000 IOPS for volumes - // in most regions. Maximum IOPS of 64,000 is guaranteed only on Nitro-based - // instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // in most Regions. Maximum IOPS of 64,000 is guaranteed only on Nitro-based + // instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // This parameter is valid only for Provisioned IOPS SSD (io1) volumes. Iops *int64 `type:"integer"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted volume. This parameter is only - // required if you want to use a non-default CMK; if this parameter is not specified, - // the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted - // flag must also be set. + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. // - // The CMK identifier may be provided in any of the following formats: + // You can specify the CMK using any of the following: // - // * Key ID + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key alias + // * Key alias. For example, alias/ExampleAlias. // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. - // - // - // AWS parses KmsKeyId asynchronously, meaning that the action you call may - // appear to complete even though you provided an invalid identifier. The action - // will eventually fail. + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. KmsKeyId *string `type:"string"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `type:"string"` + // The size of the volume, in GiBs. // // Constraints: 1-16,384 for gp2, 4-16,384 for io1, 500-16,384 for st1, 500-16,384 @@ -37833,9 +48278,13 @@ type CreateVolumeInput struct { // // Default: If you're creating the volume from a snapshot and don't specify // a volume size, the default is the snapshot size. + // + // At least one of Size or SnapshotId is required. Size *int64 `type:"integer"` // The snapshot from which to create the volume. + // + // At least one of Size or SnapshotId are required. SnapshotId *string `type:"string"` // The tags to apply to the volume during creation. @@ -37845,10 +48294,7 @@ type CreateVolumeInput struct { // IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard // for Magnetic volumes. // - // Defaults: If no volume type is specified, the default is standard in us-east-1, - // eu-west-1, eu-central-1, us-west-2, us-west-1, sa-east-1, ap-northeast-1, - // ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, us-gov-west-1, - // and cn-north-1. In all other regions, EBS defaults to gp2. + // Default: gp2 VolumeType *string `type:"string" enum:"VolumeType"` } @@ -37905,6 +48351,12 @@ func (s *CreateVolumeInput) SetKmsKeyId(v string) *CreateVolumeInput { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *CreateVolumeInput) SetOutpostArn(v string) *CreateVolumeInput { + s.OutpostArn = &v + return s +} + // SetSize sets the Size field's value. func (s *CreateVolumeInput) SetSize(v int64) *CreateVolumeInput { s.Size = &v @@ -37929,17 +48381,15 @@ func (s *CreateVolumeInput) SetVolumeType(v string) *CreateVolumeInput { return s } -// Describes the user or group to be added or removed from the permissions for -// a volume. +// Describes the user or group to be added or removed from the list of create +// volume permissions for a volume. type CreateVolumePermission struct { _ struct{} `type:"structure"` - // The specific group that is to be added or removed from a volume's list of - // create volume permissions. + // The group to be added or removed. The possible value is all. Group *string `locationName:"group" type:"string" enum:"PermissionGroup"` - // The specific AWS account ID that is to be added or removed from a volume's - // list of create volume permissions. + // The AWS account ID to be added or removed. UserId *string `locationName:"userId" type:"string"` } @@ -37965,16 +48415,14 @@ func (s *CreateVolumePermission) SetUserId(v string) *CreateVolumePermission { return s } -// Describes modifications to the permissions for a volume. +// Describes modifications to the list of create volume permissions for a volume. type CreateVolumePermissionModifications struct { _ struct{} `type:"structure"` - // Adds a specific AWS account ID or group to a volume's list of create volume - // permissions. + // Adds the specified AWS account ID or group to the list. Add []*CreateVolumePermission `locationNameList:"item" type:"list"` - // Removes a specific AWS account ID or group from a volume's list of create - // volume permissions. + // Removes the specified AWS account ID or group from the list. Remove []*CreateVolumePermission `locationNameList:"item" type:"list"` } @@ -38003,8 +48451,8 @@ func (s *CreateVolumePermissionModifications) SetRemove(v []*CreateVolumePermiss type CreateVpcEndpointConnectionNotificationInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // One or more endpoint events for which to receive notifications. Valid values @@ -38096,8 +48544,8 @@ func (s *CreateVpcEndpointConnectionNotificationInput) SetVpcEndpointId(v string type CreateVpcEndpointConnectionNotificationOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. ClientToken *string `locationName:"clientToken" type:"string"` // Information about the notification. @@ -38130,8 +48578,8 @@ func (s *CreateVpcEndpointConnectionNotificationOutput) SetConnectionNotificatio type CreateVpcEndpointInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -38140,16 +48588,15 @@ type CreateVpcEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // (Gateway endpoint) A policy to attach to the endpoint that controls access - // to the service. The policy must be in valid JSON format. If this parameter - // is not specified, we attach a default policy that allows full access to the - // service. + // A policy to attach to the endpoint that controls access to the service. The + // policy must be in valid JSON format. If this parameter is not specified, + // we attach a default policy that allows full access to the service. PolicyDocument *string `type:"string"` - // (Interface endpoint) Indicate whether to associate a private hosted zone + // (Interface endpoint) Indicates whether to associate a private hosted zone // with the specified VPC. The private hosted zone contains a record set for - // the default public DNS name for the service for the region (for example, - // kinesis.us-east-1.amazonaws.com) which resolves to the private IP addresses + // the default public DNS name for the service for the Region (for example, + // kinesis.us-east-1.amazonaws.com), which resolves to the private IP addresses // of the endpoint network interfaces in the VPC. This enables you to make requests // to the default public DNS name for the service instead of the public DNS // names that are automatically generated by the VPC endpoint service. @@ -38158,7 +48605,7 @@ type CreateVpcEndpointInput struct { // true: enableDnsHostnames and enableDnsSupport. Use ModifyVpcAttribute to // set the VPC attributes. // - // Default: false + // Default: true PrivateDnsEnabled *bool `type:"boolean"` // (Gateway endpoint) One or more route table IDs. @@ -38279,8 +48726,8 @@ func (s *CreateVpcEndpointInput) SetVpcId(v string) *CreateVpcEndpointInput { type CreateVpcEndpointOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. ClientToken *string `locationName:"clientToken" type:"string"` // Information about the endpoint. @@ -38312,12 +48759,12 @@ func (s *CreateVpcEndpointOutput) SetVpcEndpoint(v *VpcEndpoint) *CreateVpcEndpo type CreateVpcEndpointServiceConfigurationInput struct { _ struct{} `type:"structure"` - // Indicate whether requests from service consumers to create an endpoint to + // Indicates whether requests from service consumers to create an endpoint to // your service must be accepted. To accept a request, use AcceptVpcEndpointConnections. AcceptanceRequired *bool `type:"boolean"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -38331,6 +48778,9 @@ type CreateVpcEndpointServiceConfigurationInput struct { // // NetworkLoadBalancerArns is a required field NetworkLoadBalancerArns []*string `locationName:"NetworkLoadBalancerArn" locationNameList:"item" type:"list" required:"true"` + + // The private DNS name to assign to the VPC endpoint service. + PrivateDnsName *string `type:"string"` } // String returns the string representation @@ -38380,11 +48830,17 @@ func (s *CreateVpcEndpointServiceConfigurationInput) SetNetworkLoadBalancerArns( return s } +// SetPrivateDnsName sets the PrivateDnsName field's value. +func (s *CreateVpcEndpointServiceConfigurationInput) SetPrivateDnsName(v string) *CreateVpcEndpointServiceConfigurationInput { + s.PrivateDnsName = &v + return s +} + type CreateVpcEndpointServiceConfigurationOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. ClientToken *string `locationName:"clientToken" type:"string"` // Information about the service configuration. @@ -38443,6 +48899,12 @@ type CreateVpcInput struct { // // Default: default InstanceTenancy *string `locationName:"instanceTenancy" type:"string" enum:"Tenancy"` + + // The name of the location from which we advertise the IPV6 CIDR block. Use + // this parameter to limit the address to this location. + // + // You must set AmazonProvidedIpv6CidrBlock to true to use this parameter. + Ipv6CidrBlockNetworkBorderGroup *string `type:"string"` } // String returns the string representation @@ -38492,6 +48954,12 @@ func (s *CreateVpcInput) SetInstanceTenancy(v string) *CreateVpcInput { return s } +// SetIpv6CidrBlockNetworkBorderGroup sets the Ipv6CidrBlockNetworkBorderGroup field's value. +func (s *CreateVpcInput) SetIpv6CidrBlockNetworkBorderGroup(v string) *CreateVpcInput { + s.Ipv6CidrBlockNetworkBorderGroup = &v + return s +} + type CreateVpcOutput struct { _ struct{} `type:"structure"` @@ -38529,10 +48997,10 @@ type CreateVpcPeeringConnectionInput struct { // Default: Your AWS account ID PeerOwnerId *string `locationName:"peerOwnerId" type:"string"` - // The region code for the accepter VPC, if the accepter VPC is located in a - // region other than the region in which you make the request. + // The Region code for the accepter VPC, if the accepter VPC is located in a + // Region other than the Region in which you make the request. // - // Default: The region in which you make the request. + // Default: The Region in which you make the request. PeerRegion *string `type:"string"` // The ID of the VPC with which you are creating the VPC peering connection. @@ -38961,9 +49429,15 @@ type CustomerGateway struct { // (ASN). BgpAsn *string `locationName:"bgpAsn" type:"string"` + // The Amazon Resource Name (ARN) for the customer gateway certificate. + CertificateArn *string `locationName:"certificateArn" type:"string"` + // The ID of the customer gateway. CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` + // The name of customer gateway device. + DeviceName *string `locationName:"deviceName" type:"string"` + // The Internet-routable IP address of the customer gateway's outside interface. IpAddress *string `locationName:"ipAddress" type:"string"` @@ -38994,12 +49468,24 @@ func (s *CustomerGateway) SetBgpAsn(v string) *CustomerGateway { return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *CustomerGateway) SetCertificateArn(v string) *CustomerGateway { + s.CertificateArn = &v + return s +} + // SetCustomerGatewayId sets the CustomerGatewayId field's value. func (s *CustomerGateway) SetCustomerGatewayId(v string) *CustomerGateway { s.CustomerGatewayId = &v return s } +// SetDeviceName sets the DeviceName field's value. +func (s *CustomerGateway) SetDeviceName(v string) *CustomerGateway { + s.DeviceName = &v + return s +} + // SetIpAddress sets the IpAddress field's value. func (s *CustomerGateway) SetIpAddress(v string) *CustomerGateway { s.IpAddress = &v @@ -39611,6 +50097,8 @@ type DeleteFlowLogsInput struct { // One or more flow log IDs. // + // Constraint: Maximum of 1000 flow log IDs. + // // FlowLogIds is a required field FlowLogIds []*string `locationName:"FlowLogId" locationNameList:"item" type:"list" required:"true"` } @@ -40154,6 +50642,166 @@ func (s *DeleteLaunchTemplateVersionsResponseSuccessItem) SetVersionNumber(v int return s } +type DeleteLocalGatewayRouteInput struct { + _ struct{} `type:"structure"` + + // The CIDR range for the route. This must match the CIDR for the route exactly. + // + // DestinationCidrBlock is a required field + DestinationCidrBlock *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the local gateway route table. + // + // LocalGatewayRouteTableId is a required field + LocalGatewayRouteTableId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteLocalGatewayRouteInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLocalGatewayRouteInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLocalGatewayRouteInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLocalGatewayRouteInput"} + if s.DestinationCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) + } + if s.LocalGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *DeleteLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *DeleteLocalGatewayRouteInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteLocalGatewayRouteInput) SetDryRun(v bool) *DeleteLocalGatewayRouteInput { + s.DryRun = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *DeleteLocalGatewayRouteInput) SetLocalGatewayRouteTableId(v string) *DeleteLocalGatewayRouteInput { + s.LocalGatewayRouteTableId = &v + return s +} + +type DeleteLocalGatewayRouteOutput struct { + _ struct{} `type:"structure"` + + // Information about the route. + Route *LocalGatewayRoute `locationName:"route" type:"structure"` +} + +// String returns the string representation +func (s DeleteLocalGatewayRouteOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLocalGatewayRouteOutput) GoString() string { + return s.String() +} + +// SetRoute sets the Route field's value. +func (s *DeleteLocalGatewayRouteOutput) SetRoute(v *LocalGatewayRoute) *DeleteLocalGatewayRouteOutput { + s.Route = v + return s +} + +type DeleteLocalGatewayRouteTableVpcAssociationInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the association. + // + // LocalGatewayRouteTableVpcAssociationId is a required field + LocalGatewayRouteTableVpcAssociationId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteLocalGatewayRouteTableVpcAssociationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLocalGatewayRouteTableVpcAssociationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLocalGatewayRouteTableVpcAssociationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLocalGatewayRouteTableVpcAssociationInput"} + if s.LocalGatewayRouteTableVpcAssociationId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableVpcAssociationId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteLocalGatewayRouteTableVpcAssociationInput) SetDryRun(v bool) *DeleteLocalGatewayRouteTableVpcAssociationInput { + s.DryRun = &v + return s +} + +// SetLocalGatewayRouteTableVpcAssociationId sets the LocalGatewayRouteTableVpcAssociationId field's value. +func (s *DeleteLocalGatewayRouteTableVpcAssociationInput) SetLocalGatewayRouteTableVpcAssociationId(v string) *DeleteLocalGatewayRouteTableVpcAssociationInput { + s.LocalGatewayRouteTableVpcAssociationId = &v + return s +} + +type DeleteLocalGatewayRouteTableVpcAssociationOutput struct { + _ struct{} `type:"structure"` + + // Information about the association. + LocalGatewayRouteTableVpcAssociation *LocalGatewayRouteTableVpcAssociation `locationName:"localGatewayRouteTableVpcAssociation" type:"structure"` +} + +// String returns the string representation +func (s DeleteLocalGatewayRouteTableVpcAssociationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteLocalGatewayRouteTableVpcAssociationOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTableVpcAssociation sets the LocalGatewayRouteTableVpcAssociation field's value. +func (s *DeleteLocalGatewayRouteTableVpcAssociationOutput) SetLocalGatewayRouteTableVpcAssociation(v *LocalGatewayRouteTableVpcAssociation) *DeleteLocalGatewayRouteTableVpcAssociationOutput { + s.LocalGatewayRouteTableVpcAssociation = v + return s +} + type DeleteNatGatewayInput struct { _ struct{} `type:"structure"` @@ -40585,6 +51233,125 @@ func (s DeletePlacementGroupOutput) GoString() string { return s.String() } +// Describes the error for a Reserved Instance whose queued purchase could not +// be deleted. +type DeleteQueuedReservedInstancesError struct { + _ struct{} `type:"structure"` + + // The error code. + Code *string `locationName:"code" type:"string" enum:"DeleteQueuedReservedInstancesErrorCode"` + + // The error message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *DeleteQueuedReservedInstancesError) SetCode(v string) *DeleteQueuedReservedInstancesError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *DeleteQueuedReservedInstancesError) SetMessage(v string) *DeleteQueuedReservedInstancesError { + s.Message = &v + return s +} + +type DeleteQueuedReservedInstancesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the Reserved Instances. + // + // ReservedInstancesIds is a required field + ReservedInstancesIds []*string `locationName:"ReservedInstancesId" locationNameList:"item" min:"1" type:"list" required:"true"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteQueuedReservedInstancesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteQueuedReservedInstancesInput"} + if s.ReservedInstancesIds == nil { + invalidParams.Add(request.NewErrParamRequired("ReservedInstancesIds")) + } + if s.ReservedInstancesIds != nil && len(s.ReservedInstancesIds) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ReservedInstancesIds", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteQueuedReservedInstancesInput) SetDryRun(v bool) *DeleteQueuedReservedInstancesInput { + s.DryRun = &v + return s +} + +// SetReservedInstancesIds sets the ReservedInstancesIds field's value. +func (s *DeleteQueuedReservedInstancesInput) SetReservedInstancesIds(v []*string) *DeleteQueuedReservedInstancesInput { + s.ReservedInstancesIds = v + return s +} + +type DeleteQueuedReservedInstancesOutput struct { + _ struct{} `type:"structure"` + + // Information about the queued purchases that could not be deleted. + FailedQueuedPurchaseDeletions []*FailedQueuedPurchaseDeletion `locationName:"failedQueuedPurchaseDeletionSet" locationNameList:"item" type:"list"` + + // Information about the queued purchases that were successfully deleted. + SuccessfulQueuedPurchaseDeletions []*SuccessfulQueuedPurchaseDeletion `locationName:"successfulQueuedPurchaseDeletionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesOutput) GoString() string { + return s.String() +} + +// SetFailedQueuedPurchaseDeletions sets the FailedQueuedPurchaseDeletions field's value. +func (s *DeleteQueuedReservedInstancesOutput) SetFailedQueuedPurchaseDeletions(v []*FailedQueuedPurchaseDeletion) *DeleteQueuedReservedInstancesOutput { + s.FailedQueuedPurchaseDeletions = v + return s +} + +// SetSuccessfulQueuedPurchaseDeletions sets the SuccessfulQueuedPurchaseDeletions field's value. +func (s *DeleteQueuedReservedInstancesOutput) SetSuccessfulQueuedPurchaseDeletions(v []*SuccessfulQueuedPurchaseDeletion) *DeleteQueuedReservedInstancesOutput { + s.SuccessfulQueuedPurchaseDeletions = v + return s +} + type DeleteRouteInput struct { _ struct{} `type:"structure"` @@ -40792,7 +51559,6 @@ func (s DeleteSecurityGroupOutput) GoString() string { return s.String() } -// Contains the parameters for DeleteSnapshot. type DeleteSnapshotInput struct { _ struct{} `type:"structure"` @@ -40971,7 +51737,7 @@ type DeleteTagsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The IDs of one or more resources, separated by spaces. + // The IDs of the resources, separated by spaces. // // Constraints: Up to 1000 resource IDs. We recommend breaking up this request // into smaller batches. @@ -40979,9 +51745,9 @@ type DeleteTagsInput struct { // Resources is a required field Resources []*string `locationName:"resourceId" type:"list" required:"true"` - // One or more tags to delete. Specify a tag key and an optional tag value to - // delete specific tags. If you specify a tag key without a tag value, we delete - // any tag with this key regardless of its value. If you specify a tag key with + // The tags to delete. Specify a tag key and an optional tag value to delete + // specific tags. If you specify a tag key without a tag value, we delete any + // tag with this key regardless of its value. If you specify a tag key with // an empty string as the tag value, we delete the tag only if its value is // an empty string. // @@ -41045,6 +51811,298 @@ func (s DeleteTagsOutput) GoString() string { return s.String() } +type DeleteTrafficMirrorFilterInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorFilterInput"} + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorFilterInput) SetDryRun(v bool) *DeleteTrafficMirrorFilterInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *DeleteTrafficMirrorFilterInput) SetTrafficMirrorFilterId(v string) *DeleteTrafficMirrorFilterInput { + s.TrafficMirrorFilterId = &v + return s +} + +type DeleteTrafficMirrorFilterOutput struct { + _ struct{} `type:"structure"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *DeleteTrafficMirrorFilterOutput) SetTrafficMirrorFilterId(v string) *DeleteTrafficMirrorFilterOutput { + s.TrafficMirrorFilterId = &v + return s +} + +type DeleteTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror rule. + // + // TrafficMirrorFilterRuleId is a required field + TrafficMirrorFilterRuleId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorFilterRuleInput"} + if s.TrafficMirrorFilterRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorFilterRuleInput) SetDryRun(v bool) *DeleteTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *DeleteTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterRuleId(v string) *DeleteTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type DeleteTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror rule. + TrafficMirrorFilterRuleId *string `locationName:"trafficMirrorFilterRuleId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *DeleteTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRuleId(v string) *DeleteTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type DeleteTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror session. + // + // TrafficMirrorSessionId is a required field + TrafficMirrorSessionId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorSessionInput"} + if s.TrafficMirrorSessionId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorSessionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorSessionInput) SetDryRun(v bool) *DeleteTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *DeleteTrafficMirrorSessionInput) SetTrafficMirrorSessionId(v string) *DeleteTrafficMirrorSessionInput { + s.TrafficMirrorSessionId = &v + return s +} + +type DeleteTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror session. + TrafficMirrorSessionId *string `locationName:"trafficMirrorSessionId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *DeleteTrafficMirrorSessionOutput) SetTrafficMirrorSessionId(v string) *DeleteTrafficMirrorSessionOutput { + s.TrafficMirrorSessionId = &v + return s +} + +type DeleteTrafficMirrorTargetInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror target. + // + // TrafficMirrorTargetId is a required field + TrafficMirrorTargetId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorTargetInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorTargetInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorTargetInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorTargetInput"} + if s.TrafficMirrorTargetId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorTargetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorTargetInput) SetDryRun(v bool) *DeleteTrafficMirrorTargetInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *DeleteTrafficMirrorTargetInput) SetTrafficMirrorTargetId(v string) *DeleteTrafficMirrorTargetInput { + s.TrafficMirrorTargetId = &v + return s +} + +type DeleteTrafficMirrorTargetOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorTargetOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorTargetOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *DeleteTrafficMirrorTargetOutput) SetTrafficMirrorTargetId(v string) *DeleteTrafficMirrorTargetOutput { + s.TrafficMirrorTargetId = &v + return s +} + type DeleteTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -41095,6 +52153,79 @@ func (s *DeleteTransitGatewayInput) SetTransitGatewayId(v string) *DeleteTransit return s } +type DeleteTransitGatewayMulticastDomainInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the transit gateway multicast domain. + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTransitGatewayMulticastDomainInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayMulticastDomainInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTransitGatewayMulticastDomainInput"} + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTransitGatewayMulticastDomainInput) SetDryRun(v bool) *DeleteTransitGatewayMulticastDomainInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *DeleteTransitGatewayMulticastDomainInput) SetTransitGatewayMulticastDomainId(v string) *DeleteTransitGatewayMulticastDomainInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type DeleteTransitGatewayMulticastDomainOutput struct { + _ struct{} `type:"structure"` + + // Information about the deleted transit gateway multicast domain. + TransitGatewayMulticastDomain *TransitGatewayMulticastDomain `locationName:"transitGatewayMulticastDomain" type:"structure"` +} + +// String returns the string representation +func (s DeleteTransitGatewayMulticastDomainOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayMulticastDomainOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayMulticastDomain sets the TransitGatewayMulticastDomain field's value. +func (s *DeleteTransitGatewayMulticastDomainOutput) SetTransitGatewayMulticastDomain(v *TransitGatewayMulticastDomain) *DeleteTransitGatewayMulticastDomainOutput { + s.TransitGatewayMulticastDomain = v + return s +} + type DeleteTransitGatewayOutput struct { _ struct{} `type:"structure"` @@ -41118,6 +52249,79 @@ func (s *DeleteTransitGatewayOutput) SetTransitGateway(v *TransitGateway) *Delet return s } +type DeleteTransitGatewayPeeringAttachmentInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the transit gateway peering attachment. + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTransitGatewayPeeringAttachmentInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayPeeringAttachmentInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTransitGatewayPeeringAttachmentInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTransitGatewayPeeringAttachmentInput"} + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTransitGatewayPeeringAttachmentInput) SetDryRun(v bool) *DeleteTransitGatewayPeeringAttachmentInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *DeleteTransitGatewayPeeringAttachmentInput) SetTransitGatewayAttachmentId(v string) *DeleteTransitGatewayPeeringAttachmentInput { + s.TransitGatewayAttachmentId = &v + return s +} + +type DeleteTransitGatewayPeeringAttachmentOutput struct { + _ struct{} `type:"structure"` + + // The transit gateway peering attachment. + TransitGatewayPeeringAttachment *TransitGatewayPeeringAttachment `locationName:"transitGatewayPeeringAttachment" type:"structure"` +} + +// String returns the string representation +func (s DeleteTransitGatewayPeeringAttachmentOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTransitGatewayPeeringAttachmentOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPeeringAttachment sets the TransitGatewayPeeringAttachment field's value. +func (s *DeleteTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAttachment(v *TransitGatewayPeeringAttachment) *DeleteTransitGatewayPeeringAttachmentOutput { + s.TransitGatewayPeeringAttachment = v + return s +} + type DeleteTransitGatewayRouteInput struct { _ struct{} `type:"structure"` @@ -41351,7 +52555,6 @@ func (s *DeleteTransitGatewayVpcAttachmentOutput) SetTransitGatewayVpcAttachment return s } -// Contains the parameters for DeleteVolume. type DeleteVolumeInput struct { _ struct{} `type:"structure"` @@ -42110,10 +53313,162 @@ func (s DeregisterImageOutput) GoString() string { return s.String() } +type DeregisterTransitGatewayMulticastGroupMembersInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `type:"string"` + + // The IDs of the group members' network interfaces. + NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayMulticastGroupMembersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayMulticastGroupMembersInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DeregisterTransitGatewayMulticastGroupMembersInput) SetDryRun(v bool) *DeregisterTransitGatewayMulticastGroupMembersInput { + s.DryRun = &v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *DeregisterTransitGatewayMulticastGroupMembersInput) SetGroupIpAddress(v string) *DeregisterTransitGatewayMulticastGroupMembersInput { + s.GroupIpAddress = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *DeregisterTransitGatewayMulticastGroupMembersInput) SetNetworkInterfaceIds(v []*string) *DeregisterTransitGatewayMulticastGroupMembersInput { + s.NetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *DeregisterTransitGatewayMulticastGroupMembersInput) SetTransitGatewayMulticastDomainId(v string) *DeregisterTransitGatewayMulticastGroupMembersInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type DeregisterTransitGatewayMulticastGroupMembersOutput struct { + _ struct{} `type:"structure"` + + // Information about the deregistered members. + DeregisteredMulticastGroupMembers *TransitGatewayMulticastDeregisteredGroupMembers `locationName:"deregisteredMulticastGroupMembers" type:"structure"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayMulticastGroupMembersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayMulticastGroupMembersOutput) GoString() string { + return s.String() +} + +// SetDeregisteredMulticastGroupMembers sets the DeregisteredMulticastGroupMembers field's value. +func (s *DeregisterTransitGatewayMulticastGroupMembersOutput) SetDeregisteredMulticastGroupMembers(v *TransitGatewayMulticastDeregisteredGroupMembers) *DeregisterTransitGatewayMulticastGroupMembersOutput { + s.DeregisteredMulticastGroupMembers = v + return s +} + +type DeregisterTransitGatewayMulticastGroupSourcesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `type:"string"` + + // The IDs of the group sources' network interfaces. + NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayMulticastGroupSourcesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayMulticastGroupSourcesInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DeregisterTransitGatewayMulticastGroupSourcesInput) SetDryRun(v bool) *DeregisterTransitGatewayMulticastGroupSourcesInput { + s.DryRun = &v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *DeregisterTransitGatewayMulticastGroupSourcesInput) SetGroupIpAddress(v string) *DeregisterTransitGatewayMulticastGroupSourcesInput { + s.GroupIpAddress = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *DeregisterTransitGatewayMulticastGroupSourcesInput) SetNetworkInterfaceIds(v []*string) *DeregisterTransitGatewayMulticastGroupSourcesInput { + s.NetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *DeregisterTransitGatewayMulticastGroupSourcesInput) SetTransitGatewayMulticastDomainId(v string) *DeregisterTransitGatewayMulticastGroupSourcesInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type DeregisterTransitGatewayMulticastGroupSourcesOutput struct { + _ struct{} `type:"structure"` + + // Information about the deregistered group sources. + DeregisteredMulticastGroupSources *TransitGatewayMulticastDeregisteredGroupSources `locationName:"deregisteredMulticastGroupSources" type:"structure"` +} + +// String returns the string representation +func (s DeregisterTransitGatewayMulticastGroupSourcesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeregisterTransitGatewayMulticastGroupSourcesOutput) GoString() string { + return s.String() +} + +// SetDeregisteredMulticastGroupSources sets the DeregisteredMulticastGroupSources field's value. +func (s *DeregisterTransitGatewayMulticastGroupSourcesOutput) SetDeregisteredMulticastGroupSources(v *TransitGatewayMulticastDeregisteredGroupSources) *DeregisterTransitGatewayMulticastGroupSourcesOutput { + s.DeregisteredMulticastGroupSources = v + return s +} + type DescribeAccountAttributesInput struct { _ struct{} `type:"structure"` - // One or more account attribute names. + // The account attribute names. AttributeNames []*string `locationName:"attributeName" locationNameList:"attributeName" type:"list"` // Checks whether you have the required permissions for the action, without @@ -42148,7 +53503,7 @@ func (s *DescribeAccountAttributesInput) SetDryRun(v bool) *DescribeAccountAttri type DescribeAccountAttributesOutput struct { _ struct{} `type:"structure"` - // Information about one or more account attributes. + // Information about the account attributes. AccountAttributes []*AccountAttribute `locationName:"accountAttributeSet" locationNameList:"item" type:"list"` } @@ -42171,9 +53526,7 @@ func (s *DescribeAccountAttributesOutput) SetAccountAttributes(v []*AccountAttri type DescribeAddressesInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] One or more allocation IDs. - // - // Default: Describes all your Elastic IP addresses. + // [EC2-VPC] Information about the allocation IDs. AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list"` // Checks whether you have the required permissions for the action, without @@ -42194,6 +53547,8 @@ type DescribeAddressesInput struct { // * instance-id - The ID of the instance the address is associated with, // if any. // + // * network-border-group - The location from where the IP address is advertised. + // // * network-interface-id - [EC2-VPC] The ID of the network interface that // the address is associated with, if any. // @@ -42215,7 +53570,7 @@ type DescribeAddressesInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // [EC2-Classic] One or more Elastic IP addresses. + // One or more Elastic IP addresses. // // Default: Describes all your Elastic IP addresses. PublicIps []*string `locationName:"PublicIp" locationNameList:"PublicIp" type:"list"` @@ -42258,7 +53613,7 @@ func (s *DescribeAddressesInput) SetPublicIps(v []*string) *DescribeAddressesInp type DescribeAddressesOutput struct { _ struct{} `type:"structure"` - // Information about one or more Elastic IP addresses. + // Information about the Elastic IP addresses. Addresses []*Address `locationName:"addressesSet" locationNameList:"item" type:"list"` } @@ -42310,9 +53665,9 @@ type DescribeAggregateIdFormatOutput struct { // Information about each resource's ID format. Statuses []*IdFormat `locationName:"statusSet" locationNameList:"item" type:"list"` - // Indicates whether all resource types in the region are configured to use + // Indicates whether all resource types in the Region are configured to use // longer IDs. This value is only true if all users are configured to use longer - // IDs for all resources types in the region. + // IDs for all resources types in the Region. UseLongIdsAggregated *bool `locationName:"useLongIdsAggregated" type:"boolean"` } @@ -42341,31 +53696,46 @@ func (s *DescribeAggregateIdFormatOutput) SetUseLongIdsAggregated(v bool) *Descr type DescribeAvailabilityZonesInput struct { _ struct{} `type:"structure"` + // Include all Availability Zones and Local Zones regardless of your opt in + // status. + // + // If you do not use this parameter, the results include only the zones for + // the Regions where you have chosen the option to opt in. + AllAvailabilityZones *bool `type:"boolean"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // - // * message - Information about the Availability Zone. + // * group-name - For Availability Zones, use the Region name. For Local + // Zones, use the name of the group associated with the Local Zone (for example, + // us-west-2-lax-1). // - // * region-name - The name of the region for the Availability Zone (for - // example, us-east-1). + // * message - The Availability Zone or Local Zone message. // - // * state - The state of the Availability Zone (available | information - // | impaired | unavailable). + // * opt-in-status - The opt in status (opted-in, and not-opted-in | opt-in-not-required). // - // * zone-id - The ID of the Availability Zone (for example, use1-az1). + // * region-name - The name of the Region for the Availability Zone or Local + // Zone (for example, us-east-1). // - // * zone-name - The name of the Availability Zone (for example, us-east-1a). + // * state - The state of the Availability Zone or Local Zone (available + // | information | impaired | unavailable). + // + // * zone-id - The ID of the Availability Zone (for example, use1-az1) or + // the Local Zone (for example, use usw2-lax1-az1). + // + // * zone-name - The name of the Availability Zone (for example, us-east-1a) + // or the Local Zone (for example, use us-west-2-lax-1a). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The IDs of one or more Availability Zones. + // The IDs of the Availability Zones and Local Zones. ZoneIds []*string `locationName:"ZoneId" locationNameList:"ZoneId" type:"list"` - // The names of one or more Availability Zones. + // The names of the Availability Zones and Local Zones. ZoneNames []*string `locationName:"ZoneName" locationNameList:"ZoneName" type:"list"` } @@ -42379,6 +53749,12 @@ func (s DescribeAvailabilityZonesInput) GoString() string { return s.String() } +// SetAllAvailabilityZones sets the AllAvailabilityZones field's value. +func (s *DescribeAvailabilityZonesInput) SetAllAvailabilityZones(v bool) *DescribeAvailabilityZonesInput { + s.AllAvailabilityZones = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DescribeAvailabilityZonesInput) SetDryRun(v bool) *DescribeAvailabilityZonesInput { s.DryRun = &v @@ -42406,7 +53782,7 @@ func (s *DescribeAvailabilityZonesInput) SetZoneNames(v []*string) *DescribeAvai type DescribeAvailabilityZonesOutput struct { _ struct{} `type:"structure"` - // Information about one or more Availability Zones. + // Information about the Availability Zones and Local Zones. AvailabilityZones []*AvailabilityZone `locationName:"availabilityZoneInfo" locationNameList:"item" type:"list"` } @@ -42426,11 +53802,10 @@ func (s *DescribeAvailabilityZonesOutput) SetAvailabilityZones(v []*Availability return s } -// Contains the parameters for DescribeBundleTasks. type DescribeBundleTasksInput struct { _ struct{} `type:"structure"` - // One or more bundle task IDs. + // The bundle task IDs. // // Default: Describes all your bundle tasks. BundleIds []*string `locationName:"BundleId" locationNameList:"BundleId" type:"list"` @@ -42441,7 +53816,7 @@ type DescribeBundleTasksInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * bundle-id - The ID of the bundle task. // @@ -42495,11 +53870,10 @@ func (s *DescribeBundleTasksInput) SetFilters(v []*Filter) *DescribeBundleTasksI return s } -// Contains the output of DescribeBundleTasks. type DescribeBundleTasksOutput struct { _ struct{} `type:"structure"` - // Information about one or more bundle tasks. + // Information about the bundle tasks. BundleTasks []*BundleTask `locationName:"bundleInstanceTasksSet" locationNameList:"item" type:"list"` } @@ -42532,10 +53906,10 @@ type DescribeByoipCidrsInput struct { // remaining results, make another call with the returned nextToken value. // // MaxResults is a required field - MaxResults *int64 `min:"5" type:"integer" required:"true"` + MaxResults *int64 `min:"1" type:"integer" required:"true"` // The token for the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -42554,11 +53928,8 @@ func (s *DescribeByoipCidrsInput) Validate() error { if s.MaxResults == nil { invalidParams.Add(request.NewErrParamRequired("MaxResults")) } - if s.MaxResults != nil && *s.MaxResults < 5 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if invalidParams.Len() > 0 { @@ -42636,7 +54007,7 @@ type DescribeCapacityReservationsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned // nextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"1" type:"integer"` // The token to retrieve the next page of results. NextToken *string `type:"string"` @@ -42652,6 +54023,19 @@ func (s DescribeCapacityReservationsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCapacityReservationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCapacityReservationsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetCapacityReservationIds sets the CapacityReservationIds field's value. func (s *DescribeCapacityReservationsInput) SetCapacityReservationIds(v []*string) *DescribeCapacityReservationsInput { s.CapacityReservationIds = v @@ -42741,25 +54125,20 @@ type DescribeClassicLinkInstancesInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. // - // * vpc-id - The ID of the VPC to which the instance is linked. - // - // vpc-id - The ID of the VPC that the instance is linked to. + // * vpc-id - The ID of the VPC to which the instance is linked. vpc-id - + // The ID of the VPC that the instance is linked to. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // One or more instance IDs. Must be instances linked to a VPC through ClassicLink. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results of the initial request can be seen by sending another - // request with the returned NextToken value. This value can be between 5 and - // 1000. If MaxResults is given a value larger than 1000, only 1000 results - // are returned. You cannot specify this parameter and the instance IDs parameter - // in the same request. + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. // // Constraint: If the value is greater than 1000, we return only 1000 items. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token for the next page of results. NextToken *string `locationName:"nextToken" type:"string"` } @@ -42773,6 +54152,19 @@ func (s DescribeClassicLinkInstancesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeClassicLinkInstancesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeClassicLinkInstancesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeClassicLinkInstancesInput) SetDryRun(v bool) *DescribeClassicLinkInstancesInput { s.DryRun = &v @@ -42859,7 +54251,7 @@ type DescribeClientVpnAuthorizationRulesInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -42881,9 +54273,6 @@ func (s *DescribeClientVpnAuthorizationRulesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -42929,7 +54318,7 @@ type DescribeClientVpnAuthorizationRulesOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -42977,7 +54366,7 @@ type DescribeClientVpnConnectionsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -42999,9 +54388,6 @@ func (s *DescribeClientVpnConnectionsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -43047,7 +54433,7 @@ type DescribeClientVpnConnectionsOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -43093,7 +54479,7 @@ type DescribeClientVpnEndpointsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -43112,9 +54498,6 @@ func (s *DescribeClientVpnEndpointsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -43160,7 +54543,7 @@ type DescribeClientVpnEndpointsOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -43208,7 +54591,7 @@ type DescribeClientVpnRoutesInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -43230,9 +54613,6 @@ func (s *DescribeClientVpnRoutesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -43275,7 +54655,7 @@ type DescribeClientVpnRoutesOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` // Information about the Client VPN endpoint routes. Routes []*ClientVpnRoute `locationName:"routes" locationNameList:"item" type:"list"` @@ -43329,7 +54709,7 @@ type DescribeClientVpnTargetNetworksInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -43351,9 +54731,6 @@ func (s *DescribeClientVpnTargetNetworksInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -43405,7 +54782,7 @@ type DescribeClientVpnTargetNetworksOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -43430,11 +54807,123 @@ func (s *DescribeClientVpnTargetNetworksOutput) SetNextToken(v string) *Describe return s } -// Contains the parameters for DescribeConversionTasks. +type DescribeCoipPoolsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. The following are the possible values: + // + // * coip-pool.pool-id + // + // * coip-pool.local-gateway-route-table-id + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The IDs of the address pools. + PoolIds []*string `locationName:"PoolId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeCoipPoolsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCoipPoolsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCoipPoolsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCoipPoolsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeCoipPoolsInput) SetDryRun(v bool) *DescribeCoipPoolsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeCoipPoolsInput) SetFilters(v []*Filter) *DescribeCoipPoolsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCoipPoolsInput) SetMaxResults(v int64) *DescribeCoipPoolsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCoipPoolsInput) SetNextToken(v string) *DescribeCoipPoolsInput { + s.NextToken = &v + return s +} + +// SetPoolIds sets the PoolIds field's value. +func (s *DescribeCoipPoolsInput) SetPoolIds(v []*string) *DescribeCoipPoolsInput { + s.PoolIds = v + return s +} + +type DescribeCoipPoolsOutput struct { + _ struct{} `type:"structure"` + + // Information about the address pools. + CoipPools []*CoipPool `locationName:"coipPoolSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeCoipPoolsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeCoipPoolsOutput) GoString() string { + return s.String() +} + +// SetCoipPools sets the CoipPools field's value. +func (s *DescribeCoipPoolsOutput) SetCoipPools(v []*CoipPool) *DescribeCoipPoolsOutput { + s.CoipPools = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCoipPoolsOutput) SetNextToken(v string) *DescribeCoipPoolsOutput { + s.NextToken = &v + return s +} + type DescribeConversionTasksInput struct { _ struct{} `type:"structure"` - // One or more conversion task IDs. + // The conversion task IDs. ConversionTaskIds []*string `locationName:"conversionTaskId" locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -43466,7 +54955,6 @@ func (s *DescribeConversionTasksInput) SetDryRun(v bool) *DescribeConversionTask return s } -// Contains the output for DescribeConversionTasks. type DescribeConversionTasksOutput struct { _ struct{} `type:"structure"` @@ -43619,6 +55107,13 @@ type DescribeDhcpOptionsInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` } // String returns the string representation @@ -43631,6 +55126,19 @@ func (s DescribeDhcpOptionsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDhcpOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDhcpOptionsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDhcpOptionsIds sets the DhcpOptionsIds field's value. func (s *DescribeDhcpOptionsInput) SetDhcpOptionsIds(v []*string) *DescribeDhcpOptionsInput { s.DhcpOptionsIds = v @@ -43649,11 +55157,27 @@ func (s *DescribeDhcpOptionsInput) SetFilters(v []*Filter) *DescribeDhcpOptionsI return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeDhcpOptionsInput) SetMaxResults(v int64) *DescribeDhcpOptionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDhcpOptionsInput) SetNextToken(v string) *DescribeDhcpOptionsInput { + s.NextToken = &v + return s +} + type DescribeDhcpOptionsOutput struct { _ struct{} `type:"structure"` // Information about one or more DHCP options sets. DhcpOptions []*DhcpOptions `locationName:"dhcpOptionsSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -43672,6 +55196,12 @@ func (s *DescribeDhcpOptionsOutput) SetDhcpOptions(v []*DhcpOptions) *DescribeDh return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeDhcpOptionsOutput) SetNextToken(v string) *DescribeDhcpOptionsOutput { + s.NextToken = &v + return s +} + type DescribeEgressOnlyInternetGatewaysInput struct { _ struct{} `type:"structure"` @@ -43684,13 +55214,24 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // One or more egress-only internet gateway IDs. EgressOnlyInternetGatewayIds []*string `locationName:"EgressOnlyInternetGatewayId" locationNameList:"item" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // NextToken value. This value can be between 5 and 1000. If MaxResults is given - // a value larger than 1000, only 1000 results are returned. - MaxResults *int64 `type:"integer"` + // One or more filters. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The token to retrieve the next page of results. + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. NextToken *string `type:"string"` } @@ -43704,6 +55245,19 @@ func (s DescribeEgressOnlyInternetGatewaysInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeEgressOnlyInternetGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeEgressOnlyInternetGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeEgressOnlyInternetGatewaysInput) SetDryRun(v bool) *DescribeEgressOnlyInternetGatewaysInput { s.DryRun = &v @@ -43716,6 +55270,12 @@ func (s *DescribeEgressOnlyInternetGatewaysInput) SetEgressOnlyInternetGatewayId return s } +// SetFilters sets the Filters field's value. +func (s *DescribeEgressOnlyInternetGatewaysInput) SetFilters(v []*Filter) *DescribeEgressOnlyInternetGatewaysInput { + s.Filters = v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *DescribeEgressOnlyInternetGatewaysInput) SetMaxResults(v int64) *DescribeEgressOnlyInternetGatewaysInput { s.MaxResults = &v @@ -43734,7 +55294,8 @@ type DescribeEgressOnlyInternetGatewaysOutput struct { // Information about the egress-only internet gateways. EgressOnlyInternetGateways []*EgressOnlyInternetGateway `locationName:"egressOnlyInternetGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -43769,10 +55330,10 @@ type DescribeElasticGpusInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more Elastic Graphics accelerator IDs. + // The Elastic Graphics accelerator IDs. ElasticGpuIds []*string `locationName:"ElasticGpuId" locationNameList:"item" type:"list"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone in which the Elastic Graphics // accelerator resides. @@ -43792,7 +55353,7 @@ type DescribeElasticGpusInput struct { // The maximum number of results to return in a single call. To retrieve the // remaining results, make another call with the returned NextToken value. This // value can be between 5 and 1000. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"10" type:"integer"` // The token to request the next page of results. NextToken *string `type:"string"` @@ -43808,6 +55369,19 @@ func (s DescribeElasticGpusInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeElasticGpusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeElasticGpusInput"} + if s.MaxResults != nil && *s.MaxResults < 10 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 10)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeElasticGpusInput) SetDryRun(v bool) *DescribeElasticGpusInput { s.DryRun = &v @@ -43882,12 +55456,122 @@ func (s *DescribeElasticGpusOutput) SetNextToken(v string) *DescribeElasticGpusO return s } -// Contains the parameters for DescribeExportTasks. +type DescribeExportImageTasksInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the export image tasks. + ExportImageTaskIds []*string `locationName:"ExportImageTaskId" locationNameList:"ExportImageTaskId" type:"list"` + + // Filter tasks using the task-state filter and one of the following values: + // active, completed, deleting, or deleted. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return in a single call. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeExportImageTasksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportImageTasksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeExportImageTasksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeExportImageTasksInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeExportImageTasksInput) SetDryRun(v bool) *DescribeExportImageTasksInput { + s.DryRun = &v + return s +} + +// SetExportImageTaskIds sets the ExportImageTaskIds field's value. +func (s *DescribeExportImageTasksInput) SetExportImageTaskIds(v []*string) *DescribeExportImageTasksInput { + s.ExportImageTaskIds = v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeExportImageTasksInput) SetFilters(v []*Filter) *DescribeExportImageTasksInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeExportImageTasksInput) SetMaxResults(v int64) *DescribeExportImageTasksInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportImageTasksInput) SetNextToken(v string) *DescribeExportImageTasksInput { + s.NextToken = &v + return s +} + +type DescribeExportImageTasksOutput struct { + _ struct{} `type:"structure"` + + // Information about the export image tasks. + ExportImageTasks []*ExportImageTask `locationName:"exportImageTaskSet" locationNameList:"item" type:"list"` + + // The token to use to get the next page of results. This value is null when + // there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeExportImageTasksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportImageTasksOutput) GoString() string { + return s.String() +} + +// SetExportImageTasks sets the ExportImageTasks field's value. +func (s *DescribeExportImageTasksOutput) SetExportImageTasks(v []*ExportImageTask) *DescribeExportImageTasksOutput { + s.ExportImageTasks = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportImageTasksOutput) SetNextToken(v string) *DescribeExportImageTasksOutput { + s.NextToken = &v + return s +} + type DescribeExportTasksInput struct { _ struct{} `type:"structure"` - // One or more export task IDs. + // The export task IDs. ExportTaskIds []*string `locationName:"exportTaskId" locationNameList:"ExportTaskId" type:"list"` + + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` } // String returns the string representation @@ -43906,7 +55590,12 @@ func (s *DescribeExportTasksInput) SetExportTaskIds(v []*string) *DescribeExport return s } -// Contains the output for DescribeExportTasks. +// SetFilters sets the Filters field's value. +func (s *DescribeExportTasksInput) SetFilters(v []*Filter) *DescribeExportTasksInput { + s.Filters = v + return s +} + type DescribeExportTasksOutput struct { _ struct{} `type:"structure"` @@ -43930,21 +55619,237 @@ func (s *DescribeExportTasksOutput) SetExportTasks(v []*ExportTask) *DescribeExp return s } +// Describes fast snapshot restores for a snapshot. +type DescribeFastSnapshotRestoreSuccessItem struct { + _ struct{} `type:"structure"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The time at which fast snapshot restores entered the disabled state. + DisabledTime *time.Time `locationName:"disabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the disabling state. + DisablingTime *time.Time `locationName:"disablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabled state. + EnabledTime *time.Time `locationName:"enabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabling state. + EnablingTime *time.Time `locationName:"enablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the optimizing state. + OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` + + // The alias of the snapshot owner. + OwnerAlias *string `locationName:"ownerAlias" type:"string"` + + // The ID of the AWS account that owns the snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` + + // The state of fast snapshot restores. + State *string `locationName:"state" type:"string" enum:"FastSnapshotRestoreStateCode"` + + // The reason for the state transition. The possible values are as follows: + // + // * Client.UserInitiated - The state successfully transitioned to enabling + // or disabling. + // + // * Client.UserInitiated - Lifecycle state transition - The state successfully + // transitioned to optimizing, enabled, or disabled. + StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` +} + +// String returns the string representation +func (s DescribeFastSnapshotRestoreSuccessItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeFastSnapshotRestoreSuccessItem) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetAvailabilityZone(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.AvailabilityZone = &v + return s +} + +// SetDisabledTime sets the DisabledTime field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetDisabledTime(v time.Time) *DescribeFastSnapshotRestoreSuccessItem { + s.DisabledTime = &v + return s +} + +// SetDisablingTime sets the DisablingTime field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetDisablingTime(v time.Time) *DescribeFastSnapshotRestoreSuccessItem { + s.DisablingTime = &v + return s +} + +// SetEnabledTime sets the EnabledTime field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetEnabledTime(v time.Time) *DescribeFastSnapshotRestoreSuccessItem { + s.EnabledTime = &v + return s +} + +// SetEnablingTime sets the EnablingTime field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetEnablingTime(v time.Time) *DescribeFastSnapshotRestoreSuccessItem { + s.EnablingTime = &v + return s +} + +// SetOptimizingTime sets the OptimizingTime field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetOptimizingTime(v time.Time) *DescribeFastSnapshotRestoreSuccessItem { + s.OptimizingTime = &v + return s +} + +// SetOwnerAlias sets the OwnerAlias field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetOwnerAlias(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.OwnerAlias = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetOwnerId(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.OwnerId = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetSnapshotId(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.SnapshotId = &v + return s +} + +// SetState sets the State field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetState(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.State = &v + return s +} + +// SetStateTransitionReason sets the StateTransitionReason field's value. +func (s *DescribeFastSnapshotRestoreSuccessItem) SetStateTransitionReason(v string) *DescribeFastSnapshotRestoreSuccessItem { + s.StateTransitionReason = &v + return s +} + +type DescribeFastSnapshotRestoresInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. The possible values are: + // + // * availability-zone: The Availability Zone of the snapshot. + // + // * owner-id: The ID of the AWS account that owns the snapshot. + // + // * snapshot-id: The ID of the snapshot. + // + // * state: The state of fast snapshot restores for the snapshot (enabling + // | optimizing | enabled | disabling | disabled). + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeFastSnapshotRestoresInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeFastSnapshotRestoresInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeFastSnapshotRestoresInput) SetDryRun(v bool) *DescribeFastSnapshotRestoresInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeFastSnapshotRestoresInput) SetFilters(v []*Filter) *DescribeFastSnapshotRestoresInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeFastSnapshotRestoresInput) SetMaxResults(v int64) *DescribeFastSnapshotRestoresInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeFastSnapshotRestoresInput) SetNextToken(v string) *DescribeFastSnapshotRestoresInput { + s.NextToken = &v + return s +} + +type DescribeFastSnapshotRestoresOutput struct { + _ struct{} `type:"structure"` + + // Information about the state of fast snapshot restores. + FastSnapshotRestores []*DescribeFastSnapshotRestoreSuccessItem `locationName:"fastSnapshotRestoreSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeFastSnapshotRestoresOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeFastSnapshotRestoresOutput) GoString() string { + return s.String() +} + +// SetFastSnapshotRestores sets the FastSnapshotRestores field's value. +func (s *DescribeFastSnapshotRestoresOutput) SetFastSnapshotRestores(v []*DescribeFastSnapshotRestoreSuccessItem) *DescribeFastSnapshotRestoresOutput { + s.FastSnapshotRestores = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeFastSnapshotRestoresOutput) SetNextToken(v string) *DescribeFastSnapshotRestoresOutput { + s.NextToken = &v + return s +} + // Describes the instances that could not be launched by the fleet. type DescribeFleetError struct { _ struct{} `type:"structure"` // The error code that indicates why the instance could not be launched. For - // more information about error codes, see Error Codes (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + // more information about error codes, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). ErrorCode *string `locationName:"errorCode" type:"string"` // The error message that describes why the instance could not be launched. - // For more information about error messages, see ee Error Codes (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). + // For more information about error messages, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html). ErrorMessage *string `locationName:"errorMessage" type:"string"` // The launch templates and overrides that were used for launching the instances. - // Any parameters that you specify in the Overrides override the same parameters - // in the launch template. + // The values that you specify in the Overrides replace the values in the launch + // template. LaunchTemplateAndOverrides *LaunchTemplateAndOverridesResponse `locationName:"launchTemplateAndOverrides" type:"structure"` // Indicates if the instance that could not be launched was a Spot Instance @@ -44150,7 +56055,7 @@ type DescribeFleetInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * instance-type - The instance type. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -44273,7 +56178,7 @@ type DescribeFleetsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * activity-status - The progress of the EC2 Fleet ( error | pending-fulfillment // | pending-termination | fulfilled). @@ -44354,15 +56259,15 @@ type DescribeFleetsInstances struct { InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` // The launch templates and overrides that were used for launching the instances. - // Any parameters that you specify in the Overrides override the same parameters - // in the launch template. + // The values that you specify in the Overrides replace the values in the launch + // template. LaunchTemplateAndOverrides *LaunchTemplateAndOverridesResponse `locationName:"launchTemplateAndOverrides" type:"structure"` // Indicates if the instance that was launched is a Spot Instance or On-Demand // Instance. Lifecycle *string `locationName:"lifecycle" type:"string" enum:"InstanceLifecycle"` - // The value is Windows for Windows instances; otherwise blank. + // The value is Windows for Windows instances. Otherwise, the value is blank. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` } @@ -44465,16 +56370,15 @@ type DescribeFlowLogsInput struct { Filter []*Filter `locationNameList:"Filter" type:"list"` // One or more flow log IDs. + // + // Constraint: Maximum of 1000 flow log IDs. FlowLogIds []*string `locationName:"FlowLogId" locationNameList:"item" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // NextToken value. This value can be between 5 and 1000. If MaxResults is given - // a value larger than 1000, only 1000 results are returned. You cannot specify - // this parameter and the flow log IDs parameter in the same request. + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. MaxResults *int64 `type:"integer"` - // The token to retrieve the next page of results. + // The token for the next page of results. NextToken *string `type:"string"` } @@ -44647,7 +56551,7 @@ type DescribeFpgaImagesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * create-time - The creation time of the AFI. // @@ -44679,14 +56583,14 @@ type DescribeFpgaImagesInput struct { // * update-time - The time of the most recent update. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more AFI IDs. + // The AFI IDs. FpgaImageIds []*string `locationName:"FpgaImageId" locationNameList:"item" type:"list"` // The maximum number of results to return in a single call. MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` // Filters the AFI by owner. Specify an AWS account ID, self (owner is the sender // of the request), or an AWS owner alias (valid values are amazon | aws-marketplace). @@ -44709,9 +56613,6 @@ func (s *DescribeFpgaImagesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -44758,12 +56659,12 @@ func (s *DescribeFpgaImagesInput) SetOwners(v []*string) *DescribeFpgaImagesInpu type DescribeFpgaImagesOutput struct { _ struct{} `type:"structure"` - // Information about one or more FPGA images. + // Information about the FPGA images. FpgaImages []*FpgaImage `locationName:"fpgaImageSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -44791,7 +56692,7 @@ func (s *DescribeFpgaImagesOutput) SetNextToken(v string) *DescribeFpgaImagesOut type DescribeHostReservationOfferingsInput struct { _ struct{} `type:"structure"` - // One or more filters. + // The filters. // // * instance-family - The instance family of the offering (for example, // m4). @@ -44810,7 +56711,7 @@ type DescribeHostReservationOfferingsInput struct { // The remaining results can be seen by sending another request with the returned // nextToken value. This value can be between 5 and 500. If maxResults is given // a larger value than 500, you receive an error. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // This is the minimum duration of the reservation you'd like to purchase, specified // in seconds. Reservations are available in one-year and three-year terms. @@ -44836,6 +56737,19 @@ func (s DescribeHostReservationOfferingsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeHostReservationOfferingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeHostReservationOfferingsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetFilter sets the Filter field's value. func (s *DescribeHostReservationOfferingsInput) SetFilter(v []*Filter) *DescribeHostReservationOfferingsInput { s.Filter = v @@ -44908,7 +56822,7 @@ func (s *DescribeHostReservationOfferingsOutput) SetOfferingSet(v []*HostOfferin type DescribeHostReservationsInput struct { _ struct{} `type:"structure"` - // One or more filters. + // The filters. // // * instance-family - The instance family (for example, m4). // @@ -44916,9 +56830,19 @@ type DescribeHostReservationsInput struct { // // * state - The state of the reservation (payment-pending | payment-failed // | active | retired). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. Filter []*Filter `locationNameList:"Filter" type:"list"` - // One or more host reservation IDs. + // The host reservation IDs. HostReservationIdSet []*string `locationNameList:"item" type:"list"` // The maximum number of results to return for the request in a single page. @@ -45001,7 +56925,7 @@ func (s *DescribeHostReservationsOutput) SetNextToken(v string) *DescribeHostRes type DescribeHostsInput struct { _ struct{} `type:"structure"` - // One or more filters. + // The filters. // // * auto-placement - Whether auto-placement is enabled or disabled (on | // off). @@ -45030,11 +56954,13 @@ type DescribeHostsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. You cannot specify this parameter - // and the host IDs parameter in the same request. + // a larger value than 500, you receive an error. + // + // You cannot specify this parameter and the host IDs parameter in the same + // request. MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to retrieve the next page of results. + // The token to use to retrieve the next page of results. NextToken *string `locationName:"nextToken" type:"string"` } @@ -45108,10 +57034,10 @@ func (s *DescribeHostsOutput) SetNextToken(v string) *DescribeHostsOutput { type DescribeIamInstanceProfileAssociationsInput struct { _ struct{} `type:"structure"` - // One or more IAM instance profile associations. + // The IAM instance profile associations. AssociationIds []*string `locationName:"AssociationId" locationNameList:"AssociationId" type:"list"` - // One or more filters. + // The filters. // // * instance-id - The ID of the instance. // @@ -45124,7 +57050,7 @@ type DescribeIamInstanceProfileAssociationsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to request the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -45143,9 +57069,6 @@ func (s *DescribeIamInstanceProfileAssociationsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -45180,12 +57103,12 @@ func (s *DescribeIamInstanceProfileAssociationsInput) SetNextToken(v string) *De type DescribeIamInstanceProfileAssociationsOutput struct { _ struct{} `type:"structure"` - // Information about one or more IAM instance profile associations. + // Information about the IAM instance profile associations. IamInstanceProfileAssociations []*IamInstanceProfileAssociation `locationName:"iamInstanceProfileAssociationSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -45412,7 +57335,7 @@ func (s *DescribeImageAttributeInput) SetImageId(v string) *DescribeImageAttribu type DescribeImageAttributeOutput struct { _ struct{} `type:"structure"` - // One or more block device mapping entries. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` // A description for the AMI. @@ -45424,10 +57347,10 @@ type DescribeImageAttributeOutput struct { // The kernel ID. KernelId *AttributeValue `locationName:"kernel" type:"structure"` - // One or more launch permissions. + // The launch permissions. LaunchPermissions []*LaunchPermission `locationName:"launchPermission" locationNameList:"item" type:"list"` - // One or more product codes. + // The product codes. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` // The RAM disk ID. @@ -45496,7 +57419,6 @@ func (s *DescribeImageAttributeOutput) SetSriovNetSupport(v *AttributeValue) *De return s } -// Contains the parameters for DescribeImages. type DescribeImagesInput struct { _ struct{} `type:"structure"` @@ -45510,9 +57432,9 @@ type DescribeImagesInput struct { // account ID, self (the sender of the request), or all (public AMIs). ExecutableUsers []*string `locationName:"ExecutableBy" locationNameList:"ExecutableBy" type:"list"` - // One or more filters. + // The filters. // - // * architecture - The image architecture (i386 | x86_64). + // * architecture - The image architecture (i386 | x86_64 | arm64). // // * block-device-mapping.delete-on-termination - A Boolean value that indicates // whether the Amazon EBS volume is deleted on instance termination. @@ -45529,6 +57451,9 @@ type DescribeImagesInput struct { // * block-device-mapping.volume-type - The volume type of the EBS volume // (gp2 | io1 | st1 | sc1 | standard). // + // * block-device-mapping.encrypted - A Boolean that indicates whether the + // EBS volume is encrypted. + // // * description - The description of the image (provided during image creation). // // * ena-support - A Boolean that indicates whether enhanced networking with @@ -45589,7 +57514,7 @@ type DescribeImagesInput struct { // * virtualization-type - The virtualization type (paravirtual | hvm). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more image IDs. + // The image IDs. // // Default: Describes all images available to you. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` @@ -45641,11 +57566,10 @@ func (s *DescribeImagesInput) SetOwners(v []*string) *DescribeImagesInput { return s } -// Contains the output of DescribeImages. type DescribeImagesOutput struct { _ struct{} `type:"structure"` - // Information about one or more images. + // Information about the images. Images []*Image `locationName:"imagesSet" locationNameList:"item" type:"list"` } @@ -45665,7 +57589,6 @@ func (s *DescribeImagesOutput) SetImages(v []*Image) *DescribeImagesOutput { return s } -// Contains the parameters for DescribeImportImageTasks. type DescribeImportImageTasksInput struct { _ struct{} `type:"structure"` @@ -45676,14 +57599,13 @@ type DescribeImportImageTasksInput struct { DryRun *bool `type:"boolean"` // Filter tasks using the task-state filter and one of the following values: - // active, completed, deleting, deleted. + // active, completed, deleting, or deleted. Filters []*Filter `locationNameList:"Filter" type:"list"` - // A list of import image task IDs. + // The IDs of the import image tasks. ImportTaskIds []*string `locationName:"ImportTaskId" locationNameList:"ImportTaskId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. + // The maximum number of results to return in a single call. MaxResults *int64 `type:"integer"` // A token that indicates the next page of results. @@ -45730,7 +57652,6 @@ func (s *DescribeImportImageTasksInput) SetNextToken(v string) *DescribeImportIm return s } -// Contains the output for DescribeImportImageTasks. type DescribeImportImageTasksOutput struct { _ struct{} `type:"structure"` @@ -45765,7 +57686,6 @@ func (s *DescribeImportImageTasksOutput) SetNextToken(v string) *DescribeImportI return s } -// Contains the parameters for DescribeImportSnapshotTasks. type DescribeImportSnapshotTasksInput struct { _ struct{} `type:"structure"` @@ -45775,7 +57695,7 @@ type DescribeImportSnapshotTasksInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. Filters []*Filter `locationNameList:"Filter" type:"list"` // A list of import snapshot task IDs. @@ -45829,7 +57749,6 @@ func (s *DescribeImportSnapshotTasksInput) SetNextToken(v string) *DescribeImpor return s } -// Contains the output for DescribeImportSnapshotTasks. type DescribeImportSnapshotTasksOutput struct { _ struct{} `type:"structure"` @@ -46094,12 +58013,12 @@ type DescribeInstanceCreditSpecificationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * instance-id - The ID of the instance. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more instance IDs. + // The instance IDs. // // Default: Describes all your instances. // @@ -46110,7 +58029,7 @@ type DescribeInstanceCreditSpecificationsInput struct { // remaining results, make another call with the returned NextToken value. This // value can be between 5 and 1000. You cannot specify this parameter and the // instance IDs parameter in the same call. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. NextToken *string `type:"string"` @@ -46126,6 +58045,19 @@ func (s DescribeInstanceCreditSpecificationsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceCreditSpecificationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceCreditSpecificationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeInstanceCreditSpecificationsInput) SetDryRun(v bool) *DescribeInstanceCreditSpecificationsInput { s.DryRun = &v @@ -46198,7 +58130,7 @@ type DescribeInstanceStatusInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone of the instance. // @@ -46207,12 +58139,18 @@ type DescribeInstanceStatusInput struct { // // * event.description - A description of the event. // + // * event.instance-event-id - The ID of the event whose date and time you + // are modifying. + // // * event.not-after - The latest end time for the scheduled event (for example, // 2014-09-15T17:15:20.000Z). // // * event.not-before - The earliest start time for the scheduled event (for // example, 2014-09-15T17:15:20.000Z). // + // * event.not-before-deadline - The deadline for starting the event (for + // example, 2014-09-15T17:15:20.000Z). + // // * instance-state-code - The code for the instance state, as a 16-bit unsigned // integer. The high byte is used for internal purposes and should be ignored. // The low byte is set based on the state represented. The valid values are @@ -46241,7 +58179,7 @@ type DescribeInstanceStatusInput struct { // Default: false IncludeAllInstances *bool `locationName:"includeAllInstances" type:"boolean"` - // One or more instance IDs. + // The instance IDs. // // Default: Describes all your instances. // @@ -46307,7 +58245,7 @@ func (s *DescribeInstanceStatusInput) SetNextToken(v string) *DescribeInstanceSt type DescribeInstanceStatusOutput struct { _ struct{} `type:"structure"` - // One or more instance status descriptions. + // Information about the status of the instances. InstanceStatuses []*InstanceStatus `locationName:"instanceStatusSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -46337,6 +58275,305 @@ func (s *DescribeInstanceStatusOutput) SetNextToken(v string) *DescribeInstanceS return s } +type DescribeInstanceTypeOfferingsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. Filter names and values are case-sensitive. + // + // * location - This depends on the location type. For example, if the location + // type is region (default), the location is the Region code (for example, + // us-east-2.) + // + // * instance-type - The instance type. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The location type. + LocationType *string `type:"string" enum:"LocationType"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the next + // token value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceTypeOfferingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceTypeOfferingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceTypeOfferingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceTypeOfferingsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceTypeOfferingsInput) SetDryRun(v bool) *DescribeInstanceTypeOfferingsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceTypeOfferingsInput) SetFilters(v []*Filter) *DescribeInstanceTypeOfferingsInput { + s.Filters = v + return s +} + +// SetLocationType sets the LocationType field's value. +func (s *DescribeInstanceTypeOfferingsInput) SetLocationType(v string) *DescribeInstanceTypeOfferingsInput { + s.LocationType = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceTypeOfferingsInput) SetMaxResults(v int64) *DescribeInstanceTypeOfferingsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTypeOfferingsInput) SetNextToken(v string) *DescribeInstanceTypeOfferingsInput { + s.NextToken = &v + return s +} + +type DescribeInstanceTypeOfferingsOutput struct { + _ struct{} `type:"structure"` + + // The instance types offered. + InstanceTypeOfferings []*InstanceTypeOffering `locationName:"instanceTypeOfferingSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceTypeOfferingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceTypeOfferingsOutput) GoString() string { + return s.String() +} + +// SetInstanceTypeOfferings sets the InstanceTypeOfferings field's value. +func (s *DescribeInstanceTypeOfferingsOutput) SetInstanceTypeOfferings(v []*InstanceTypeOffering) *DescribeInstanceTypeOfferingsOutput { + s.InstanceTypeOfferings = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTypeOfferingsOutput) SetNextToken(v string) *DescribeInstanceTypeOfferingsOutput { + s.NextToken = &v + return s +} + +type DescribeInstanceTypesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. Filter names and values are case-sensitive. + // + // * auto-recovery-supported - Indicates whether auto recovery is supported. + // (true | false) + // + // * bare-metal - Indicates whether it is a bare metal instance type. (true + // | false) + // + // * burstable-performance-supported - Indicates whether it is a burstable + // performance instance type. (true | false) + // + // * current-generation - Indicates whether this instance type is the latest + // generation instance type of an instance family. (true | false) + // + // * ebs-info.ebs-optimized-support - Indicates whether the instance type + // is EBS-optimized. (true | false) + // + // * ebs-info.encryption-support - Indicates whether EBS encryption is supported. + // (true | false) + // + // * free-tier-eligible - Indicates whether the instance type is eligible + // to use in the free tier. (true | false) + // + // * hibernation-supported - Indicates whether On-Demand hibernation is supported. + // (true | false) + // + // * hypervisor - The hypervisor used. (nitro | xen) + // + // * instance-storage-info.disk.count - The number of local disks. + // + // * instance-storage-info.disk.size-in-gb - The storage size of each instance + // storage disk, in GB. + // + // * instance-storage-info.disk.type - The storage technology for the local + // instance storage disks. (hdd | ssd) + // + // * instance-storage-info.total-size-in-gb - The total amount of storage + // available from all local instance storage, in GB. + // + // * instance-storage-supported - Indicates whether the instance type has + // local instance storage. (true | false) + // + // * memory-info.size-in-mib - The memory size. + // + // * network-info.ena-support - Indicates whether Elastic Network Adapter + // (ENA) is supported or required. (required | supported | unsupported) + // + // * network-info.ipv4-addresses-per-interface - The maximum number of private + // IPv4 addresses per network interface. + // + // * network-info.ipv6-addresses-per-interface - The maximum number of private + // IPv6 addresses per network interface. + // + // * network-info.ipv6-supported - Indicates whether the instance type supports + // IPv6. (true | false) + // + // * network-info.maximum-network-interfaces - The maximum number of network + // interfaces per instance. + // + // * network-info.network-performance - Describes the network performance. + // + // * processor-info.sustained-clock-speed-in-ghz - The CPU clock speed, in + // GHz. + // + // * vcpu-info.default-cores - The default number of cores for the instance + // type. + // + // * vcpu-info.default-threads-per-core - The default number of threads per + // cores for the instance type. + // + // * vcpu-info.default-vcpus - The default number of vCPUs for the instance + // type. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The instance types. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon Elastic Compute Cloud User Guide. + InstanceTypes []*string `locationName:"InstanceType" type:"list"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the next + // token value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceTypesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceTypesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceTypesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceTypesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceTypesInput) SetDryRun(v bool) *DescribeInstanceTypesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceTypesInput) SetFilters(v []*Filter) *DescribeInstanceTypesInput { + s.Filters = v + return s +} + +// SetInstanceTypes sets the InstanceTypes field's value. +func (s *DescribeInstanceTypesInput) SetInstanceTypes(v []*string) *DescribeInstanceTypesInput { + s.InstanceTypes = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceTypesInput) SetMaxResults(v int64) *DescribeInstanceTypesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTypesInput) SetNextToken(v string) *DescribeInstanceTypesInput { + s.NextToken = &v + return s +} + +type DescribeInstanceTypesOutput struct { + _ struct{} `type:"structure"` + + // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon Elastic Compute Cloud User Guide. + InstanceTypes []*InstanceTypeInfo `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeInstanceTypesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeInstanceTypesOutput) GoString() string { + return s.String() +} + +// SetInstanceTypes sets the InstanceTypes field's value. +func (s *DescribeInstanceTypesOutput) SetInstanceTypes(v []*InstanceTypeInfo) *DescribeInstanceTypesOutput { + s.InstanceTypes = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTypesOutput) SetNextToken(v string) *DescribeInstanceTypesOutput { + s.NextToken = &v + return s +} + type DescribeInstancesInput struct { _ struct{} `type:"structure"` @@ -46346,12 +58583,12 @@ type DescribeInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * affinity - The affinity setting for an instance running on a Dedicated // Host (default | host). // - // * architecture - The instance architecture (i386 | x86_64). + // * architecture - The instance architecture (i386 | x86_64 | arm64). // // * availability-zone - The Availability Zone of the instance. // @@ -46414,7 +58651,6 @@ type DescribeInstancesInput struct { // // * instance.group-name - The name of the security group for the instance. // - // // * ip-address - The public IPv4 address of the instance. // // * kernel-id - The kernel ID. @@ -46424,9 +58660,17 @@ type DescribeInstancesInput struct { // * launch-index - When launching multiple instances, this is the index // for the instance in the launch group (for example, 0, 1, 2, and so on). // - // // * launch-time - The time when the instance was launched. // + // * metadata-options.http-tokens - The metadata request authorization state + // (optional | required) + // + // * metadata-options.http-put-response-hop-limit - The http metadata request + // put response hop limit (integer, possible values 1 to 64) + // + // * metadata-options.http-endpoint - Enable or disable metadata access on + // http endpoint (enabled | disabled) + // // * monitoring-state - Indicates whether detailed monitoring is enabled // (disabled | enabled). // @@ -46523,8 +58767,7 @@ type DescribeInstancesInput struct { // * placement-partition-number - The partition in which the instance is // located. // - // * platform - The platform. Use windows if you have Windows instances; - // otherwise, leave blank. + // * platform - The platform. To list only Windows instances, use windows. // // * private-dns-name - The private IPv4 DNS name of the instance. // @@ -46588,7 +58831,7 @@ type DescribeInstancesInput struct { // * vpc-id - The ID of the VPC that the instance is running in. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more instance IDs. + // The instance IDs. // // Default: Describes all your instances. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` @@ -46650,7 +58893,7 @@ type DescribeInstancesOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Zero or more reservations. + // Information about the reservations. Reservations []*Reservation `locationName:"reservationSet" locationNameList:"item" type:"list"` } @@ -46711,6 +58954,13 @@ type DescribeInternetGatewaysInput struct { // // Default: Describes all your internet gateways. InternetGatewayIds []*string `locationName:"internetGatewayId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` } // String returns the string representation @@ -46723,6 +58973,19 @@ func (s DescribeInternetGatewaysInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInternetGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInternetGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeInternetGatewaysInput) SetDryRun(v bool) *DescribeInternetGatewaysInput { s.DryRun = &v @@ -46741,11 +59004,27 @@ func (s *DescribeInternetGatewaysInput) SetInternetGatewayIds(v []*string) *Desc return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInternetGatewaysInput) SetMaxResults(v int64) *DescribeInternetGatewaysInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInternetGatewaysInput) SetNextToken(v string) *DescribeInternetGatewaysInput { + s.NextToken = &v + return s +} + type DescribeInternetGatewaysOutput struct { _ struct{} `type:"structure"` // Information about one or more internet gateways. InternetGateways []*InternetGateway `locationName:"internetGatewaySet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -46764,6 +59043,12 @@ func (s *DescribeInternetGatewaysOutput) SetInternetGateways(v []*InternetGatewa return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeInternetGatewaysOutput) SetNextToken(v string) *DescribeInternetGatewaysOutput { + s.NextToken = &v + return s +} + type DescribeKeyPairsInput struct { _ struct{} `type:"structure"` @@ -46773,17 +59058,20 @@ type DescribeKeyPairsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * fingerprint - The fingerprint of the key pair. // // * key-name - The name of the key pair. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more key pair names. + // The key pair names. // // Default: Describes all your key pairs. KeyNames []*string `locationName:"KeyName" locationNameList:"KeyName" type:"list"` + + // The IDs of the key pairs. + KeyPairIds []*string `locationName:"KeyPairId" locationNameList:"KeyPairId" type:"list"` } // String returns the string representation @@ -46814,10 +59102,16 @@ func (s *DescribeKeyPairsInput) SetKeyNames(v []*string) *DescribeKeyPairsInput return s } +// SetKeyPairIds sets the KeyPairIds field's value. +func (s *DescribeKeyPairsInput) SetKeyPairIds(v []*string) *DescribeKeyPairsInput { + s.KeyPairIds = v + return s +} + type DescribeKeyPairsOutput struct { _ struct{} `type:"structure"` - // Information about one or more key pairs. + // Information about the key pairs. KeyPairs []*KeyPairInfo `locationName:"keySet" locationNameList:"item" type:"list"` } @@ -47038,7 +59332,7 @@ type DescribeLaunchTemplatesInput struct { // The maximum number of results to return in a single call. To retrieve the // remaining results, make another call with the returned NextToken value. This // value can be between 1 and 200. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"1" type:"integer"` // The token to request the next page of results. NextToken *string `type:"string"` @@ -47054,6 +59348,19 @@ func (s DescribeLaunchTemplatesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLaunchTemplatesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLaunchTemplatesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeLaunchTemplatesInput) SetDryRun(v bool) *DescribeLaunchTemplatesInput { s.DryRun = &v @@ -47123,6 +59430,660 @@ func (s *DescribeLaunchTemplatesOutput) SetNextToken(v string) *DescribeLaunchTe return s } +type DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the associations. + LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds []*string `locationName:"LocalGatewayRouteTableVirtualInterfaceGroupAssociationId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) SetDryRun(v bool) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) SetFilters(v []*Filter) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput { + s.Filters = v + return s +} + +// SetLocalGatewayRouteTableVirtualInterfaceGroupAssociationIds sets the LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) SetLocalGatewayRouteTableVirtualInterfaceGroupAssociationIds(v []*string) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput { + s.LocalGatewayRouteTableVirtualInterfaceGroupAssociationIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) SetMaxResults(v int64) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput) SetNextToken(v string) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput struct { + _ struct{} `type:"structure"` + + // Information about the associations. + LocalGatewayRouteTableVirtualInterfaceGroupAssociations []*LocalGatewayRouteTableVirtualInterfaceGroupAssociation `locationName:"localGatewayRouteTableVirtualInterfaceGroupAssociationSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTableVirtualInterfaceGroupAssociations sets the LocalGatewayRouteTableVirtualInterfaceGroupAssociations field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput) SetLocalGatewayRouteTableVirtualInterfaceGroupAssociations(v []*LocalGatewayRouteTableVirtualInterfaceGroupAssociation) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput { + s.LocalGatewayRouteTableVirtualInterfaceGroupAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput) SetNextToken(v string) *DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociationsOutput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayRouteTableVpcAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the associations. + LocalGatewayRouteTableVpcAssociationIds []*string `locationName:"LocalGatewayRouteTableVpcAssociationId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTableVpcAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTableVpcAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewayRouteTableVpcAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) SetDryRun(v bool) *DescribeLocalGatewayRouteTableVpcAssociationsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) SetFilters(v []*Filter) *DescribeLocalGatewayRouteTableVpcAssociationsInput { + s.Filters = v + return s +} + +// SetLocalGatewayRouteTableVpcAssociationIds sets the LocalGatewayRouteTableVpcAssociationIds field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) SetLocalGatewayRouteTableVpcAssociationIds(v []*string) *DescribeLocalGatewayRouteTableVpcAssociationsInput { + s.LocalGatewayRouteTableVpcAssociationIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) SetMaxResults(v int64) *DescribeLocalGatewayRouteTableVpcAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsInput) SetNextToken(v string) *DescribeLocalGatewayRouteTableVpcAssociationsInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayRouteTableVpcAssociationsOutput struct { + _ struct{} `type:"structure"` + + // Information about the associations. + LocalGatewayRouteTableVpcAssociations []*LocalGatewayRouteTableVpcAssociation `locationName:"localGatewayRouteTableVpcAssociationSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTableVpcAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTableVpcAssociationsOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTableVpcAssociations sets the LocalGatewayRouteTableVpcAssociations field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsOutput) SetLocalGatewayRouteTableVpcAssociations(v []*LocalGatewayRouteTableVpcAssociation) *DescribeLocalGatewayRouteTableVpcAssociationsOutput { + s.LocalGatewayRouteTableVpcAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTableVpcAssociationsOutput) SetNextToken(v string) *DescribeLocalGatewayRouteTableVpcAssociationsOutput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayRouteTablesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the local gateway route tables. + LocalGatewayRouteTableIds []*string `locationName:"LocalGatewayRouteTableId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTablesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTablesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewayRouteTablesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewayRouteTablesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewayRouteTablesInput) SetDryRun(v bool) *DescribeLocalGatewayRouteTablesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewayRouteTablesInput) SetFilters(v []*Filter) *DescribeLocalGatewayRouteTablesInput { + s.Filters = v + return s +} + +// SetLocalGatewayRouteTableIds sets the LocalGatewayRouteTableIds field's value. +func (s *DescribeLocalGatewayRouteTablesInput) SetLocalGatewayRouteTableIds(v []*string) *DescribeLocalGatewayRouteTablesInput { + s.LocalGatewayRouteTableIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewayRouteTablesInput) SetMaxResults(v int64) *DescribeLocalGatewayRouteTablesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTablesInput) SetNextToken(v string) *DescribeLocalGatewayRouteTablesInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayRouteTablesOutput struct { + _ struct{} `type:"structure"` + + // Information about the local gateway route tables. + LocalGatewayRouteTables []*LocalGatewayRouteTable `locationName:"localGatewayRouteTableSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayRouteTablesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayRouteTablesOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayRouteTables sets the LocalGatewayRouteTables field's value. +func (s *DescribeLocalGatewayRouteTablesOutput) SetLocalGatewayRouteTables(v []*LocalGatewayRouteTable) *DescribeLocalGatewayRouteTablesOutput { + s.LocalGatewayRouteTables = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayRouteTablesOutput) SetNextToken(v string) *DescribeLocalGatewayRouteTablesOutput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayVirtualInterfaceGroupsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the virtual interface groups. + LocalGatewayVirtualInterfaceGroupIds []*string `locationName:"LocalGatewayVirtualInterfaceGroupId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayVirtualInterfaceGroupsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayVirtualInterfaceGroupsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewayVirtualInterfaceGroupsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) SetDryRun(v bool) *DescribeLocalGatewayVirtualInterfaceGroupsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) SetFilters(v []*Filter) *DescribeLocalGatewayVirtualInterfaceGroupsInput { + s.Filters = v + return s +} + +// SetLocalGatewayVirtualInterfaceGroupIds sets the LocalGatewayVirtualInterfaceGroupIds field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) SetLocalGatewayVirtualInterfaceGroupIds(v []*string) *DescribeLocalGatewayVirtualInterfaceGroupsInput { + s.LocalGatewayVirtualInterfaceGroupIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) SetMaxResults(v int64) *DescribeLocalGatewayVirtualInterfaceGroupsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsInput) SetNextToken(v string) *DescribeLocalGatewayVirtualInterfaceGroupsInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayVirtualInterfaceGroupsOutput struct { + _ struct{} `type:"structure"` + + // The virtual interface groups. + LocalGatewayVirtualInterfaceGroups []*LocalGatewayVirtualInterfaceGroup `locationName:"localGatewayVirtualInterfaceGroupSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayVirtualInterfaceGroupsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayVirtualInterfaceGroupsOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayVirtualInterfaceGroups sets the LocalGatewayVirtualInterfaceGroups field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsOutput) SetLocalGatewayVirtualInterfaceGroups(v []*LocalGatewayVirtualInterfaceGroup) *DescribeLocalGatewayVirtualInterfaceGroupsOutput { + s.LocalGatewayVirtualInterfaceGroups = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayVirtualInterfaceGroupsOutput) SetNextToken(v string) *DescribeLocalGatewayVirtualInterfaceGroupsOutput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayVirtualInterfacesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the virtual interfaces. + LocalGatewayVirtualInterfaceIds []*string `locationName:"LocalGatewayVirtualInterfaceId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayVirtualInterfacesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayVirtualInterfacesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewayVirtualInterfacesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewayVirtualInterfacesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewayVirtualInterfacesInput) SetDryRun(v bool) *DescribeLocalGatewayVirtualInterfacesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewayVirtualInterfacesInput) SetFilters(v []*Filter) *DescribeLocalGatewayVirtualInterfacesInput { + s.Filters = v + return s +} + +// SetLocalGatewayVirtualInterfaceIds sets the LocalGatewayVirtualInterfaceIds field's value. +func (s *DescribeLocalGatewayVirtualInterfacesInput) SetLocalGatewayVirtualInterfaceIds(v []*string) *DescribeLocalGatewayVirtualInterfacesInput { + s.LocalGatewayVirtualInterfaceIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewayVirtualInterfacesInput) SetMaxResults(v int64) *DescribeLocalGatewayVirtualInterfacesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayVirtualInterfacesInput) SetNextToken(v string) *DescribeLocalGatewayVirtualInterfacesInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewayVirtualInterfacesOutput struct { + _ struct{} `type:"structure"` + + // Information about the virtual interfaces. + LocalGatewayVirtualInterfaces []*LocalGatewayVirtualInterface `locationName:"localGatewayVirtualInterfaceSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewayVirtualInterfacesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewayVirtualInterfacesOutput) GoString() string { + return s.String() +} + +// SetLocalGatewayVirtualInterfaces sets the LocalGatewayVirtualInterfaces field's value. +func (s *DescribeLocalGatewayVirtualInterfacesOutput) SetLocalGatewayVirtualInterfaces(v []*LocalGatewayVirtualInterface) *DescribeLocalGatewayVirtualInterfacesOutput { + s.LocalGatewayVirtualInterfaces = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewayVirtualInterfacesOutput) SetNextToken(v string) *DescribeLocalGatewayVirtualInterfacesOutput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewaysInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the local gateways. + LocalGatewayIds []*string `locationName:"LocalGatewayId" locationNameList:"item" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewaysInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewaysInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLocalGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLocalGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLocalGatewaysInput) SetDryRun(v bool) *DescribeLocalGatewaysInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLocalGatewaysInput) SetFilters(v []*Filter) *DescribeLocalGatewaysInput { + s.Filters = v + return s +} + +// SetLocalGatewayIds sets the LocalGatewayIds field's value. +func (s *DescribeLocalGatewaysInput) SetLocalGatewayIds(v []*string) *DescribeLocalGatewaysInput { + s.LocalGatewayIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLocalGatewaysInput) SetMaxResults(v int64) *DescribeLocalGatewaysInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewaysInput) SetNextToken(v string) *DescribeLocalGatewaysInput { + s.NextToken = &v + return s +} + +type DescribeLocalGatewaysOutput struct { + _ struct{} `type:"structure"` + + // Information about the local gateways. + LocalGateways []*LocalGateway `locationName:"localGatewaySet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeLocalGatewaysOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeLocalGatewaysOutput) GoString() string { + return s.String() +} + +// SetLocalGateways sets the LocalGateways field's value. +func (s *DescribeLocalGatewaysOutput) SetLocalGateways(v []*LocalGateway) *DescribeLocalGatewaysOutput { + s.LocalGateways = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLocalGatewaysOutput) SetNextToken(v string) *DescribeLocalGatewaysOutput { + s.NextToken = &v + return s +} + type DescribeMovingAddressesInput struct { _ struct{} `type:"structure"` @@ -47144,7 +60105,7 @@ type DescribeMovingAddressesInput struct { // 1000; if MaxResults is given a value outside of this range, an error is returned. // // Default: If no value is provided, the default is 1000. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` // The token for the next page of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -47163,6 +60124,19 @@ func (s DescribeMovingAddressesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeMovingAddressesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeMovingAddressesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeMovingAddressesInput) SetDryRun(v bool) *DescribeMovingAddressesInput { s.DryRun = &v @@ -47251,18 +60225,14 @@ type DescribeNatGatewaysInput struct { // * vpc-id - The ID of the VPC in which the NAT gateway resides. Filter []*Filter `locationNameList:"Filter" type:"list"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. - // - // Constraint: If the value specified is greater than 1000, we return only 1000 - // items. - MaxResults *int64 `type:"integer"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` // One or more NAT gateway IDs. NatGatewayIds []*string `locationName:"NatGatewayId" locationNameList:"item" type:"list"` - // The token to retrieve the next page of results. + // The token for the next page of results. NextToken *string `type:"string"` } @@ -47276,6 +60246,19 @@ func (s DescribeNatGatewaysInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNatGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNatGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetFilter sets the Filter field's value. func (s *DescribeNatGatewaysInput) SetFilter(v []*Filter) *DescribeNatGatewaysInput { s.Filter = v @@ -47367,7 +60350,6 @@ type DescribeNetworkAclsInput struct { // // * entry.port-range.to - The end of the port range specified in the entry. // - // // * entry.protocol - The protocol specified in the entry (tcp | udp | icmp // or a protocol number). // @@ -47393,10 +60375,17 @@ type DescribeNetworkAclsInput struct { // * vpc-id - The ID of the VPC for the network ACL. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + // One or more network ACL IDs. // // Default: Describes all your network ACLs. NetworkAclIds []*string `locationName:"NetworkAclId" locationNameList:"item" type:"list"` + + // The token for the next page of results. + NextToken *string `type:"string"` } // String returns the string representation @@ -47409,6 +60398,19 @@ func (s DescribeNetworkAclsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNetworkAclsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNetworkAclsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeNetworkAclsInput) SetDryRun(v bool) *DescribeNetworkAclsInput { s.DryRun = &v @@ -47421,17 +60423,33 @@ func (s *DescribeNetworkAclsInput) SetFilters(v []*Filter) *DescribeNetworkAclsI return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeNetworkAclsInput) SetMaxResults(v int64) *DescribeNetworkAclsInput { + s.MaxResults = &v + return s +} + // SetNetworkAclIds sets the NetworkAclIds field's value. func (s *DescribeNetworkAclsInput) SetNetworkAclIds(v []*string) *DescribeNetworkAclsInput { s.NetworkAclIds = v return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkAclsInput) SetNextToken(v string) *DescribeNetworkAclsInput { + s.NextToken = &v + return s +} + type DescribeNetworkAclsOutput struct { _ struct{} `type:"structure"` // Information about one or more network ACLs. NetworkAcls []*NetworkAcl `locationName:"networkAclSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -47450,6 +60468,12 @@ func (s *DescribeNetworkAclsOutput) SetNetworkAcls(v []*NetworkAcl) *DescribeNet return s } +// SetNextToken sets the NextToken field's value. +func (s *DescribeNetworkAclsOutput) SetNextToken(v string) *DescribeNetworkAclsOutput { + s.NextToken = &v + return s +} + // Contains the parameters for DescribeNetworkInterfaceAttribute. type DescribeNetworkInterfaceAttributeInput struct { _ struct{} `type:"structure"` @@ -47593,7 +60617,7 @@ type DescribeNetworkInterfacePermissionsInput struct { // The maximum number of results to return in a single call. To retrieve the // remaining results, make another call with the returned NextToken value. If // this parameter is not specified, up to 50 results are returned by default. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // One or more network interface permission IDs. NetworkInterfacePermissionIds []*string `locationName:"NetworkInterfacePermissionId" type:"list"` @@ -47612,6 +60636,19 @@ func (s DescribeNetworkInterfacePermissionsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNetworkInterfacePermissionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNetworkInterfacePermissionsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetFilters sets the Filters field's value. func (s *DescribeNetworkInterfacePermissionsInput) SetFilters(v []*Filter) *DescribeNetworkInterfacePermissionsInput { s.Filters = v @@ -47710,7 +60747,7 @@ type DescribeNetworkInterfacesInput struct { // // * attachment.attachment-id - The ID of the interface attachment. // - // * attachment.attach.time - The time that the network interface was attached + // * attachment.attach-time - The time that the network interface was attached // to an instance. // // * attachment.delete-on-termination - Indicates whether the attachment @@ -47761,7 +60798,7 @@ type DescribeNetworkInterfacesInput struct { // managed by an AWS service (for example, AWS Management Console, Auto Scaling, // and so on). // - // * source-desk-check - Indicates whether the network interface performs + // * source-dest-check - Indicates whether the network interface performs // source/destination checking. A value of true means checking is enabled, // and false means checking is disabled. The value must be false for the // network interface to perform network address translation (NAT) in your @@ -47788,8 +60825,9 @@ type DescribeNetworkInterfacesInput struct { // The maximum number of items to return for this request. The request returns // a token that you can specify in a subsequent call to get the next set of - // results. - MaxResults *int64 `type:"integer"` + // results. You cannot specify this parameter and the network interface IDs + // parameter in the same request. + MaxResults *int64 `min:"5" type:"integer"` // One or more network interface IDs. // @@ -47810,6 +60848,19 @@ func (s DescribeNetworkInterfacesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNetworkInterfacesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNetworkInterfacesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeNetworkInterfacesInput) SetDryRun(v bool) *DescribeNetworkInterfacesInput { s.DryRun = &v @@ -47883,7 +60934,7 @@ type DescribePlacementGroupsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * group-name - The name of the placement group. // @@ -47893,7 +60944,10 @@ type DescribePlacementGroupsInput struct { // * strategy - The strategy of the placement group (cluster | spread | partition). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more placement group names. + // The IDs of the placement groups. + GroupIds []*string `locationName:"GroupId" locationNameList:"GroupId" type:"list"` + + // The names of the placement groups. // // Default: Describes all your placement groups, or only those otherwise specified. GroupNames []*string `locationName:"groupName" type:"list"` @@ -47921,6 +60975,12 @@ func (s *DescribePlacementGroupsInput) SetFilters(v []*Filter) *DescribePlacemen return s } +// SetGroupIds sets the GroupIds field's value. +func (s *DescribePlacementGroupsInput) SetGroupIds(v []*string) *DescribePlacementGroupsInput { + s.GroupIds = v + return s +} + // SetGroupNames sets the GroupNames field's value. func (s *DescribePlacementGroupsInput) SetGroupNames(v []*string) *DescribePlacementGroupsInput { s.GroupNames = v @@ -47930,7 +60990,7 @@ func (s *DescribePlacementGroupsInput) SetGroupNames(v []*string) *DescribePlace type DescribePlacementGroupsOutput struct { _ struct{} `type:"structure"` - // One or more placement groups. + // Information about the placement groups. PlacementGroups []*PlacementGroup `locationName:"placementGroupSet" locationNameList:"item" type:"list"` } @@ -47966,16 +61026,11 @@ type DescribePrefixListsInput struct { // * prefix-list-name: The name of a prefix list. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. - // - // Constraint: If the value specified is greater than 1000, we return only 1000 - // items. + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. MaxResults *int64 `type:"integer"` - // The token for the next set of items to return. (You received this token from - // a prior call.) + // The token for the next page of results. NextToken *string `type:"string"` // One or more prefix list IDs. @@ -48025,8 +61080,8 @@ func (s *DescribePrefixListsInput) SetPrefixListIds(v []*string) *DescribePrefix type DescribePrefixListsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` // All available prefix lists. @@ -48066,7 +61121,7 @@ type DescribePrincipalIdFormatInput struct { // The maximum number of results to return in a single call. To retrieve the // remaining results, make another call with the returned NextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"1" type:"integer"` // The token to request the next page of results. NextToken *string `type:"string"` @@ -48091,6 +61146,19 @@ func (s DescribePrincipalIdFormatInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribePrincipalIdFormatInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribePrincipalIdFormatInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribePrincipalIdFormatInput) SetDryRun(v bool) *DescribePrincipalIdFormatInput { s.DryRun = &v @@ -48156,7 +61224,7 @@ type DescribePublicIpv4PoolsInput struct { MaxResults *int64 `min:"1" type:"integer"` // The token for the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` // The IDs of the address pools. PoolIds []*string `locationName:"PoolId" locationNameList:"item" type:"list"` @@ -48178,9 +61246,6 @@ func (s *DescribePublicIpv4PoolsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -48242,20 +61307,28 @@ func (s *DescribePublicIpv4PoolsOutput) SetPublicIpv4Pools(v []*PublicIpv4Pool) type DescribeRegionsInput struct { _ struct{} `type:"structure"` + // Indicates whether to display all Regions, including Regions that are disabled + // for your account. + AllRegions *bool `type:"boolean"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // - // * endpoint - The endpoint of the region (for example, ec2.us-east-1.amazonaws.com). + // * endpoint - The endpoint of the Region (for example, ec2.us-east-1.amazonaws.com). // - // * region-name - The name of the region (for example, us-east-1). + // * opt-in-status - The opt-in status of the Region (opt-in-not-required + // | opted-in | not-opted-in). + // + // * region-name - The name of the Region (for example, us-east-1). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The names of one or more regions. + // The names of the Regions. You can specify any Regions, whether they are enabled + // and disabled for your account. RegionNames []*string `locationName:"RegionName" locationNameList:"RegionName" type:"list"` } @@ -48269,6 +61342,12 @@ func (s DescribeRegionsInput) GoString() string { return s.String() } +// SetAllRegions sets the AllRegions field's value. +func (s *DescribeRegionsInput) SetAllRegions(v bool) *DescribeRegionsInput { + s.AllRegions = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DescribeRegionsInput) SetDryRun(v bool) *DescribeRegionsInput { s.DryRun = &v @@ -48290,7 +61369,7 @@ func (s *DescribeRegionsInput) SetRegionNames(v []*string) *DescribeRegionsInput type DescribeRegionsOutput struct { _ struct{} `type:"structure"` - // Information about one or more regions. + // Information about the Regions. Regions []*Region `locationName:"regionInfo" locationNameList:"item" type:"list"` } @@ -48517,7 +61596,7 @@ type DescribeReservedInstancesModificationsInput struct { // * modification-result.target-configuration.availability-zone - The Availability // Zone for the new Reserved Instances. // - // * modification-result.target-configuration.instance-count - The number + // * modification-result.target-configuration.instance-count - The number // of new Reserved Instances. // // * modification-result.target-configuration.instance-type - The instance @@ -48645,7 +61724,7 @@ type DescribeReservedInstancesOfferingsInput struct { // SUSE Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise // Linux (Amazon VPC) | Windows | Windows (Amazon VPC) | Windows with SQL // Server Standard | Windows with SQL Server Standard (Amazon VPC) | Windows - // with SQL Server Web | Windows with SQL Server Web (Amazon VPC) | Windows + // with SQL Server Web | Windows with SQL Server Web (Amazon VPC) | Windows // with SQL Server Enterprise | Windows with SQL Server Enterprise (Amazon // VPC)) // @@ -48671,7 +61750,7 @@ type DescribeReservedInstancesOfferingsInput struct { InstanceTenancy *string `locationName:"instanceTenancy" type:"string" enum:"Tenancy"` // The instance type that the reservation will cover (for example, m1.small). - // For more information, see Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. InstanceType *string `type:"string" enum:"InstanceType"` @@ -48951,12 +62030,11 @@ type DescribeRouteTablesInput struct { // * vpc-id - The ID of the VPC for the route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 100. - MaxResults *int64 `type:"integer"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token for the next page of results. NextToken *string `type:"string"` // One or more route table IDs. @@ -48975,6 +62053,19 @@ func (s DescribeRouteTablesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeRouteTablesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeRouteTablesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeRouteTablesInput) SetDryRun(v bool) *DescribeRouteTablesInput { s.DryRun = &v @@ -49049,7 +62140,7 @@ type DescribeScheduledInstanceAvailabilityInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone (for example, us-west-2a). // @@ -49068,7 +62159,7 @@ type DescribeScheduledInstanceAvailabilityInput struct { // The maximum number of results to return in a single call. This value can // be between 5 and 300. The default value is 300. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The maximum available duration, in hours. This value must be greater than // MinSlotDurationInHours and less than 1,720. @@ -49105,6 +62196,9 @@ func (s *DescribeScheduledInstanceAvailabilityInput) Validate() error { if s.FirstSlotStartTimeRange == nil { invalidParams.Add(request.NewErrParamRequired("FirstSlotStartTimeRange")) } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } if s.Recurrence == nil { invalidParams.Add(request.NewErrParamRequired("Recurrence")) } @@ -49212,7 +62306,7 @@ type DescribeScheduledInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone (for example, us-west-2a). // @@ -49231,7 +62325,7 @@ type DescribeScheduledInstancesInput struct { // The token for the next set of results. NextToken *string `type:"string"` - // One or more Scheduled Instance IDs. + // The Scheduled Instance IDs. ScheduledInstanceIds []*string `locationName:"ScheduledInstanceId" locationNameList:"ScheduledInstanceId" type:"list"` // The time period for the first schedule to start. @@ -49327,7 +62421,7 @@ type DescribeSecurityGroupReferencesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more security group IDs in your account. + // The IDs of the security groups in your account. // // GroupId is a required field GroupId []*string `locationNameList:"item" type:"list" required:"true"` @@ -49400,9 +62494,9 @@ type DescribeSecurityGroupsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. If using multiple filters for rules, the results include - // security groups for which any combination of rules - not necessarily a single - // rule - match all filters. + // The filters. If using multiple filters for rules, the results include security + // groups for which any combination of rules - not necessarily a single rule + // - match all filters. // // * description - The description of the security group. // @@ -49479,13 +62573,13 @@ type DescribeSecurityGroupsInput struct { // * vpc-id - The ID of the VPC specified when the security group was created. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more security group IDs. Required for security groups in a nondefault + // The IDs of the security groups. Required for security groups in a nondefault // VPC. // // Default: Describes all your security groups. GroupIds []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"` - // [EC2-Classic and default VPC only] One or more security group names. You + // [EC2-Classic and default VPC only] The names of the security groups. You // can specify either the security group name or the security group ID. For // security groups in a nondefault VPC, use the group-name filter to describe // security groups by name. @@ -49497,7 +62591,7 @@ type DescribeSecurityGroupsInput struct { // remaining results, make another request with the returned NextToken value. // This value can be between 5 and 1000. If this parameter is not specified, // then all results are returned. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The token to request the next page of results. NextToken *string `type:"string"` @@ -49513,6 +62607,19 @@ func (s DescribeSecurityGroupsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeSecurityGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSecurityGroupsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeSecurityGroupsInput) SetDryRun(v bool) *DescribeSecurityGroupsInput { s.DryRun = &v @@ -49556,7 +62663,7 @@ type DescribeSecurityGroupsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Information about one or more security groups. + // Information about the security groups. SecurityGroups []*SecurityGroup `locationName:"securityGroupInfo" locationNameList:"item" type:"list"` } @@ -49582,7 +62689,6 @@ func (s *DescribeSecurityGroupsOutput) SetSecurityGroups(v []*SecurityGroup) *De return s } -// Contains the parameters for DescribeSnapshotAttribute. type DescribeSnapshotAttributeInput struct { _ struct{} `type:"structure"` @@ -49647,14 +62753,14 @@ func (s *DescribeSnapshotAttributeInput) SetSnapshotId(v string) *DescribeSnapsh return s } -// Contains the output of DescribeSnapshotAttribute. type DescribeSnapshotAttributeOutput struct { _ struct{} `type:"structure"` - // A list of permissions for creating volumes from the snapshot. + // The users and groups that have the permissions for creating volumes from + // the snapshot. CreateVolumePermissions []*CreateVolumePermission `locationName:"createVolumePermission" locationNameList:"item" type:"list"` - // A list of product codes. + // The product codes. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` // The ID of the EBS snapshot. @@ -49689,7 +62795,6 @@ func (s *DescribeSnapshotAttributeOutput) SetSnapshotId(v string) *DescribeSnaps return s } -// Contains the parameters for DescribeSnapshots. type DescribeSnapshotsInput struct { _ struct{} `type:"structure"` @@ -49699,13 +62804,16 @@ type DescribeSnapshotsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * description - A description of the snapshot. // - // * owner-alias - Value from an Amazon-maintained list (amazon | aws-marketplace - // | microsoft) of snapshot owners. Not to be confused with the user-configured - // AWS account alias, which is set from the IAM console. + // * encrypted - Indicates whether the snapshot is encrypted (true | false) + // + // * owner-alias - Value from an Amazon-maintained list (amazon | self | + // all | aws-marketplace | microsoft) of snapshot owners. Not to be confused + // with the user-configured AWS account alias, which is set from the IAM + // console. // // * owner-id - The ID of the AWS account that owns the snapshot. // @@ -49751,16 +62859,15 @@ type DescribeSnapshotsInput struct { // to return. NextToken *string `type:"string"` - // Returns the snapshots owned by the specified owner. Multiple owners can be - // specified. + // Describes the snapshots owned by these owners. OwnerIds []*string `locationName:"Owner" locationNameList:"Owner" type:"list"` - // One or more AWS accounts IDs that can create volumes from the snapshot. + // The IDs of the AWS accounts that can create volumes from the snapshot. RestorableByUserIds []*string `locationName:"RestorableBy" type:"list"` - // One or more snapshot IDs. + // The snapshot IDs. // - // Default: Describes snapshots for which you have launch permissions. + // Default: Describes the snapshots for which you have create volume permissions. SnapshotIds []*string `locationName:"SnapshotId" locationNameList:"SnapshotId" type:"list"` } @@ -49816,7 +62923,6 @@ func (s *DescribeSnapshotsInput) SetSnapshotIds(v []*string) *DescribeSnapshotsI return s } -// Contains the output of DescribeSnapshots. type DescribeSnapshotsOutput struct { _ struct{} `type:"structure"` @@ -49916,7 +63022,7 @@ type DescribeSpotFleetInstancesInput struct { // The maximum number of results to return in a single call. Specify a value // between 1 and 1000. The default value is 1000. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // The token for the next set of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -49940,6 +63046,9 @@ func (s DescribeSpotFleetInstancesInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeSpotFleetInstancesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeSpotFleetInstancesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } if s.SpotFleetRequestId == nil { invalidParams.Add(request.NewErrParamRequired("SpotFleetRequestId")) } @@ -50034,7 +63143,7 @@ type DescribeSpotFleetRequestHistoryInput struct { // The maximum number of results to return in a single call. Specify a value // between 1 and 1000. The default value is 1000. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // The token for the next set of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -50063,6 +63172,9 @@ func (s DescribeSpotFleetRequestHistoryInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeSpotFleetRequestHistoryInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeSpotFleetRequestHistoryInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } if s.SpotFleetRequestId == nil { invalidParams.Add(request.NewErrParamRequired("SpotFleetRequestId")) } @@ -50358,7 +63470,7 @@ type DescribeSpotInstanceRequestsInput struct { // * state - The state of the Spot Instance request (open | active | closed // | cancelled | failed). Spot request status information can help you track // your Amazon EC2 Spot Instance requests. For more information, see Spot - // Request Status (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) + // Request Status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) // in the Amazon EC2 User Guide for Linux Instances. // // * status-code - The short code describing the most recent evaluation of @@ -50791,6 +63903,13 @@ type DescribeSubnetsInput struct { // * vpc-id - The ID of the VPC for the subnet. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + // One or more subnet IDs. // // Default: Describes all your subnets. @@ -50807,6 +63926,19 @@ func (s DescribeSubnetsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeSubnetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSubnetsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeSubnetsInput) SetDryRun(v bool) *DescribeSubnetsInput { s.DryRun = &v @@ -50819,6 +63951,18 @@ func (s *DescribeSubnetsInput) SetFilters(v []*Filter) *DescribeSubnetsInput { return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeSubnetsInput) SetMaxResults(v int64) *DescribeSubnetsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeSubnetsInput) SetNextToken(v string) *DescribeSubnetsInput { + s.NextToken = &v + return s +} + // SetSubnetIds sets the SubnetIds field's value. func (s *DescribeSubnetsInput) SetSubnetIds(v []*string) *DescribeSubnetsInput { s.SubnetIds = v @@ -50828,6 +63972,10 @@ func (s *DescribeSubnetsInput) SetSubnetIds(v []*string) *DescribeSubnetsInput { type DescribeSubnetsOutput struct { _ struct{} `type:"structure"` + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + // Information about one or more subnets. Subnets []*Subnet `locationName:"subnetSet" locationNameList:"item" type:"list"` } @@ -50842,6 +63990,12 @@ func (s DescribeSubnetsOutput) GoString() string { return s.String() } +// SetNextToken sets the NextToken field's value. +func (s *DescribeSubnetsOutput) SetNextToken(v string) *DescribeSubnetsOutput { + s.NextToken = &v + return s +} + // SetSubnets sets the Subnets field's value. func (s *DescribeSubnetsOutput) SetSubnets(v []*Subnet) *DescribeSubnetsOutput { s.Subnets = v @@ -50857,7 +64011,7 @@ type DescribeTagsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * key - The tag key. // @@ -50865,9 +64019,10 @@ type DescribeTagsInput struct { // // * resource-type - The resource type (customer-gateway | dedicated-host // | dhcp-options | elastic-ip | fleet | fpga-image | image | instance | - // internet-gateway | launch-template | natgateway | network-acl | network-interface - // | reserved-instances | route-table | security-group | snapshot | spot-instances-request - // | subnet | volume | vpc | vpc-peering-connection | vpn-connection | vpn-gateway). + // host-reservation | internet-gateway | launch-template | natgateway | network-acl + // | network-interface | reserved-instances | route-table | security-group + // | snapshot | spot-instances-request | subnet | volume | vpc | vpc-peering-connection + // | vpn-connection | vpn-gateway). // // * tag: - The key/value combination of the tag. For example, specify // "tag:Owner" for the filter name and "TeamA" for the filter value to find @@ -50952,6 +64107,367 @@ func (s *DescribeTagsOutput) SetTags(v []*TagDescription) *DescribeTagsOutput { return s } +type DescribeTrafficMirrorFiltersInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror filter description. + // + // * traffic-mirror-filter-id: The ID of the Traffic Mirror filter. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterIds []*string `locationName:"TrafficMirrorFilterId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorFiltersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorFiltersInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorFiltersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorFiltersInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetDryRun(v bool) *DescribeTrafficMirrorFiltersInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetFilters(v []*Filter) *DescribeTrafficMirrorFiltersInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetMaxResults(v int64) *DescribeTrafficMirrorFiltersInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetNextToken(v string) *DescribeTrafficMirrorFiltersInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorFilterIds sets the TrafficMirrorFilterIds field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetTrafficMirrorFilterIds(v []*string) *DescribeTrafficMirrorFiltersInput { + s.TrafficMirrorFilterIds = v + return s +} + +type DescribeTrafficMirrorFiltersOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about one or more Traffic Mirror filters. + TrafficMirrorFilters []*TrafficMirrorFilter `locationName:"trafficMirrorFilterSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorFiltersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorFiltersOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorFiltersOutput) SetNextToken(v string) *DescribeTrafficMirrorFiltersOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorFilters sets the TrafficMirrorFilters field's value. +func (s *DescribeTrafficMirrorFiltersOutput) SetTrafficMirrorFilters(v []*TrafficMirrorFilter) *DescribeTrafficMirrorFiltersOutput { + s.TrafficMirrorFilters = v + return s +} + +type DescribeTrafficMirrorSessionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror session description. + // + // * network-interface-id: The ID of the Traffic Mirror session network interface. + // + // * owner-id: The ID of the account that owns the Traffic Mirror session. + // + // * packet-length: The assigned number of packets to mirror. + // + // * session-number: The assigned session number. + // + // * traffic-mirror-filter-id: The ID of the Traffic Mirror filter. + // + // * traffic-mirror-session-id: The ID of the Traffic Mirror session. + // + // * traffic-mirror-target-id: The ID of the Traffic Mirror target. + // + // * virtual-network-id: The virtual network ID of the Traffic Mirror session. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror session. + TrafficMirrorSessionIds []*string `locationName:"TrafficMirrorSessionId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorSessionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorSessionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorSessionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorSessionsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetDryRun(v bool) *DescribeTrafficMirrorSessionsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetFilters(v []*Filter) *DescribeTrafficMirrorSessionsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetMaxResults(v int64) *DescribeTrafficMirrorSessionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetNextToken(v string) *DescribeTrafficMirrorSessionsInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorSessionIds sets the TrafficMirrorSessionIds field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetTrafficMirrorSessionIds(v []*string) *DescribeTrafficMirrorSessionsInput { + s.TrafficMirrorSessionIds = v + return s +} + +type DescribeTrafficMirrorSessionsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror + // sessions are described. Alternatively, you can filter the results. + TrafficMirrorSessions []*TrafficMirrorSession `locationName:"trafficMirrorSessionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorSessionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorSessionsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorSessionsOutput) SetNextToken(v string) *DescribeTrafficMirrorSessionsOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorSessions sets the TrafficMirrorSessions field's value. +func (s *DescribeTrafficMirrorSessionsOutput) SetTrafficMirrorSessions(v []*TrafficMirrorSession) *DescribeTrafficMirrorSessionsOutput { + s.TrafficMirrorSessions = v + return s +} + +type DescribeTrafficMirrorTargetsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror target description. + // + // * network-interface-id: The ID of the Traffic Mirror session network interface. + // + // * network-load-balancer-arn: The Amazon Resource Name (ARN) of the Network + // Load Balancer that is associated with the session. + // + // * owner-id: The ID of the account that owns the Traffic Mirror session. + // + // * traffic-mirror-target-id: The ID of the Traffic Mirror target. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror targets. + TrafficMirrorTargetIds []*string `locationName:"TrafficMirrorTargetId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorTargetsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorTargetsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorTargetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorTargetsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetDryRun(v bool) *DescribeTrafficMirrorTargetsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetFilters(v []*Filter) *DescribeTrafficMirrorTargetsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetMaxResults(v int64) *DescribeTrafficMirrorTargetsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetNextToken(v string) *DescribeTrafficMirrorTargetsInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorTargetIds sets the TrafficMirrorTargetIds field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetTrafficMirrorTargetIds(v []*string) *DescribeTrafficMirrorTargetsInput { + s.TrafficMirrorTargetIds = v + return s +} + +type DescribeTrafficMirrorTargetsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about one or more Traffic Mirror targets. + TrafficMirrorTargets []*TrafficMirrorTarget `locationName:"trafficMirrorTargetSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorTargetsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorTargetsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorTargetsOutput) SetNextToken(v string) *DescribeTrafficMirrorTargetsOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorTargets sets the TrafficMirrorTargets field's value. +func (s *DescribeTrafficMirrorTargetsOutput) SetTrafficMirrorTargets(v []*TrafficMirrorTarget) *DescribeTrafficMirrorTargetsOutput { + s.TrafficMirrorTargets = v + return s +} + type DescribeTransitGatewayAttachmentsInput struct { _ struct{} `type:"structure"` @@ -50963,26 +64479,27 @@ type DescribeTransitGatewayAttachmentsInput struct { // One or more filters. The possible values are: // - // * association.transit-gateway-route-table-id - The ID of the route table - // for the transit gateway. - // // * association.state - The state of the association (associating | associated // | disassociating). // + // * association.transit-gateway-route-table-id - The ID of the route table + // for the transit gateway. + // // * resource-id - The ID of the resource. // - // * resource-owner - The ID of the AWS account that owns the resource. + // * resource-owner-id - The ID of the AWS account that owns the resource. // // * resource-type - The resource type (vpc | vpn). // - // * state - The state of the attachment (pendingAcceptance | pending | available - // | modifying | deleting | deleted | failed | rejected). + // * state - The state of the attachment (available | deleted | deleting + // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected + // | rejecting). // // * transit-gateway-attachment-id - The ID of the attachment. // // * transit-gateway-id - The ID of the transit gateway. // - // * transit-gateway-owner - The ID of the AWS account that owns the transit + // * transit-gateway-owner-id - The ID of the AWS account that owns the transit // gateway. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -51083,6 +64600,232 @@ func (s *DescribeTransitGatewayAttachmentsOutput) SetTransitGatewayAttachments(v return s } +type DescribeTransitGatewayMulticastDomainsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * state - The state of the transit gateway multicast domain. Valid values + // are pending | available | deleting | deleted. + // + // * transit-gateway-id - The ID of the transit gateway. + // + // * transit-gateway-multicast-domain-id - The ID of the transit gateway + // multicast domain. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainIds []*string `locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayMulticastDomainsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayMulticastDomainsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTransitGatewayMulticastDomainsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTransitGatewayMulticastDomainsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTransitGatewayMulticastDomainsInput) SetDryRun(v bool) *DescribeTransitGatewayMulticastDomainsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTransitGatewayMulticastDomainsInput) SetFilters(v []*Filter) *DescribeTransitGatewayMulticastDomainsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTransitGatewayMulticastDomainsInput) SetMaxResults(v int64) *DescribeTransitGatewayMulticastDomainsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayMulticastDomainsInput) SetNextToken(v string) *DescribeTransitGatewayMulticastDomainsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayMulticastDomainIds sets the TransitGatewayMulticastDomainIds field's value. +func (s *DescribeTransitGatewayMulticastDomainsInput) SetTransitGatewayMulticastDomainIds(v []*string) *DescribeTransitGatewayMulticastDomainsInput { + s.TransitGatewayMulticastDomainIds = v + return s +} + +type DescribeTransitGatewayMulticastDomainsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the transit gateway multicast domains. + TransitGatewayMulticastDomains []*TransitGatewayMulticastDomain `locationName:"transitGatewayMulticastDomains" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayMulticastDomainsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayMulticastDomainsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayMulticastDomainsOutput) SetNextToken(v string) *DescribeTransitGatewayMulticastDomainsOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayMulticastDomains sets the TransitGatewayMulticastDomains field's value. +func (s *DescribeTransitGatewayMulticastDomainsOutput) SetTransitGatewayMulticastDomains(v []*TransitGatewayMulticastDomain) *DescribeTransitGatewayMulticastDomainsOutput { + s.TransitGatewayMulticastDomains = v + return s +} + +type DescribeTransitGatewayPeeringAttachmentsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // One or more IDs of the transit gateway peering attachments. + TransitGatewayAttachmentIds []*string `type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayPeeringAttachmentsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayPeeringAttachmentsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTransitGatewayPeeringAttachmentsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) SetDryRun(v bool) *DescribeTransitGatewayPeeringAttachmentsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) SetFilters(v []*Filter) *DescribeTransitGatewayPeeringAttachmentsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) SetMaxResults(v int64) *DescribeTransitGatewayPeeringAttachmentsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) SetNextToken(v string) *DescribeTransitGatewayPeeringAttachmentsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayAttachmentIds sets the TransitGatewayAttachmentIds field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsInput) SetTransitGatewayAttachmentIds(v []*string) *DescribeTransitGatewayPeeringAttachmentsInput { + s.TransitGatewayAttachmentIds = v + return s +} + +type DescribeTransitGatewayPeeringAttachmentsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The transit gateway peering attachments. + TransitGatewayPeeringAttachments []*TransitGatewayPeeringAttachment `locationName:"transitGatewayPeeringAttachments" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTransitGatewayPeeringAttachmentsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTransitGatewayPeeringAttachmentsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsOutput) SetNextToken(v string) *DescribeTransitGatewayPeeringAttachmentsOutput { + s.NextToken = &v + return s +} + +// SetTransitGatewayPeeringAttachments sets the TransitGatewayPeeringAttachments field's value. +func (s *DescribeTransitGatewayPeeringAttachmentsOutput) SetTransitGatewayPeeringAttachments(v []*TransitGatewayPeeringAttachment) *DescribeTransitGatewayPeeringAttachmentsOutput { + s.TransitGatewayPeeringAttachments = v + return s +} + type DescribeTransitGatewayRouteTablesInput struct { _ struct{} `type:"structure"` @@ -51100,8 +64843,9 @@ type DescribeTransitGatewayRouteTablesInput struct { // * default-propagation-route-table - Indicates whether this is the default // propagation route table for the transit gateway (true | false). // - // * state - The state of the attachment (pendingAcceptance | pending | available - // | modifying | deleting | deleted | failed | rejected). + // * state - The state of the attachment (available | deleted | deleting + // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected + // | rejecting). // // * transit-gateway-id - The ID of the transit gateway. // @@ -51217,8 +64961,9 @@ type DescribeTransitGatewayVpcAttachmentsInput struct { // One or more filters. The possible values are: // - // * state - The state of the attachment (pendingAcceptance | pending | available - // | modifying | deleting | deleted | failed | rejected). + // * state - The state of the attachment (available | deleted | deleting + // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected + // | rejecting). // // * transit-gateway-attachment-id - The ID of the attachment. // @@ -51335,8 +65080,6 @@ type DescribeTransitGatewaysInput struct { // One or more filters. The possible values are: // - // * owner-id - The ID of the AWS account that owns the transit gateway. - // // * options.propagation-default-route-table-id - The ID of the default propagation // route table. // @@ -51363,13 +65106,13 @@ type DescribeTransitGatewaysInput struct { // * options.vpn-ecmp-support - Indicates whether Equal Cost Multipath Protocol // support is enabled (enable | disable). // - // * state - The state of the attachment (pendingAcceptance | pending | available - // | modifying | deleting | deleted | failed | rejected). + // * owner-id - The ID of the AWS account that owns the transit gateway. + // + // * state - The state of the attachment (available | deleted | deleting + // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected + // | rejecting). // // * transit-gateway-id - The ID of the transit gateway. - // - // * transit-gateway-state - The state of the transit gateway (pending | - // available | deleting | deleted). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return with a single call. To retrieve the @@ -51469,7 +65212,6 @@ func (s *DescribeTransitGatewaysOutput) SetTransitGateways(v []*TransitGateway) return s } -// Contains the parameters for DescribeVolumeAttribute. type DescribeVolumeAttributeInput struct { _ struct{} `type:"structure"` @@ -51534,7 +65276,6 @@ func (s *DescribeVolumeAttributeInput) SetVolumeId(v string) *DescribeVolumeAttr return s } -// Contains the output of DescribeVolumeAttribute. type DescribeVolumeAttributeOutput struct { _ struct{} `type:"structure"` @@ -51576,7 +65317,6 @@ func (s *DescribeVolumeAttributeOutput) SetVolumeId(v string) *DescribeVolumeAtt return s } -// Contains the parameters for DescribeVolumeStatus. type DescribeVolumeStatusInput struct { _ struct{} `type:"structure"` @@ -51586,7 +65326,7 @@ type DescribeVolumeStatusInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * action.code - The action code for the event (for example, enable-volume-io). // @@ -51635,7 +65375,7 @@ type DescribeVolumeStatusInput struct { // more results to return. NextToken *string `type:"string"` - // One or more volume IDs. + // The IDs of the volumes. // // Default: Describes all your volumes. VolumeIds []*string `locationName:"VolumeId" locationNameList:"VolumeId" type:"list"` @@ -51681,7 +65421,6 @@ func (s *DescribeVolumeStatusInput) SetVolumeIds(v []*string) *DescribeVolumeSta return s } -// Contains the output of DescribeVolumeStatus. type DescribeVolumeStatusOutput struct { _ struct{} `type:"structure"` @@ -51689,7 +65428,7 @@ type DescribeVolumeStatusOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // A list of volumes. + // Information about the status of the volumes. VolumeStatuses []*VolumeStatusItem `locationName:"volumeStatusSet" locationNameList:"item" type:"list"` } @@ -51715,7 +65454,6 @@ func (s *DescribeVolumeStatusOutput) SetVolumeStatuses(v []*VolumeStatusItem) *D return s } -// Contains the parameters for DescribeVolumes. type DescribeVolumesInput struct { _ struct{} `type:"structure"` @@ -51725,7 +65463,7 @@ type DescribeVolumesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * attachment.attach-time - The time stamp when the attachment initiated. // @@ -51744,7 +65482,7 @@ type DescribeVolumesInput struct { // // * create-time - The time stamp when the volume was created. // - // * encrypted - The encryption status of the volume. + // * encrypted - Indicates whether the volume is encrypted (true | false) // // * size - The size of the volume, in GiB. // @@ -51787,7 +65525,7 @@ type DescribeVolumesInput struct { // NextToken value. This value is null when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // One or more volume IDs. + // The volume IDs. VolumeIds []*string `locationName:"VolumeId" locationNameList:"VolumeId" type:"list"` } @@ -51840,7 +65578,7 @@ type DescribeVolumesModificationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. Supported filters: volume-id, modification-state, target-size, + // The filters. Supported filters: volume-id, modification-state, target-size, // target-iops, target-volume-type, original-size, original-iops, original-volume-type, // start-time. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -51852,7 +65590,7 @@ type DescribeVolumesModificationsInput struct { // The nextToken value returned by a previous paginated request. NextToken *string `type:"string"` - // One or more volume IDs for which in-progress modifications will be described. + // The IDs of the volumes for which in-progress modifications will be described. VolumeIds []*string `locationName:"VolumeId" locationNameList:"VolumeId" type:"list"` } @@ -51902,7 +65640,7 @@ type DescribeVolumesModificationsOutput struct { // Token for pagination, null if there are no more results NextToken *string `locationName:"nextToken" type:"string"` - // A list of returned VolumeModification objects. + // Information about the volume modifications. VolumesModifications []*VolumeModification `locationName:"volumeModificationSet" locationNameList:"item" type:"list"` } @@ -51928,7 +65666,6 @@ func (s *DescribeVolumesModificationsOutput) SetVolumesModifications(v []*Volume return s } -// Contains the output of DescribeVolumes. type DescribeVolumesOutput struct { _ struct{} `type:"structure"` @@ -52076,13 +65813,11 @@ func (s *DescribeVpcAttributeOutput) SetVpcId(v string) *DescribeVpcAttributeOut type DescribeVpcClassicLinkDnsSupportInput struct { _ struct{} `type:"structure"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token for the next set of items to return. (You received this token from - // a prior call.) + // The token for the next page of results. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // One or more VPC IDs. @@ -52136,7 +65871,8 @@ func (s *DescribeVpcClassicLinkDnsSupportInput) SetVpcIds(v []*string) *Describe type DescribeVpcClassicLinkDnsSupportOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Information about the ClassicLink DNS support status of the VPCs. @@ -52259,7 +65995,7 @@ type DescribeVpcEndpointConnectionNotificationsInput struct { // One or more filters. // - // * connection-notification-arn - The ARN of SNS topic for the notification. + // * connection-notification-arn - The ARN of the SNS topic for the notification. // // * connection-notification-id - The ID of the notification. // @@ -52378,7 +66114,7 @@ type DescribeVpcEndpointConnectionsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results of the initial request can be seen by sending another // request with the returned NextToken value. This value can be between 5 and - // 1000; if MaxResults is given a value larger than 1000, only 1000 results + // 1,000; if MaxResults is given a value larger than 1,000, only 1,000 results // are returned. MaxResults *int64 `type:"integer"` @@ -52470,12 +66206,22 @@ type DescribeVpcEndpointServiceConfigurationsInput struct { // // * service-state - The state of the service (Pending | Available | Deleting // | Deleted | Failed). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results to return for the request in a single page. // The remaining results of the initial request can be seen by sending another // request with the returned NextToken value. This value can be between 5 and - // 1000; if MaxResults is given a value larger than 1000, only 1000 results + // 1,000; if MaxResults is given a value larger than 1,000, only 1,000 results // are returned. MaxResults *int64 `type:"integer"` @@ -52579,7 +66325,7 @@ type DescribeVpcEndpointServicePermissionsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results of the initial request can be seen by sending another // request with the returned NextToken value. This value can be between 5 and - // 1000; if MaxResults is given a value larger than 1000, only 1000 results + // 1,000; if MaxResults is given a value larger than 1,000, only 1,000 results // are returned. MaxResults *int64 `type:"integer"` @@ -52690,14 +66436,24 @@ type DescribeVpcEndpointServicesInput struct { // One or more filters. // - // * service-name: The name of the service. + // * service-name - The name of the service. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of items to return for this request. The request returns // a token that you can specify in a subsequent call to get the next set of // results. // - // Constraint: If the value is greater than 1000, we return only 1000 items. + // Constraint: If the value is greater than 1,000, we return only 1,000 items. MaxResults *int64 `type:"integer"` // The token for the next set of items to return. (You received this token from @@ -52803,21 +66559,31 @@ type DescribeVpcEndpointsInput struct { // One or more filters. // - // * service-name: The name of the service. + // * service-name - The name of the service. // - // * vpc-id: The ID of the VPC in which the endpoint resides. + // * vpc-id - The ID of the VPC in which the endpoint resides. // - // * vpc-endpoint-id: The ID of the endpoint. + // * vpc-endpoint-id - The ID of the endpoint. // - // * vpc-endpoint-state: The state of the endpoint. (pending | available - // | deleting | deleted) + // * vpc-endpoint-state - The state of the endpoint (pendingAcceptance | + // pending | available | deleting | deleted | rejected | failed). + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of items to return for this request. The request returns // a token that you can specify in a subsequent call to get the next set of // results. // - // Constraint: If the value is greater than 1000, we return only 1000 items. + // Constraint: If the value is greater than 1,000, we return only 1,000 items. MaxResults *int64 `type:"integer"` // The token for the next set of items to return. (You received this token from @@ -52949,6 +66715,13 @@ type DescribeVpcPeeringConnectionsInput struct { // * vpc-peering-connection-id - The ID of the VPC peering connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + // One or more VPC peering connection IDs. // // Default: Describes all your VPC peering connections. @@ -52965,6 +66738,19 @@ func (s DescribeVpcPeeringConnectionsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeVpcPeeringConnectionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeVpcPeeringConnectionsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeVpcPeeringConnectionsInput) SetDryRun(v bool) *DescribeVpcPeeringConnectionsInput { s.DryRun = &v @@ -52977,6 +66763,18 @@ func (s *DescribeVpcPeeringConnectionsInput) SetFilters(v []*Filter) *DescribeVp return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeVpcPeeringConnectionsInput) SetMaxResults(v int64) *DescribeVpcPeeringConnectionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeVpcPeeringConnectionsInput) SetNextToken(v string) *DescribeVpcPeeringConnectionsInput { + s.NextToken = &v + return s +} + // SetVpcPeeringConnectionIds sets the VpcPeeringConnectionIds field's value. func (s *DescribeVpcPeeringConnectionsInput) SetVpcPeeringConnectionIds(v []*string) *DescribeVpcPeeringConnectionsInput { s.VpcPeeringConnectionIds = v @@ -52986,6 +66784,10 @@ func (s *DescribeVpcPeeringConnectionsInput) SetVpcPeeringConnectionIds(v []*str type DescribeVpcPeeringConnectionsOutput struct { _ struct{} `type:"structure"` + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + // Information about the VPC peering connections. VpcPeeringConnections []*VpcPeeringConnection `locationName:"vpcPeeringConnectionSet" locationNameList:"item" type:"list"` } @@ -53000,6 +66802,12 @@ func (s DescribeVpcPeeringConnectionsOutput) GoString() string { return s.String() } +// SetNextToken sets the NextToken field's value. +func (s *DescribeVpcPeeringConnectionsOutput) SetNextToken(v string) *DescribeVpcPeeringConnectionsOutput { + s.NextToken = &v + return s +} + // SetVpcPeeringConnections sets the VpcPeeringConnections field's value. func (s *DescribeVpcPeeringConnectionsOutput) SetVpcPeeringConnections(v []*VpcPeeringConnection) *DescribeVpcPeeringConnectionsOutput { s.VpcPeeringConnections = v @@ -53061,6 +66869,13 @@ type DescribeVpcsInput struct { // * vpc-id - The ID of the VPC. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + // One or more VPC IDs. // // Default: Describes all your VPCs. @@ -53077,6 +66892,19 @@ func (s DescribeVpcsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeVpcsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeVpcsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeVpcsInput) SetDryRun(v bool) *DescribeVpcsInput { s.DryRun = &v @@ -53089,6 +66917,18 @@ func (s *DescribeVpcsInput) SetFilters(v []*Filter) *DescribeVpcsInput { return s } +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeVpcsInput) SetMaxResults(v int64) *DescribeVpcsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeVpcsInput) SetNextToken(v string) *DescribeVpcsInput { + s.NextToken = &v + return s +} + // SetVpcIds sets the VpcIds field's value. func (s *DescribeVpcsInput) SetVpcIds(v []*string) *DescribeVpcsInput { s.VpcIds = v @@ -53098,6 +66938,10 @@ func (s *DescribeVpcsInput) SetVpcIds(v []*string) *DescribeVpcsInput { type DescribeVpcsOutput struct { _ struct{} `type:"structure"` + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + // Information about one or more VPCs. Vpcs []*Vpc `locationName:"vpcSet" locationNameList:"item" type:"list"` } @@ -53112,6 +66956,12 @@ func (s DescribeVpcsOutput) GoString() string { return s.String() } +// SetNextToken sets the NextToken field's value. +func (s *DescribeVpcsOutput) SetNextToken(v string) *DescribeVpcsOutput { + s.NextToken = &v + return s +} + // SetVpcs sets the Vpcs field's value. func (s *DescribeVpcsOutput) SetVpcs(v []*Vpc) *DescribeVpcsOutput { s.Vpcs = v @@ -53166,6 +67016,9 @@ type DescribeVpnConnectionsInput struct { // // * vpn-gateway-id - The ID of a virtual private gateway associated with // the VPN connection. + // + // * transit-gateway-id - The ID of a transit gateway associated with the + // VPN connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // One or more VPN connection IDs. @@ -53507,6 +67360,19 @@ type DetachNetworkInterfaceInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // Specifies whether to force a detachment. + // + // * Use the Force parameter only as a last resort to detach a network interface + // from a failed instance. + // + // * If you use the Force parameter to detach a network interface, you might + // not be able to attach a different network interface to the same index + // on the instance without first stopping and starting the instance. + // + // * If you force the detachment of a network interface, the instance metadata + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // might not get updated. This means that the attributes associated with + // the detached network interface might still be visible. The instance metadata + // will get updated when you stop and start the instance. Force *bool `locationName:"force" type:"boolean"` } @@ -53565,7 +67431,6 @@ func (s DetachNetworkInterfaceOutput) GoString() string { return s.String() } -// Contains the parameters for DetachVolume. type DetachVolumeInput struct { _ struct{} `type:"structure"` @@ -53860,6 +67725,374 @@ func (s *DirectoryServiceAuthenticationRequest) SetDirectoryId(v string) *Direct return s } +type DisableEbsEncryptionByDefaultInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s DisableEbsEncryptionByDefaultInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableEbsEncryptionByDefaultInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableEbsEncryptionByDefaultInput) SetDryRun(v bool) *DisableEbsEncryptionByDefaultInput { + s.DryRun = &v + return s +} + +type DisableEbsEncryptionByDefaultOutput struct { + _ struct{} `type:"structure"` + + // The updated status of encryption by default. + EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` +} + +// String returns the string representation +func (s DisableEbsEncryptionByDefaultOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableEbsEncryptionByDefaultOutput) GoString() string { + return s.String() +} + +// SetEbsEncryptionByDefault sets the EbsEncryptionByDefault field's value. +func (s *DisableEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *DisableEbsEncryptionByDefaultOutput { + s.EbsEncryptionByDefault = &v + return s +} + +// Contains information about the errors that occurred when disabling fast snapshot +// restores. +type DisableFastSnapshotRestoreErrorItem struct { + _ struct{} `type:"structure"` + + // The errors. + FastSnapshotRestoreStateErrors []*DisableFastSnapshotRestoreStateErrorItem `locationName:"fastSnapshotRestoreStateErrorSet" locationNameList:"item" type:"list"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoreErrorItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoreErrorItem) GoString() string { + return s.String() +} + +// SetFastSnapshotRestoreStateErrors sets the FastSnapshotRestoreStateErrors field's value. +func (s *DisableFastSnapshotRestoreErrorItem) SetFastSnapshotRestoreStateErrors(v []*DisableFastSnapshotRestoreStateErrorItem) *DisableFastSnapshotRestoreErrorItem { + s.FastSnapshotRestoreStateErrors = v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *DisableFastSnapshotRestoreErrorItem) SetSnapshotId(v string) *DisableFastSnapshotRestoreErrorItem { + s.SnapshotId = &v + return s +} + +// Describes an error that occurred when disabling fast snapshot restores. +type DisableFastSnapshotRestoreStateError struct { + _ struct{} `type:"structure"` + + // The error code. + Code *string `locationName:"code" type:"string"` + + // The error message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoreStateError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoreStateError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *DisableFastSnapshotRestoreStateError) SetCode(v string) *DisableFastSnapshotRestoreStateError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *DisableFastSnapshotRestoreStateError) SetMessage(v string) *DisableFastSnapshotRestoreStateError { + s.Message = &v + return s +} + +// Contains information about an error that occurred when disabling fast snapshot +// restores. +type DisableFastSnapshotRestoreStateErrorItem struct { + _ struct{} `type:"structure"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The error. + Error *DisableFastSnapshotRestoreStateError `locationName:"error" type:"structure"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoreStateErrorItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoreStateErrorItem) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *DisableFastSnapshotRestoreStateErrorItem) SetAvailabilityZone(v string) *DisableFastSnapshotRestoreStateErrorItem { + s.AvailabilityZone = &v + return s +} + +// SetError sets the Error field's value. +func (s *DisableFastSnapshotRestoreStateErrorItem) SetError(v *DisableFastSnapshotRestoreStateError) *DisableFastSnapshotRestoreStateErrorItem { + s.Error = v + return s +} + +// Describes fast snapshot restores that were successfully disabled. +type DisableFastSnapshotRestoreSuccessItem struct { + _ struct{} `type:"structure"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The time at which fast snapshot restores entered the disabled state. + DisabledTime *time.Time `locationName:"disabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the disabling state. + DisablingTime *time.Time `locationName:"disablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabled state. + EnabledTime *time.Time `locationName:"enabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabling state. + EnablingTime *time.Time `locationName:"enablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the optimizing state. + OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` + + // The alias of the snapshot owner. + OwnerAlias *string `locationName:"ownerAlias" type:"string"` + + // The ID of the AWS account that owns the snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` + + // The state of fast snapshot restores for the snapshot. + State *string `locationName:"state" type:"string" enum:"FastSnapshotRestoreStateCode"` + + // The reason for the state transition. The possible values are as follows: + // + // * Client.UserInitiated - The state successfully transitioned to enabling + // or disabling. + // + // * Client.UserInitiated - Lifecycle state transition - The state successfully + // transitioned to optimizing, enabled, or disabled. + StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoreSuccessItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoreSuccessItem) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetAvailabilityZone(v string) *DisableFastSnapshotRestoreSuccessItem { + s.AvailabilityZone = &v + return s +} + +// SetDisabledTime sets the DisabledTime field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetDisabledTime(v time.Time) *DisableFastSnapshotRestoreSuccessItem { + s.DisabledTime = &v + return s +} + +// SetDisablingTime sets the DisablingTime field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetDisablingTime(v time.Time) *DisableFastSnapshotRestoreSuccessItem { + s.DisablingTime = &v + return s +} + +// SetEnabledTime sets the EnabledTime field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetEnabledTime(v time.Time) *DisableFastSnapshotRestoreSuccessItem { + s.EnabledTime = &v + return s +} + +// SetEnablingTime sets the EnablingTime field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetEnablingTime(v time.Time) *DisableFastSnapshotRestoreSuccessItem { + s.EnablingTime = &v + return s +} + +// SetOptimizingTime sets the OptimizingTime field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetOptimizingTime(v time.Time) *DisableFastSnapshotRestoreSuccessItem { + s.OptimizingTime = &v + return s +} + +// SetOwnerAlias sets the OwnerAlias field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetOwnerAlias(v string) *DisableFastSnapshotRestoreSuccessItem { + s.OwnerAlias = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetOwnerId(v string) *DisableFastSnapshotRestoreSuccessItem { + s.OwnerId = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetSnapshotId(v string) *DisableFastSnapshotRestoreSuccessItem { + s.SnapshotId = &v + return s +} + +// SetState sets the State field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetState(v string) *DisableFastSnapshotRestoreSuccessItem { + s.State = &v + return s +} + +// SetStateTransitionReason sets the StateTransitionReason field's value. +func (s *DisableFastSnapshotRestoreSuccessItem) SetStateTransitionReason(v string) *DisableFastSnapshotRestoreSuccessItem { + s.StateTransitionReason = &v + return s +} + +type DisableFastSnapshotRestoresInput struct { + _ struct{} `type:"structure"` + + // One or more Availability Zones. For example, us-east-2a. + // + // AvailabilityZones is a required field + AvailabilityZones []*string `locationName:"AvailabilityZone" locationNameList:"AvailabilityZone" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of one or more snapshots. For example, snap-1234567890abcdef0. + // + // SourceSnapshotIds is a required field + SourceSnapshotIds []*string `locationName:"SourceSnapshotId" locationNameList:"SnapshotId" type:"list" required:"true"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoresInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoresInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisableFastSnapshotRestoresInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisableFastSnapshotRestoresInput"} + if s.AvailabilityZones == nil { + invalidParams.Add(request.NewErrParamRequired("AvailabilityZones")) + } + if s.SourceSnapshotIds == nil { + invalidParams.Add(request.NewErrParamRequired("SourceSnapshotIds")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAvailabilityZones sets the AvailabilityZones field's value. +func (s *DisableFastSnapshotRestoresInput) SetAvailabilityZones(v []*string) *DisableFastSnapshotRestoresInput { + s.AvailabilityZones = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableFastSnapshotRestoresInput) SetDryRun(v bool) *DisableFastSnapshotRestoresInput { + s.DryRun = &v + return s +} + +// SetSourceSnapshotIds sets the SourceSnapshotIds field's value. +func (s *DisableFastSnapshotRestoresInput) SetSourceSnapshotIds(v []*string) *DisableFastSnapshotRestoresInput { + s.SourceSnapshotIds = v + return s +} + +type DisableFastSnapshotRestoresOutput struct { + _ struct{} `type:"structure"` + + // Information about the snapshots for which fast snapshot restores were successfully + // disabled. + Successful []*DisableFastSnapshotRestoreSuccessItem `locationName:"successful" locationNameList:"item" type:"list"` + + // Information about the snapshots for which fast snapshot restores could not + // be disabled. + Unsuccessful []*DisableFastSnapshotRestoreErrorItem `locationName:"unsuccessful" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DisableFastSnapshotRestoresOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisableFastSnapshotRestoresOutput) GoString() string { + return s.String() +} + +// SetSuccessful sets the Successful field's value. +func (s *DisableFastSnapshotRestoresOutput) SetSuccessful(v []*DisableFastSnapshotRestoreSuccessItem) *DisableFastSnapshotRestoresOutput { + s.Successful = v + return s +} + +// SetUnsuccessful sets the Unsuccessful field's value. +func (s *DisableFastSnapshotRestoresOutput) SetUnsuccessful(v []*DisableFastSnapshotRestoreErrorItem) *DisableFastSnapshotRestoresOutput { + s.Unsuccessful = v + return s +} + type DisableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -54483,6 +68716,82 @@ func (s *DisassociateSubnetCidrBlockOutput) SetSubnetId(v string) *DisassociateS return s } +type DisassociateTransitGatewayMulticastDomainInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the subnets; + SubnetIds []*string `locationNameList:"item" type:"list"` + + // The ID of the attachment. + TransitGatewayAttachmentId *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s DisassociateTransitGatewayMulticastDomainInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateTransitGatewayMulticastDomainInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *DisassociateTransitGatewayMulticastDomainInput { + s.DryRun = &v + return s +} + +// SetSubnetIds sets the SubnetIds field's value. +func (s *DisassociateTransitGatewayMulticastDomainInput) SetSubnetIds(v []*string) *DisassociateTransitGatewayMulticastDomainInput { + s.SubnetIds = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *DisassociateTransitGatewayMulticastDomainInput) SetTransitGatewayAttachmentId(v string) *DisassociateTransitGatewayMulticastDomainInput { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *DisassociateTransitGatewayMulticastDomainInput) SetTransitGatewayMulticastDomainId(v string) *DisassociateTransitGatewayMulticastDomainInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type DisassociateTransitGatewayMulticastDomainOutput struct { + _ struct{} `type:"structure"` + + // Information about the association. + Associations *TransitGatewayMulticastDomainAssociations `locationName:"associations" type:"structure"` +} + +// String returns the string representation +func (s DisassociateTransitGatewayMulticastDomainOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisassociateTransitGatewayMulticastDomainOutput) GoString() string { + return s.String() +} + +// SetAssociations sets the Associations field's value. +func (s *DisassociateTransitGatewayMulticastDomainOutput) SetAssociations(v *TransitGatewayMulticastDomainAssociations) *DisassociateTransitGatewayMulticastDomainOutput { + s.Associations = v + return s +} + type DisassociateTransitGatewayRouteTableInput struct { _ struct{} `type:"structure"` @@ -54724,11 +69033,11 @@ type DiskImageDescription struct { // A presigned URL for the import manifest stored in Amazon S3. For information // about creating a presigned URL for an Amazon S3 object, read the "Query String // Request Authentication Alternative" section of the Authenticating REST Requests - // (http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) // topic in the Amazon Simple Storage Service Developer Guide. // // For information about the import manifest referenced by this API action, - // see VM Import Manifest (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). + // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). ImportManifestUrl *string `locationName:"importManifestUrl" type:"string"` // The size of the disk image, in GiB. @@ -54786,11 +69095,11 @@ type DiskImageDetail struct { // A presigned URL for the import manifest stored in Amazon S3 and presented // here as an Amazon S3 presigned URL. For information about creating a presigned // URL for an Amazon S3 object, read the "Query String Request Authentication - // Alternative" section of the Authenticating REST Requests (http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) + // Alternative" section of the Authenticating REST Requests (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) // topic in the Amazon Simple Storage Service Developer Guide. // // For information about the import manifest referenced by this API action, - // see VM Import Manifest (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). + // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // // ImportManifestUrl is a required field ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" required:"true"` @@ -54876,6 +69185,48 @@ func (s *DiskImageVolumeDescription) SetSize(v int64) *DiskImageVolumeDescriptio return s } +// Describes the disk. +type DiskInfo struct { + _ struct{} `type:"structure"` + + // The number of disks with this configuration. + Count *int64 `locationName:"count" type:"integer"` + + // The size of the disk in GB. + SizeInGB *int64 `locationName:"sizeInGB" type:"long"` + + // The type of disk. + Type *string `locationName:"type" type:"string" enum:"DiskType"` +} + +// String returns the string representation +func (s DiskInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DiskInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *DiskInfo) SetCount(v int64) *DiskInfo { + s.Count = &v + return s +} + +// SetSizeInGB sets the SizeInGB field's value. +func (s *DiskInfo) SetSizeInGB(v int64) *DiskInfo { + s.SizeInGB = &v + return s +} + +// SetType sets the Type field's value. +func (s *DiskInfo) SetType(v string) *DiskInfo { + s.Type = &v + return s +} + // Describes a DNS entry. type DnsEntry struct { _ struct{} `type:"structure"` @@ -54949,46 +69300,50 @@ func (s *DnsServersOptionsModifyStructure) SetEnabled(v bool) *DnsServersOptions type EbsBlockDevice struct { _ struct{} `type:"structure"` - // Indicates whether the EBS volume is deleted on instance termination. + // Indicates whether the EBS volume is deleted on instance termination. For + // more information, see Preserving Amazon EBS Volumes on Instance Termination + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) + // in the Amazon Elastic Compute Cloud User Guide. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` - // Indicates whether the EBS volume is encrypted. Encrypted volumes can only - // be attached to instances that support Amazon EBS encryption. + // Indicates whether the encryption state of an EBS volume is changed while + // being restored from a backing snapshot. The effect of setting the encryption + // state to true depends on the volume origin (new or from a snapshot), starting + // encryption state, ownership, and whether encryption by default is enabled. + // For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) + // in the Amazon Elastic Compute Cloud User Guide. // - // If you are creating a volume from a snapshot, you cannot specify an encryption - // value. This is because only blank volumes can be encrypted on creation. If - // you are creating a snapshot from an existing EBS volume, you cannot specify - // an encryption value that differs from that of the EBS volume. We recommend - // that you omit the encryption value from the block device mappings when creating - // an image from an instance. + // In no case can you remove encryption from an encrypted volume. + // + // Encrypted volumes can only be attached to instances that support Amazon EBS + // encryption. For more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) that the volume supports. - // For io1, this represents the number of IOPS that are provisioned for the - // volume. For gp2, this represents the baseline performance of the volume and - // the rate at which the volume accumulates I/O credits for bursting. For more - // information about General Purpose SSD baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // For io1 volumes, this represents the number of IOPS that are provisioned + // for the volume. For gp2 volumes, this represents the baseline performance + // of the volume and the rate at which the volume accumulates I/O credits for + // bursting. For more information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes in most Regions. Maximum io1IOPS of 64,000 is guaranteed - // only on Nitro-based instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // for io1 volumes in most Regions. Maximum io1 IOPS of 64,000 is guaranteed + // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // information, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Condition: This parameter is required for requests to create io1 volumes; // it is not used in requests to create gp2, st1, sc1, or standard volumes. Iops *int64 `locationName:"iops" type:"integer"` - // Identifier (key ID, key alias, ID ARN, or alias ARN) for a user-managed CMK - // under which the EBS volume is encrypted. + // Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed + // CMK under which the EBS volume is encrypted. // // This parameter is only supported on BlockDeviceMapping objects called by - // RunInstances (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html), - // RequestSpotFleet (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html), - // and RequestSpotInstances (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html). + // RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html), + // RequestSpotFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html), + // and RequestSpotInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html). KmsKeyId *string `type:"string"` // The ID of the snapshot. @@ -54996,19 +69351,21 @@ type EbsBlockDevice struct { // The size of the volume, in GiB. // + // Default: If you're creating the volume from a snapshot and don't specify + // a volume size, the default is the snapshot size. + // // Constraints: 1-16384 for General Purpose SSD (gp2), 4-16384 for Provisioned // IOPS SSD (io1), 500-16384 for Throughput Optimized HDD (st1), 500-16384 for // Cold HDD (sc1), and 1-1024 for Magnetic (standard) volumes. If you specify // a snapshot, the volume size must be equal to or larger than the snapshot // size. - // - // Default: If you're creating the volume from a snapshot and don't specify - // a volume size, the default is the snapshot size. VolumeSize *int64 `locationName:"volumeSize" type:"integer"` - // The volume type: gp2, io1, st1, sc1, or standard. + // The volume type. If you set the type to io1, you must also specify the Iops + // parameter. If you set the type to gp2, st1, sc1, or standard, you must omit + // the Iops parameter. // - // Default: standard + // Default: gp2 VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -55064,6 +69421,41 @@ func (s *EbsBlockDevice) SetVolumeType(v string) *EbsBlockDevice { return s } +// Describes the Amazon EBS features supported by the instance type. +type EbsInfo struct { + _ struct{} `type:"structure"` + + // Indicates that the instance type is Amazon EBS-optimized. For more information, + // see Amazon EBS-Optimized Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSOptimized.html) + // in Amazon EC2 User Guide for Linux Instances. + EbsOptimizedSupport *string `locationName:"ebsOptimizedSupport" type:"string" enum:"EbsOptimizedSupport"` + + // Indicates whether Amazon EBS encryption is supported. + EncryptionSupport *string `locationName:"encryptionSupport" type:"string" enum:"EbsEncryptionSupport"` +} + +// String returns the string representation +func (s EbsInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EbsInfo) GoString() string { + return s.String() +} + +// SetEbsOptimizedSupport sets the EbsOptimizedSupport field's value. +func (s *EbsInfo) SetEbsOptimizedSupport(v string) *EbsInfo { + s.EbsOptimizedSupport = &v + return s +} + +// SetEncryptionSupport sets the EncryptionSupport field's value. +func (s *EbsInfo) SetEncryptionSupport(v string) *EbsInfo { + s.EncryptionSupport = &v + return s +} + // Describes a parameter used to set up an EBS volume in a block device mapping. type EbsInstanceBlockDevice struct { _ struct{} `type:"structure"` @@ -55158,6 +69550,9 @@ type EgressOnlyInternetGateway struct { // The ID of the egress-only internet gateway. EgressOnlyInternetGatewayId *string `locationName:"egressOnlyInternetGatewayId" type:"string"` + + // The tags assigned to the egress-only internet gateway. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -55182,6 +69577,12 @@ func (s *EgressOnlyInternetGateway) SetEgressOnlyInternetGatewayId(v string) *Eg return s } +// SetTags sets the Tags field's value. +func (s *EgressOnlyInternetGateway) SetTags(v []*Tag) *EgressOnlyInternetGateway { + s.Tags = v + return s +} + // Describes the association between an instance and an Elastic Graphics accelerator. type ElasticGpuAssociation struct { _ struct{} `type:"structure"` @@ -55262,7 +69663,10 @@ func (s *ElasticGpuHealth) SetStatus(v string) *ElasticGpuHealth { type ElasticGpuSpecification struct { _ struct{} `type:"structure"` - // The type of Elastic Graphics accelerator. + // The type of Elastic Graphics accelerator. For more information about the + // values to specify for Type, see Elastic Graphics Basics (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html#elastic-graphics-basics), + // specifically the Elastic Graphics accelerator column, in the Amazon Elastic + // Compute Cloud User Guide for Windows Instances. // // Type is a required field Type *string `type:"string" required:"true"` @@ -55342,6 +69746,9 @@ type ElasticGpus struct { // The ID of the instance to which the Elastic Graphics accelerator is attached. InstanceId *string `locationName:"instanceId" type:"string"` + + // The tags assigned to the Elastic Graphics accelerator. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -55390,12 +69797,23 @@ func (s *ElasticGpus) SetInstanceId(v string) *ElasticGpus { return s } +// SetTags sets the Tags field's value. +func (s *ElasticGpus) SetTags(v []*Tag) *ElasticGpus { + s.Tags = v + return s +} + // Describes an elastic inference accelerator. type ElasticInferenceAccelerator struct { _ struct{} `type:"structure"` - // The type of elastic inference accelerator. The possible values are eia1.small, - // eia1.medium, and eia1.large. + // The number of elastic inference accelerators to attach to the instance. + // + // Default: 1 + Count *int64 `min:"1" type:"integer"` + + // The type of elastic inference accelerator. The possible values are eia1.medium, + // eia1.large, and eia1.xlarge. // // Type is a required field Type *string `type:"string" required:"true"` @@ -55414,6 +69832,9 @@ func (s ElasticInferenceAccelerator) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ElasticInferenceAccelerator) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ElasticInferenceAccelerator"} + if s.Count != nil && *s.Count < 1 { + invalidParams.Add(request.NewErrParamMinValue("Count", 1)) + } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -55424,6 +69845,12 @@ func (s *ElasticInferenceAccelerator) Validate() error { return nil } +// SetCount sets the Count field's value. +func (s *ElasticInferenceAccelerator) SetCount(v int64) *ElasticInferenceAccelerator { + s.Count = &v + return s +} + // SetType sets the Type field's value. func (s *ElasticInferenceAccelerator) SetType(v string) *ElasticInferenceAccelerator { s.Type = &v @@ -55482,6 +69909,375 @@ func (s *ElasticInferenceAcceleratorAssociation) SetElasticInferenceAcceleratorA return s } +type EnableEbsEncryptionByDefaultInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s EnableEbsEncryptionByDefaultInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableEbsEncryptionByDefaultInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableEbsEncryptionByDefaultInput) SetDryRun(v bool) *EnableEbsEncryptionByDefaultInput { + s.DryRun = &v + return s +} + +type EnableEbsEncryptionByDefaultOutput struct { + _ struct{} `type:"structure"` + + // The updated status of encryption by default. + EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` +} + +// String returns the string representation +func (s EnableEbsEncryptionByDefaultOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableEbsEncryptionByDefaultOutput) GoString() string { + return s.String() +} + +// SetEbsEncryptionByDefault sets the EbsEncryptionByDefault field's value. +func (s *EnableEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *EnableEbsEncryptionByDefaultOutput { + s.EbsEncryptionByDefault = &v + return s +} + +// Contains information about the errors that occurred when enabling fast snapshot +// restores. +type EnableFastSnapshotRestoreErrorItem struct { + _ struct{} `type:"structure"` + + // The errors. + FastSnapshotRestoreStateErrors []*EnableFastSnapshotRestoreStateErrorItem `locationName:"fastSnapshotRestoreStateErrorSet" locationNameList:"item" type:"list"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoreErrorItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoreErrorItem) GoString() string { + return s.String() +} + +// SetFastSnapshotRestoreStateErrors sets the FastSnapshotRestoreStateErrors field's value. +func (s *EnableFastSnapshotRestoreErrorItem) SetFastSnapshotRestoreStateErrors(v []*EnableFastSnapshotRestoreStateErrorItem) *EnableFastSnapshotRestoreErrorItem { + s.FastSnapshotRestoreStateErrors = v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *EnableFastSnapshotRestoreErrorItem) SetSnapshotId(v string) *EnableFastSnapshotRestoreErrorItem { + s.SnapshotId = &v + return s +} + +// Describes an error that occurred when enabling fast snapshot restores. +type EnableFastSnapshotRestoreStateError struct { + _ struct{} `type:"structure"` + + // The error code. + Code *string `locationName:"code" type:"string"` + + // The error message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoreStateError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoreStateError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *EnableFastSnapshotRestoreStateError) SetCode(v string) *EnableFastSnapshotRestoreStateError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *EnableFastSnapshotRestoreStateError) SetMessage(v string) *EnableFastSnapshotRestoreStateError { + s.Message = &v + return s +} + +// Contains information about an error that occurred when enabling fast snapshot +// restores. +type EnableFastSnapshotRestoreStateErrorItem struct { + _ struct{} `type:"structure"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The error. + Error *EnableFastSnapshotRestoreStateError `locationName:"error" type:"structure"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoreStateErrorItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoreStateErrorItem) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *EnableFastSnapshotRestoreStateErrorItem) SetAvailabilityZone(v string) *EnableFastSnapshotRestoreStateErrorItem { + s.AvailabilityZone = &v + return s +} + +// SetError sets the Error field's value. +func (s *EnableFastSnapshotRestoreStateErrorItem) SetError(v *EnableFastSnapshotRestoreStateError) *EnableFastSnapshotRestoreStateErrorItem { + s.Error = v + return s +} + +// Describes fast snapshot restores that were successfully enabled. +type EnableFastSnapshotRestoreSuccessItem struct { + _ struct{} `type:"structure"` + + // The Availability Zone. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The time at which fast snapshot restores entered the disabled state. + DisabledTime *time.Time `locationName:"disabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the disabling state. + DisablingTime *time.Time `locationName:"disablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabled state. + EnabledTime *time.Time `locationName:"enabledTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the enabling state. + EnablingTime *time.Time `locationName:"enablingTime" type:"timestamp"` + + // The time at which fast snapshot restores entered the optimizing state. + OptimizingTime *time.Time `locationName:"optimizingTime" type:"timestamp"` + + // The alias of the snapshot owner. + OwnerAlias *string `locationName:"ownerAlias" type:"string"` + + // The ID of the AWS account that owns the snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` + + // The state of fast snapshot restores. + State *string `locationName:"state" type:"string" enum:"FastSnapshotRestoreStateCode"` + + // The reason for the state transition. The possible values are as follows: + // + // * Client.UserInitiated - The state successfully transitioned to enabling + // or disabling. + // + // * Client.UserInitiated - Lifecycle state transition - The state successfully + // transitioned to optimizing, enabled, or disabled. + StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoreSuccessItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoreSuccessItem) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetAvailabilityZone(v string) *EnableFastSnapshotRestoreSuccessItem { + s.AvailabilityZone = &v + return s +} + +// SetDisabledTime sets the DisabledTime field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetDisabledTime(v time.Time) *EnableFastSnapshotRestoreSuccessItem { + s.DisabledTime = &v + return s +} + +// SetDisablingTime sets the DisablingTime field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetDisablingTime(v time.Time) *EnableFastSnapshotRestoreSuccessItem { + s.DisablingTime = &v + return s +} + +// SetEnabledTime sets the EnabledTime field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetEnabledTime(v time.Time) *EnableFastSnapshotRestoreSuccessItem { + s.EnabledTime = &v + return s +} + +// SetEnablingTime sets the EnablingTime field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetEnablingTime(v time.Time) *EnableFastSnapshotRestoreSuccessItem { + s.EnablingTime = &v + return s +} + +// SetOptimizingTime sets the OptimizingTime field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetOptimizingTime(v time.Time) *EnableFastSnapshotRestoreSuccessItem { + s.OptimizingTime = &v + return s +} + +// SetOwnerAlias sets the OwnerAlias field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetOwnerAlias(v string) *EnableFastSnapshotRestoreSuccessItem { + s.OwnerAlias = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetOwnerId(v string) *EnableFastSnapshotRestoreSuccessItem { + s.OwnerId = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetSnapshotId(v string) *EnableFastSnapshotRestoreSuccessItem { + s.SnapshotId = &v + return s +} + +// SetState sets the State field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetState(v string) *EnableFastSnapshotRestoreSuccessItem { + s.State = &v + return s +} + +// SetStateTransitionReason sets the StateTransitionReason field's value. +func (s *EnableFastSnapshotRestoreSuccessItem) SetStateTransitionReason(v string) *EnableFastSnapshotRestoreSuccessItem { + s.StateTransitionReason = &v + return s +} + +type EnableFastSnapshotRestoresInput struct { + _ struct{} `type:"structure"` + + // One or more Availability Zones. For example, us-east-2a. + // + // AvailabilityZones is a required field + AvailabilityZones []*string `locationName:"AvailabilityZone" locationNameList:"AvailabilityZone" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of one or more snapshots. For example, snap-1234567890abcdef0. You + // can specify a snapshot that was shared with you from another AWS account. + // + // SourceSnapshotIds is a required field + SourceSnapshotIds []*string `locationName:"SourceSnapshotId" locationNameList:"SnapshotId" type:"list" required:"true"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoresInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoresInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableFastSnapshotRestoresInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableFastSnapshotRestoresInput"} + if s.AvailabilityZones == nil { + invalidParams.Add(request.NewErrParamRequired("AvailabilityZones")) + } + if s.SourceSnapshotIds == nil { + invalidParams.Add(request.NewErrParamRequired("SourceSnapshotIds")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAvailabilityZones sets the AvailabilityZones field's value. +func (s *EnableFastSnapshotRestoresInput) SetAvailabilityZones(v []*string) *EnableFastSnapshotRestoresInput { + s.AvailabilityZones = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableFastSnapshotRestoresInput) SetDryRun(v bool) *EnableFastSnapshotRestoresInput { + s.DryRun = &v + return s +} + +// SetSourceSnapshotIds sets the SourceSnapshotIds field's value. +func (s *EnableFastSnapshotRestoresInput) SetSourceSnapshotIds(v []*string) *EnableFastSnapshotRestoresInput { + s.SourceSnapshotIds = v + return s +} + +type EnableFastSnapshotRestoresOutput struct { + _ struct{} `type:"structure"` + + // Information about the snapshots for which fast snapshot restores were successfully + // enabled. + Successful []*EnableFastSnapshotRestoreSuccessItem `locationName:"successful" locationNameList:"item" type:"list"` + + // Information about the snapshots for which fast snapshot restores could not + // be enabled. + Unsuccessful []*EnableFastSnapshotRestoreErrorItem `locationName:"unsuccessful" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s EnableFastSnapshotRestoresOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EnableFastSnapshotRestoresOutput) GoString() string { + return s.String() +} + +// SetSuccessful sets the Successful field's value. +func (s *EnableFastSnapshotRestoresOutput) SetSuccessful(v []*EnableFastSnapshotRestoreSuccessItem) *EnableFastSnapshotRestoresOutput { + s.Successful = v + return s +} + +// SetUnsuccessful sets the Unsuccessful field's value. +func (s *EnableFastSnapshotRestoresOutput) SetUnsuccessful(v []*EnableFastSnapshotRestoreErrorItem) *EnableFastSnapshotRestoresOutput { + s.Unsuccessful = v + return s +} + type EnableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -55573,12 +70369,15 @@ func (s *EnableTransitGatewayRouteTablePropagationOutput) SetPropagation(v *Tran type EnableVgwRoutePropagationInput struct { _ struct{} `type:"structure"` - // The ID of the virtual private gateway. + // The ID of the virtual private gateway that is attached to a VPC. The virtual + // private gateway must be attached to the same VPC that the routing tables + // are associated with. // // GatewayId is a required field GatewayId *string `type:"string" required:"true"` - // The ID of the route table. + // The ID of the route table. The routing table must be associated with the + // same VPC that the virtual private gateway is attached to. // // RouteTableId is a required field RouteTableId *string `type:"string" required:"true"` @@ -55636,7 +70435,6 @@ func (s EnableVgwRoutePropagationOutput) GoString() string { return s.String() } -// Contains the parameters for EnableVolumeIO. type EnableVolumeIOInput struct { _ struct{} `type:"structure"` @@ -55820,7 +70618,7 @@ func (s *EnableVpcClassicLinkOutput) SetReturn(v bool) *EnableVpcClassicLinkOutp return s } -// Describes a Spot Fleet event. +// Describes an EC2 Fleet or Spot Fleet event. type EventInformation struct { _ struct{} `type:"structure"` @@ -55831,12 +70629,8 @@ type EventInformation struct { // // The following are the error events: // - // * iamFleetRoleInvalid - The Spot Fleet did not have the required permissions - // either to launch or terminate an instance. - // - // * launchSpecTemporarilyBlacklisted - The configuration is not valid and - // several attempts to launch instances have failed. For more information, - // see the description of the event. + // * iamFleetRoleInvalid - The EC2 Fleet or Spot Fleet did not have the required + // permissions either to launch or terminate an instance. // // * spotFleetRequestConfigurationInvalid - The configuration is not valid. // For more information, see the description of the event. @@ -55846,33 +70640,35 @@ type EventInformation struct { // // The following are the fleetRequestChange events: // - // * active - The Spot Fleet has been validated and Amazon EC2 is attempting - // to maintain the target number of running Spot Instances. + // * active - The EC2 Fleet or Spot Fleet request has been validated and + // Amazon EC2 is attempting to maintain the target number of running Spot + // Instances. // - // * cancelled - The Spot Fleet is canceled and has no running Spot Instances. - // The Spot Fleet will be deleted two days after its instances were terminated. + // * cancelled - The EC2 Fleet or Spot Fleet request is canceled and has + // no running Spot Instances. The EC2 Fleet or Spot Fleet will be deleted + // two days after its instances were terminated. // - // * cancelled_running - The Spot Fleet is canceled and does not launch additional - // Spot Instances. Existing Spot Instances continue to run until they are - // interrupted or terminated. + // * cancelled_running - The EC2 Fleet or Spot Fleet request is canceled + // and does not launch additional Spot Instances. Existing Spot Instances + // continue to run until they are interrupted or terminated. // - // * cancelled_terminating - The Spot Fleet is canceled and its Spot Instances - // are terminating. + // * cancelled_terminating - The EC2 Fleet or Spot Fleet request is canceled + // and its Spot Instances are terminating. // - // * expired - The Spot Fleet request has expired. A subsequent event indicates - // that the instances were terminated, if the request was created with TerminateInstancesWithExpiration - // set. + // * expired - The EC2 Fleet or Spot Fleet request has expired. A subsequent + // event indicates that the instances were terminated, if the request was + // created with TerminateInstancesWithExpiration set. // - // * modify_in_progress - A request to modify the Spot Fleet request was - // accepted and is in progress. + // * modify_in_progress - A request to modify the EC2 Fleet or Spot Fleet + // request was accepted and is in progress. // - // * modify_successful - The Spot Fleet request was modified. + // * modify_successful - The EC2 Fleet or Spot Fleet request was modified. // // * price_update - The price for a launch configuration was adjusted because // it was too high. This change is permanent. // - // * submitted - The Spot Fleet request is being evaluated and Amazon EC2 - // is preparing to launch the target number of Spot Instances. + // * submitted - The EC2 Fleet or Spot Fleet request is being evaluated and + // Amazon EC2 is preparing to launch the target number of Spot Instances. // // The following are the instanceChange events: // @@ -55882,6 +70678,10 @@ type EventInformation struct { // // The following are the Information events: // + // * launchSpecTemporarilyBlacklisted - The configuration is not valid and + // several attempts to launch instances have failed. For more information, + // see the description of the event. + // // * launchSpecUnusable - The price in a launch specification is not valid // because it is below the Spot price or the Spot price is above the On-Demand // price. @@ -56078,6 +70878,295 @@ func (s *ExportClientVpnClientConfigurationOutput) SetClientConfiguration(v stri return s } +type ExportImageInput struct { + _ struct{} `type:"structure"` + + // Token to enable idempotency for export image requests. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A description of the image being exported. The maximum length is 255 bytes. + Description *string `type:"string"` + + // The disk image format. + // + // DiskImageFormat is a required field + DiskImageFormat *string `type:"string" required:"true" enum:"DiskImageFormat"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the image. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` + + // The name of the role that grants VM Import/Export permission to export images + // to your S3 bucket. If this parameter is not specified, the default role is + // named 'vmimport'. + RoleName *string `type:"string"` + + // Information about the destination S3 bucket. The bucket must exist and grant + // WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. + // + // S3ExportLocation is a required field + S3ExportLocation *ExportTaskS3LocationRequest `type:"structure" required:"true"` +} + +// String returns the string representation +func (s ExportImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportImageInput"} + if s.DiskImageFormat == nil { + invalidParams.Add(request.NewErrParamRequired("DiskImageFormat")) + } + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + if s.S3ExportLocation == nil { + invalidParams.Add(request.NewErrParamRequired("S3ExportLocation")) + } + if s.S3ExportLocation != nil { + if err := s.S3ExportLocation.Validate(); err != nil { + invalidParams.AddNested("S3ExportLocation", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *ExportImageInput) SetClientToken(v string) *ExportImageInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *ExportImageInput) SetDescription(v string) *ExportImageInput { + s.Description = &v + return s +} + +// SetDiskImageFormat sets the DiskImageFormat field's value. +func (s *ExportImageInput) SetDiskImageFormat(v string) *ExportImageInput { + s.DiskImageFormat = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ExportImageInput) SetDryRun(v bool) *ExportImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageInput) SetImageId(v string) *ExportImageInput { + s.ImageId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *ExportImageInput) SetRoleName(v string) *ExportImageInput { + s.RoleName = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageInput) SetS3ExportLocation(v *ExportTaskS3LocationRequest) *ExportImageInput { + s.S3ExportLocation = v + return s +} + +type ExportImageOutput struct { + _ struct{} `type:"structure"` + + // A description of the image being exported. + Description *string `locationName:"description" type:"string"` + + // The disk image format for the exported image. + DiskImageFormat *string `locationName:"diskImageFormat" type:"string" enum:"DiskImageFormat"` + + // The ID of the export image task. + ExportImageTaskId *string `locationName:"exportImageTaskId" type:"string"` + + // The ID of the image. + ImageId *string `locationName:"imageId" type:"string"` + + // The percent complete of the export image task. + Progress *string `locationName:"progress" type:"string"` + + // The name of the role that grants VM Import/Export permission to export images + // to your S3 bucket. + RoleName *string `locationName:"roleName" type:"string"` + + // Information about the destination S3 bucket. + S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` + + // The status of the export image task. The possible values are active, completed, + // deleting, and deleted. + Status *string `locationName:"status" type:"string"` + + // The status message for the export image task. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation +func (s ExportImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageOutput) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *ExportImageOutput) SetDescription(v string) *ExportImageOutput { + s.Description = &v + return s +} + +// SetDiskImageFormat sets the DiskImageFormat field's value. +func (s *ExportImageOutput) SetDiskImageFormat(v string) *ExportImageOutput { + s.DiskImageFormat = &v + return s +} + +// SetExportImageTaskId sets the ExportImageTaskId field's value. +func (s *ExportImageOutput) SetExportImageTaskId(v string) *ExportImageOutput { + s.ExportImageTaskId = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageOutput) SetImageId(v string) *ExportImageOutput { + s.ImageId = &v + return s +} + +// SetProgress sets the Progress field's value. +func (s *ExportImageOutput) SetProgress(v string) *ExportImageOutput { + s.Progress = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *ExportImageOutput) SetRoleName(v string) *ExportImageOutput { + s.RoleName = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageOutput) SetS3ExportLocation(v *ExportTaskS3Location) *ExportImageOutput { + s.S3ExportLocation = v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportImageOutput) SetStatus(v string) *ExportImageOutput { + s.Status = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *ExportImageOutput) SetStatusMessage(v string) *ExportImageOutput { + s.StatusMessage = &v + return s +} + +// Describes an export image task. +type ExportImageTask struct { + _ struct{} `type:"structure"` + + // A description of the image being exported. + Description *string `locationName:"description" type:"string"` + + // The ID of the export image task. + ExportImageTaskId *string `locationName:"exportImageTaskId" type:"string"` + + // The ID of the image. + ImageId *string `locationName:"imageId" type:"string"` + + // The percent complete of the export image task. + Progress *string `locationName:"progress" type:"string"` + + // Information about the destination S3 bucket. + S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` + + // The status of the export image task. The possible values are active, completed, + // deleting, and deleted. + Status *string `locationName:"status" type:"string"` + + // The status message for the export image task. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation +func (s ExportImageTask) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageTask) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *ExportImageTask) SetDescription(v string) *ExportImageTask { + s.Description = &v + return s +} + +// SetExportImageTaskId sets the ExportImageTaskId field's value. +func (s *ExportImageTask) SetExportImageTaskId(v string) *ExportImageTask { + s.ExportImageTaskId = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageTask) SetImageId(v string) *ExportImageTask { + s.ImageId = &v + return s +} + +// SetProgress sets the Progress field's value. +func (s *ExportImageTask) SetProgress(v string) *ExportImageTask { + s.Progress = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageTask) SetS3ExportLocation(v *ExportTaskS3Location) *ExportImageTask { + s.S3ExportLocation = v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportImageTask) SetStatus(v string) *ExportImageTask { + s.Status = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *ExportImageTask) SetStatusMessage(v string) *ExportImageTask { + s.StatusMessage = &v + return s +} + // Describes an instance export task. type ExportTask struct { _ struct{} `type:"structure"` @@ -56099,6 +71188,8 @@ type ExportTask struct { // The status message related to the export task. StatusMessage *string `locationName:"statusMessage" type:"string"` + + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -56147,6 +71238,93 @@ func (s *ExportTask) SetStatusMessage(v string) *ExportTask { return s } +// SetTags sets the Tags field's value. +func (s *ExportTask) SetTags(v []*Tag) *ExportTask { + s.Tags = v + return s +} + +// Describes the destination for an export image task. +type ExportTaskS3Location struct { + _ struct{} `type:"structure"` + + // The destination S3 bucket. + S3Bucket *string `locationName:"s3Bucket" type:"string"` + + // The prefix (logical hierarchy) in the bucket. + S3Prefix *string `locationName:"s3Prefix" type:"string"` +} + +// String returns the string representation +func (s ExportTaskS3Location) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportTaskS3Location) GoString() string { + return s.String() +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *ExportTaskS3Location) SetS3Bucket(v string) *ExportTaskS3Location { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *ExportTaskS3Location) SetS3Prefix(v string) *ExportTaskS3Location { + s.S3Prefix = &v + return s +} + +// Describes the destination for an export image task. +type ExportTaskS3LocationRequest struct { + _ struct{} `type:"structure"` + + // The destination S3 bucket. + // + // S3Bucket is a required field + S3Bucket *string `type:"string" required:"true"` + + // The prefix (logical hierarchy) in the bucket. + S3Prefix *string `type:"string"` +} + +// String returns the string representation +func (s ExportTaskS3LocationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportTaskS3LocationRequest) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportTaskS3LocationRequest) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportTaskS3LocationRequest"} + if s.S3Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("S3Bucket")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *ExportTaskS3LocationRequest) SetS3Bucket(v string) *ExportTaskS3LocationRequest { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *ExportTaskS3LocationRequest) SetS3Prefix(v string) *ExportTaskS3LocationRequest { + s.S3Prefix = &v + return s +} + // Describes the format and location for an instance export task. type ExportToS3Task struct { _ struct{} `type:"structure"` @@ -56265,16 +71443,31 @@ type ExportTransitGatewayRoutesInput struct { // One or more filters. The possible values are: // - // * transit-gateway-route-destination-cidr-block - The CIDR range. - // - // * transit-gateway-route-state - The state of the route (active | blackhole). - // - // * transit-gateway-route-transit-gateway-attachment-id - The ID of the + // * attachment.transit-gateway-attachment-id - The id of the transit gateway // attachment. // - // * transit-gateway-route-type - The route type (static | propagated). + // * attachment.resource-id - The resource id of the transit gateway attachment. // - // * transit-gateway-route-vpn-connection-id - The ID of the VPN connection. + // * route-search.exact-match - The exact match of the specified filter. + // + // * route-search.longest-prefix-match - The longest prefix that matches + // the route. + // + // * route-search.subnet-of-match - The routes with a subnet that match the + // specified CIDR filter. + // + // * route-search.supernet-of-match - The routes with a CIDR that encompass + // the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 + // routes in your route table and you specify supernet-of-match as 10.0.1.0/30, + // then the result returns 10.0.1.0/29. + // + // * state - The state of the attachment (available | deleted | deleting + // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected + // | rejecting). + // + // * transit-gateway-route-destination-cidr-block - The CIDR range. + // + // * type - The type of route (active | blackhole). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The name of the S3 bucket. @@ -56361,6 +71554,39 @@ func (s *ExportTransitGatewayRoutesOutput) SetS3Location(v string) *ExportTransi return s } +// Describes a Reserved Instance whose queued purchase was not deleted. +type FailedQueuedPurchaseDeletion struct { + _ struct{} `type:"structure"` + + // The error. + Error *DeleteQueuedReservedInstancesError `locationName:"error" type:"structure"` + + // The ID of the Reserved Instance. + ReservedInstancesId *string `locationName:"reservedInstancesId" type:"string"` +} + +// String returns the string representation +func (s FailedQueuedPurchaseDeletion) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FailedQueuedPurchaseDeletion) GoString() string { + return s.String() +} + +// SetError sets the Error field's value. +func (s *FailedQueuedPurchaseDeletion) SetError(v *DeleteQueuedReservedInstancesError) *FailedQueuedPurchaseDeletion { + s.Error = v + return s +} + +// SetReservedInstancesId sets the ReservedInstancesId field's value. +func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQueuedPurchaseDeletion { + s.ReservedInstancesId = &v + return s +} + // A filter name and value pair that is used to return a more specific list // of results from a describe operation. Filters can be used to match a set // of resources by specific criteria, such as tags, attributes, or IDs. The @@ -56392,7 +71618,7 @@ type Filter struct { // The name of the filter. Filter names are case-sensitive. Name *string `type:"string"` - // One or more filter values. Filter values are case-sensitive. + // The filter values. Filter values are case-sensitive. Values []*string `locationName:"Value" locationNameList:"item" type:"list"` } @@ -56429,8 +71655,8 @@ type FleetData struct { // is pending_termination while instances are terminating. ActivityStatus *string `locationName:"activityStatus" type:"string" enum:"FleetActivityStatus"` - // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraints: Maximum 64 ASCII characters ClientToken *string `locationName:"clientToken" type:"string"` @@ -56493,11 +71719,11 @@ type FleetData struct { // The type of request. Indicates whether the EC2 Fleet only requests the target // capacity, or also attempts to maintain it. If you request a certain target // capacity, EC2 Fleet only places the required requests; it does not attempt - // to replenish instances if capacity is diminished, and does not submit requests - // in alternative capacity pools if capacity is unavailable. To maintain a certain - // target capacity, EC2 Fleet places the required requests to meet this target - // capacity. It also automatically replenishes any interrupted Spot Instances. - // Default: maintain. + // to replenish instances if capacity is diminished, and it does not submit + // requests in alternative capacity pools if capacity is unavailable. To maintain + // a certain target capacity, EC2 Fleet places the required requests to meet + // this target capacity. It also automatically replenishes any interrupted Spot + // Instances. Default: maintain. Type *string `locationName:"type" type:"string" enum:"FleetType"` // The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -56958,7 +72184,8 @@ type FleetLaunchTemplateSpecificationRequest struct { // The name of the launch template. LaunchTemplateName *string `min:"3" type:"string"` - // The version number of the launch template. + // The version number of the launch template. Note: This is a required parameter + // and will be updated soon. Version *string `type:"string"` } @@ -57042,6 +72269,9 @@ type FlowLog struct { // Flow log data can be published to CloudWatch Logs or Amazon S3. LogDestinationType *string `locationName:"logDestinationType" type:"string" enum:"LogDestinationType"` + // The format of the flow log record. + LogFormat *string `locationName:"logFormat" type:"string"` + // The name of the flow log group. LogGroupName *string `locationName:"logGroupName" type:"string"` @@ -57110,6 +72340,12 @@ func (s *FlowLog) SetLogDestinationType(v string) *FlowLog { return s } +// SetLogFormat sets the LogFormat field's value. +func (s *FlowLog) SetLogFormat(v string) *FlowLog { + s.LogFormat = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *FlowLog) SetLogGroupName(v string) *FlowLog { s.LogGroupName = &v @@ -57128,6 +72364,81 @@ func (s *FlowLog) SetTrafficType(v string) *FlowLog { return s } +// Describes the FPGA accelerator for the instance type. +type FpgaDeviceInfo struct { + _ struct{} `type:"structure"` + + // The count of FPGA accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // The manufacturer of the FPGA accelerator. + Manufacturer *string `locationName:"manufacturer" type:"string"` + + // Describes the memory for the FPGA accelerator for the instance type. + MemoryInfo *FpgaDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the FPGA accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation +func (s FpgaDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FpgaDeviceInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *FpgaDeviceInfo) SetCount(v int64) *FpgaDeviceInfo { + s.Count = &v + return s +} + +// SetManufacturer sets the Manufacturer field's value. +func (s *FpgaDeviceInfo) SetManufacturer(v string) *FpgaDeviceInfo { + s.Manufacturer = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *FpgaDeviceInfo) SetMemoryInfo(v *FpgaDeviceMemoryInfo) *FpgaDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *FpgaDeviceInfo) SetName(v string) *FpgaDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory for the FPGA accelerator for the instance type. +type FpgaDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size (in MiB) for the memory available to the FPGA accelerator. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation +func (s FpgaDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FpgaDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *FpgaDeviceMemoryInfo) SetSizeInMiB(v int64) *FpgaDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + // Describes an Amazon FPGA image (AFI). type FpgaImage struct { _ struct{} `type:"structure"` @@ -57135,6 +72446,9 @@ type FpgaImage struct { // The date and time the AFI was created. CreateTime *time.Time `locationName:"createTime" type:"timestamp"` + // Indicates whether data retention support is enabled for the AFI. + DataRetentionSupport *bool `locationName:"dataRetentionSupport" type:"boolean"` + // The description of the AFI. Description *string `locationName:"description" type:"string"` @@ -57191,6 +72505,12 @@ func (s *FpgaImage) SetCreateTime(v time.Time) *FpgaImage { return s } +// SetDataRetentionSupport sets the DataRetentionSupport field's value. +func (s *FpgaImage) SetDataRetentionSupport(v bool) *FpgaImage { + s.DataRetentionSupport = &v + return s +} + // SetDescription sets the Description field's value. func (s *FpgaImage) SetDescription(v string) *FpgaImage { s.Description = &v @@ -57279,13 +72599,13 @@ type FpgaImageAttribute struct { // The ID of the AFI. FpgaImageId *string `locationName:"fpgaImageId" type:"string"` - // One or more load permissions. + // The load permissions. LoadPermissions []*LoadPermission `locationName:"loadPermissions" locationNameList:"item" type:"list"` // The name of the AFI. Name *string `locationName:"name" type:"string"` - // One or more product codes. + // The product codes. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` } @@ -57371,6 +72691,341 @@ func (s *FpgaImageState) SetMessage(v string) *FpgaImageState { return s } +// Describes the FPGAs for the instance type. +type FpgaInfo struct { + _ struct{} `type:"structure"` + + // Describes the FPGAs for the instance type. + Fpgas []*FpgaDeviceInfo `locationName:"fpgas" locationNameList:"item" type:"list"` + + // The total memory of all FPGA accelerators for the instance type. + TotalFpgaMemoryInMiB *int64 `locationName:"totalFpgaMemoryInMiB" type:"integer"` +} + +// String returns the string representation +func (s FpgaInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FpgaInfo) GoString() string { + return s.String() +} + +// SetFpgas sets the Fpgas field's value. +func (s *FpgaInfo) SetFpgas(v []*FpgaDeviceInfo) *FpgaInfo { + s.Fpgas = v + return s +} + +// SetTotalFpgaMemoryInMiB sets the TotalFpgaMemoryInMiB field's value. +func (s *FpgaInfo) SetTotalFpgaMemoryInMiB(v int64) *FpgaInfo { + s.TotalFpgaMemoryInMiB = &v + return s +} + +type GetCapacityReservationUsageInput struct { + _ struct{} `type:"structure"` + + // The ID of the Capacity Reservation. + // + // CapacityReservationId is a required field + CapacityReservationId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the returned + // nextToken value. + // + // Valid range: Minimum value of 1. Maximum value of 1000. + MaxResults *int64 `min:"1" type:"integer"` + + // The token to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetCapacityReservationUsageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCapacityReservationUsageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCapacityReservationUsageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCapacityReservationUsageInput"} + if s.CapacityReservationId == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityReservationId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityReservationId sets the CapacityReservationId field's value. +func (s *GetCapacityReservationUsageInput) SetCapacityReservationId(v string) *GetCapacityReservationUsageInput { + s.CapacityReservationId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetCapacityReservationUsageInput) SetDryRun(v bool) *GetCapacityReservationUsageInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetCapacityReservationUsageInput) SetMaxResults(v int64) *GetCapacityReservationUsageInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCapacityReservationUsageInput) SetNextToken(v string) *GetCapacityReservationUsageInput { + s.NextToken = &v + return s +} + +type GetCapacityReservationUsageOutput struct { + _ struct{} `type:"structure"` + + // The remaining capacity. Indicates the number of instances that can be launched + // in the Capacity Reservation. + AvailableInstanceCount *int64 `locationName:"availableInstanceCount" type:"integer"` + + // The ID of the Capacity Reservation. + CapacityReservationId *string `locationName:"capacityReservationId" type:"string"` + + // The type of instance for which the Capacity Reservation reserves capacity. + InstanceType *string `locationName:"instanceType" type:"string"` + + // Information about the Capacity Reservation usage. + InstanceUsages []*InstanceUsage `locationName:"instanceUsageSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The current state of the Capacity Reservation. A Capacity Reservation can + // be in one of the following states: + // + // * active - The Capacity Reservation is active and the capacity is available + // for your use. + // + // * expired - The Capacity Reservation expired automatically at the date + // and time specified in your request. The reserved capacity is no longer + // available for your use. + // + // * cancelled - The Capacity Reservation was manually cancelled. The reserved + // capacity is no longer available for your use. + // + // * pending - The Capacity Reservation request was successful but the capacity + // provisioning is still pending. + // + // * failed - The Capacity Reservation request has failed. A request might + // fail due to invalid request parameters, capacity constraints, or instance + // limit constraints. Failed requests are retained for 60 minutes. + State *string `locationName:"state" type:"string" enum:"CapacityReservationState"` + + // The number of instances for which the Capacity Reservation reserves capacity. + TotalInstanceCount *int64 `locationName:"totalInstanceCount" type:"integer"` +} + +// String returns the string representation +func (s GetCapacityReservationUsageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCapacityReservationUsageOutput) GoString() string { + return s.String() +} + +// SetAvailableInstanceCount sets the AvailableInstanceCount field's value. +func (s *GetCapacityReservationUsageOutput) SetAvailableInstanceCount(v int64) *GetCapacityReservationUsageOutput { + s.AvailableInstanceCount = &v + return s +} + +// SetCapacityReservationId sets the CapacityReservationId field's value. +func (s *GetCapacityReservationUsageOutput) SetCapacityReservationId(v string) *GetCapacityReservationUsageOutput { + s.CapacityReservationId = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *GetCapacityReservationUsageOutput) SetInstanceType(v string) *GetCapacityReservationUsageOutput { + s.InstanceType = &v + return s +} + +// SetInstanceUsages sets the InstanceUsages field's value. +func (s *GetCapacityReservationUsageOutput) SetInstanceUsages(v []*InstanceUsage) *GetCapacityReservationUsageOutput { + s.InstanceUsages = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCapacityReservationUsageOutput) SetNextToken(v string) *GetCapacityReservationUsageOutput { + s.NextToken = &v + return s +} + +// SetState sets the State field's value. +func (s *GetCapacityReservationUsageOutput) SetState(v string) *GetCapacityReservationUsageOutput { + s.State = &v + return s +} + +// SetTotalInstanceCount sets the TotalInstanceCount field's value. +func (s *GetCapacityReservationUsageOutput) SetTotalInstanceCount(v int64) *GetCapacityReservationUsageOutput { + s.TotalInstanceCount = &v + return s +} + +type GetCoipPoolUsageInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. The following are the possible values: + // + // * coip-address-usage.allocation-id + // + // * coip-address-usage.aws-account-id + // + // * coip-address-usage.aws-service + // + // * coip-address-usage.co-ip + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the address pool. + // + // PoolId is a required field + PoolId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s GetCoipPoolUsageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCoipPoolUsageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCoipPoolUsageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCoipPoolUsageInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.PoolId == nil { + invalidParams.Add(request.NewErrParamRequired("PoolId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetCoipPoolUsageInput) SetDryRun(v bool) *GetCoipPoolUsageInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetCoipPoolUsageInput) SetFilters(v []*Filter) *GetCoipPoolUsageInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetCoipPoolUsageInput) SetMaxResults(v int64) *GetCoipPoolUsageInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCoipPoolUsageInput) SetNextToken(v string) *GetCoipPoolUsageInput { + s.NextToken = &v + return s +} + +// SetPoolId sets the PoolId field's value. +func (s *GetCoipPoolUsageInput) SetPoolId(v string) *GetCoipPoolUsageInput { + s.PoolId = &v + return s +} + +type GetCoipPoolUsageOutput struct { + _ struct{} `type:"structure"` + + // Information about the address usage. + CoipAddressUsages []*CoipAddressUsage `locationName:"coipAddressUsageSet" locationNameList:"item" type:"list"` + + // The ID of the customer-owned address pool. + CoipPoolId *string `locationName:"coipPoolId" type:"string"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` +} + +// String returns the string representation +func (s GetCoipPoolUsageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCoipPoolUsageOutput) GoString() string { + return s.String() +} + +// SetCoipAddressUsages sets the CoipAddressUsages field's value. +func (s *GetCoipPoolUsageOutput) SetCoipAddressUsages(v []*CoipAddressUsage) *GetCoipPoolUsageOutput { + s.CoipAddressUsages = v + return s +} + +// SetCoipPoolId sets the CoipPoolId field's value. +func (s *GetCoipPoolUsageOutput) SetCoipPoolId(v string) *GetCoipPoolUsageOutput { + s.CoipPoolId = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *GetCoipPoolUsageOutput) SetLocalGatewayRouteTableId(v string) *GetCoipPoolUsageOutput { + s.LocalGatewayRouteTableId = &v + return s +} + type GetConsoleOutputInput struct { _ struct{} `type:"structure"` @@ -57566,6 +73221,177 @@ func (s *GetConsoleScreenshotOutput) SetInstanceId(v string) *GetConsoleScreensh return s } +type GetDefaultCreditSpecificationInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The instance family. + // + // InstanceFamily is a required field + InstanceFamily *string `type:"string" required:"true" enum:"UnlimitedSupportedInstanceFamily"` +} + +// String returns the string representation +func (s GetDefaultCreditSpecificationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetDefaultCreditSpecificationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetDefaultCreditSpecificationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDefaultCreditSpecificationInput"} + if s.InstanceFamily == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceFamily")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetDefaultCreditSpecificationInput) SetDryRun(v bool) *GetDefaultCreditSpecificationInput { + s.DryRun = &v + return s +} + +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *GetDefaultCreditSpecificationInput) SetInstanceFamily(v string) *GetDefaultCreditSpecificationInput { + s.InstanceFamily = &v + return s +} + +type GetDefaultCreditSpecificationOutput struct { + _ struct{} `type:"structure"` + + // The default credit option for CPU usage of the instance family. + InstanceFamilyCreditSpecification *InstanceFamilyCreditSpecification `locationName:"instanceFamilyCreditSpecification" type:"structure"` +} + +// String returns the string representation +func (s GetDefaultCreditSpecificationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetDefaultCreditSpecificationOutput) GoString() string { + return s.String() +} + +// SetInstanceFamilyCreditSpecification sets the InstanceFamilyCreditSpecification field's value. +func (s *GetDefaultCreditSpecificationOutput) SetInstanceFamilyCreditSpecification(v *InstanceFamilyCreditSpecification) *GetDefaultCreditSpecificationOutput { + s.InstanceFamilyCreditSpecification = v + return s +} + +type GetEbsDefaultKmsKeyIdInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s GetEbsDefaultKmsKeyIdInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetEbsDefaultKmsKeyIdInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetEbsDefaultKmsKeyIdInput) SetDryRun(v bool) *GetEbsDefaultKmsKeyIdInput { + s.DryRun = &v + return s +} + +type GetEbsDefaultKmsKeyIdOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the default CMK for encryption by default. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` +} + +// String returns the string representation +func (s GetEbsDefaultKmsKeyIdOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetEbsDefaultKmsKeyIdOutput) GoString() string { + return s.String() +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *GetEbsDefaultKmsKeyIdOutput) SetKmsKeyId(v string) *GetEbsDefaultKmsKeyIdOutput { + s.KmsKeyId = &v + return s +} + +type GetEbsEncryptionByDefaultInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s GetEbsEncryptionByDefaultInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetEbsEncryptionByDefaultInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetEbsEncryptionByDefaultInput) SetDryRun(v bool) *GetEbsEncryptionByDefaultInput { + s.DryRun = &v + return s +} + +type GetEbsEncryptionByDefaultOutput struct { + _ struct{} `type:"structure"` + + // Indicates whether encryption by default is enabled. + EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` +} + +// String returns the string representation +func (s GetEbsEncryptionByDefaultOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetEbsEncryptionByDefaultOutput) GoString() string { + return s.String() +} + +// SetEbsEncryptionByDefault sets the EbsEncryptionByDefault field's value. +func (s *GetEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *GetEbsEncryptionByDefaultOutput { + s.EbsEncryptionByDefault = &v + return s +} + type GetHostReservationPurchasePreviewInput struct { _ struct{} `type:"structure"` @@ -58119,6 +73945,126 @@ func (s *GetTransitGatewayAttachmentPropagationsOutput) SetTransitGatewayAttachm return s } +type GetTransitGatewayMulticastDomainAssociationsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * resource-id - The ID of the resource. + // + // * resource-type - The type of resource. The valid value is: vpc. + // + // * state - The state of the subnet association. Valid values are associated + // | associating | disassociated | disassociating. + // + // * subnet-id - The ID of the subnet. + // + // * transit-gateway-attachment-id - The id of the transit gateway attachment. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s GetTransitGatewayMulticastDomainAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayMulticastDomainAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetTransitGatewayMulticastDomainAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) SetDryRun(v bool) *GetTransitGatewayMulticastDomainAssociationsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) SetFilters(v []*Filter) *GetTransitGatewayMulticastDomainAssociationsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) SetMaxResults(v int64) *GetTransitGatewayMulticastDomainAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) SetNextToken(v string) *GetTransitGatewayMulticastDomainAssociationsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsInput) SetTransitGatewayMulticastDomainId(v string) *GetTransitGatewayMulticastDomainAssociationsInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type GetTransitGatewayMulticastDomainAssociationsOutput struct { + _ struct{} `type:"structure"` + + // Information about the multicast domain associations. + MulticastDomainAssociations []*TransitGatewayMulticastDomainAssociation `locationName:"multicastDomainAssociations" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s GetTransitGatewayMulticastDomainAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetTransitGatewayMulticastDomainAssociationsOutput) GoString() string { + return s.String() +} + +// SetMulticastDomainAssociations sets the MulticastDomainAssociations field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsOutput) SetMulticastDomainAssociations(v []*TransitGatewayMulticastDomainAssociation) *GetTransitGatewayMulticastDomainAssociationsOutput { + s.MulticastDomainAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetTransitGatewayMulticastDomainAssociationsOutput) SetNextToken(v string) *GetTransitGatewayMulticastDomainAssociationsOutput { + s.NextToken = &v + return s +} + type GetTransitGatewayRouteTableAssociationsInput struct { _ struct{} `type:"structure"` @@ -58359,6 +74305,114 @@ func (s *GetTransitGatewayRouteTablePropagationsOutput) SetTransitGatewayRouteTa return s } +// Describes the GPU accelerators for the instance type. +type GpuDeviceInfo struct { + _ struct{} `type:"structure"` + + // The number of GPUs for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // The manufacturer of the GPU accelerator. + Manufacturer *string `locationName:"manufacturer" type:"string"` + + // Describes the memory available to the GPU accelerator. + MemoryInfo *GpuDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the GPU accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation +func (s GpuDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GpuDeviceInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *GpuDeviceInfo) SetCount(v int64) *GpuDeviceInfo { + s.Count = &v + return s +} + +// SetManufacturer sets the Manufacturer field's value. +func (s *GpuDeviceInfo) SetManufacturer(v string) *GpuDeviceInfo { + s.Manufacturer = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *GpuDeviceInfo) SetMemoryInfo(v *GpuDeviceMemoryInfo) *GpuDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *GpuDeviceInfo) SetName(v string) *GpuDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory available to the GPU accelerator. +type GpuDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size (in MiB) for the memory available to the GPU accelerator. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation +func (s GpuDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GpuDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *GpuDeviceMemoryInfo) SetSizeInMiB(v int64) *GpuDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + +// Describes the GPU accelerators for the instance type. +type GpuInfo struct { + _ struct{} `type:"structure"` + + // Describes the GPU accelerators for the instance type. + Gpus []*GpuDeviceInfo `locationName:"gpus" locationNameList:"item" type:"list"` + + // The total size of the memory for the GPU accelerators for the instance type. + TotalGpuMemoryInMiB *int64 `locationName:"totalGpuMemoryInMiB" type:"integer"` +} + +// String returns the string representation +func (s GpuInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GpuInfo) GoString() string { + return s.String() +} + +// SetGpus sets the Gpus field's value. +func (s *GpuInfo) SetGpus(v []*GpuDeviceInfo) *GpuInfo { + s.Gpus = v + return s +} + +// SetTotalGpuMemoryInMiB sets the TotalGpuMemoryInMiB field's value. +func (s *GpuInfo) SetTotalGpuMemoryInMiB(v int64) *GpuInfo { + s.TotalGpuMemoryInMiB = &v + return s +} + // Describes a security group. type GroupIdentifier struct { _ struct{} `type:"structure"` @@ -58393,9 +74447,8 @@ func (s *GroupIdentifier) SetGroupName(v string) *GroupIdentifier { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// Hibernation is currently supported only for Amazon Linux. For more information, -// see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. type HibernationOptions struct { _ struct{} `type:"structure"` @@ -58422,9 +74475,8 @@ func (s *HibernationOptions) SetConfigured(v bool) *HibernationOptions { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// Hibernation is currently supported only for Amazon Linux. For more information, -// see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. type HibernationOptionsRequest struct { _ struct{} `type:"structure"` @@ -58551,18 +74603,27 @@ type Host struct { // The time that the Dedicated Host was allocated. AllocationTime *time.Time `locationName:"allocationTime" type:"timestamp"` + // Indicates whether the Dedicated Host supports multiple instance types of + // the same instance family, or a specific instance type only. one indicates + // that the Dedicated Host supports multiple instance types in the instance + // family. off indicates that the Dedicated Host supports a single instance + // type only. + AllowsMultipleInstanceTypes *string `locationName:"allowsMultipleInstanceTypes" type:"string" enum:"AllowsMultipleInstanceTypes"` + // Whether auto-placement is on or off. AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` // The Availability Zone of the Dedicated Host. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - // The number of new instances that can be launched onto the Dedicated Host. + // The ID of the Availability Zone in which the Dedicated Host is allocated. + AvailabilityZoneId *string `locationName:"availabilityZoneId" type:"string"` + + // Information about the instances running on the Dedicated Host. AvailableCapacity *AvailableCapacity `locationName:"availableCapacity" type:"structure"` - // Unique, case-sensitive identifier that you provide to ensure idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The ID of the Dedicated Host. @@ -58571,6 +74632,10 @@ type Host struct { // The hardware specifications of the Dedicated Host. HostProperties *HostProperties `locationName:"hostProperties" type:"structure"` + // Indicates whether host recovery is enabled or disabled for the Dedicated + // Host. + HostRecovery *string `locationName:"hostRecovery" type:"string" enum:"HostRecovery"` + // The reservation ID of the Dedicated Host. This returns a null response if // the Dedicated Host doesn't have an associated reservation. HostReservationId *string `locationName:"hostReservationId" type:"string"` @@ -58578,6 +74643,13 @@ type Host struct { // The IDs and instance type that are currently running on the Dedicated Host. Instances []*HostInstance `locationName:"instances" locationNameList:"item" type:"list"` + // Indicates whether the Dedicated Host is in a host resource group. If memberOfServiceLinkedResourceGroup + // is true, the host is in a host resource group; otherwise, it is not. + MemberOfServiceLinkedResourceGroup *bool `locationName:"memberOfServiceLinkedResourceGroup" type:"boolean"` + + // The ID of the AWS account that owns the Dedicated Host. + OwnerId *string `locationName:"ownerId" type:"string"` + // The time that the Dedicated Host was released. ReleaseTime *time.Time `locationName:"releaseTime" type:"timestamp"` @@ -58604,6 +74676,12 @@ func (s *Host) SetAllocationTime(v time.Time) *Host { return s } +// SetAllowsMultipleInstanceTypes sets the AllowsMultipleInstanceTypes field's value. +func (s *Host) SetAllowsMultipleInstanceTypes(v string) *Host { + s.AllowsMultipleInstanceTypes = &v + return s +} + // SetAutoPlacement sets the AutoPlacement field's value. func (s *Host) SetAutoPlacement(v string) *Host { s.AutoPlacement = &v @@ -58616,6 +74694,12 @@ func (s *Host) SetAvailabilityZone(v string) *Host { return s } +// SetAvailabilityZoneId sets the AvailabilityZoneId field's value. +func (s *Host) SetAvailabilityZoneId(v string) *Host { + s.AvailabilityZoneId = &v + return s +} + // SetAvailableCapacity sets the AvailableCapacity field's value. func (s *Host) SetAvailableCapacity(v *AvailableCapacity) *Host { s.AvailableCapacity = v @@ -58640,6 +74724,12 @@ func (s *Host) SetHostProperties(v *HostProperties) *Host { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *Host) SetHostRecovery(v string) *Host { + s.HostRecovery = &v + return s +} + // SetHostReservationId sets the HostReservationId field's value. func (s *Host) SetHostReservationId(v string) *Host { s.HostReservationId = &v @@ -58652,6 +74742,18 @@ func (s *Host) SetInstances(v []*HostInstance) *Host { return s } +// SetMemberOfServiceLinkedResourceGroup sets the MemberOfServiceLinkedResourceGroup field's value. +func (s *Host) SetMemberOfServiceLinkedResourceGroup(v bool) *Host { + s.MemberOfServiceLinkedResourceGroup = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *Host) SetOwnerId(v string) *Host { + s.OwnerId = &v + return s +} + // SetReleaseTime sets the ReleaseTime field's value. func (s *Host) SetReleaseTime(v time.Time) *Host { s.ReleaseTime = &v @@ -58674,11 +74776,14 @@ func (s *Host) SetTags(v []*Tag) *Host { type HostInstance struct { _ struct{} `type:"structure"` - // the IDs of instances that are running on the Dedicated Host. + // The ID of instance that is running on the Dedicated Host. InstanceId *string `locationName:"instanceId" type:"string"` - // The instance type size (for example, m3.medium) of the running instance. + // The instance type (for example, m3.medium) of the running instance. InstanceType *string `locationName:"instanceType" type:"string"` + + // The ID of the AWS account that owns the instance. + OwnerId *string `locationName:"ownerId" type:"string"` } // String returns the string representation @@ -58703,6 +74808,12 @@ func (s *HostInstance) SetInstanceType(v string) *HostInstance { return s } +// SetOwnerId sets the OwnerId field's value. +func (s *HostInstance) SetOwnerId(v string) *HostInstance { + s.OwnerId = &v + return s +} + // Details about the Dedicated Host Reservation offering. type HostOffering struct { _ struct{} `type:"structure"` @@ -58781,20 +74892,24 @@ func (s *HostOffering) SetUpfrontPrice(v string) *HostOffering { return s } -// Describes properties of a Dedicated Host. +// Describes the properties of a Dedicated Host. type HostProperties struct { _ struct{} `type:"structure"` // The number of cores on the Dedicated Host. Cores *int64 `locationName:"cores" type:"integer"` - // The instance type size that the Dedicated Host supports (for example, m3.medium). + // The instance family supported by the Dedicated Host. For example, m5. + InstanceFamily *string `locationName:"instanceFamily" type:"string"` + + // The instance type supported by the Dedicated Host. For example, m5.large. + // If the host supports multiple instance types, no instanceType is returned. InstanceType *string `locationName:"instanceType" type:"string"` // The number of sockets on the Dedicated Host. Sockets *int64 `locationName:"sockets" type:"integer"` - // The number of vCPUs on the Dedicated Host. + // The total number of vCPUs on the Dedicated Host. TotalVCpus *int64 `locationName:"totalVCpus" type:"integer"` } @@ -58814,6 +74929,12 @@ func (s *HostProperties) SetCores(v int64) *HostProperties { return s } +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *HostProperties) SetInstanceFamily(v string) *HostProperties { + s.InstanceFamily = &v + return s +} + // SetInstanceType sets the InstanceType field's value. func (s *HostProperties) SetInstanceType(v string) *HostProperties { s.InstanceType = &v @@ -58877,6 +74998,9 @@ type HostReservation struct { // The state of the reservation. State *string `locationName:"state" type:"string" enum:"ReservationState"` + // Any tags assigned to the Dedicated Host Reservation. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The upfront price of the reservation. UpfrontPrice *string `locationName:"upfrontPrice" type:"string"` } @@ -58963,12 +75087,66 @@ func (s *HostReservation) SetState(v string) *HostReservation { return s } +// SetTags sets the Tags field's value. +func (s *HostReservation) SetTags(v []*Tag) *HostReservation { + s.Tags = v + return s +} + // SetUpfrontPrice sets the UpfrontPrice field's value. func (s *HostReservation) SetUpfrontPrice(v string) *HostReservation { s.UpfrontPrice = &v return s } +// The internet key exchange (IKE) version permitted for the VPN tunnel. +type IKEVersionsListValue struct { + _ struct{} `type:"structure"` + + // The IKE version. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s IKEVersionsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IKEVersionsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *IKEVersionsListValue) SetValue(v string) *IKEVersionsListValue { + s.Value = &v + return s +} + +// The IKE version that is permitted for the VPN tunnel. +type IKEVersionsRequestListValue struct { + _ struct{} `type:"structure"` + + // The IKE version. + Value *string `type:"string"` +} + +// String returns the string representation +func (s IKEVersionsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IKEVersionsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *IKEVersionsRequestListValue) SetValue(v string) *IKEVersionsRequestListValue { + s.Value = &v + return s +} + // Describes an IAM instance profile. type IamInstanceProfile struct { _ struct{} `type:"structure"` @@ -59217,7 +75395,7 @@ type Image struct { // The AWS account ID of the image owner. OwnerId *string `locationName:"imageOwnerId" type:"string"` - // The value is Windows for Windows AMIs; otherwise blank. + // This value is set to windows for Windows AMIs; otherwise, it is blank. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` // Any product codes associated with the AMI. @@ -59487,8 +75665,8 @@ type ImportClientVpnClientCertificateRevocationListInput struct { _ struct{} `type:"structure"` // The client certificate revocation list file. For more information, see Generate - // a Client Certificate Revocation List (vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate) - // in the AWS Client VPN Admin Guide. + // a Client Certificate Revocation List (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate) + // in the AWS Client VPN Administrator Guide. // // CertificateRevocationList is a required field CertificateRevocationList *string `type:"string" required:"true"` @@ -59573,13 +75751,12 @@ func (s *ImportClientVpnClientCertificateRevocationListOutput) SetReturn(v bool) return s } -// Contains the parameters for ImportImage. type ImportImageInput struct { _ struct{} `type:"structure"` // The architecture of the virtual machine. // - // Valid values: i386 | x86_64 + // Valid values: i386 | x86_64 | arm64 Architecture *string `type:"string"` // The client-specific data. @@ -59603,7 +75780,7 @@ type ImportImageInput struct { // Specifies whether the destination AMI of the imported image should be encrypted. // The default CMK for EBS is used unless you specify a non-default AWS Key // Management Service (AWS KMS) CMK using KmsKeyId. For more information, see - // Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `type:"boolean"` @@ -59612,42 +75789,51 @@ type ImportImageInput struct { // Valid values: xen Hypervisor *string `type:"string"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted AMI. This parameter is only - // required if you want to use a non-default CMK; if this parameter is not specified, - // the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted - // flag must also be set. + // An identifier for the symmetric AWS Key Management Service (AWS KMS) customer + // master key (CMK) to use when creating the encrypted AMI. This parameter is + // only required if you want to use a non-default CMK; if this parameter is + // not specified, the default CMK for EBS is used. If a KmsKeyId is specified, + // the Encrypted flag must also be set. // // The CMK identifier may be provided in any of the following formats: // // * Key ID // - // * Key alias, in the form alias/ExampleAlias + // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed + // by the Region of the CMK, the AWS account ID of the CMK owner, the alias + // namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the region of the CMK, the AWS account ID of the CMK owner, the key + // by the Region of the CMK, the AWS account ID of the CMK owner, the key // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the region of the CMK, the AWS account ID of the CMK owner, + // followed by the Region of the CMK, the AWS account ID of the CMK owner, // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // // AWS parses KmsKeyId asynchronously, meaning that the action you call may // appear to complete even though you provided an invalid identifier. This action // will eventually report failure. // - // The specified CMK must exist in the region that the AMI is being copied to. + // The specified CMK must exist in the Region that the AMI is being copied to. + // + // Amazon EBS does not support asymmetric CMKs. KmsKeyId *string `type:"string"` + // The ARNs of the license configurations. + LicenseSpecifications []*ImportImageLicenseConfigurationRequest `locationNameList:"item" type:"list"` + // The license type to be used for the Amazon Machine Image (AMI) after importing. // - // Note: You may only use BYOL if you have existing licenses with rights to - // use these licenses in a third party cloud like AWS. For more information, - // see Prerequisites (http://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image) - // in the VM Import/Export User Guide. + // By default, we detect the source-system operating system (OS) and apply the + // appropriate license. Specify AWS to replace the source-system license with + // an AWS license, if appropriate. Specify BYOL to retain the source-system + // license, if appropriate. // - // Valid values: AWS | BYOL + // To use BYOL, you must have existing licenses with rights to use these licenses + // in a third party cloud, such as AWS. For more information, see Prerequisites + // (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image) + // in the VM Import/Export User Guide. LicenseType *string `type:"string"` // The operating system of the virtual machine. @@ -59723,6 +75909,12 @@ func (s *ImportImageInput) SetKmsKeyId(v string) *ImportImageInput { return s } +// SetLicenseSpecifications sets the LicenseSpecifications field's value. +func (s *ImportImageInput) SetLicenseSpecifications(v []*ImportImageLicenseConfigurationRequest) *ImportImageInput { + s.LicenseSpecifications = v + return s +} + // SetLicenseType sets the LicenseType field's value. func (s *ImportImageInput) SetLicenseType(v string) *ImportImageInput { s.LicenseType = &v @@ -59741,7 +75933,54 @@ func (s *ImportImageInput) SetRoleName(v string) *ImportImageInput { return s } -// Contains the output for ImportImage. +// The request information of license configurations. +type ImportImageLicenseConfigurationRequest struct { + _ struct{} `type:"structure"` + + // The ARN of a license configuration. + LicenseConfigurationArn *string `type:"string"` +} + +// String returns the string representation +func (s ImportImageLicenseConfigurationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImportImageLicenseConfigurationRequest) GoString() string { + return s.String() +} + +// SetLicenseConfigurationArn sets the LicenseConfigurationArn field's value. +func (s *ImportImageLicenseConfigurationRequest) SetLicenseConfigurationArn(v string) *ImportImageLicenseConfigurationRequest { + s.LicenseConfigurationArn = &v + return s +} + +// The response information for license configurations. +type ImportImageLicenseConfigurationResponse struct { + _ struct{} `type:"structure"` + + // The ARN of a license configuration. + LicenseConfigurationArn *string `locationName:"licenseConfigurationArn" type:"string"` +} + +// String returns the string representation +func (s ImportImageLicenseConfigurationResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImportImageLicenseConfigurationResponse) GoString() string { + return s.String() +} + +// SetLicenseConfigurationArn sets the LicenseConfigurationArn field's value. +func (s *ImportImageLicenseConfigurationResponse) SetLicenseConfigurationArn(v string) *ImportImageLicenseConfigurationResponse { + s.LicenseConfigurationArn = &v + return s +} + type ImportImageOutput struct { _ struct{} `type:"structure"` @@ -59763,10 +76002,13 @@ type ImportImageOutput struct { // The task ID of the import image task. ImportTaskId *string `locationName:"importTaskId" type:"string"` - // The identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) that was used to create the encrypted AMI. + // The identifier for the symmetric AWS Key Management Service (AWS KMS) customer + // master key (CMK) that was used to create the encrypted AMI. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + // The ARNs of the license configurations. + LicenseSpecifications []*ImportImageLicenseConfigurationResponse `locationName:"licenseSpecifications" locationNameList:"item" type:"list"` + // The license type of the virtual machine. LicenseType *string `locationName:"licenseType" type:"string"` @@ -59838,6 +76080,12 @@ func (s *ImportImageOutput) SetKmsKeyId(v string) *ImportImageOutput { return s } +// SetLicenseSpecifications sets the LicenseSpecifications field's value. +func (s *ImportImageOutput) SetLicenseSpecifications(v []*ImportImageLicenseConfigurationResponse) *ImportImageOutput { + s.LicenseSpecifications = v + return s +} + // SetLicenseType sets the LicenseType field's value. func (s *ImportImageOutput) SetLicenseType(v string) *ImportImageOutput { s.LicenseType = &v @@ -59880,7 +76128,7 @@ type ImportImageTask struct { // The architecture of the virtual machine. // - // Valid values: i386 | x86_64 + // Valid values: i386 | x86_64 | arm64 Architecture *string `locationName:"architecture" type:"string"` // A description of the import task. @@ -59904,6 +76152,10 @@ type ImportImageTask struct { // key (CMK) that was used to create the encrypted image. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + // The ARNs of the license configurations that are associated with the import + // image task. + LicenseSpecifications []*ImportImageLicenseConfigurationResponse `locationName:"licenseSpecifications" locationNameList:"item" type:"list"` + // The license type of the virtual machine. LicenseType *string `locationName:"licenseType" type:"string"` @@ -59921,6 +76173,9 @@ type ImportImageTask struct { // A descriptive status message for the import image task. StatusMessage *string `locationName:"statusMessage" type:"string"` + + // Any tags applied to the import image task. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -59975,6 +76230,12 @@ func (s *ImportImageTask) SetKmsKeyId(v string) *ImportImageTask { return s } +// SetLicenseSpecifications sets the LicenseSpecifications field's value. +func (s *ImportImageTask) SetLicenseSpecifications(v []*ImportImageLicenseConfigurationResponse) *ImportImageTask { + s.LicenseSpecifications = v + return s +} + // SetLicenseType sets the LicenseType field's value. func (s *ImportImageTask) SetLicenseType(v string) *ImportImageTask { s.LicenseType = &v @@ -60011,7 +76272,12 @@ func (s *ImportImageTask) SetStatusMessage(v string) *ImportImageTask { return s } -// Contains the parameters for ImportInstance. +// SetTags sets the Tags field's value. +func (s *ImportImageTask) SetTags(v []*Tag) *ImportImageTask { + s.Tags = v + return s +} + type ImportInstanceInput struct { _ struct{} `type:"structure"` @@ -60109,10 +76375,10 @@ type ImportInstanceLaunchSpecification struct { // The architecture of the instance. Architecture *string `locationName:"architecture" type:"string" enum:"ArchitectureValues"` - // One or more security group IDs. + // The security group IDs. GroupIds []*string `locationName:"GroupId" locationNameList:"SecurityGroupId" type:"list"` - // One or more security group names. + // The security group names. GroupNames []*string `locationName:"GroupName" locationNameList:"SecurityGroup" type:"list"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -60120,7 +76386,7 @@ type ImportInstanceLaunchSpecification struct { InstanceInitiatedShutdownBehavior *string `locationName:"instanceInitiatedShutdownBehavior" type:"string" enum:"ShutdownBehavior"` // The instance type. For more information about the instance types that you - // can import, see Instance Types (http://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-instance-types) + // can import, see Instance Types (https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-instance-types) // in the VM Import/Export User Guide. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` @@ -60137,7 +76403,7 @@ type ImportInstanceLaunchSpecification struct { SubnetId *string `locationName:"subnetId" type:"string"` // The Base64-encoded user data to make available to the instance. - UserData *UserData `locationName:"userData" type:"structure"` + UserData *UserData `locationName:"userData" type:"structure" sensitive:"true"` } // String returns the string representation @@ -60216,7 +76482,6 @@ func (s *ImportInstanceLaunchSpecification) SetUserData(v *UserData) *ImportInst return s } -// Contains the output for ImportInstance. type ImportInstanceOutput struct { _ struct{} `type:"structure"` @@ -60253,7 +76518,7 @@ type ImportInstanceTaskDetails struct { // The instance operating system. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` - // One or more volumes. + // The volumes. Volumes []*ImportInstanceVolumeDetailItem `locationName:"volumes" locationNameList:"item" type:"list"` } @@ -60468,7 +76733,6 @@ func (s *ImportKeyPairOutput) SetKeyName(v string) *ImportKeyPairOutput { return s } -// Contains the parameters for ImportSnapshot. type ImportSnapshotInput struct { _ struct{} `type:"structure"` @@ -60493,37 +76757,40 @@ type ImportSnapshotInput struct { // Specifies whether the destination snapshot of the imported image should be // encrypted. The default CMK for EBS is used unless you specify a non-default // AWS Key Management Service (AWS KMS) CMK using KmsKeyId. For more information, - // see Amazon EBS Encryption (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `type:"boolean"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted snapshot. This parameter is - // only required if you want to use a non-default CMK; if this parameter is - // not specified, the default CMK for EBS is used. If a KmsKeyId is specified, + // An identifier for the symmetric AWS Key Management Service (AWS KMS) customer + // master key (CMK) to use when creating the encrypted snapshot. This parameter + // is only required if you want to use a non-default CMK; if this parameter + // is not specified, the default CMK for EBS is used. If a KmsKeyId is specified, // the Encrypted flag must also be set. // // The CMK identifier may be provided in any of the following formats: // // * Key ID // - // * Key alias, in the form alias/ExampleAlias + // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed + // by the Region of the CMK, the AWS account ID of the CMK owner, the alias + // namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the region of the CMK, the AWS account ID of the CMK owner, the key + // by the Region of the CMK, the AWS account ID of the CMK owner, the key // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the region of the CMK, the AWS account ID of the CMK owner, + // followed by the Region of the CMK, the AWS account ID of the CMK owner, // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // // AWS parses KmsKeyId asynchronously, meaning that the action you call may // appear to complete even though you provided an invalid identifier. This action // will eventually report failure. // - // The specified CMK must exist in the region that the snapshot is being copied + // The specified CMK must exist in the Region that the snapshot is being copied // to. + // + // Amazon EBS does not support asymmetric CMKs. KmsKeyId *string `type:"string"` // The name of the role to use when not using the default role, 'vmimport'. @@ -60588,7 +76855,6 @@ func (s *ImportSnapshotInput) SetRoleName(v string) *ImportSnapshotInput { return s } -// Contains the output for ImportSnapshot. type ImportSnapshotOutput struct { _ struct{} `type:"structure"` @@ -60642,6 +76908,9 @@ type ImportSnapshotTask struct { // Describes an import snapshot task. SnapshotTaskDetail *SnapshotTaskDetail `locationName:"snapshotTaskDetail" type:"structure"` + + // Any tags applied to the import snapshot task. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -60672,7 +76941,12 @@ func (s *ImportSnapshotTask) SetSnapshotTaskDetail(v *SnapshotTaskDetail) *Impor return s } -// Contains the parameters for ImportVolume. +// SetTags sets the Tags field's value. +func (s *ImportSnapshotTask) SetTags(v []*Tag) *ImportSnapshotTask { + s.Tags = v + return s +} + type ImportVolumeInput struct { _ struct{} `type:"structure"` @@ -60770,7 +77044,6 @@ func (s *ImportVolumeInput) SetVolume(v *VolumeDetail) *ImportVolumeInput { return s } -// Contains the output for ImportVolume. type ImportVolumeOutput struct { _ struct{} `type:"structure"` @@ -60854,6 +77127,72 @@ func (s *ImportVolumeTaskDetails) SetVolume(v *DiskImageVolumeDescription) *Impo return s } +// Describes the Inference accelerators for the instance type. +type InferenceAcceleratorInfo struct { + _ struct{} `type:"structure"` + + // Describes the Inference accelerators for the instance type. + Accelerators []*InferenceDeviceInfo `locationName:"accelerators" type:"list"` +} + +// String returns the string representation +func (s InferenceAcceleratorInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InferenceAcceleratorInfo) GoString() string { + return s.String() +} + +// SetAccelerators sets the Accelerators field's value. +func (s *InferenceAcceleratorInfo) SetAccelerators(v []*InferenceDeviceInfo) *InferenceAcceleratorInfo { + s.Accelerators = v + return s +} + +// Describes the Inference accelerators for the instance type. +type InferenceDeviceInfo struct { + _ struct{} `type:"structure"` + + // The number of Inference accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // The manufacturer of the Inference accelerator. + Manufacturer *string `locationName:"manufacturer" type:"string"` + + // The name of the Inference accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation +func (s InferenceDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InferenceDeviceInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *InferenceDeviceInfo) SetCount(v int64) *InferenceDeviceInfo { + s.Count = &v + return s +} + +// SetManufacturer sets the Manufacturer field's value. +func (s *InferenceDeviceInfo) SetManufacturer(v string) *InferenceDeviceInfo { + s.Manufacturer = &v + return s +} + +// SetName sets the Name field's value. +func (s *InferenceDeviceInfo) SetName(v string) *InferenceDeviceInfo { + s.Name = &v + return s +} + // Describes an instance. type Instance struct { _ struct{} `type:"structure"` @@ -60930,12 +77269,18 @@ type Instance struct { // The license configurations. Licenses []*LicenseConfiguration `locationName:"licenseSet" locationNameList:"item" type:"list"` + // The metadata options for the instance. + MetadataOptions *InstanceMetadataOptionsResponse `locationName:"metadataOptions" type:"structure"` + // The monitoring for the instance. Monitoring *Monitoring `locationName:"monitoring" type:"structure"` - // [EC2-VPC] One or more network interfaces for the instance. + // [EC2-VPC] The network interfaces for the instance. NetworkInterfaces []*InstanceNetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The location where the instance launched, if applicable. Placement *Placement `locationName:"placement" type:"structure"` @@ -60976,14 +77321,14 @@ type Instance struct { // instance store volume. RootDeviceType *string `locationName:"rootDeviceType" type:"string" enum:"DeviceType"` - // One or more security groups for the instance. + // The security groups for the instance. SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // Specifies whether to enable an instance launched in a VPC to perform NAT. // This controls whether source/destination checking is enabled on the instance. // A value of true means that checking is enabled, and false means that checking // is disabled. The value must be false for the instance to perform NAT. For - // more information, see NAT Instances (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) + // more information, see NAT Instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) // in the Amazon Virtual Private Cloud User Guide. SourceDestCheck *bool `locationName:"sourceDestCheck" type:"boolean"` @@ -61158,6 +77503,12 @@ func (s *Instance) SetLicenses(v []*LicenseConfiguration) *Instance { return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *Instance) SetMetadataOptions(v *InstanceMetadataOptionsResponse) *Instance { + s.MetadataOptions = v + return s +} + // SetMonitoring sets the Monitoring field's value. func (s *Instance) SetMonitoring(v *Monitoring) *Instance { s.Monitoring = v @@ -61170,6 +77521,12 @@ func (s *Instance) SetNetworkInterfaces(v []*InstanceNetworkInterface) *Instance return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *Instance) SetOutpostArn(v string) *Instance { + s.OutpostArn = &v + return s +} + // SetPlacement sets the Placement field's value. func (s *Instance) SetPlacement(v *Placement) *Instance { s.Placement = v @@ -61382,17 +77739,20 @@ func (s *InstanceBlockDeviceMappingSpecification) SetVirtualName(v string) *Inst return s } -// Information about the instance type that the Dedicated Host supports. +// Information about the number of instances that can be launched onto the Dedicated +// Host. type InstanceCapacity struct { _ struct{} `type:"structure"` - // The number of instances that can still be launched onto the Dedicated Host. + // The number of instances that can be launched onto the Dedicated Host based + // on the host's available capacity. AvailableCapacity *int64 `locationName:"availableCapacity" type:"integer"` - // The instance type size supported by the Dedicated Host. + // The instance type supported by the Dedicated Host. InstanceType *string `locationName:"instanceType" type:"string"` - // The total number of instances that can be launched onto the Dedicated Host. + // The total number of instances that can be launched onto the Dedicated Host + // if there are no instances running on it. TotalCapacity *int64 `locationName:"totalCapacity" type:"integer"` } @@ -61457,7 +77817,7 @@ func (s *InstanceCount) SetState(v string) *InstanceCount { return s } -// Describes the credit option for CPU usage of a T2 or T3 instance. +// Describes the credit option for CPU usage of a burstable performance instance. type InstanceCreditSpecification struct { _ struct{} `type:"structure"` @@ -61491,7 +77851,7 @@ func (s *InstanceCreditSpecification) SetInstanceId(v string) *InstanceCreditSpe return s } -// Describes the credit option for CPU usage of a T2 or T3 instance. +// Describes the credit option for CPU usage of a burstable performance instance. type InstanceCreditSpecificationRequest struct { _ struct{} `type:"structure"` @@ -61558,6 +77918,41 @@ func (s *InstanceExportDetails) SetTargetEnvironment(v string) *InstanceExportDe return s } +// Describes the default credit option for CPU usage of a burstable performance +// instance family. +type InstanceFamilyCreditSpecification struct { + _ struct{} `type:"structure"` + + // The default credit option for CPU usage of the instance family. Valid values + // are standard and unlimited. + CpuCredits *string `locationName:"cpuCredits" type:"string"` + + // The instance family. + InstanceFamily *string `locationName:"instanceFamily" type:"string" enum:"UnlimitedSupportedInstanceFamily"` +} + +// String returns the string representation +func (s InstanceFamilyCreditSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceFamilyCreditSpecification) GoString() string { + return s.String() +} + +// SetCpuCredits sets the CpuCredits field's value. +func (s *InstanceFamilyCreditSpecification) SetCpuCredits(v string) *InstanceFamilyCreditSpecification { + s.CpuCredits = &v + return s +} + +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *InstanceFamilyCreditSpecification) SetInstanceFamily(v string) *InstanceFamilyCreditSpecification { + s.InstanceFamily = &v + return s +} + // Describes an IPv6 address. type InstanceIpv6Address struct { _ struct{} `type:"structure"` @@ -61639,6 +78034,146 @@ func (s *InstanceMarketOptionsRequest) SetSpotOptions(v *SpotMarketOptions) *Ins return s } +// The metadata options for the instance. +type InstanceMetadataOptionsRequest struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credentials + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"HttpTokensState"` +} + +// String returns the string representation +func (s InstanceMetadataOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceMetadataOptionsRequest) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpEndpoint(v string) *InstanceMetadataOptionsRequest { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpPutResponseHopLimit(v int64) *InstanceMetadataOptionsRequest { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *InstanceMetadataOptionsRequest) SetHttpTokens(v string) *InstanceMetadataOptionsRequest { + s.HttpTokens = &v + return s +} + +// The metadata options for the instance. +type InstanceMetadataOptionsResponse struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `locationName:"httpEndpoint" type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credential + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `locationName:"httpTokens" type:"string" enum:"HttpTokensState"` + + // The state of the metadata option changes. + // + // pending - The metadata options are being updated and the instance is not + // ready to process metadata traffic with the new selection. + // + // applied - The metadata options have been successfully applied on the instance. + State *string `locationName:"state" type:"string" enum:"InstanceMetadataOptionsState"` +} + +// String returns the string representation +func (s InstanceMetadataOptionsResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceMetadataOptionsResponse) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpEndpoint(v string) *InstanceMetadataOptionsResponse { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpPutResponseHopLimit(v int64) *InstanceMetadataOptionsResponse { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *InstanceMetadataOptionsResponse) SetHttpTokens(v string) *InstanceMetadataOptionsResponse { + s.HttpTokens = &v + return s +} + +// SetState sets the State field's value. +func (s *InstanceMetadataOptionsResponse) SetState(v string) *InstanceMetadataOptionsResponse { + s.State = &v + return s +} + // Describes the monitoring of an instance. type InstanceMonitoring struct { _ struct{} `type:"structure"` @@ -61689,6 +78224,11 @@ type InstanceNetworkInterface struct { // One or more security groups. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` + // Describes the type of network interface. + // + // Valid values: interface | efa + InterfaceType *string `locationName:"interfaceType" type:"string"` + // One or more IPv6 addresses associated with the network interface. Ipv6Addresses []*InstanceIpv6Address `locationName:"ipv6AddressesSet" locationNameList:"item" type:"list"` @@ -61757,6 +78297,12 @@ func (s *InstanceNetworkInterface) SetGroups(v []*GroupIdentifier) *InstanceNetw return s } +// SetInterfaceType sets the InterfaceType field's value. +func (s *InstanceNetworkInterface) SetInterfaceType(v string) *InstanceNetworkInterface { + s.InterfaceType = &v + return s +} + // SetIpv6Addresses sets the Ipv6Addresses field's value. func (s *InstanceNetworkInterface) SetIpv6Addresses(v []*InstanceIpv6Address) *InstanceNetworkInterface { s.Ipv6Addresses = v @@ -61945,15 +78491,26 @@ type InstanceNetworkInterfaceSpecification struct { // interface when launching an instance. Description *string `locationName:"description" type:"string"` - // The index of the device on the instance for the network interface attachment. - // If you are specifying a network interface in a RunInstances request, you - // must provide the device index. + // The position of the network interface in the attachment order. A primary + // network interface has a device index of 0. + // + // If you specify a network interface when launching an instance, you must specify + // the device index. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` // The IDs of the security groups for the network interface. Applies only if // creating a network interface when launching an instance. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + // The type of network interface. To create an Elastic Fabric Adapter (EFA), + // specify efa. For more information, see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) + // in the Amazon Elastic Compute Cloud User Guide. + // + // If you are not creating an EFA, specify interface or omit this parameter. + // + // Valid values: interface | efa + InterfaceType *string `type:"string"` + // A number of IPv6 addresses to assign to the network interface. Amazon EC2 // chooses the IPv6 addresses from the range of the subnet. You cannot specify // this option and the option to assign specific IPv6 addresses in the same @@ -61972,23 +78529,26 @@ type InstanceNetworkInterfaceSpecification struct { // The private IPv4 address of the network interface. Applies only if creating // a network interface when launching an instance. You cannot specify this option - // if you're launching more than one instance in a RunInstances request. + // if you're launching more than one instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) + // request. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` // One or more private IPv4 addresses to assign to the network interface. Only // one private IPv4 address can be designated as primary. You cannot specify // this option if you're launching more than one instance in a RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) // request. PrivateIpAddresses []*PrivateIpAddressSpecification `locationName:"privateIpAddressesSet" queryName:"PrivateIpAddresses" locationNameList:"item" type:"list"` // The number of secondary private IPv4 addresses. You can't specify this option // and specify more than one private IP address using the private IP addresses // option. You cannot specify this option if you're launching more than one - // instance in a RunInstances request. + // instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) + // request. SecondaryPrivateIpAddressCount *int64 `locationName:"secondaryPrivateIpAddressCount" type:"integer"` - // The ID of the subnet associated with the network string. Applies only if - // creating a network interface when launching an instance. + // The ID of the subnet associated with the network interface. Applies only + // if creating a network interface when launching an instance. SubnetId *string `locationName:"subnetId" type:"string"` } @@ -62032,6 +78592,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetGroups(v []*string) *Instance return s } +// SetInterfaceType sets the InterfaceType field's value. +func (s *InstanceNetworkInterfaceSpecification) SetInterfaceType(v string) *InstanceNetworkInterfaceSpecification { + s.InterfaceType = &v + return s +} + // SetIpv6AddressCount sets the Ipv6AddressCount field's value. func (s *InstanceNetworkInterfaceSpecification) SetIpv6AddressCount(v int64) *InstanceNetworkInterfaceSpecification { s.Ipv6AddressCount = &v @@ -62126,12 +78692,54 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat return s } +// The instance details to specify which volumes should be snapshotted. +type InstanceSpecification struct { + _ struct{} `type:"structure"` + + // Excludes the root volume from being snapshotted. + ExcludeBootVolume *bool `type:"boolean"` + + // The instance to specify which volumes should be snapshotted. + InstanceId *string `type:"string"` +} + +// String returns the string representation +func (s InstanceSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceSpecification) GoString() string { + return s.String() +} + +// SetExcludeBootVolume sets the ExcludeBootVolume field's value. +func (s *InstanceSpecification) SetExcludeBootVolume(v bool) *InstanceSpecification { + s.ExcludeBootVolume = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *InstanceSpecification) SetInstanceId(v string) *InstanceSpecification { + s.InstanceId = &v + return s +} + // Describes the current state of an instance. type InstanceState struct { _ struct{} `type:"structure"` - // The low byte represents the state. The high byte is used for internal purposes - // and should be ignored. + // The state of the instance as a 16-bit unsigned integer. + // + // The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal + // values between 256 and 65,535. These numerical values are used for internal + // purposes and should be ignored. + // + // The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal + // values between 0 and 255. + // + // The valid values for instance-state-code will all be in the range of the + // low byte and they are: // // * 0 : pending // @@ -62144,6 +78752,9 @@ type InstanceState struct { // * 64 : stopping // // * 80 : stopped + // + // You can ignore the high byte value by zeroing out all of the bits above 2^8 + // or 256 in decimal. Code *int64 `locationName:"code" type:"integer"` // The current state of the instance. @@ -62235,6 +78846,9 @@ type InstanceStatus struct { // such as impaired reachability. InstanceStatus *InstanceStatusSummary `locationName:"instanceStatus" type:"structure"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // Reports impaired functionality that stems from issues related to the systems // that support an instance, such as hardware failures and network connectivity // problems. @@ -62281,6 +78895,12 @@ func (s *InstanceStatus) SetInstanceStatus(v *InstanceStatusSummary) *InstanceSt return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *InstanceStatus) SetOutpostArn(v string) *InstanceStatus { + s.OutpostArn = &v + return s +} + // SetSystemStatus sets the SystemStatus field's value. func (s *InstanceStatus) SetSystemStatus(v *InstanceStatusSummary) *InstanceStatus { s.SystemStatus = v @@ -62344,11 +78964,17 @@ type InstanceStatusEvent struct { // following text: [Completed]. Description *string `locationName:"description" type:"string"` + // The ID of the event. + InstanceEventId *string `locationName:"instanceEventId" type:"string"` + // The latest scheduled end time for the event. NotAfter *time.Time `locationName:"notAfter" type:"timestamp"` // The earliest scheduled start time for the event. NotBefore *time.Time `locationName:"notBefore" type:"timestamp"` + + // The deadline for starting the event. + NotBeforeDeadline *time.Time `locationName:"notBeforeDeadline" type:"timestamp"` } // String returns the string representation @@ -62373,6 +78999,12 @@ func (s *InstanceStatusEvent) SetDescription(v string) *InstanceStatusEvent { return s } +// SetInstanceEventId sets the InstanceEventId field's value. +func (s *InstanceStatusEvent) SetInstanceEventId(v string) *InstanceStatusEvent { + s.InstanceEventId = &v + return s +} + // SetNotAfter sets the NotAfter field's value. func (s *InstanceStatusEvent) SetNotAfter(v time.Time) *InstanceStatusEvent { s.NotAfter = &v @@ -62385,6 +79017,12 @@ func (s *InstanceStatusEvent) SetNotBefore(v time.Time) *InstanceStatusEvent { return s } +// SetNotBeforeDeadline sets the NotBeforeDeadline field's value. +func (s *InstanceStatusEvent) SetNotBeforeDeadline(v time.Time) *InstanceStatusEvent { + s.NotBeforeDeadline = &v + return s +} + // Describes the status of an instance. type InstanceStatusSummary struct { _ struct{} `type:"structure"` @@ -62418,6 +79056,331 @@ func (s *InstanceStatusSummary) SetStatus(v string) *InstanceStatusSummary { return s } +// Describes the disks that are available for the instance type. +type InstanceStorageInfo struct { + _ struct{} `type:"structure"` + + // Array describing the disks that are available for the instance type. + Disks []*DiskInfo `locationName:"disks" locationNameList:"item" type:"list"` + + // The total size of the disks, in GB. + TotalSizeInGB *int64 `locationName:"totalSizeInGB" type:"long"` +} + +// String returns the string representation +func (s InstanceStorageInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceStorageInfo) GoString() string { + return s.String() +} + +// SetDisks sets the Disks field's value. +func (s *InstanceStorageInfo) SetDisks(v []*DiskInfo) *InstanceStorageInfo { + s.Disks = v + return s +} + +// SetTotalSizeInGB sets the TotalSizeInGB field's value. +func (s *InstanceStorageInfo) SetTotalSizeInGB(v int64) *InstanceStorageInfo { + s.TotalSizeInGB = &v + return s +} + +// Describes the instance type. +type InstanceTypeInfo struct { + _ struct{} `type:"structure"` + + // Indicates whether auto recovery is supported. + AutoRecoverySupported *bool `locationName:"autoRecoverySupported" type:"boolean"` + + // Indicates whether the instance is bare metal. + BareMetal *bool `locationName:"bareMetal" type:"boolean"` + + // Indicates whether the instance type is a burstable performance instance type. + BurstablePerformanceSupported *bool `locationName:"burstablePerformanceSupported" type:"boolean"` + + // Indicates whether the instance type is a current generation. + CurrentGeneration *bool `locationName:"currentGeneration" type:"boolean"` + + // Indicates whether Dedicated Hosts are supported on the instance type. + DedicatedHostsSupported *bool `locationName:"dedicatedHostsSupported" type:"boolean"` + + // Describes the Amazon EBS settings for the instance type. + EbsInfo *EbsInfo `locationName:"ebsInfo" type:"structure"` + + // Describes the FPGA accelerator settings for the instance type. + FpgaInfo *FpgaInfo `locationName:"fpgaInfo" type:"structure"` + + // Indicates whether the instance type is eligible for the free tier. + FreeTierEligible *bool `locationName:"freeTierEligible" type:"boolean"` + + // Describes the GPU accelerator settings for the instance type. + GpuInfo *GpuInfo `locationName:"gpuInfo" type:"structure"` + + // Indicates whether On-Demand hibernation is supported. + HibernationSupported *bool `locationName:"hibernationSupported" type:"boolean"` + + // Indicates the hypervisor used for the instance type. + Hypervisor *string `locationName:"hypervisor" type:"string" enum:"InstanceTypeHypervisor"` + + // Describes the Inference accelerator settings for the instance type. + InferenceAcceleratorInfo *InferenceAcceleratorInfo `locationName:"inferenceAcceleratorInfo" type:"structure"` + + // Describes the disks for the instance type. + InstanceStorageInfo *InstanceStorageInfo `locationName:"instanceStorageInfo" type:"structure"` + + // Indicates whether instance storage is supported. + InstanceStorageSupported *bool `locationName:"instanceStorageSupported" type:"boolean"` + + // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon Elastic Compute Cloud User Guide. + InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` + + // Describes the memory for the instance type. + MemoryInfo *MemoryInfo `locationName:"memoryInfo" type:"structure"` + + // Describes the network settings for the instance type. + NetworkInfo *NetworkInfo `locationName:"networkInfo" type:"structure"` + + // Describes the placement group settings for the instance type. + PlacementGroupInfo *PlacementGroupInfo `locationName:"placementGroupInfo" type:"structure"` + + // Describes the processor. + ProcessorInfo *ProcessorInfo `locationName:"processorInfo" type:"structure"` + + // Indicates the supported root device types. + SupportedRootDeviceTypes []*string `locationName:"supportedRootDeviceTypes" locationNameList:"item" type:"list"` + + // Indicates whether the instance type is offered for spot or On-Demand. + SupportedUsageClasses []*string `locationName:"supportedUsageClasses" locationNameList:"item" type:"list"` + + // Describes the vCPU configurations for the instance type. + VCpuInfo *VCpuInfo `locationName:"vCpuInfo" type:"structure"` +} + +// String returns the string representation +func (s InstanceTypeInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceTypeInfo) GoString() string { + return s.String() +} + +// SetAutoRecoverySupported sets the AutoRecoverySupported field's value. +func (s *InstanceTypeInfo) SetAutoRecoverySupported(v bool) *InstanceTypeInfo { + s.AutoRecoverySupported = &v + return s +} + +// SetBareMetal sets the BareMetal field's value. +func (s *InstanceTypeInfo) SetBareMetal(v bool) *InstanceTypeInfo { + s.BareMetal = &v + return s +} + +// SetBurstablePerformanceSupported sets the BurstablePerformanceSupported field's value. +func (s *InstanceTypeInfo) SetBurstablePerformanceSupported(v bool) *InstanceTypeInfo { + s.BurstablePerformanceSupported = &v + return s +} + +// SetCurrentGeneration sets the CurrentGeneration field's value. +func (s *InstanceTypeInfo) SetCurrentGeneration(v bool) *InstanceTypeInfo { + s.CurrentGeneration = &v + return s +} + +// SetDedicatedHostsSupported sets the DedicatedHostsSupported field's value. +func (s *InstanceTypeInfo) SetDedicatedHostsSupported(v bool) *InstanceTypeInfo { + s.DedicatedHostsSupported = &v + return s +} + +// SetEbsInfo sets the EbsInfo field's value. +func (s *InstanceTypeInfo) SetEbsInfo(v *EbsInfo) *InstanceTypeInfo { + s.EbsInfo = v + return s +} + +// SetFpgaInfo sets the FpgaInfo field's value. +func (s *InstanceTypeInfo) SetFpgaInfo(v *FpgaInfo) *InstanceTypeInfo { + s.FpgaInfo = v + return s +} + +// SetFreeTierEligible sets the FreeTierEligible field's value. +func (s *InstanceTypeInfo) SetFreeTierEligible(v bool) *InstanceTypeInfo { + s.FreeTierEligible = &v + return s +} + +// SetGpuInfo sets the GpuInfo field's value. +func (s *InstanceTypeInfo) SetGpuInfo(v *GpuInfo) *InstanceTypeInfo { + s.GpuInfo = v + return s +} + +// SetHibernationSupported sets the HibernationSupported field's value. +func (s *InstanceTypeInfo) SetHibernationSupported(v bool) *InstanceTypeInfo { + s.HibernationSupported = &v + return s +} + +// SetHypervisor sets the Hypervisor field's value. +func (s *InstanceTypeInfo) SetHypervisor(v string) *InstanceTypeInfo { + s.Hypervisor = &v + return s +} + +// SetInferenceAcceleratorInfo sets the InferenceAcceleratorInfo field's value. +func (s *InstanceTypeInfo) SetInferenceAcceleratorInfo(v *InferenceAcceleratorInfo) *InstanceTypeInfo { + s.InferenceAcceleratorInfo = v + return s +} + +// SetInstanceStorageInfo sets the InstanceStorageInfo field's value. +func (s *InstanceTypeInfo) SetInstanceStorageInfo(v *InstanceStorageInfo) *InstanceTypeInfo { + s.InstanceStorageInfo = v + return s +} + +// SetInstanceStorageSupported sets the InstanceStorageSupported field's value. +func (s *InstanceTypeInfo) SetInstanceStorageSupported(v bool) *InstanceTypeInfo { + s.InstanceStorageSupported = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceTypeInfo) SetInstanceType(v string) *InstanceTypeInfo { + s.InstanceType = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *InstanceTypeInfo) SetMemoryInfo(v *MemoryInfo) *InstanceTypeInfo { + s.MemoryInfo = v + return s +} + +// SetNetworkInfo sets the NetworkInfo field's value. +func (s *InstanceTypeInfo) SetNetworkInfo(v *NetworkInfo) *InstanceTypeInfo { + s.NetworkInfo = v + return s +} + +// SetPlacementGroupInfo sets the PlacementGroupInfo field's value. +func (s *InstanceTypeInfo) SetPlacementGroupInfo(v *PlacementGroupInfo) *InstanceTypeInfo { + s.PlacementGroupInfo = v + return s +} + +// SetProcessorInfo sets the ProcessorInfo field's value. +func (s *InstanceTypeInfo) SetProcessorInfo(v *ProcessorInfo) *InstanceTypeInfo { + s.ProcessorInfo = v + return s +} + +// SetSupportedRootDeviceTypes sets the SupportedRootDeviceTypes field's value. +func (s *InstanceTypeInfo) SetSupportedRootDeviceTypes(v []*string) *InstanceTypeInfo { + s.SupportedRootDeviceTypes = v + return s +} + +// SetSupportedUsageClasses sets the SupportedUsageClasses field's value. +func (s *InstanceTypeInfo) SetSupportedUsageClasses(v []*string) *InstanceTypeInfo { + s.SupportedUsageClasses = v + return s +} + +// SetVCpuInfo sets the VCpuInfo field's value. +func (s *InstanceTypeInfo) SetVCpuInfo(v *VCpuInfo) *InstanceTypeInfo { + s.VCpuInfo = v + return s +} + +// The instance types offered. +type InstanceTypeOffering struct { + _ struct{} `type:"structure"` + + // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // in the Amazon Elastic Compute Cloud User Guide. + InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` + + // The identifier for the location. This depends on the location type. For example, + // if the location type is region, the location is the Region code (for example, + // us-east-2.) + Location *string `locationName:"location" type:"string"` + + // The location type. + LocationType *string `locationName:"locationType" type:"string" enum:"LocationType"` +} + +// String returns the string representation +func (s InstanceTypeOffering) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceTypeOffering) GoString() string { + return s.String() +} + +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceTypeOffering) SetInstanceType(v string) *InstanceTypeOffering { + s.InstanceType = &v + return s +} + +// SetLocation sets the Location field's value. +func (s *InstanceTypeOffering) SetLocation(v string) *InstanceTypeOffering { + s.Location = &v + return s +} + +// SetLocationType sets the LocationType field's value. +func (s *InstanceTypeOffering) SetLocationType(v string) *InstanceTypeOffering { + s.LocationType = &v + return s +} + +// Information about the Capacity Reservation usage. +type InstanceUsage struct { + _ struct{} `type:"structure"` + + // The ID of the AWS account that is making use of the Capacity Reservation. + AccountId *string `locationName:"accountId" type:"string"` + + // The number of instances the AWS account currently has in the Capacity Reservation. + UsedInstanceCount *int64 `locationName:"usedInstanceCount" type:"integer"` +} + +// String returns the string representation +func (s InstanceUsage) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceUsage) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *InstanceUsage) SetAccountId(v string) *InstanceUsage { + s.AccountId = &v + return s +} + +// SetUsedInstanceCount sets the UsedInstanceCount field's value. +func (s *InstanceUsage) SetUsedInstanceCount(v int64) *InstanceUsage { + s.UsedInstanceCount = &v + return s +} + // Describes an internet gateway. type InternetGateway struct { _ struct{} `type:"structure"` @@ -62513,33 +79476,34 @@ type IpPermission struct { // all ICMP/ICMPv6 types, you must specify all codes. FromPort *int64 `locationName:"fromPort" type:"integer"` - // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). + // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers + // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). // - // [EC2-VPC only] Use -1 to specify all protocols. When authorizing security - // group rules, specifying -1 or a protocol number other than tcp, udp, icmp, - // or 58 (ICMPv6) allows traffic on all ports, regardless of any port range - // you specify. For tcp, udp, and icmp, you must specify a port range. For 58 - // (ICMPv6), you can optionally specify a port range; if you don't, traffic - // for all types and codes is allowed when authorizing rules. + // [VPC only] Use -1 to specify all protocols. When authorizing security group + // rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 + // allows traffic on all ports, regardless of any port range you specify. For + // tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range + // is optional; if you omit the port range, traffic for all types and codes + // is allowed. IpProtocol *string `locationName:"ipProtocol" type:"string"` - // One or more IPv4 ranges. + // The IPv4 ranges. IpRanges []*IpRange `locationName:"ipRanges" locationNameList:"item" type:"list"` - // [EC2-VPC only] One or more IPv6 ranges. + // [VPC only] The IPv6 ranges. Ipv6Ranges []*Ipv6Range `locationName:"ipv6Ranges" locationNameList:"item" type:"list"` - // [EC2-VPC only] One or more prefix list IDs for an AWS service. With AuthorizeSecurityGroupEgress, - // this is the AWS service that you want to access through a VPC endpoint from - // instances associated with the security group. + // [VPC only] The prefix list IDs for an AWS service. With outbound rules, this + // is the AWS service to access through a VPC endpoint from instances associated + // with the security group. PrefixListIds []*PrefixListId `locationName:"prefixListIds" locationNameList:"item" type:"list"` // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. - // If you specify all ICMP/ICMPv6 types, you must specify all codes. + // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 + // types, you must specify all codes. ToPort *int64 `locationName:"toPort" type:"integer"` - // One or more security group and AWS account ID pairs. + // The security group and AWS account ID pairs. UserIdGroupPairs []*UserIdGroupPair `locationName:"groups" locationNameList:"item" type:"list"` } @@ -62607,7 +79571,7 @@ type IpRange struct { // range. // // Constraints: Up to 255 characters in length. Allowed characters are a-z, - // A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$* + // A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* Description *string `locationName:"description" type:"string"` } @@ -62669,7 +79633,7 @@ type Ipv6Range struct { // range. // // Constraints: Up to 255 characters in length. Allowed characters are a-z, - // A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$* + // A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* Description *string `locationName:"description" type:"string"` } @@ -62707,6 +79671,12 @@ type KeyPairInfo struct { // The name of the key pair. KeyName *string `locationName:"keyName" type:"string"` + + // The ID of the key pair. + KeyPairId *string `locationName:"keyPairId" type:"string"` + + // Any tags applied to the key pair. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -62731,6 +79701,51 @@ func (s *KeyPairInfo) SetKeyName(v string) *KeyPairInfo { return s } +// SetKeyPairId sets the KeyPairId field's value. +func (s *KeyPairInfo) SetKeyPairId(v string) *KeyPairInfo { + s.KeyPairId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *KeyPairInfo) SetTags(v []*Tag) *KeyPairInfo { + s.Tags = v + return s +} + +// The last error that occurred for a VPC endpoint. +type LastError struct { + _ struct{} `type:"structure"` + + // The error code for the VPC endpoint error. + Code *string `locationName:"code" type:"string"` + + // The error message for the VPC endpoint error. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LastError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LastError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *LastError) SetCode(v string) *LastError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *LastError) SetMessage(v string) *LastError { + s.Message = &v + return s +} + // Describes a launch permission. type LaunchPermission struct { _ struct{} `type:"structure"` @@ -63353,9 +80368,8 @@ type LaunchTemplateCpuOptionsRequest struct { // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` - // The number of threads per CPU core. To disable Intel Hyper-Threading Technology - // for the instance, specify a value of 1. Otherwise, specify the default value - // of 2. + // The number of threads per CPU core. To disable multithreading for the instance, + // specify a value of 1. Otherwise, specify the default value of 2. ThreadsPerCore *int64 `type:"integer"` } @@ -63476,14 +80490,15 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // volume. For gp2, this represents the baseline performance of the volume and // the rate at which the volume accumulates I/O credits for bursting. For more // information about General Purpose SSD baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud - // User Guide. + // and bursting, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // in the Amazon Elastic Compute Cloud User Guide. // // Condition: This parameter is required for requests to create io1 volumes; // it is not used in requests to create gp2, st1, sc1, or standard volumes. Iops *int64 `type:"integer"` - // The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption. + // The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for + // encryption. KmsKeyId *string `type:"string"` // The ID of the snapshot. @@ -63555,6 +80570,11 @@ func (s *LaunchTemplateEbsBlockDeviceRequest) SetVolumeType(v string) *LaunchTem type LaunchTemplateElasticInferenceAccelerator struct { _ struct{} `type:"structure"` + // The number of elastic inference accelerators to attach to the instance. + // + // Default: 1 + Count *int64 `min:"1" type:"integer"` + // The type of elastic inference accelerator. The possible values are eia1.medium, // eia1.large, and eia1.xlarge. // @@ -63575,6 +80595,9 @@ func (s LaunchTemplateElasticInferenceAccelerator) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *LaunchTemplateElasticInferenceAccelerator) Validate() error { invalidParams := request.ErrInvalidParams{Context: "LaunchTemplateElasticInferenceAccelerator"} + if s.Count != nil && *s.Count < 1 { + invalidParams.Add(request.NewErrParamMinValue("Count", 1)) + } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -63585,6 +80608,12 @@ func (s *LaunchTemplateElasticInferenceAccelerator) Validate() error { return nil } +// SetCount sets the Count field's value. +func (s *LaunchTemplateElasticInferenceAccelerator) SetCount(v int64) *LaunchTemplateElasticInferenceAccelerator { + s.Count = &v + return s +} + // SetType sets the Type field's value. func (s *LaunchTemplateElasticInferenceAccelerator) SetType(v string) *LaunchTemplateElasticInferenceAccelerator { s.Type = &v @@ -63595,6 +80624,11 @@ func (s *LaunchTemplateElasticInferenceAccelerator) SetType(v string) *LaunchTem type LaunchTemplateElasticInferenceAcceleratorResponse struct { _ struct{} `type:"structure"` + // The number of elastic inference accelerators to attach to the instance. + // + // Default: 1 + Count *int64 `locationName:"count" type:"integer"` + // The type of elastic inference accelerator. The possible values are eia1.medium, // eia1.large, and eia1.xlarge. Type *string `locationName:"type" type:"string"` @@ -63610,6 +80644,12 @@ func (s LaunchTemplateElasticInferenceAcceleratorResponse) GoString() string { return s.String() } +// SetCount sets the Count field's value. +func (s *LaunchTemplateElasticInferenceAcceleratorResponse) SetCount(v int64) *LaunchTemplateElasticInferenceAcceleratorResponse { + s.Count = &v + return s +} + // SetType sets the Type field's value. func (s *LaunchTemplateElasticInferenceAcceleratorResponse) SetType(v string) *LaunchTemplateElasticInferenceAcceleratorResponse { s.Type = &v @@ -63642,8 +80682,7 @@ func (s *LaunchTemplateHibernationOptions) SetConfigured(v bool) *LaunchTemplate } // Indicates whether the instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). -// Hibernation is currently supported only for Amazon Linux. +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). type LaunchTemplateHibernationOptionsRequest struct { _ struct{} `type:"structure"` @@ -63801,6 +80840,150 @@ func (s *LaunchTemplateInstanceMarketOptionsRequest) SetSpotOptions(v *LaunchTem return s } +// The metadata options for the instance. For more information, see Instance +// Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) +// in the Amazon Elastic Compute Cloud User Guide. +type LaunchTemplateInstanceMetadataOptions struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `locationName:"httpEndpoint" type:"string" enum:"LaunchTemplateInstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credentials + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `locationName:"httpTokens" type:"string" enum:"LaunchTemplateHttpTokensState"` + + // The state of the metadata option changes. + // + // pending - The metadata options are being updated and the instance is not + // ready to process metadata traffic with the new selection. + // + // applied - The metadata options have been successfully applied on the instance. + State *string `locationName:"state" type:"string" enum:"LaunchTemplateInstanceMetadataOptionsState"` +} + +// String returns the string representation +func (s LaunchTemplateInstanceMetadataOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LaunchTemplateInstanceMetadataOptions) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *LaunchTemplateInstanceMetadataOptions) SetHttpEndpoint(v string) *LaunchTemplateInstanceMetadataOptions { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *LaunchTemplateInstanceMetadataOptions) SetHttpPutResponseHopLimit(v int64) *LaunchTemplateInstanceMetadataOptions { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *LaunchTemplateInstanceMetadataOptions) SetHttpTokens(v string) *LaunchTemplateInstanceMetadataOptions { + s.HttpTokens = &v + return s +} + +// SetState sets the State field's value. +func (s *LaunchTemplateInstanceMetadataOptions) SetState(v string) *LaunchTemplateInstanceMetadataOptions { + s.State = &v + return s +} + +// The metadata options for the instance. For more information, see Instance +// Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) +// in the Amazon Elastic Compute Cloud User Guide. +type LaunchTemplateInstanceMetadataOptionsRequest struct { + _ struct{} `type:"structure"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the default state is enabled. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"LaunchTemplateInstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. + // + // Default: 1 + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credentials + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"LaunchTemplateHttpTokensState"` +} + +// String returns the string representation +func (s LaunchTemplateInstanceMetadataOptionsRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LaunchTemplateInstanceMetadataOptionsRequest) GoString() string { + return s.String() +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *LaunchTemplateInstanceMetadataOptionsRequest) SetHttpEndpoint(v string) *LaunchTemplateInstanceMetadataOptionsRequest { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *LaunchTemplateInstanceMetadataOptionsRequest) SetHttpPutResponseHopLimit(v int64) *LaunchTemplateInstanceMetadataOptionsRequest { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *LaunchTemplateInstanceMetadataOptionsRequest) SetHttpTokens(v string) *LaunchTemplateInstanceMetadataOptionsRequest { + s.HttpTokens = &v + return s +} + // Describes a network interface. type LaunchTemplateInstanceNetworkInterfaceSpecification struct { _ struct{} `type:"structure"` @@ -63821,6 +81004,9 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The IDs of one or more security groups. Groups []*string `locationName:"groupSet" locationNameList:"groupId" type:"list"` + // The type of network interface. + InterfaceType *string `locationName:"interfaceType" type:"string"` + // The number of IPv6 addresses for the network interface. Ipv6AddressCount *int64 `locationName:"ipv6AddressCount" type:"integer"` @@ -63883,6 +81069,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetGroups(v []*str return s } +// SetInterfaceType sets the InterfaceType field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetInterfaceType(v string) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.InterfaceType = &v + return s +} + // SetIpv6AddressCount sets the Ipv6AddressCount field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetIpv6AddressCount(v int64) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.Ipv6AddressCount = &v @@ -63944,6 +81136,15 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + // The type of network interface. To create an Elastic Fabric Adapter (EFA), + // specify efa. For more information, see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) + // in the Amazon Elastic Compute Cloud User Guide. + // + // If you are not creating an EFA, specify interface or omit this parameter. + // + // Valid values: interface | efa + InterfaceType *string `type:"string"` + // The number of IPv6 addresses to assign to a network interface. Amazon EC2 // automatically selects the IPv6 addresses from the subnet range. You can't // use this option if specifying specific IPv6 addresses. @@ -64009,6 +81210,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetGroups(v return s } +// SetInterfaceType sets the InterfaceType field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetInterfaceType(v string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.InterfaceType = &v + return s +} + // SetIpv6AddressCount sets the Ipv6AddressCount field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetIpv6AddressCount(v int64) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.Ipv6AddressCount = &v @@ -64189,6 +81396,13 @@ type LaunchTemplatePlacement struct { // The ID of the Dedicated Host for the instance. HostId *string `locationName:"hostId" type:"string"` + // The ARN of the host resource group in which to launch the instances. + HostResourceGroupArn *string `locationName:"hostResourceGroupArn" type:"string"` + + // The number of the partition the instance should launch in. Valid only if + // the placement group strategy is set to partition. + PartitionNumber *int64 `locationName:"partitionNumber" type:"integer"` + // Reserved for future use. SpreadDomain *string `locationName:"spreadDomain" type:"string"` @@ -64231,6 +81445,18 @@ func (s *LaunchTemplatePlacement) SetHostId(v string) *LaunchTemplatePlacement { return s } +// SetHostResourceGroupArn sets the HostResourceGroupArn field's value. +func (s *LaunchTemplatePlacement) SetHostResourceGroupArn(v string) *LaunchTemplatePlacement { + s.HostResourceGroupArn = &v + return s +} + +// SetPartitionNumber sets the PartitionNumber field's value. +func (s *LaunchTemplatePlacement) SetPartitionNumber(v int64) *LaunchTemplatePlacement { + s.PartitionNumber = &v + return s +} + // SetSpreadDomain sets the SpreadDomain field's value. func (s *LaunchTemplatePlacement) SetSpreadDomain(v string) *LaunchTemplatePlacement { s.SpreadDomain = &v @@ -64259,6 +81485,15 @@ type LaunchTemplatePlacementRequest struct { // The ID of the Dedicated Host for the instance. HostId *string `type:"string"` + // The ARN of the host resource group in which to launch the instances. If you + // specify a host resource group ARN, omit the Tenancy parameter or set it to + // host. + HostResourceGroupArn *string `type:"string"` + + // The number of the partition the instance should launch in. Valid only if + // the placement group strategy is set to partition. + PartitionNumber *int64 `type:"integer"` + // Reserved for future use. SpreadDomain *string `type:"string"` @@ -64301,6 +81536,18 @@ func (s *LaunchTemplatePlacementRequest) SetHostId(v string) *LaunchTemplatePlac return s } +// SetHostResourceGroupArn sets the HostResourceGroupArn field's value. +func (s *LaunchTemplatePlacementRequest) SetHostResourceGroupArn(v string) *LaunchTemplatePlacementRequest { + s.HostResourceGroupArn = &v + return s +} + +// SetPartitionNumber sets the PartitionNumber field's value. +func (s *LaunchTemplatePlacementRequest) SetPartitionNumber(v int64) *LaunchTemplatePlacementRequest { + s.PartitionNumber = &v + return s +} + // SetSpreadDomain sets the SpreadDomain field's value. func (s *LaunchTemplatePlacementRequest) SetSpreadDomain(v string) *LaunchTemplatePlacementRequest { s.SpreadDomain = &v @@ -64528,7 +81775,7 @@ type LaunchTemplateTagSpecificationRequest struct { // The type of resource to tag. Currently, the resource types that support tagging // on creation are instance and volume. To tag a resource after it has been - // created, see CreateTags. + // created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). ResourceType *string `type:"string" enum:"ResourceType"` // The tags to apply to the resource. @@ -64895,6 +82142,488 @@ func (s *LoadPermissionRequest) SetUserId(v string) *LoadPermissionRequest { return s } +// Describes a local gateway. +type LocalGateway struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + + // The ID of the AWS account ID that owns the local gateway. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The state of the local gateway. + State *string `locationName:"state" type:"string"` + + // The tags assigned to the local gateway. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s LocalGateway) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGateway) GoString() string { + return s.String() +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGateway) SetLocalGatewayId(v string) *LocalGateway { + s.LocalGatewayId = &v + return s +} + +// SetOutpostArn sets the OutpostArn field's value. +func (s *LocalGateway) SetOutpostArn(v string) *LocalGateway { + s.OutpostArn = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *LocalGateway) SetOwnerId(v string) *LocalGateway { + s.OwnerId = &v + return s +} + +// SetState sets the State field's value. +func (s *LocalGateway) SetState(v string) *LocalGateway { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGateway) SetTags(v []*Tag) *LocalGateway { + s.Tags = v + return s +} + +// Describes a route for a local gateway route table. +type LocalGatewayRoute struct { + _ struct{} `type:"structure"` + + // The CIDR block used for destination matches. + DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The ID of the virtual interface group. + LocalGatewayVirtualInterfaceGroupId *string `locationName:"localGatewayVirtualInterfaceGroupId" type:"string"` + + // The state of the route. + State *string `locationName:"state" type:"string" enum:"LocalGatewayRouteState"` + + // The route type. + Type *string `locationName:"type" type:"string" enum:"LocalGatewayRouteType"` +} + +// String returns the string representation +func (s LocalGatewayRoute) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayRoute) GoString() string { + return s.String() +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *LocalGatewayRoute) SetDestinationCidrBlock(v string) *LocalGatewayRoute { + s.DestinationCidrBlock = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *LocalGatewayRoute) SetLocalGatewayRouteTableId(v string) *LocalGatewayRoute { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceGroupId sets the LocalGatewayVirtualInterfaceGroupId field's value. +func (s *LocalGatewayRoute) SetLocalGatewayVirtualInterfaceGroupId(v string) *LocalGatewayRoute { + s.LocalGatewayVirtualInterfaceGroupId = &v + return s +} + +// SetState sets the State field's value. +func (s *LocalGatewayRoute) SetState(v string) *LocalGatewayRoute { + s.State = &v + return s +} + +// SetType sets the Type field's value. +func (s *LocalGatewayRoute) SetType(v string) *LocalGatewayRoute { + s.Type = &v + return s +} + +// Describes a local gateway route table. +type LocalGatewayRouteTable struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + + // The state of the local gateway route table. + State *string `locationName:"state" type:"string"` + + // The tags assigned to the local gateway route table. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s LocalGatewayRouteTable) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayRouteTable) GoString() string { + return s.String() +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGatewayRouteTable) SetLocalGatewayId(v string) *LocalGatewayRouteTable { + s.LocalGatewayId = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *LocalGatewayRouteTable) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTable { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetOutpostArn sets the OutpostArn field's value. +func (s *LocalGatewayRouteTable) SetOutpostArn(v string) *LocalGatewayRouteTable { + s.OutpostArn = &v + return s +} + +// SetState sets the State field's value. +func (s *LocalGatewayRouteTable) SetState(v string) *LocalGatewayRouteTable { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGatewayRouteTable) SetTags(v []*Tag) *LocalGatewayRouteTable { + s.Tags = v + return s +} + +// Describes an association between a local gateway route table and a virtual +// interface group. +type LocalGatewayRouteTableVirtualInterfaceGroupAssociation struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The ID of the association. + LocalGatewayRouteTableVirtualInterfaceGroupAssociationId *string `locationName:"localGatewayRouteTableVirtualInterfaceGroupAssociationId" type:"string"` + + // The ID of the virtual interface group. + LocalGatewayVirtualInterfaceGroupId *string `locationName:"localGatewayVirtualInterfaceGroupId" type:"string"` + + // The state of the association. + State *string `locationName:"state" type:"string"` + + // The tags assigned to the association. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s LocalGatewayRouteTableVirtualInterfaceGroupAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayRouteTableVirtualInterfaceGroupAssociation) GoString() string { + return s.String() +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.LocalGatewayId = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetLocalGatewayRouteTableVirtualInterfaceGroupAssociationId sets the LocalGatewayRouteTableVirtualInterfaceGroupAssociationId field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayRouteTableVirtualInterfaceGroupAssociationId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.LocalGatewayRouteTableVirtualInterfaceGroupAssociationId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceGroupId sets the LocalGatewayVirtualInterfaceGroupId field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetLocalGatewayVirtualInterfaceGroupId(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.LocalGatewayVirtualInterfaceGroupId = &v + return s +} + +// SetState sets the State field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetState(v string) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGatewayRouteTableVirtualInterfaceGroupAssociation) SetTags(v []*Tag) *LocalGatewayRouteTableVirtualInterfaceGroupAssociation { + s.Tags = v + return s +} + +// Describes an association between a local gateway route table and a VPC. +type LocalGatewayRouteTableVpcAssociation struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The ID of the local gateway route table. + LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The ID of the association. + LocalGatewayRouteTableVpcAssociationId *string `locationName:"localGatewayRouteTableVpcAssociationId" type:"string"` + + // The state of the association. + State *string `locationName:"state" type:"string"` + + // The tags assigned to the association. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VPC. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation +func (s LocalGatewayRouteTableVpcAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayRouteTableVpcAssociation) GoString() string { + return s.String() +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayId(v string) *LocalGatewayRouteTableVpcAssociation { + s.LocalGatewayId = &v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayRouteTableId(v string) *LocalGatewayRouteTableVpcAssociation { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetLocalGatewayRouteTableVpcAssociationId sets the LocalGatewayRouteTableVpcAssociationId field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetLocalGatewayRouteTableVpcAssociationId(v string) *LocalGatewayRouteTableVpcAssociation { + s.LocalGatewayRouteTableVpcAssociationId = &v + return s +} + +// SetState sets the State field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetState(v string) *LocalGatewayRouteTableVpcAssociation { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetTags(v []*Tag) *LocalGatewayRouteTableVpcAssociation { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *LocalGatewayRouteTableVpcAssociation) SetVpcId(v string) *LocalGatewayRouteTableVpcAssociation { + s.VpcId = &v + return s +} + +// Describes a local gateway virtual interface. +type LocalGatewayVirtualInterface struct { + _ struct{} `type:"structure"` + + // The local address. + LocalAddress *string `locationName:"localAddress" type:"string"` + + // The Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the local + // gateway. + LocalBgpAsn *int64 `locationName:"localBgpAsn" type:"integer"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The ID of the virtual interface. + LocalGatewayVirtualInterfaceId *string `locationName:"localGatewayVirtualInterfaceId" type:"string"` + + // The peer address. + PeerAddress *string `locationName:"peerAddress" type:"string"` + + // The peer BGP ASN. + PeerBgpAsn *int64 `locationName:"peerBgpAsn" type:"integer"` + + // The tags assigned to the virtual interface. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VLAN. + Vlan *int64 `locationName:"vlan" type:"integer"` +} + +// String returns the string representation +func (s LocalGatewayVirtualInterface) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayVirtualInterface) GoString() string { + return s.String() +} + +// SetLocalAddress sets the LocalAddress field's value. +func (s *LocalGatewayVirtualInterface) SetLocalAddress(v string) *LocalGatewayVirtualInterface { + s.LocalAddress = &v + return s +} + +// SetLocalBgpAsn sets the LocalBgpAsn field's value. +func (s *LocalGatewayVirtualInterface) SetLocalBgpAsn(v int64) *LocalGatewayVirtualInterface { + s.LocalBgpAsn = &v + return s +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGatewayVirtualInterface) SetLocalGatewayId(v string) *LocalGatewayVirtualInterface { + s.LocalGatewayId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceId sets the LocalGatewayVirtualInterfaceId field's value. +func (s *LocalGatewayVirtualInterface) SetLocalGatewayVirtualInterfaceId(v string) *LocalGatewayVirtualInterface { + s.LocalGatewayVirtualInterfaceId = &v + return s +} + +// SetPeerAddress sets the PeerAddress field's value. +func (s *LocalGatewayVirtualInterface) SetPeerAddress(v string) *LocalGatewayVirtualInterface { + s.PeerAddress = &v + return s +} + +// SetPeerBgpAsn sets the PeerBgpAsn field's value. +func (s *LocalGatewayVirtualInterface) SetPeerBgpAsn(v int64) *LocalGatewayVirtualInterface { + s.PeerBgpAsn = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGatewayVirtualInterface) SetTags(v []*Tag) *LocalGatewayVirtualInterface { + s.Tags = v + return s +} + +// SetVlan sets the Vlan field's value. +func (s *LocalGatewayVirtualInterface) SetVlan(v int64) *LocalGatewayVirtualInterface { + s.Vlan = &v + return s +} + +// Describes a local gateway virtual interface group. +type LocalGatewayVirtualInterfaceGroup struct { + _ struct{} `type:"structure"` + + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + + // The ID of the virtual interface group. + LocalGatewayVirtualInterfaceGroupId *string `locationName:"localGatewayVirtualInterfaceGroupId" type:"string"` + + // The IDs of the virtual interfaces. + LocalGatewayVirtualInterfaceIds []*string `locationName:"localGatewayVirtualInterfaceIdSet" locationNameList:"item" type:"list"` + + // The tags assigned to the virtual interface group. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s LocalGatewayVirtualInterfaceGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LocalGatewayVirtualInterfaceGroup) GoString() string { + return s.String() +} + +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *LocalGatewayVirtualInterfaceGroup) SetLocalGatewayId(v string) *LocalGatewayVirtualInterfaceGroup { + s.LocalGatewayId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceGroupId sets the LocalGatewayVirtualInterfaceGroupId field's value. +func (s *LocalGatewayVirtualInterfaceGroup) SetLocalGatewayVirtualInterfaceGroupId(v string) *LocalGatewayVirtualInterfaceGroup { + s.LocalGatewayVirtualInterfaceGroupId = &v + return s +} + +// SetLocalGatewayVirtualInterfaceIds sets the LocalGatewayVirtualInterfaceIds field's value. +func (s *LocalGatewayVirtualInterfaceGroup) SetLocalGatewayVirtualInterfaceIds(v []*string) *LocalGatewayVirtualInterfaceGroup { + s.LocalGatewayVirtualInterfaceIds = v + return s +} + +// SetTags sets the Tags field's value. +func (s *LocalGatewayVirtualInterfaceGroup) SetTags(v []*Tag) *LocalGatewayVirtualInterfaceGroup { + s.Tags = v + return s +} + +// Describes the memory for the instance type. +type MemoryInfo struct { + _ struct{} `type:"structure"` + + // Size of the memory, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"long"` +} + +// String returns the string representation +func (s MemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s MemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *MemoryInfo) SetSizeInMiB(v int64) *MemoryInfo { + s.SizeInMiB = &v + return s +} + type ModifyCapacityReservationInput struct { _ struct{} `type:"structure"` @@ -64992,7 +82721,7 @@ func (s *ModifyCapacityReservationInput) SetInstanceCount(v int64) *ModifyCapaci type ModifyCapacityReservationOutput struct { _ struct{} `type:"structure"` - // Information about the Capacity Reservation. + // Returns true if the request succeeds; otherwise, it returns an error. Return *bool `locationName:"return" type:"boolean"` } @@ -65050,6 +82779,13 @@ type ModifyClientVpnEndpointInput struct { // The ARN of the server certificate to be used. The server certificate must // be provisioned in AWS Certificate Manager (ACM). ServerCertificateArn *string `type:"string"` + + // Indicates whether the VPN is split-tunnel. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. + SplitTunnel *bool `type:"boolean"` } // String returns the string representation @@ -65111,6 +82847,12 @@ func (s *ModifyClientVpnEndpointInput) SetServerCertificateArn(v string) *Modify return s } +// SetSplitTunnel sets the SplitTunnel field's value. +func (s *ModifyClientVpnEndpointInput) SetSplitTunnel(v bool) *ModifyClientVpnEndpointInput { + s.SplitTunnel = &v + return s +} + type ModifyClientVpnEndpointOutput struct { _ struct{} `type:"structure"` @@ -65134,6 +82876,187 @@ func (s *ModifyClientVpnEndpointOutput) SetReturn(v bool) *ModifyClientVpnEndpoi return s } +type ModifyDefaultCreditSpecificationInput struct { + _ struct{} `type:"structure"` + + // The credit option for CPU usage of the instance family. + // + // Valid Values: standard | unlimited + // + // CpuCredits is a required field + CpuCredits *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The instance family. + // + // InstanceFamily is a required field + InstanceFamily *string `type:"string" required:"true" enum:"UnlimitedSupportedInstanceFamily"` +} + +// String returns the string representation +func (s ModifyDefaultCreditSpecificationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDefaultCreditSpecificationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyDefaultCreditSpecificationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyDefaultCreditSpecificationInput"} + if s.CpuCredits == nil { + invalidParams.Add(request.NewErrParamRequired("CpuCredits")) + } + if s.InstanceFamily == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceFamily")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCpuCredits sets the CpuCredits field's value. +func (s *ModifyDefaultCreditSpecificationInput) SetCpuCredits(v string) *ModifyDefaultCreditSpecificationInput { + s.CpuCredits = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyDefaultCreditSpecificationInput) SetDryRun(v bool) *ModifyDefaultCreditSpecificationInput { + s.DryRun = &v + return s +} + +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *ModifyDefaultCreditSpecificationInput) SetInstanceFamily(v string) *ModifyDefaultCreditSpecificationInput { + s.InstanceFamily = &v + return s +} + +type ModifyDefaultCreditSpecificationOutput struct { + _ struct{} `type:"structure"` + + // The default credit option for CPU usage of the instance family. + InstanceFamilyCreditSpecification *InstanceFamilyCreditSpecification `locationName:"instanceFamilyCreditSpecification" type:"structure"` +} + +// String returns the string representation +func (s ModifyDefaultCreditSpecificationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyDefaultCreditSpecificationOutput) GoString() string { + return s.String() +} + +// SetInstanceFamilyCreditSpecification sets the InstanceFamilyCreditSpecification field's value. +func (s *ModifyDefaultCreditSpecificationOutput) SetInstanceFamilyCreditSpecification(v *InstanceFamilyCreditSpecification) *ModifyDefaultCreditSpecificationOutput { + s.InstanceFamilyCreditSpecification = v + return s +} + +type ModifyEbsDefaultKmsKeyIdInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. + // + // You can specify the CMK using any of the following: + // + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. + // + // * Key alias. For example, alias/ExampleAlias. + // + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. + // + // Amazon EBS does not support asymmetric CMKs. + // + // KmsKeyId is a required field + KmsKeyId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyEbsDefaultKmsKeyIdInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyEbsDefaultKmsKeyIdInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyEbsDefaultKmsKeyIdInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyEbsDefaultKmsKeyIdInput"} + if s.KmsKeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KmsKeyId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyEbsDefaultKmsKeyIdInput) SetDryRun(v bool) *ModifyEbsDefaultKmsKeyIdInput { + s.DryRun = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *ModifyEbsDefaultKmsKeyIdInput) SetKmsKeyId(v string) *ModifyEbsDefaultKmsKeyIdInput { + s.KmsKeyId = &v + return s +} + +type ModifyEbsDefaultKmsKeyIdOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the default CMK for encryption by default. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` +} + +// String returns the string representation +func (s ModifyEbsDefaultKmsKeyIdOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyEbsDefaultKmsKeyIdOutput) GoString() string { + return s.String() +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *ModifyEbsDefaultKmsKeyIdOutput) SetKmsKeyId(v string) *ModifyEbsDefaultKmsKeyIdOutput { + s.KmsKeyId = &v + return s +} + type ModifyFleetInput struct { _ struct{} `type:"structure"` @@ -65266,17 +83189,16 @@ type ModifyFpgaImageAttributeInput struct { // The operation type. OperationType *string `type:"string" enum:"OperationType"` - // One or more product codes. After you add a product code to an AFI, it can't - // be removed. This parameter is valid only when modifying the productCodes - // attribute. + // The product codes. After you add a product code to an AFI, it can't be removed. + // This parameter is valid only when modifying the productCodes attribute. ProductCodes []*string `locationName:"ProductCode" locationNameList:"ProductCode" type:"list"` - // One or more user groups. This parameter is valid only when modifying the - // loadPermission attribute. + // The user groups. This parameter is valid only when modifying the loadPermission + // attribute. UserGroups []*string `locationName:"UserGroup" locationNameList:"UserGroup" type:"list"` - // One or more AWS account IDs. This parameter is valid only when modifying - // the loadPermission attribute. + // The AWS account IDs. This parameter is valid only when modifying the loadPermission + // attribute. UserIds []*string `locationName:"UserId" locationNameList:"UserId" type:"list"` } @@ -65390,14 +83312,35 @@ type ModifyHostsInput struct { _ struct{} `type:"structure"` // Specify whether to enable or disable auto-placement. - // - // AutoPlacement is a required field - AutoPlacement *string `locationName:"autoPlacement" type:"string" required:"true" enum:"AutoPlacement"` + AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` // The IDs of the Dedicated Hosts to modify. // // HostIds is a required field HostIds []*string `locationName:"hostId" locationNameList:"item" type:"list" required:"true"` + + // Indicates whether to enable or disable host recovery for the Dedicated Host. + // For more information, see Host Recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) + // in the Amazon Elastic Compute Cloud User Guide. + HostRecovery *string `type:"string" enum:"HostRecovery"` + + // Specifies the instance family to be supported by the Dedicated Host. Specify + // this parameter to modify a Dedicated Host to support multiple instance types + // within its current instance family. + // + // If you want to modify a Dedicated Host to support a specific instance type + // only, omit this parameter and specify InstanceType instead. You cannot specify + // InstanceFamily and InstanceType in the same request. + InstanceFamily *string `type:"string"` + + // Specifies the instance type to be supported by the Dedicated Host. Specify + // this parameter to modify a Dedicated Host to support only a specific instance + // type. + // + // If you want to modify a Dedicated Host to support multiple instance types + // in its current instance family, omit this parameter and specify InstanceFamily + // instead. You cannot specify InstanceType and InstanceFamily in the same request. + InstanceType *string `type:"string"` } // String returns the string representation @@ -65413,9 +83356,6 @@ func (s ModifyHostsInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyHostsInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyHostsInput"} - if s.AutoPlacement == nil { - invalidParams.Add(request.NewErrParamRequired("AutoPlacement")) - } if s.HostIds == nil { invalidParams.Add(request.NewErrParamRequired("HostIds")) } @@ -65438,6 +83378,24 @@ func (s *ModifyHostsInput) SetHostIds(v []*string) *ModifyHostsInput { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *ModifyHostsInput) SetHostRecovery(v string) *ModifyHostsInput { + s.HostRecovery = &v + return s +} + +// SetInstanceFamily sets the InstanceFamily field's value. +func (s *ModifyHostsInput) SetInstanceFamily(v string) *ModifyHostsInput { + s.InstanceFamily = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *ModifyHostsInput) SetInstanceType(v string) *ModifyHostsInput { + s.InstanceType = &v + return s +} + type ModifyHostsOutput struct { _ struct{} `type:"structure"` @@ -65666,16 +83624,16 @@ type ModifyImageAttributeInput struct { // is launchPermission. OperationType *string `type:"string" enum:"OperationType"` - // One or more DevPay product codes. After you add a product code to an AMI, - // it can't be removed. + // The DevPay product codes. After you add a product code to an AMI, it can't + // be removed. ProductCodes []*string `locationName:"ProductCode" locationNameList:"ProductCode" type:"list"` - // One or more user groups. This parameter can be used only when the Attribute - // parameter is launchPermission. + // The user groups. This parameter can be used only when the Attribute parameter + // is launchPermission. UserGroups []*string `locationName:"UserGroup" locationNameList:"UserGroup" type:"list"` - // One or more AWS account IDs. This parameter can be used only when the Attribute - // parameter is launchPermission. + // The AWS account IDs. This parameter can be used only when the Attribute parameter + // is launchPermission. UserIds []*string `locationName:"UserId" locationNameList:"UserId" type:"list"` // The value of the attribute being modified. This parameter can be used only @@ -65793,7 +83751,7 @@ type ModifyInstanceAttributeInput struct { // // To add instance store volumes to an Amazon EBS-backed instance, you must // add them when you launch the instance. For more information, see Updating - // the Block Device Mapping when Launching an Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM) + // the Block Device Mapping when Launching an Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM) // in the Amazon Elastic Compute Cloud User Guide. BlockDeviceMappings []*InstanceBlockDeviceMappingSpecification `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` @@ -65836,18 +83794,18 @@ type ModifyInstanceAttributeInput struct { InstanceInitiatedShutdownBehavior *AttributeValue `locationName:"instanceInitiatedShutdownBehavior" type:"structure"` // Changes the instance type to the specified value. For more information, see - // Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). + // Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). // If the instance type is not valid, the error returned is InvalidInstanceAttributeValue. InstanceType *AttributeValue `locationName:"instanceType" type:"structure"` // Changes the instance's kernel to the specified value. We recommend that you // use PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html). + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html). Kernel *AttributeValue `locationName:"kernel" type:"structure"` // Changes the instance's RAM disk to the specified value. We recommend that // you use PV-GRUB instead of kernels and RAM disks. For more information, see - // PV-GRUB (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html). + // PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html). Ramdisk *AttributeValue `locationName:"ramdisk" type:"structure"` // Specifies whether source/destination checking is enabled. A value of true @@ -66101,7 +84059,7 @@ type ModifyInstanceCreditSpecificationInput struct { // A unique, case-sensitive token that you provide to ensure idempotency of // your modification request. For more information, see Ensuring Idempotency - // (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -66191,6 +84149,236 @@ func (s *ModifyInstanceCreditSpecificationOutput) SetUnsuccessfulInstanceCreditS return s } +type ModifyInstanceEventStartTimeInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the event whose date and time you are modifying. + // + // InstanceEventId is a required field + InstanceEventId *string `type:"string" required:"true"` + + // The ID of the instance with the scheduled event. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` + + // The new date and time when the event will take place. + // + // NotBefore is a required field + NotBefore *time.Time `type:"timestamp" required:"true"` +} + +// String returns the string representation +func (s ModifyInstanceEventStartTimeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceEventStartTimeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyInstanceEventStartTimeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyInstanceEventStartTimeInput"} + if s.InstanceEventId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceEventId")) + } + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + if s.NotBefore == nil { + invalidParams.Add(request.NewErrParamRequired("NotBefore")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyInstanceEventStartTimeInput) SetDryRun(v bool) *ModifyInstanceEventStartTimeInput { + s.DryRun = &v + return s +} + +// SetInstanceEventId sets the InstanceEventId field's value. +func (s *ModifyInstanceEventStartTimeInput) SetInstanceEventId(v string) *ModifyInstanceEventStartTimeInput { + s.InstanceEventId = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceEventStartTimeInput) SetInstanceId(v string) *ModifyInstanceEventStartTimeInput { + s.InstanceId = &v + return s +} + +// SetNotBefore sets the NotBefore field's value. +func (s *ModifyInstanceEventStartTimeInput) SetNotBefore(v time.Time) *ModifyInstanceEventStartTimeInput { + s.NotBefore = &v + return s +} + +type ModifyInstanceEventStartTimeOutput struct { + _ struct{} `type:"structure"` + + // Describes a scheduled event for an instance. + Event *InstanceStatusEvent `locationName:"event" type:"structure"` +} + +// String returns the string representation +func (s ModifyInstanceEventStartTimeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceEventStartTimeOutput) GoString() string { + return s.String() +} + +// SetEvent sets the Event field's value. +func (s *ModifyInstanceEventStartTimeOutput) SetEvent(v *InstanceStatusEvent) *ModifyInstanceEventStartTimeOutput { + s.Event = v + return s +} + +type ModifyInstanceMetadataOptionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // This parameter enables or disables the HTTP metadata endpoint on your instances. + // If the parameter is not specified, the existing state is maintained. + // + // If you specify a value of disabled, you will not be able to access your instance + // metadata. + HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` + + // The desired HTTP PUT response hop limit for instance metadata requests. The + // larger the number, the further instance metadata requests can travel. If + // no parameter is specified, the existing state is maintained. + // + // Possible values: Integers from 1 to 64 + HttpPutResponseHopLimit *int64 `type:"integer"` + + // The state of token usage for your instance metadata requests. If the parameter + // is not specified in the request, the default state is optional. + // + // If the state is optional, you can choose to retrieve instance metadata with + // or without a signed token header on your request. If you retrieve the IAM + // role credentials without a token, the version 1.0 role credentials are returned. + // If you retrieve the IAM role credentials using a valid signed token, the + // version 2.0 role credentials are returned. + // + // If the state is required, you must send a signed token header with any instance + // metadata retrieval requests. In this state, retrieving the IAM role credential + // always returns the version 2.0 credentials; the version 1.0 credentials are + // not available. + HttpTokens *string `type:"string" enum:"HttpTokensState"` + + // The ID of the instance. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyInstanceMetadataOptionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceMetadataOptionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyInstanceMetadataOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyInstanceMetadataOptionsInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetDryRun(v bool) *ModifyInstanceMetadataOptionsInput { + s.DryRun = &v + return s +} + +// SetHttpEndpoint sets the HttpEndpoint field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpEndpoint(v string) *ModifyInstanceMetadataOptionsInput { + s.HttpEndpoint = &v + return s +} + +// SetHttpPutResponseHopLimit sets the HttpPutResponseHopLimit field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpPutResponseHopLimit(v int64) *ModifyInstanceMetadataOptionsInput { + s.HttpPutResponseHopLimit = &v + return s +} + +// SetHttpTokens sets the HttpTokens field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetHttpTokens(v string) *ModifyInstanceMetadataOptionsInput { + s.HttpTokens = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceMetadataOptionsInput) SetInstanceId(v string) *ModifyInstanceMetadataOptionsInput { + s.InstanceId = &v + return s +} + +type ModifyInstanceMetadataOptionsOutput struct { + _ struct{} `type:"structure"` + + // The ID of the instance. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The metadata options for the instance. + InstanceMetadataOptions *InstanceMetadataOptionsResponse `locationName:"instanceMetadataOptions" type:"structure"` +} + +// String returns the string representation +func (s ModifyInstanceMetadataOptionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyInstanceMetadataOptionsOutput) GoString() string { + return s.String() +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceId(v string) *ModifyInstanceMetadataOptionsOutput { + s.InstanceId = &v + return s +} + +// SetInstanceMetadataOptions sets the InstanceMetadataOptions field's value. +func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceMetadataOptions(v *InstanceMetadataOptionsResponse) *ModifyInstanceMetadataOptionsOutput { + s.InstanceMetadataOptions = v + return s +} + type ModifyInstancePlacementInput struct { _ struct{} `type:"structure"` @@ -66208,6 +84396,9 @@ type ModifyInstancePlacementInput struct { // The ID of the Dedicated Host with which to associate the instance. HostId *string `locationName:"hostId" type:"string"` + // The ARN of the host resource group in which to place the instance. + HostResourceGroupArn *string `type:"string"` + // The ID of the instance that you are modifying. // // InstanceId is a required field @@ -66261,6 +84452,12 @@ func (s *ModifyInstancePlacementInput) SetHostId(v string) *ModifyInstancePlacem return s } +// SetHostResourceGroupArn sets the HostResourceGroupArn field's value. +func (s *ModifyInstancePlacementInput) SetHostResourceGroupArn(v string) *ModifyInstancePlacementInput { + s.HostResourceGroupArn = &v + return s +} + // SetInstanceId sets the InstanceId field's value. func (s *ModifyInstancePlacementInput) SetInstanceId(v string) *ModifyInstancePlacementInput { s.InstanceId = &v @@ -66306,7 +84503,9 @@ type ModifyLaunchTemplateInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // + // Constraint: Maximum 128 ASCII characters. ClientToken *string `type:"string"` // The version number of the launch template to set as the default version. @@ -66434,7 +84633,7 @@ type ModifyNetworkInterfaceAttributeInput struct { // Indicates whether source/destination checking is enabled. A value of true // means checking is enabled, and false means checking is disabled. This value // must be false for a NAT instance to perform NAT. For more information, see - // NAT Instances (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) + // NAT Instances (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html) // in the Amazon Virtual Private Cloud User Guide. SourceDestCheck *AttributeBooleanValue `locationName:"sourceDestCheck" type:"structure"` } @@ -66517,7 +84716,7 @@ type ModifyReservedInstancesInput struct { _ struct{} `type:"structure"` // A unique, case-sensitive token you provide to ensure idempotency of your - // modification request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // modification request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The IDs of the Reserved Instances to modify. @@ -66599,7 +84798,6 @@ func (s *ModifyReservedInstancesOutput) SetReservedInstancesModificationId(v str return s } -// Contains the parameters for ModifySnapshotAttribute. type ModifySnapshotAttributeInput struct { _ struct{} `type:"structure"` @@ -66719,6 +84917,9 @@ type ModifySpotFleetRequestInput struct { // the Spot Fleet. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` + // The number of On-Demand Instances in the fleet. + OnDemandTargetCapacity *int64 `type:"integer"` + // The ID of the Spot Fleet request. // // SpotFleetRequestId is a required field @@ -66757,6 +84958,12 @@ func (s *ModifySpotFleetRequestInput) SetExcessCapacityTerminationPolicy(v strin return s } +// SetOnDemandTargetCapacity sets the OnDemandTargetCapacity field's value. +func (s *ModifySpotFleetRequestInput) SetOnDemandTargetCapacity(v int64) *ModifySpotFleetRequestInput { + s.OnDemandTargetCapacity = &v + return s +} + // SetSpotFleetRequestId sets the SpotFleetRequestId field's value. func (s *ModifySpotFleetRequestInput) SetSpotFleetRequestId(v string) *ModifySpotFleetRequestInput { s.SpotFleetRequestId = &v @@ -66806,10 +85013,8 @@ type ModifySubnetAttributeInput struct { // or later of the Amazon EC2 API. AssignIpv6AddressOnCreation *AttributeBooleanValue `type:"structure"` - // Specify true to indicate that network interfaces created in the specified - // subnet should be assigned a public IPv4 address. This includes a network - // interface that's created when launching an instance into the subnet (the - // instance therefore receives a public IPv4 address). + // Specify true to indicate that ENIs attached to instances created in the specified + // subnet should be assigned a public IPv4 address. MapPublicIpOnLaunch *AttributeBooleanValue `type:"structure"` // The ID of the subnet. @@ -66873,6 +85078,413 @@ func (s ModifySubnetAttributeOutput) GoString() string { return s.String() } +type ModifyTrafficMirrorFilterNetworkServicesInput struct { + _ struct{} `type:"structure"` + + // The network service, for example Amazon DNS, that you want to mirror. + AddNetworkServices []*string `locationName:"AddNetworkService" locationNameList:"item" type:"list"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The network service, for example Amazon DNS, that you no longer want to mirror. + RemoveNetworkServices []*string `locationName:"RemoveNetworkService" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorFilterNetworkServicesInput"} + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddNetworkServices sets the AddNetworkServices field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetAddNetworkServices(v []*string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.AddNetworkServices = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetDryRun(v bool) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.DryRun = &v + return s +} + +// SetRemoveNetworkServices sets the RemoveNetworkServices field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetRemoveNetworkServices(v []*string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.RemoveNetworkServices = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetTrafficMirrorFilterId(v string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.TrafficMirrorFilterId = &v + return s +} + +type ModifyTrafficMirrorFilterNetworkServicesOutput struct { + _ struct{} `type:"structure"` + + // The Traffic Mirror filter that the network service is associated with. + TrafficMirrorFilter *TrafficMirrorFilter `locationName:"trafficMirrorFilter" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilter sets the TrafficMirrorFilter field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesOutput) SetTrafficMirrorFilter(v *TrafficMirrorFilter) *ModifyTrafficMirrorFilterNetworkServicesOutput { + s.TrafficMirrorFilter = v + return s +} + +type ModifyTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // The description to assign to the Traffic Mirror rule. + Description *string `type:"string"` + + // The destination CIDR block to assign to the Traffic Mirror rule. + DestinationCidrBlock *string `type:"string"` + + // The destination ports that are associated with the Traffic Mirror rule. + DestinationPortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The protocol, for example TCP, to assign to the Traffic Mirror rule. + Protocol *int64 `type:"integer"` + + // The properties that you want to remove from the Traffic Mirror filter rule. + // + // When you remove a property from a Traffic Mirror filter rule, the property + // is set to the default. + RemoveFields []*string `locationName:"RemoveField" type:"list"` + + // The action to assign to the rule. + RuleAction *string `type:"string" enum:"TrafficMirrorRuleAction"` + + // The number of the Traffic Mirror rule. This number must be unique for each + // Traffic Mirror rule in a given direction. The rules are processed in ascending + // order by rule number. + RuleNumber *int64 `type:"integer"` + + // The source CIDR block to assign to the Traffic Mirror rule. + SourceCidrBlock *string `type:"string"` + + // The port range to assign to the Traffic Mirror rule. + SourcePortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // The type of traffic (ingress | egress) to assign to the rule. + TrafficDirection *string `type:"string" enum:"TrafficDirection"` + + // The ID of the Traffic Mirror rule. + // + // TrafficMirrorFilterRuleId is a required field + TrafficMirrorFilterRuleId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorFilterRuleInput"} + if s.TrafficMirrorFilterRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDescription(v string) *ModifyTrafficMirrorFilterRuleInput { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDestinationCidrBlock(v string) *ModifyTrafficMirrorFilterRuleInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDestinationPortRange(v *TrafficMirrorPortRangeRequest) *ModifyTrafficMirrorFilterRuleInput { + s.DestinationPortRange = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDryRun(v bool) *ModifyTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetProtocol(v int64) *ModifyTrafficMirrorFilterRuleInput { + s.Protocol = &v + return s +} + +// SetRemoveFields sets the RemoveFields field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRemoveFields(v []*string) *ModifyTrafficMirrorFilterRuleInput { + s.RemoveFields = v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRuleAction(v string) *ModifyTrafficMirrorFilterRuleInput { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRuleNumber(v int64) *ModifyTrafficMirrorFilterRuleInput { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetSourceCidrBlock(v string) *ModifyTrafficMirrorFilterRuleInput { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetSourcePortRange(v *TrafficMirrorPortRangeRequest) *ModifyTrafficMirrorFilterRuleInput { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetTrafficDirection(v string) *ModifyTrafficMirrorFilterRuleInput { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterRuleId(v string) *ModifyTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type ModifyTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // Modifies a Traffic Mirror rule. + TrafficMirrorFilterRule *TrafficMirrorFilterRule `locationName:"trafficMirrorFilterRule" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterRule sets the TrafficMirrorFilterRule field's value. +func (s *ModifyTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRule(v *TrafficMirrorFilterRule) *ModifyTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRule = v + return s +} + +type ModifyTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // The description to assign to the Traffic Mirror session. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The number of bytes in each packet to mirror. These are bytes after the VXLAN + // header. To mirror a subset, set this to the length (in bytes) to mirror. + // For example, if you set this value to 100, then the first 100 bytes that + // meet the filter criteria are copied to the target. Do not specify this parameter + // when you want to mirror the entire packet. + PacketLength *int64 `type:"integer"` + + // The properties that you want to remove from the Traffic Mirror session. + // + // When you remove a property from a Traffic Mirror session, the property is + // set to the default. + RemoveFields []*string `locationName:"RemoveField" type:"list"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + SessionNumber *int64 `type:"integer"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `type:"string"` + + // The ID of the Traffic Mirror session. + // + // TrafficMirrorSessionId is a required field + TrafficMirrorSessionId *string `type:"string" required:"true"` + + // The Traffic Mirror target. The target must be in the same VPC as the source, + // or have a VPC peering connection with the source. + TrafficMirrorTargetId *string `type:"string"` + + // The virtual network ID of the Traffic Mirror session. + VirtualNetworkId *int64 `type:"integer"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorSessionInput"} + if s.TrafficMirrorSessionId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorSessionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *ModifyTrafficMirrorSessionInput) SetDescription(v string) *ModifyTrafficMirrorSessionInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorSessionInput) SetDryRun(v bool) *ModifyTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *ModifyTrafficMirrorSessionInput) SetPacketLength(v int64) *ModifyTrafficMirrorSessionInput { + s.PacketLength = &v + return s +} + +// SetRemoveFields sets the RemoveFields field's value. +func (s *ModifyTrafficMirrorSessionInput) SetRemoveFields(v []*string) *ModifyTrafficMirrorSessionInput { + s.RemoveFields = v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *ModifyTrafficMirrorSessionInput) SetSessionNumber(v int64) *ModifyTrafficMirrorSessionInput { + s.SessionNumber = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorFilterId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorSessionId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorSessionId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorTargetId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetVirtualNetworkId(v int64) *ModifyTrafficMirrorSessionInput { + s.VirtualNetworkId = &v + return s +} + +type ModifyTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // Information about the Traffic Mirror session. + TrafficMirrorSession *TrafficMirrorSession `locationName:"trafficMirrorSession" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorSession sets the TrafficMirrorSession field's value. +func (s *ModifyTrafficMirrorSessionOutput) SetTrafficMirrorSession(v *TrafficMirrorSession) *ModifyTrafficMirrorSessionOutput { + s.TrafficMirrorSession = v + return s +} + type ModifyTransitGatewayVpcAttachmentInput struct { _ struct{} `type:"structure"` @@ -66887,6 +85499,8 @@ type ModifyTransitGatewayVpcAttachmentInput struct { DryRun *bool `type:"boolean"` // The new VPC attachment options. + // + // You cannot modify the IPv6 options. Options *ModifyTransitGatewayVpcAttachmentRequestOptions `type:"structure"` // The IDs of one or more subnets to remove. @@ -67007,7 +85621,6 @@ func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Contains the parameters for ModifyVolumeAttribute. type ModifyVolumeAttributeInput struct { _ struct{} `type:"structure"` @@ -67093,14 +85706,14 @@ type ModifyVolumeInput struct { // The target IOPS rate of the volume. // // This is only valid for Provisioned IOPS SSD (io1) volumes. For more information, - // see Provisioned IOPS SSD (io1) Volumes (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html#EBSVolumeTypes_piops). + // see Provisioned IOPS SSD (io1) Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html#EBSVolumeTypes_piops). // // Default: If no IOPS value is specified, the existing value is retained. Iops *int64 `type:"integer"` // The target size of the volume, in GiB. The target volume size must be greater // than or equal to than the existing size of the volume. For information about - // available EBS volume sizes, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html). + // available EBS volume sizes, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html). // // Default: If no size is specified, the existing size is retained. Size *int64 `type:"integer"` @@ -67386,11 +85999,11 @@ type ModifyVpcEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // (Gateway endpoint) A policy document to attach to the endpoint. The policy - // must be in valid JSON format. + // A policy to attach to the endpoint that controls access to the service. The + // policy must be in valid JSON format. PolicyDocument *string `type:"string"` - // (Interface endpoint) Indicate whether a private hosted zone is associated + // (Interface endpoint) Indicates whether a private hosted zone is associated // with the VPC. PrivateDnsEnabled *bool `type:"boolean"` @@ -67529,7 +86142,8 @@ func (s *ModifyVpcEndpointOutput) SetReturn(v bool) *ModifyVpcEndpointOutput { type ModifyVpcEndpointServiceConfigurationInput struct { _ struct{} `type:"structure"` - // Indicate whether requests to create an endpoint to your service must be accepted. + // Indicates whether requests to create an endpoint to your service must be + // accepted. AcceptanceRequired *bool `type:"boolean"` // The Amazon Resource Names (ARNs) of Network Load Balancers to add to your @@ -67542,10 +86156,16 @@ type ModifyVpcEndpointServiceConfigurationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // The private DNS name to assign to the endpoint service. + PrivateDnsName *string `type:"string"` + // The Amazon Resource Names (ARNs) of Network Load Balancers to remove from // your service configuration. RemoveNetworkLoadBalancerArns []*string `locationName:"RemoveNetworkLoadBalancerArn" locationNameList:"item" type:"list"` + // Removes the private DNS name of the endpoint service. + RemovePrivateDnsName *bool `type:"boolean"` + // The ID of the service. // // ServiceId is a required field @@ -67593,12 +86213,24 @@ func (s *ModifyVpcEndpointServiceConfigurationInput) SetDryRun(v bool) *ModifyVp return s } +// SetPrivateDnsName sets the PrivateDnsName field's value. +func (s *ModifyVpcEndpointServiceConfigurationInput) SetPrivateDnsName(v string) *ModifyVpcEndpointServiceConfigurationInput { + s.PrivateDnsName = &v + return s +} + // SetRemoveNetworkLoadBalancerArns sets the RemoveNetworkLoadBalancerArns field's value. func (s *ModifyVpcEndpointServiceConfigurationInput) SetRemoveNetworkLoadBalancerArns(v []*string) *ModifyVpcEndpointServiceConfigurationInput { s.RemoveNetworkLoadBalancerArns = v return s } +// SetRemovePrivateDnsName sets the RemovePrivateDnsName field's value. +func (s *ModifyVpcEndpointServiceConfigurationInput) SetRemovePrivateDnsName(v bool) *ModifyVpcEndpointServiceConfigurationInput { + s.RemovePrivateDnsName = &v + return s +} + // SetServiceId sets the ServiceId field's value. func (s *ModifyVpcEndpointServiceConfigurationInput) SetServiceId(v string) *ModifyVpcEndpointServiceConfigurationInput { s.ServiceId = &v @@ -67909,6 +86541,516 @@ func (s *ModifyVpcTenancyOutput) SetReturnValue(v bool) *ModifyVpcTenancyOutput return s } +type ModifyVpnConnectionInput struct { + _ struct{} `type:"structure"` + + // The ID of the customer gateway at your end of the VPN connection. + CustomerGatewayId *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the transit gateway. + TransitGatewayId *string `type:"string"` + + // The ID of the VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The ID of the virtual private gateway at the AWS side of the VPN connection. + VpnGatewayId *string `type:"string"` +} + +// String returns the string representation +func (s ModifyVpnConnectionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnConnectionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnConnectionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnConnectionInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCustomerGatewayId sets the CustomerGatewayId field's value. +func (s *ModifyVpnConnectionInput) SetCustomerGatewayId(v string) *ModifyVpnConnectionInput { + s.CustomerGatewayId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnConnectionInput) SetDryRun(v bool) *ModifyVpnConnectionInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *ModifyVpnConnectionInput) SetTransitGatewayId(v string) *ModifyVpnConnectionInput { + s.TransitGatewayId = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnConnectionInput) SetVpnConnectionId(v string) *ModifyVpnConnectionInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnGatewayId sets the VpnGatewayId field's value. +func (s *ModifyVpnConnectionInput) SetVpnGatewayId(v string) *ModifyVpnConnectionInput { + s.VpnGatewayId = &v + return s +} + +type ModifyVpnConnectionOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnConnectionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnConnectionOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnConnectionOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnConnectionOutput { + s.VpnConnection = v + return s +} + +type ModifyVpnTunnelCertificateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AWS Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyVpnTunnelCertificateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelCertificateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnTunnelCertificateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnTunnelCertificateInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnTunnelCertificateInput) SetDryRun(v bool) *ModifyVpnTunnelCertificateInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnTunnelCertificateInput) SetVpnConnectionId(v string) *ModifyVpnTunnelCertificateInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ModifyVpnTunnelCertificateInput) SetVpnTunnelOutsideIpAddress(v string) *ModifyVpnTunnelCertificateInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ModifyVpnTunnelCertificateOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnTunnelCertificateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelCertificateOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnTunnelCertificateOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnTunnelCertificateOutput { + s.VpnConnection = v + return s +} + +type ModifyVpnTunnelOptionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tunnel options to modify. + // + // TunnelOptions is a required field + TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true"` + + // The ID of the AWS Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnTunnelOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnTunnelOptionsInput"} + if s.TunnelOptions == nil { + invalidParams.Add(request.NewErrParamRequired("TunnelOptions")) + } + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnTunnelOptionsInput) SetDryRun(v bool) *ModifyVpnTunnelOptionsInput { + s.DryRun = &v + return s +} + +// SetTunnelOptions sets the TunnelOptions field's value. +func (s *ModifyVpnTunnelOptionsInput) SetTunnelOptions(v *ModifyVpnTunnelOptionsSpecification) *ModifyVpnTunnelOptionsInput { + s.TunnelOptions = v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnTunnelOptionsInput) SetVpnConnectionId(v string) *ModifyVpnTunnelOptionsInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ModifyVpnTunnelOptionsInput) SetVpnTunnelOutsideIpAddress(v string) *ModifyVpnTunnelOptionsInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ModifyVpnTunnelOptionsOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnTunnelOptionsOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnTunnelOptionsOutput { + s.VpnConnection = v + return s +} + +// The AWS Site-to-Site VPN tunnel options to modify. +type ModifyVpnTunnelOptionsSpecification struct { + _ struct{} `type:"structure"` + + // The number of seconds after which a DPD timeout occurs. + // + // Constraints: A value between 0 and 30. + // + // Default: 30 + DPDTimeoutSeconds *int64 `type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + // + // Valid values: ikev1 | ikev2 + IKEVersions []*IKEVersionsRequestListValue `locationName:"IKEVersion" locationNameList:"item" type:"list"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 1 IKE negotiations. + // + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 28,800. + // + // Default: 28800 + Phase1LifetimeSeconds *int64 `type:"integer"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 2 IKE negotiations. + // + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 3,600. The value must be less than the + // value for Phase1LifetimeSeconds. + // + // Default: 3600 + Phase2LifetimeSeconds *int64 `type:"integer"` + + // The pre-shared key (PSK) to establish initial authentication between the + // virtual private gateway and the customer gateway. + // + // Constraints: Allowed characters are alphanumeric characters, periods (.), + // and underscores (_). Must be between 8 and 64 characters in length and cannot + // start with zero (0). + PreSharedKey *string `type:"string"` + + // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) + // during which the rekey time is randomly selected. + // + // Constraints: A value between 0 and 100. + // + // Default: 100 + RekeyFuzzPercentage *int64 `type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. The exact + // time of the rekey is randomly selected based on the value for RekeyFuzzPercentage. + // + // Constraints: A value between 60 and half of Phase2LifetimeSeconds. + // + // Default: 540 + RekeyMarginTimeSeconds *int64 `type:"integer"` + + // The number of packets in an IKE replay window. + // + // Constraints: A value between 64 and 2048. + // + // Default: 1024 + ReplayWindowSize *int64 `type:"integer"` + + // The range of inside IP addresses for the tunnel. Any specified CIDR blocks + // must be unique across all VPN connections that use the same virtual private + // gateway. + // + // Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following + // CIDR blocks are reserved and cannot be used: + // + // * 169.254.0.0/30 + // + // * 169.254.1.0/30 + // + // * 169.254.2.0/30 + // + // * 169.254.3.0/30 + // + // * 169.254.4.0/30 + // + // * 169.254.5.0/30 + // + // * 169.254.169.252/30 + TunnelInsideCidr *string `type:"string"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsSpecification) GoString() string { + return s.String() +} + +// SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.DPDTimeoutSeconds = &v + return s +} + +// SetIKEVersions sets the IKEVersions field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.IKEVersions = v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1LifetimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2LifetimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.Phase2LifetimeSeconds = &v + return s +} + +// SetPreSharedKey sets the PreSharedKey field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPreSharedKey(v string) *ModifyVpnTunnelOptionsSpecification { + s.PreSharedKey = &v + return s +} + +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetRekeyFuzzPercentage(v int64) *ModifyVpnTunnelOptionsSpecification { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetRekeyMarginTimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *ModifyVpnTunnelOptionsSpecification { + s.ReplayWindowSize = &v + return s +} + +// SetTunnelInsideCidr sets the TunnelInsideCidr field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *ModifyVpnTunnelOptionsSpecification { + s.TunnelInsideCidr = &v + return s +} + type MonitorInstancesInput struct { _ struct{} `type:"structure"` @@ -67918,7 +87060,7 @@ type MonitorInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more instance IDs. + // The IDs of the instances. // // InstanceIds is a required field InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list" required:"true"` @@ -68168,7 +87310,7 @@ type NatGateway struct { NatGatewayId *string `locationName:"natGatewayId" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). ProvisionedBandwidth *ProvisionedBandwidth `locationName:"provisionedBandwidth" type:"structure"` @@ -68538,6 +87680,75 @@ func (s *NetworkAclEntry) SetRuleNumber(v int64) *NetworkAclEntry { return s } +// Describes the networking features of the instance type. +type NetworkInfo struct { + _ struct{} `type:"structure"` + + // Indicates whether Elastic Network Adapter (ENA) is supported. + EnaSupport *string `locationName:"enaSupport" type:"string" enum:"EnaSupport"` + + // The maximum number of IPv4 addresses per network interface. + Ipv4AddressesPerInterface *int64 `locationName:"ipv4AddressesPerInterface" type:"integer"` + + // The maximum number of IPv6 addresses per network interface. + Ipv6AddressesPerInterface *int64 `locationName:"ipv6AddressesPerInterface" type:"integer"` + + // Indicates whether IPv6 is supported. + Ipv6Supported *bool `locationName:"ipv6Supported" type:"boolean"` + + // The maximum number of network interfaces for the instance type. + MaximumNetworkInterfaces *int64 `locationName:"maximumNetworkInterfaces" type:"integer"` + + // Describes the network performance. + NetworkPerformance *string `locationName:"networkPerformance" type:"string"` +} + +// String returns the string representation +func (s NetworkInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s NetworkInfo) GoString() string { + return s.String() +} + +// SetEnaSupport sets the EnaSupport field's value. +func (s *NetworkInfo) SetEnaSupport(v string) *NetworkInfo { + s.EnaSupport = &v + return s +} + +// SetIpv4AddressesPerInterface sets the Ipv4AddressesPerInterface field's value. +func (s *NetworkInfo) SetIpv4AddressesPerInterface(v int64) *NetworkInfo { + s.Ipv4AddressesPerInterface = &v + return s +} + +// SetIpv6AddressesPerInterface sets the Ipv6AddressesPerInterface field's value. +func (s *NetworkInfo) SetIpv6AddressesPerInterface(v int64) *NetworkInfo { + s.Ipv6AddressesPerInterface = &v + return s +} + +// SetIpv6Supported sets the Ipv6Supported field's value. +func (s *NetworkInfo) SetIpv6Supported(v bool) *NetworkInfo { + s.Ipv6Supported = &v + return s +} + +// SetMaximumNetworkInterfaces sets the MaximumNetworkInterfaces field's value. +func (s *NetworkInfo) SetMaximumNetworkInterfaces(v int64) *NetworkInfo { + s.MaximumNetworkInterfaces = &v + return s +} + +// SetNetworkPerformance sets the NetworkPerformance field's value. +func (s *NetworkInfo) SetNetworkPerformance(v string) *NetworkInfo { + s.NetworkPerformance = &v + return s +} + // Describes a network interface. type NetworkInterface struct { _ struct{} `type:"structure"` @@ -68558,7 +87769,7 @@ type NetworkInterface struct { // Any security groups for the network interface. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` - // The type of interface. + // The type of network interface. InterfaceType *string `locationName:"interfaceType" type:"string" enum:"NetworkInterfaceType"` // The IPv6 addresses associated with the network interface. @@ -68570,6 +87781,9 @@ type NetworkInterface struct { // The ID of the network interface. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The AWS account ID of the owner of the network interface. OwnerId *string `locationName:"ownerId" type:"string"` @@ -68669,6 +87883,12 @@ func (s *NetworkInterface) SetNetworkInterfaceId(v string) *NetworkInterface { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *NetworkInterface) SetOutpostArn(v string) *NetworkInterface { + s.OutpostArn = &v + return s +} + // SetOwnerId sets the OwnerId field's value. func (s *NetworkInterface) SetOwnerId(v string) *NetworkInterface { s.OwnerId = &v @@ -69115,7 +88335,7 @@ func (s *NewDhcpConfiguration) SetValues(v []*string) *NewDhcpConfiguration { return s } -// The allocation strategy of On-Demand Instances in an EC2 Fleet. +// Describes the configuration of On-Demand Instances in an EC2 Fleet. type OnDemandOptions struct { _ struct{} `type:"structure"` @@ -69127,16 +88347,24 @@ type OnDemandOptions struct { // Fleet defaults to lowest-price. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"FleetOnDemandAllocationStrategy"` + // The strategy for using unused Capacity Reservations for fulfilling On-Demand + // capacity. Supported only for fleets of type instant. + CapacityReservationOptions *CapacityReservationOptions `locationName:"capacityReservationOptions" type:"structure"` + + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. + MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` + // The minimum target capacity for On-Demand Instances in the fleet. If the // minimum target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `locationName:"minTargetCapacity" type:"integer"` // Indicates that the fleet launches all On-Demand Instances into a single Availability - // Zone. + // Zone. Supported only for fleets of type instant. SingleAvailabilityZone *bool `locationName:"singleAvailabilityZone" type:"boolean"` // Indicates that the fleet uses a single instance type to launch all On-Demand - // Instances in the fleet. + // Instances in the fleet. Supported only for fleets of type instant. SingleInstanceType *bool `locationName:"singleInstanceType" type:"boolean"` } @@ -69156,6 +88384,18 @@ func (s *OnDemandOptions) SetAllocationStrategy(v string) *OnDemandOptions { return s } +// SetCapacityReservationOptions sets the CapacityReservationOptions field's value. +func (s *OnDemandOptions) SetCapacityReservationOptions(v *CapacityReservationOptions) *OnDemandOptions { + s.CapacityReservationOptions = v + return s +} + +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *OnDemandOptions) SetMaxTotalPrice(v string) *OnDemandOptions { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *OnDemandOptions) SetMinTargetCapacity(v int64) *OnDemandOptions { s.MinTargetCapacity = &v @@ -69174,7 +88414,7 @@ func (s *OnDemandOptions) SetSingleInstanceType(v bool) *OnDemandOptions { return s } -// The allocation strategy of On-Demand Instances in an EC2 Fleet. +// Describes the configuration of On-Demand Instances in an EC2 Fleet. type OnDemandOptionsRequest struct { _ struct{} `type:"structure"` @@ -69186,16 +88426,24 @@ type OnDemandOptionsRequest struct { // Fleet defaults to lowest-price. AllocationStrategy *string `type:"string" enum:"FleetOnDemandAllocationStrategy"` + // The strategy for using unused Capacity Reservations for fulfilling On-Demand + // capacity. Supported only for fleets of type instant. + CapacityReservationOptions *CapacityReservationOptionsRequest `type:"structure"` + + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. + MaxTotalPrice *string `type:"string"` + // The minimum target capacity for On-Demand Instances in the fleet. If the // minimum target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `type:"integer"` // Indicates that the fleet launches all On-Demand Instances into a single Availability - // Zone. + // Zone. Supported only for fleets of type instant. SingleAvailabilityZone *bool `type:"boolean"` // Indicates that the fleet uses a single instance type to launch all On-Demand - // Instances in the fleet. + // Instances in the fleet. Supported only for fleets of type instant. SingleInstanceType *bool `type:"boolean"` } @@ -69215,6 +88463,18 @@ func (s *OnDemandOptionsRequest) SetAllocationStrategy(v string) *OnDemandOption return s } +// SetCapacityReservationOptions sets the CapacityReservationOptions field's value. +func (s *OnDemandOptionsRequest) SetCapacityReservationOptions(v *CapacityReservationOptionsRequest) *OnDemandOptionsRequest { + s.CapacityReservationOptions = v + return s +} + +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *OnDemandOptionsRequest) SetMaxTotalPrice(v string) *OnDemandOptionsRequest { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *OnDemandOptionsRequest) SetMinTargetCapacity(v int64) *OnDemandOptionsRequest { s.MinTargetCapacity = &v @@ -69285,6 +88545,39 @@ func (s *PciId) SetVendorId(v string) *PciId { return s } +// The status of the transit gateway peering attachment. +type PeeringAttachmentStatus struct { + _ struct{} `type:"structure"` + + // The status code. + Code *string `locationName:"code" type:"string"` + + // The status message, if applicable. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s PeeringAttachmentStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PeeringAttachmentStatus) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *PeeringAttachmentStatus) SetCode(v string) *PeeringAttachmentStatus { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *PeeringAttachmentStatus) SetMessage(v string) *PeeringAttachmentStatus { + s.Message = &v + return s +} + // Describes the VPC peering connection options. type PeeringConnectionOptions struct { _ struct{} `type:"structure"` @@ -69375,6 +88668,338 @@ func (s *PeeringConnectionOptionsRequest) SetAllowEgressFromLocalVpcToRemoteClas return s } +// Information about the transit gateway in the peering attachment. +type PeeringTgwInfo struct { + _ struct{} `type:"structure"` + + // The AWS account ID of the owner of the transit gateway. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The Region of the transit gateway. + Region *string `locationName:"region" type:"string"` + + // The ID of the transit gateway. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` +} + +// String returns the string representation +func (s PeeringTgwInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PeeringTgwInfo) GoString() string { + return s.String() +} + +// SetOwnerId sets the OwnerId field's value. +func (s *PeeringTgwInfo) SetOwnerId(v string) *PeeringTgwInfo { + s.OwnerId = &v + return s +} + +// SetRegion sets the Region field's value. +func (s *PeeringTgwInfo) SetRegion(v string) *PeeringTgwInfo { + s.Region = &v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *PeeringTgwInfo) SetTransitGatewayId(v string) *PeeringTgwInfo { + s.TransitGatewayId = &v + return s +} + +// The Diffie-Hellmann group number for phase 1 IKE negotiations. +type Phase1DHGroupNumbersListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `locationName:"value" type:"integer"` +} + +// String returns the string representation +func (s Phase1DHGroupNumbersListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1DHGroupNumbersListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1DHGroupNumbersListValue) SetValue(v int64) *Phase1DHGroupNumbersListValue { + s.Value = &v + return s +} + +// Specifies a Diffie-Hellman group number for the VPN tunnel for phase 1 IKE +// negotiations. +type Phase1DHGroupNumbersRequestListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `type:"integer"` +} + +// String returns the string representation +func (s Phase1DHGroupNumbersRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1DHGroupNumbersRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1DHGroupNumbersRequestListValue) SetValue(v int64) *Phase1DHGroupNumbersRequestListValue { + s.Value = &v + return s +} + +// The encryption algorithm for phase 1 IKE negotiations. +type Phase1EncryptionAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The value for the encryption algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase1EncryptionAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1EncryptionAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1EncryptionAlgorithmsListValue) SetValue(v string) *Phase1EncryptionAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the encryption algorithm for the VPN tunnel for phase 1 IKE negotiations. +type Phase1EncryptionAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The value for the encryption algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase1EncryptionAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1EncryptionAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1EncryptionAlgorithmsRequestListValue) SetValue(v string) *Phase1EncryptionAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The integrity algorithm for phase 1 IKE negotiations. +type Phase1IntegrityAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The value for the integrity algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase1IntegrityAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1IntegrityAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1IntegrityAlgorithmsListValue) SetValue(v string) *Phase1IntegrityAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the integrity algorithm for the VPN tunnel for phase 1 IKE negotiations. +type Phase1IntegrityAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The value for the integrity algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase1IntegrityAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1IntegrityAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1IntegrityAlgorithmsRequestListValue) SetValue(v string) *Phase1IntegrityAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The Diffie-Hellmann group number for phase 2 IKE negotiations. +type Phase2DHGroupNumbersListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `locationName:"value" type:"integer"` +} + +// String returns the string representation +func (s Phase2DHGroupNumbersListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2DHGroupNumbersListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2DHGroupNumbersListValue) SetValue(v int64) *Phase2DHGroupNumbersListValue { + s.Value = &v + return s +} + +// Specifies a Diffie-Hellman group number for the VPN tunnel for phase 2 IKE +// negotiations. +type Phase2DHGroupNumbersRequestListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `type:"integer"` +} + +// String returns the string representation +func (s Phase2DHGroupNumbersRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2DHGroupNumbersRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2DHGroupNumbersRequestListValue) SetValue(v int64) *Phase2DHGroupNumbersRequestListValue { + s.Value = &v + return s +} + +// The encryption algorithm for phase 2 IKE negotiations. +type Phase2EncryptionAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The encryption algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase2EncryptionAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2EncryptionAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2EncryptionAlgorithmsListValue) SetValue(v string) *Phase2EncryptionAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the encryption algorithm for the VPN tunnel for phase 2 IKE negotiations. +type Phase2EncryptionAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The encryption algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase2EncryptionAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2EncryptionAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2EncryptionAlgorithmsRequestListValue) SetValue(v string) *Phase2EncryptionAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The integrity algorithm for phase 2 IKE negotiations. +type Phase2IntegrityAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The integrity algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase2IntegrityAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2IntegrityAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2IntegrityAlgorithmsListValue) SetValue(v string) *Phase2IntegrityAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the integrity algorithm for the VPN tunnel for phase 2 IKE negotiations. +type Phase2IntegrityAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The integrity algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase2IntegrityAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2IntegrityAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2IntegrityAlgorithmsRequestListValue) SetValue(v string) *Phase2IntegrityAlgorithmsRequestListValue { + s.Value = &v + return s +} + // Describes the placement of an instance. type Placement struct { _ struct{} `type:"structure"` @@ -69384,6 +89009,9 @@ type Placement struct { Affinity *string `locationName:"affinity" type:"string"` // The Availability Zone of the instance. + // + // If not specified, an Availability Zone will be automatically chosen for you + // based on the load balancing criteria for the Region. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` // The name of the placement group the instance is in. @@ -69393,6 +89021,11 @@ type Placement struct { // is not supported for the ImportInstance command. HostId *string `locationName:"hostId" type:"string"` + // The ARN of the host resource group in which to launch the instances. If you + // specify a host resource group ARN, omit the Tenancy parameter or set it to + // host. + HostResourceGroupArn *string `locationName:"hostResourceGroupArn" type:"string"` + // The number of the partition the instance is in. Valid only if the placement // group strategy is set to partition. PartitionNumber *int64 `locationName:"partitionNumber" type:"integer"` @@ -69440,6 +89073,12 @@ func (s *Placement) SetHostId(v string) *Placement { return s } +// SetHostResourceGroupArn sets the HostResourceGroupArn field's value. +func (s *Placement) SetHostResourceGroupArn(v string) *Placement { + s.HostResourceGroupArn = &v + return s +} + // SetPartitionNumber sets the PartitionNumber field's value. func (s *Placement) SetPartitionNumber(v int64) *Placement { s.PartitionNumber = &v @@ -69462,6 +89101,9 @@ func (s *Placement) SetTenancy(v string) *Placement { type PlacementGroup struct { _ struct{} `type:"structure"` + // The ID of the placement group. + GroupId *string `locationName:"groupId" type:"string"` + // The name of the placement group. GroupName *string `locationName:"groupName" type:"string"` @@ -69473,6 +89115,9 @@ type PlacementGroup struct { // The placement strategy. Strategy *string `locationName:"strategy" type:"string" enum:"PlacementStrategy"` + + // Any tags applied to the placement group. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -69485,6 +89130,12 @@ func (s PlacementGroup) GoString() string { return s.String() } +// SetGroupId sets the GroupId field's value. +func (s *PlacementGroup) SetGroupId(v string) *PlacementGroup { + s.GroupId = &v + return s +} + // SetGroupName sets the GroupName field's value. func (s *PlacementGroup) SetGroupName(v string) *PlacementGroup { s.GroupName = &v @@ -69509,11 +89160,41 @@ func (s *PlacementGroup) SetStrategy(v string) *PlacementGroup { return s } +// SetTags sets the Tags field's value. +func (s *PlacementGroup) SetTags(v []*Tag) *PlacementGroup { + s.Tags = v + return s +} + +// Describes the placement group support of the instance type. +type PlacementGroupInfo struct { + _ struct{} `type:"structure"` + + // A list of supported placement groups types. + SupportedStrategies []*string `locationName:"supportedStrategies" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s PlacementGroupInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PlacementGroupInfo) GoString() string { + return s.String() +} + +// SetSupportedStrategies sets the SupportedStrategies field's value. +func (s *PlacementGroupInfo) SetSupportedStrategies(v []*string) *PlacementGroupInfo { + s.SupportedStrategies = v + return s +} + // Describes the placement of an instance. type PlacementResponse struct { _ struct{} `type:"structure"` - // The name of the placement group the instance is in. + // The name of the placement group that the instance is in. GroupName *string `locationName:"groupName" type:"string"` } @@ -69817,6 +89498,65 @@ func (s *PrincipalIdFormat) SetStatuses(v []*IdFormat) *PrincipalIdFormat { return s } +// Information about the private DNS name for the service endpoint. For more +// information about these parameters, see VPC Endpoint Service Private DNS +// Name Verification (https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html) +// in the Amazon Virtual Private Cloud User Guide. +type PrivateDnsNameConfiguration struct { + _ struct{} `type:"structure"` + + // The name of the record subdomain the service provider needs to create. The + // service provider adds the value text to the name. + Name *string `locationName:"name" type:"string"` + + // The verification state of the VPC endpoint service. + // + // >Consumers of the endpoint service can use the private name only when the + // state is verified. + State *string `locationName:"state" type:"string" enum:"DnsNameState"` + + // The endpoint service verification type, for example TXT. + Type *string `locationName:"type" type:"string"` + + // The value the service provider adds to the private DNS name domain record + // before verification. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s PrivateDnsNameConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PrivateDnsNameConfiguration) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *PrivateDnsNameConfiguration) SetName(v string) *PrivateDnsNameConfiguration { + s.Name = &v + return s +} + +// SetState sets the State field's value. +func (s *PrivateDnsNameConfiguration) SetState(v string) *PrivateDnsNameConfiguration { + s.State = &v + return s +} + +// SetType sets the Type field's value. +func (s *PrivateDnsNameConfiguration) SetType(v string) *PrivateDnsNameConfiguration { + s.Type = &v + return s +} + +// SetValue sets the Value field's value. +func (s *PrivateDnsNameConfiguration) SetValue(v string) *PrivateDnsNameConfiguration { + s.Value = &v + return s +} + // Describes a secondary private IPv4 address for a network interface. type PrivateIpAddressSpecification struct { _ struct{} `type:"structure"` @@ -69851,6 +89591,39 @@ func (s *PrivateIpAddressSpecification) SetPrivateIpAddress(v string) *PrivateIp return s } +// Describes the processor used by the instance type. +type ProcessorInfo struct { + _ struct{} `type:"structure"` + + // A list of architectures supported by the instance type. + SupportedArchitectures []*string `locationName:"supportedArchitectures" locationNameList:"item" type:"list"` + + // The speed of the processor, in GHz. + SustainedClockSpeedInGhz *float64 `locationName:"sustainedClockSpeedInGhz" type:"double"` +} + +// String returns the string representation +func (s ProcessorInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ProcessorInfo) GoString() string { + return s.String() +} + +// SetSupportedArchitectures sets the SupportedArchitectures field's value. +func (s *ProcessorInfo) SetSupportedArchitectures(v []*string) *ProcessorInfo { + s.SupportedArchitectures = v + return s +} + +// SetSustainedClockSpeedInGhz sets the SustainedClockSpeedInGhz field's value. +func (s *ProcessorInfo) SetSustainedClockSpeedInGhz(v float64) *ProcessorInfo { + s.SustainedClockSpeedInGhz = &v + return s +} + // Describes a product code. type ProductCode struct { _ struct{} `type:"structure"` @@ -69913,7 +89686,7 @@ type ProvisionByoipCidrInput struct { // The public IPv4 address range, in CIDR notation. The most specific prefix // that you can specify is /24. The address range cannot overlap with another - // address range that you've brought to this or another region. + // address range that you've brought to this or another Region. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -70008,33 +89781,33 @@ func (s *ProvisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *ProvisionByoipCid } // Reserved. If you need to sustain traffic greater than the documented limits -// (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), +// (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). type ProvisionedBandwidth struct { _ struct{} `type:"structure"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). ProvisionTime *time.Time `locationName:"provisionTime" type:"timestamp"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Provisioned *string `locationName:"provisioned" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). RequestTime *time.Time `locationName:"requestTime" type:"timestamp"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Requested *string `locationName:"requested" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Status *string `locationName:"status" type:"string"` } @@ -70282,9 +90055,8 @@ func (s *Purchase) SetUpfrontPrice(v string) *Purchase { type PurchaseHostReservationInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // The currency in which the totalUpfrontPrice, LimitPrice, and totalHourlyPrice @@ -70369,9 +90141,8 @@ func (s *PurchaseHostReservationInput) SetOfferingId(v string) *PurchaseHostRese type PurchaseHostReservationOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The currency in which the totalUpfrontPrice and totalHourlyPrice amounts @@ -70501,6 +90272,10 @@ type PurchaseReservedInstancesOfferingInput struct { // prices. LimitPrice *ReservedInstanceLimitPrice `locationName:"limitPrice" type:"structure"` + // The time at which to purchase the Reserved Instance, in UTC format (for example, + // YYYY-MM-DDTHH:MM:SSZ). + PurchaseTime *time.Time `type:"timestamp"` + // The ID of the Reserved Instance offering to purchase. // // ReservedInstancesOfferingId is a required field @@ -70551,6 +90326,12 @@ func (s *PurchaseReservedInstancesOfferingInput) SetLimitPrice(v *ReservedInstan return s } +// SetPurchaseTime sets the PurchaseTime field's value. +func (s *PurchaseReservedInstancesOfferingInput) SetPurchaseTime(v time.Time) *PurchaseReservedInstancesOfferingInput { + s.PurchaseTime = &v + return s +} + // SetReservedInstancesOfferingId sets the ReservedInstancesOfferingId field's value. func (s *PurchaseReservedInstancesOfferingInput) SetReservedInstancesOfferingId(v string) *PurchaseReservedInstancesOfferingInput { s.ReservedInstancesOfferingId = &v @@ -70586,7 +90367,7 @@ type PurchaseScheduledInstancesInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that ensures the idempotency of the request. - // For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` // Checks whether you have the required permissions for the action, without @@ -70595,7 +90376,7 @@ type PurchaseScheduledInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more purchase requests. + // The purchase requests. // // PurchaseRequests is a required field PurchaseRequests []*PurchaseRequest `locationName:"PurchaseRequest" locationNameList:"PurchaseRequest" min:"1" type:"list" required:"true"` @@ -70688,7 +90469,7 @@ type RebootInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more instance IDs. + // The instance IDs. // // InstanceIds is a required field InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list" required:"true"` @@ -70776,14 +90557,18 @@ func (s *RecurringCharge) SetFrequency(v string) *RecurringCharge { return s } -// Describes a region. +// Describes a Region. type Region struct { _ struct{} `type:"structure"` - // The region service endpoint. + // The Region service endpoint. Endpoint *string `locationName:"regionEndpoint" type:"string"` - // The name of the region. + // The Region opt-in status. The possible values are opt-in-not-required, opted-in, + // and not-opted-in. + OptInStatus *string `locationName:"optInStatus" type:"string"` + + // The name of the Region. RegionName *string `locationName:"regionName" type:"string"` } @@ -70803,6 +90588,12 @@ func (s *Region) SetEndpoint(v string) *Region { return s } +// SetOptInStatus sets the OptInStatus field's value. +func (s *Region) SetOptInStatus(v string) *Region { + s.OptInStatus = &v + return s +} + // SetRegionName sets the RegionName field's value. func (s *Region) SetRegionName(v string) *Region { s.RegionName = &v @@ -70824,7 +90615,7 @@ type RegisterImageInput struct { // use of an AMI. BillingProducts []*string `locationName:"BillingProduct" locationNameList:"item" type:"list"` - // One or more block device mapping entries. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // A description for your AMI. @@ -70843,7 +90634,10 @@ type RegisterImageInput struct { // PV AMI can make instances launched from the AMI unreachable. EnaSupport *bool `locationName:"enaSupport" type:"boolean"` - // The full path to your AMI manifest in Amazon S3 storage. + // The full path to your AMI manifest in Amazon S3 storage. The specified bucket + // must have the aws-exec-read canned access control list (ACL) to ensure that + // it can be accessed by Amazon EC2. For more information, see Canned ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) + // in the Amazon S3 Service Developer Guide. ImageLocation *string `type:"string"` // The ID of the kernel. @@ -71005,6 +90799,233 @@ func (s *RegisterImageOutput) SetImageId(v string) *RegisterImageOutput { return s } +type RegisterTransitGatewayMulticastGroupMembersInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `type:"string"` + + // The group members' network interface IDs to register with the transit gateway + // multicast group. + NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s RegisterTransitGatewayMulticastGroupMembersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayMulticastGroupMembersInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupMembersInput { + s.DryRun = &v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetGroupIpAddress(v string) *RegisterTransitGatewayMulticastGroupMembersInput { + s.GroupIpAddress = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetNetworkInterfaceIds(v []*string) *RegisterTransitGatewayMulticastGroupMembersInput { + s.NetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetTransitGatewayMulticastDomainId(v string) *RegisterTransitGatewayMulticastGroupMembersInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type RegisterTransitGatewayMulticastGroupMembersOutput struct { + _ struct{} `type:"structure"` + + // Information about the registered transit gateway multicast group members. + RegisteredMulticastGroupMembers *TransitGatewayMulticastRegisteredGroupMembers `locationName:"registeredMulticastGroupMembers" type:"structure"` +} + +// String returns the string representation +func (s RegisterTransitGatewayMulticastGroupMembersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayMulticastGroupMembersOutput) GoString() string { + return s.String() +} + +// SetRegisteredMulticastGroupMembers sets the RegisteredMulticastGroupMembers field's value. +func (s *RegisterTransitGatewayMulticastGroupMembersOutput) SetRegisteredMulticastGroupMembers(v *TransitGatewayMulticastRegisteredGroupMembers) *RegisterTransitGatewayMulticastGroupMembersOutput { + s.RegisteredMulticastGroupMembers = v + return s +} + +type RegisterTransitGatewayMulticastGroupSourcesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `type:"string"` + + // The group sources' network interface IDs to register with the transit gateway + // multicast group. + NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s RegisterTransitGatewayMulticastGroupSourcesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayMulticastGroupSourcesInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupSourcesInput { + s.DryRun = &v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetGroupIpAddress(v string) *RegisterTransitGatewayMulticastGroupSourcesInput { + s.GroupIpAddress = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetNetworkInterfaceIds(v []*string) *RegisterTransitGatewayMulticastGroupSourcesInput { + s.NetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetTransitGatewayMulticastDomainId(v string) *RegisterTransitGatewayMulticastGroupSourcesInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type RegisterTransitGatewayMulticastGroupSourcesOutput struct { + _ struct{} `type:"structure"` + + // Information about the transit gateway multicast group sources. + RegisteredMulticastGroupSources *TransitGatewayMulticastRegisteredGroupSources `locationName:"registeredMulticastGroupSources" type:"structure"` +} + +// String returns the string representation +func (s RegisterTransitGatewayMulticastGroupSourcesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RegisterTransitGatewayMulticastGroupSourcesOutput) GoString() string { + return s.String() +} + +// SetRegisteredMulticastGroupSources sets the RegisteredMulticastGroupSources field's value. +func (s *RegisterTransitGatewayMulticastGroupSourcesOutput) SetRegisteredMulticastGroupSources(v *TransitGatewayMulticastRegisteredGroupSources) *RegisterTransitGatewayMulticastGroupSourcesOutput { + s.RegisteredMulticastGroupSources = v + return s +} + +type RejectTransitGatewayPeeringAttachmentInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the transit gateway peering attachment. + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s RejectTransitGatewayPeeringAttachmentInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RejectTransitGatewayPeeringAttachmentInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RejectTransitGatewayPeeringAttachmentInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RejectTransitGatewayPeeringAttachmentInput"} + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *RejectTransitGatewayPeeringAttachmentInput) SetDryRun(v bool) *RejectTransitGatewayPeeringAttachmentInput { + s.DryRun = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *RejectTransitGatewayPeeringAttachmentInput) SetTransitGatewayAttachmentId(v string) *RejectTransitGatewayPeeringAttachmentInput { + s.TransitGatewayAttachmentId = &v + return s +} + +type RejectTransitGatewayPeeringAttachmentOutput struct { + _ struct{} `type:"structure"` + + // The transit gateway peering attachment. + TransitGatewayPeeringAttachment *TransitGatewayPeeringAttachment `locationName:"transitGatewayPeeringAttachment" type:"structure"` +} + +// String returns the string representation +func (s RejectTransitGatewayPeeringAttachmentOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RejectTransitGatewayPeeringAttachmentOutput) GoString() string { + return s.String() +} + +// SetTransitGatewayPeeringAttachment sets the TransitGatewayPeeringAttachment field's value. +func (s *RejectTransitGatewayPeeringAttachmentOutput) SetTransitGatewayPeeringAttachment(v *TransitGatewayPeeringAttachment) *RejectTransitGatewayPeeringAttachmentOutput { + s.TransitGatewayPeeringAttachment = v + return s +} + type RejectTransitGatewayVpcAttachmentInput struct { _ struct{} `type:"structure"` @@ -71250,6 +91271,16 @@ type ReleaseAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // The location that the IP address is released from. + // + // If you provide an incorrect network border group, you will receive an InvalidAddress.NotFound + // error. For more information, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). + // + // You cannot use a network border group with EC2 Classic. If you attempt this + // operation on EC2 classic, you will receive an InvalidParameterCombination + // error. For more information, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). + NetworkBorderGroup *string `type:"string"` + // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. PublicIp *string `type:"string"` } @@ -71276,6 +91307,12 @@ func (s *ReleaseAddressInput) SetDryRun(v bool) *ReleaseAddressInput { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *ReleaseAddressInput) SetNetworkBorderGroup(v string) *ReleaseAddressInput { + s.NetworkBorderGroup = &v + return s +} + // SetPublicIp sets the PublicIp field's value. func (s *ReleaseAddressInput) SetPublicIp(v string) *ReleaseAddressInput { s.PublicIp = &v @@ -71722,6 +91759,12 @@ type ReplaceRouteInput struct { // The ID of a NAT instance in your VPC. InstanceId *string `locationName:"instanceId" type:"string"` + // The ID of the local gateway. + LocalGatewayId *string `type:"string"` + + // Specifies whether to reset the local route to its default target (local). + LocalTarget *bool `type:"boolean"` + // [IPv4 traffic only] The ID of a NAT gateway. NatGatewayId *string `locationName:"natGatewayId" type:"string"` @@ -71799,6 +91842,18 @@ func (s *ReplaceRouteInput) SetInstanceId(v string) *ReplaceRouteInput { return s } +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *ReplaceRouteInput) SetLocalGatewayId(v string) *ReplaceRouteInput { + s.LocalGatewayId = &v + return s +} + +// SetLocalTarget sets the LocalTarget field's value. +func (s *ReplaceRouteInput) SetLocalTarget(v bool) *ReplaceRouteInput { + s.LocalTarget = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *ReplaceRouteInput) SetNatGatewayId(v string) *ReplaceRouteInput { s.NatGatewayId = &v @@ -71910,6 +91965,9 @@ func (s *ReplaceRouteTableAssociationInput) SetRouteTableId(v string) *ReplaceRo type ReplaceRouteTableAssociationOutput struct { _ struct{} `type:"structure"` + // The state of the association. + AssociationState *RouteTableAssociationState `locationName:"associationState" type:"structure"` + // The ID of the new association. NewAssociationId *string `locationName:"newAssociationId" type:"string"` } @@ -71924,6 +91982,12 @@ func (s ReplaceRouteTableAssociationOutput) GoString() string { return s.String() } +// SetAssociationState sets the AssociationState field's value. +func (s *ReplaceRouteTableAssociationOutput) SetAssociationState(v *RouteTableAssociationState) *ReplaceRouteTableAssociationOutput { + s.AssociationState = v + return s +} + // SetNewAssociationId sets the NewAssociationId field's value. func (s *ReplaceRouteTableAssociationOutput) SetNewAssociationId(v string) *ReplaceRouteTableAssociationOutput { s.NewAssociationId = &v @@ -72051,12 +92115,12 @@ type ReportInstanceStatusInput struct { // The time at which the reported instance health state ended. EndTime *time.Time `locationName:"endTime" type:"timestamp"` - // One or more instances. + // The instances. // // Instances is a required field Instances []*string `locationName:"instanceId" locationNameList:"InstanceId" type:"list" required:"true"` - // One or more reason codes that describe the health state of your instance. + // The reason codes that describe the health state of your instance. // // * instance-stuck-in-state: My instance is stuck in a state. // @@ -72189,11 +92253,14 @@ type RequestLaunchTemplateData struct { // cannot be changed using this action. BlockDeviceMappings []*LaunchTemplateBlockDeviceMappingRequest `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` - // The Capacity Reservation targeting option. + // The Capacity Reservation targeting option. If you do not specify this parameter, + // the instance's Capacity Reservation preference defaults to open, which enables + // it to run in any open Capacity Reservation that has matching attributes (instance + // type, platform, Availability Zone). CapacityReservationSpecification *LaunchTemplateCapacityReservationSpecificationRequest `type:"structure"` // The CPU options for the instance. For more information, see Optimizing CPU - // Options (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) + // Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) // in the Amazon Elastic Compute Cloud User Guide. CpuOptions *LaunchTemplateCpuOptionsRequest `type:"structure"` @@ -72201,8 +92268,11 @@ type RequestLaunchTemplateData struct { // only. CreditSpecification *CreditSpecificationRequest `type:"structure"` - // If set to true, you can't terminate the instance using the Amazon EC2 console, - // CLI, or API. To change this attribute to false after launch, use ModifyInstanceAttribute. + // If you set this parameter to true, you can't terminate the instance using + // the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute + // after launch, use ModifyInstanceAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html). + // Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate, + // you can terminate the instance by running the shutdown command from the instance. DisableApiTermination *bool `type:"boolean"` // Indicates whether the instance is optimized for Amazon EBS I/O. This optimization @@ -72219,16 +92289,15 @@ type RequestLaunchTemplateData struct { ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` // Indicates whether an instance is enabled for hibernation. This parameter - // is valid only if the instance meets the hibernation prerequisites (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). - // Hibernation is currently supported only for Amazon Linux. For more information, - // see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). + // For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. HibernationOptions *LaunchTemplateHibernationOptionsRequest `type:"structure"` // The IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecificationRequest `type:"structure"` - // The ID of the AMI, which you can get by using DescribeImages. + // The ID of the AMI. ImageId *string `type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -72240,19 +92309,19 @@ type RequestLaunchTemplateData struct { // The market (purchasing) option for the instances. InstanceMarketOptions *LaunchTemplateInstanceMarketOptionsRequest `type:"structure"` - // The instance type. For more information, see Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. InstanceType *string `type:"string" enum:"InstanceType"` // The ID of the kernel. // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more - // information, see User Provided Kernels (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + // information, see User Provided Kernels (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) // in the Amazon Elastic Compute Cloud User Guide. KernelId *string `type:"string"` - // The name of the key pair. You can create a key pair using CreateKeyPair or - // ImportKeyPair. + // The name of the key pair. You can create a key pair using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) + // or ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html). // // If you do not specify a key pair, you can't connect to the instance unless // you choose an AMI that is configured to allow users another way to log in. @@ -72261,10 +92330,16 @@ type RequestLaunchTemplateData struct { // The license configurations. LicenseSpecifications []*LaunchTemplateLicenseConfigurationRequest `locationName:"LicenseSpecification" locationNameList:"item" type:"list"` + // The metadata options for the instance. For more information, see Instance + // Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // in the Amazon Elastic Compute Cloud User Guide. + MetadataOptions *LaunchTemplateInstanceMetadataOptionsRequest `type:"structure"` + // The monitoring for the instance. Monitoring *LaunchTemplatesMonitoringRequest `type:"structure"` - // One or more network interfaces. + // One or more network interfaces. If you specify a network interface, you must + // specify any security groups and subnets as part of the network interface. NetworkInterfaces []*LaunchTemplateInstanceNetworkInterfaceSpecificationRequest `locationName:"NetworkInterface" locationNameList:"InstanceNetworkInterfaceSpecification" type:"list"` // The placement for the instance. @@ -72273,11 +92348,12 @@ type RequestLaunchTemplateData struct { // The ID of the RAM disk. // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more - // information, see User Provided Kernels (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + // information, see User Provided Kernels (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) // in the Amazon Elastic Compute Cloud User Guide. RamDiskId *string `type:"string"` - // One or more security group IDs. You can create a security group using CreateSecurityGroup. + // One or more security group IDs. You can create a security group using CreateSecurityGroup + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). // You cannot specify both a security group ID and security name in the same // request. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` @@ -72290,12 +92366,12 @@ type RequestLaunchTemplateData struct { // The tags to apply to the resources during launch. You can only tag instances // and volumes on launch. The specified tags are applied to all instances or // volumes that are created during launch. To tag a resource after it has been - // created, see CreateTags. + // created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). TagSpecifications []*LaunchTemplateTagSpecificationRequest `locationName:"TagSpecification" locationNameList:"LaunchTemplateTagSpecificationRequest" type:"list"` // The Base64-encoded user data to make available to the instance. For more - // information, see Running Commands on Your Linux Instance at Launch (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) - // (Linux) and Adding User Data (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data) + // information, see Running Commands on Your Linux Instance at Launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) + // (Linux) and Adding User Data (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data) // (Windows). UserData *string `type:"string"` } @@ -72447,6 +92523,12 @@ func (s *RequestLaunchTemplateData) SetLicenseSpecifications(v []*LaunchTemplate return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *RequestLaunchTemplateData) SetMetadataOptions(v *LaunchTemplateInstanceMetadataOptionsRequest) *RequestLaunchTemplateData { + s.MetadataOptions = v + return s +} + // SetMonitoring sets the Monitoring field's value. func (s *RequestLaunchTemplateData) SetMonitoring(v *LaunchTemplatesMonitoringRequest) *RequestLaunchTemplateData { s.Monitoring = v @@ -72614,7 +92696,7 @@ type RequestSpotInstancesInput struct { BlockDurationMinutes *int64 `locationName:"blockDurationMinutes" type:"integer"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) // in the Amazon EC2 User Guide for Linux Instances. ClientToken *string `locationName:"clientToken" type:"string"` @@ -72655,6 +92737,10 @@ type RequestSpotInstancesInput struct { // launch, the request expires, or the request is canceled. If the request is // persistent, the request becomes active at this date and time and remains // active until it expires or is canceled. + // + // The specified start date and time cannot be equal to the current date and + // time. You must specify a start date and time that occurs after the current + // date and time. ValidFrom *time.Time `locationName:"validFrom" type:"timestamp"` // The end date of the request. If this is a one-time request, the request remains @@ -72846,10 +92932,13 @@ type RequestSpotLaunchSpecification struct { // you can specify the names or the IDs of the security groups. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"item" type:"list"` - // The ID of the subnet in which to launch the instance. + // The IDs of the subnets in which to launch the instance. To specify multiple + // subnets, separate them using commas; for example, "subnet-1234abcdeexample1, + // subnet-0987cdef6example2". SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. + // The Base64-encoded user data for the instance. User data is limited to 16 + // KB. UserData *string `locationName:"userData" type:"string"` } @@ -72978,10 +93067,10 @@ func (s *RequestSpotLaunchSpecification) SetUserData(v string) *RequestSpotLaunc type Reservation struct { _ struct{} `type:"structure"` - // [EC2-Classic only] One or more security groups. + // [EC2-Classic only] The security groups. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` - // One or more instances. + // The instances. Instances []*Instance `locationName:"instancesSet" locationNameList:"item" type:"list"` // The ID of the AWS account that owns the reservation. @@ -73191,7 +93280,7 @@ type ReservedInstances struct { ReservedInstancesId *string `locationName:"reservedInstancesId" type:"string"` // The scope of the Reserved Instance. - Scope *string `locationName:"scope" type:"string" enum:"scope"` + Scope *string `locationName:"scope" type:"string" enum:"Scope"` // The date and time the Reserved Instance started. Start *time.Time `locationName:"start" type:"timestamp"` @@ -73332,6 +93421,8 @@ type ReservedInstancesConfiguration struct { AvailabilityZone *string `locationName:"availabilityZone" type:"string"` // The number of modified Reserved Instances. + // + // This is a required field for a request. InstanceCount *int64 `locationName:"instanceCount" type:"integer"` // The instance type for the modified Reserved Instances. @@ -73341,9 +93432,9 @@ type ReservedInstancesConfiguration struct { // EC2-Classic or EC2-VPC. Platform *string `locationName:"platform" type:"string"` - // Whether the Reserved Instance is applied to instances in a region or instances + // Whether the Reserved Instance is applied to instances in a Region or instances // in a specific Availability Zone. - Scope *string `locationName:"scope" type:"string" enum:"scope"` + Scope *string `locationName:"scope" type:"string" enum:"Scope"` } // String returns the string representation @@ -73415,7 +93506,7 @@ type ReservedInstancesListing struct { _ struct{} `type:"structure"` // A unique, case-sensitive key supplied by the client to ensure that the request - // is idempotent. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // is idempotent. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The time the listing was created. @@ -73522,7 +93613,7 @@ type ReservedInstancesModification struct { _ struct{} `type:"structure"` // A unique, case-sensitive key supplied by the client to ensure that the request - // is idempotent. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // is idempotent. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The time when the modification request was created. @@ -73700,9 +93791,9 @@ type ReservedInstancesOffering struct { // GetReservedInstancesExchangeQuote to confirm that an exchange can be made. ReservedInstancesOfferingId *string `locationName:"reservedInstancesOfferingId" type:"string"` - // Whether the Reserved Instance is applied to instances in a region or an Availability + // Whether the Reserved Instance is applied to instances in a Region or an Availability // Zone. - Scope *string `locationName:"scope" type:"string" enum:"scope"` + Scope *string `locationName:"scope" type:"string" enum:"Scope"` // The usage price of the Reserved Instance, per hour. UsagePrice *float64 `locationName:"usagePrice" type:"float"` @@ -73808,6 +93899,55 @@ func (s *ReservedInstancesOffering) SetUsagePrice(v float64) *ReservedInstancesO return s } +type ResetEbsDefaultKmsKeyIdInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation +func (s ResetEbsDefaultKmsKeyIdInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResetEbsDefaultKmsKeyIdInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *ResetEbsDefaultKmsKeyIdInput) SetDryRun(v bool) *ResetEbsDefaultKmsKeyIdInput { + s.DryRun = &v + return s +} + +type ResetEbsDefaultKmsKeyIdOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the default CMK for EBS encryption by default. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` +} + +// String returns the string representation +func (s ResetEbsDefaultKmsKeyIdOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ResetEbsDefaultKmsKeyIdOutput) GoString() string { + return s.String() +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *ResetEbsDefaultKmsKeyIdOutput) SetKmsKeyId(v string) *ResetEbsDefaultKmsKeyIdOutput { + s.KmsKeyId = &v + return s +} + type ResetFpgaImageAttributeInput struct { _ struct{} `type:"structure"` @@ -74125,7 +94265,6 @@ func (s ResetNetworkInterfaceAttributeOutput) GoString() string { return s.String() } -// Contains the parameters for ResetSnapshotAttribute. type ResetSnapshotAttributeInput struct { _ struct{} `type:"structure"` @@ -74250,7 +94389,7 @@ type ResponseLaunchTemplateData struct { CapacityReservationSpecification *LaunchTemplateCapacityReservationSpecificationResponse `locationName:"capacityReservationSpecification" type:"structure"` // The CPU options for the instance. For more information, see Optimizing CPU - // Options (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) + // Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) // in the Amazon Elastic Compute Cloud User Guide. CpuOptions *LaunchTemplateCpuOptions `locationName:"cpuOptions" type:"structure"` @@ -74271,7 +94410,7 @@ type ResponseLaunchTemplateData struct { ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAcceleratorResponse `locationName:"elasticInferenceAcceleratorSet" locationNameList:"item" type:"list"` // Indicates whether an instance is configured for hibernation. For more information, - // see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. HibernationOptions *LaunchTemplateHibernationOptions `locationName:"hibernationOptions" type:"structure"` @@ -74300,6 +94439,11 @@ type ResponseLaunchTemplateData struct { // The license configurations. LicenseSpecifications []*LaunchTemplateLicenseConfiguration `locationName:"licenseSet" locationNameList:"item" type:"list"` + // The metadata options for the instance. For more information, see Instance + // Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // in the Amazon Elastic Compute Cloud User Guide. + MetadataOptions *LaunchTemplateInstanceMetadataOptions `locationName:"metadataOptions" type:"structure"` + // The monitoring for the instance. Monitoring *LaunchTemplatesMonitoring `locationName:"monitoring" type:"structure"` @@ -74437,6 +94581,12 @@ func (s *ResponseLaunchTemplateData) SetLicenseSpecifications(v []*LaunchTemplat return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *ResponseLaunchTemplateData) SetMetadataOptions(v *LaunchTemplateInstanceMetadataOptions) *ResponseLaunchTemplateData { + s.MetadataOptions = v + return s +} + // SetMonitoring sets the Monitoring field's value. func (s *ResponseLaunchTemplateData) SetMonitoring(v *LaunchTemplatesMonitoring) *ResponseLaunchTemplateData { s.Monitoring = v @@ -74693,8 +94843,8 @@ type RevokeSecurityGroupEgressInput struct { // GroupId is a required field GroupId *string `locationName:"groupId" type:"string" required:"true"` - // One or more sets of IP permissions. You can't specify a destination security - // group and a CIDR IP address range in the same set of permissions. + // The sets of IP permissions. You can't specify a destination security group + // and a CIDR IP address range in the same set of permissions. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` // Not supported. Use a set of IP permissions to specify the protocol name or @@ -74830,8 +94980,8 @@ type RevokeSecurityGroupIngressInput struct { // either the security group ID or the security group name in the request. GroupName *string `type:"string"` - // One or more sets of IP permissions. You can't specify a source security group - // and a CIDR IP address range in the same set of permissions. + // The sets of IP permissions. You can't specify a source security group and + // a CIDR IP address range in the same set of permissions. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). @@ -74968,6 +95118,9 @@ type Route struct { // The AWS account ID of the owner of the instance. InstanceOwnerId *string `locationName:"instanceOwnerId" type:"string"` + // The ID of the local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The ID of a NAT gateway. NatGatewayId *string `locationName:"natGatewayId" type:"string"` @@ -75048,6 +95201,12 @@ func (s *Route) SetInstanceOwnerId(v string) *Route { return s } +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *Route) SetLocalGatewayId(v string) *Route { + s.LocalGatewayId = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *Route) SetNatGatewayId(v string) *Route { s.NatGatewayId = &v @@ -75088,7 +95247,7 @@ func (s *Route) SetVpcPeeringConnectionId(v string) *Route { type RouteTable struct { _ struct{} `type:"structure"` - // The associations between the route table and one or more subnets. + // The associations between the route table and one or more subnets or a gateway. Associations []*RouteTableAssociation `locationName:"associationSet" locationNameList:"item" type:"list"` // The ID of the AWS account that owns the route table. @@ -75162,14 +95321,20 @@ func (s *RouteTable) SetVpcId(v string) *RouteTable { return s } -// Describes an association between a route table and a subnet. +// Describes an association between a route table and a subnet or gateway. type RouteTableAssociation struct { _ struct{} `type:"structure"` + // The state of the association. + AssociationState *RouteTableAssociationState `locationName:"associationState" type:"structure"` + + // The ID of the internet gateway or virtual private gateway. + GatewayId *string `locationName:"gatewayId" type:"string"` + // Indicates whether this is the main route table. Main *bool `locationName:"main" type:"boolean"` - // The ID of the association between a route table and a subnet. + // The ID of the association. RouteTableAssociationId *string `locationName:"routeTableAssociationId" type:"string"` // The ID of the route table. @@ -75189,6 +95354,18 @@ func (s RouteTableAssociation) GoString() string { return s.String() } +// SetAssociationState sets the AssociationState field's value. +func (s *RouteTableAssociation) SetAssociationState(v *RouteTableAssociationState) *RouteTableAssociation { + s.AssociationState = v + return s +} + +// SetGatewayId sets the GatewayId field's value. +func (s *RouteTableAssociation) SetGatewayId(v string) *RouteTableAssociation { + s.GatewayId = &v + return s +} + // SetMain sets the Main field's value. func (s *RouteTableAssociation) SetMain(v bool) *RouteTableAssociation { s.Main = &v @@ -75213,45 +95390,80 @@ func (s *RouteTableAssociation) SetSubnetId(v string) *RouteTableAssociation { return s } +// Describes the state of an association between a route table and a subnet +// or gateway. +type RouteTableAssociationState struct { + _ struct{} `type:"structure"` + + // The state of the association. + State *string `locationName:"state" type:"string" enum:"RouteTableAssociationStateCode"` + + // The status message, if applicable. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation +func (s RouteTableAssociationState) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RouteTableAssociationState) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *RouteTableAssociationState) SetState(v string) *RouteTableAssociationState { + s.State = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *RouteTableAssociationState) SetStatusMessage(v string) *RouteTableAssociationState { + s.StatusMessage = &v + return s +} + type RunInstancesInput struct { _ struct{} `type:"structure"` // Reserved. AdditionalInfo *string `locationName:"additionalInfo" type:"string"` - // One or more block device mapping entries. You can't specify both a snapshot - // ID and an encryption value. This is because only blank volumes can be encrypted - // on creation. If a snapshot is the basis for a volume, it is not blank and - // its encryption status is used for the volume encryption status. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` - // Information about the Capacity Reservation targeting option. + // Information about the Capacity Reservation targeting option. If you do not + // specify this parameter, the instance's Capacity Reservation preference defaults + // to open, which enables it to run in any open Capacity Reservation that has + // matching attributes (instance type, platform, Availability Zone). CapacityReservationSpecification *CapacityReservationSpecification `type:"structure"` // Unique, case-sensitive identifier you provide to ensure the idempotency of - // the request. For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraints: Maximum 64 ASCII characters ClientToken *string `locationName:"clientToken" type:"string"` // The CPU options for the instance. For more information, see Optimizing CPU - // Options (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) + // Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) // in the Amazon Elastic Compute Cloud User Guide. CpuOptions *CpuOptionsRequest `type:"structure"` - // The credit option for CPU usage of the instance. Valid values are standard - // and unlimited. To change this attribute after launch, use ModifyInstanceCreditSpecification. - // For more information, see Burstable Performance Instances (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) + // The credit option for CPU usage of the burstable performance instance. Valid + // values are standard and unlimited. To change this attribute after launch, + // use ModifyInstanceCreditSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html). + // For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) // in the Amazon Elastic Compute Cloud User Guide. // - // Default: standard (T2 instances) or unlimited (T3 instances) + // Default: standard (T2 instances) or unlimited (T3/T3a instances) CreditSpecification *CreditSpecificationRequest `type:"structure"` // If you set this parameter to true, you can't terminate the instance using // the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute - // to false after launch, use ModifyInstanceAttribute. Alternatively, if you - // set InstanceInitiatedShutdownBehavior to terminate, you can terminate the - // instance by running the shutdown command from the instance. + // after launch, use ModifyInstanceAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html). + // Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate, + // you can terminate the instance by running the shutdown command from the instance. // // Default: false DisableApiTermination *bool `locationName:"disableApiTermination" type:"boolean"` @@ -75271,23 +95483,27 @@ type RunInstancesInput struct { // Default: false EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // An elastic GPU to associate with the instance. + // An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource + // that you can attach to your Windows instance to accelerate the graphics performance + // of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) + // in the Amazon Elastic Compute Cloud User Guide. ElasticGpuSpecification []*ElasticGpuSpecification `locationNameList:"item" type:"list"` - // An elastic inference accelerator. + // An elastic inference accelerator to associate with the instance. Elastic + // inference accelerators are a resource you can attach to your Amazon EC2 instances + // to accelerate your Deep Learning (DL) inference workloads. ElasticInferenceAccelerators []*ElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` // Indicates whether an instance is enabled for hibernation. For more information, - // see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. HibernationOptions *HibernationOptionsRequest `type:"structure"` // The IAM instance profile. IamInstanceProfile *IamInstanceProfileSpecification `locationName:"iamInstanceProfile" type:"structure"` - // The ID of the AMI, which you can get by calling DescribeImages. An AMI is - // required to launch an instance and must be specified here or in a launch - // template. + // The ID of the AMI. An AMI ID is required to launch an instance and must be + // specified here or in a launch template. ImageId *string `type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -75302,35 +95518,40 @@ type RunInstancesInput struct { // InstanceInterruptionBehavior is set to either hibernate or stop. InstanceMarketOptions *InstanceMarketOptionsRequest `type:"structure"` - // The instance type. For more information, see Instance Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + // The instance type. For more information, see Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon Elastic Compute Cloud User Guide. // // Default: m1.small InstanceType *string `type:"string" enum:"InstanceType"` - // [EC2-VPC] A number of IPv6 addresses to associate with the primary network + // [EC2-VPC] The number of IPv6 addresses to associate with the primary network // interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. // You cannot specify this option and the option to assign specific IPv6 addresses // in the same request. You can specify this option if you've specified a minimum // number of instances to launch. + // + // You cannot specify this option and the network interfaces option in the same + // request. Ipv6AddressCount *int64 `type:"integer"` - // [EC2-VPC] Specify one or more IPv6 addresses from the range of the subnet - // to associate with the primary network interface. You cannot specify this - // option and the option to assign a number of IPv6 addresses in the same request. - // You cannot specify this option if you've specified a minimum number of instances - // to launch. + // [EC2-VPC] The IPv6 addresses from the range of the subnet to associate with + // the primary network interface. You cannot specify this option and the option + // to assign a number of IPv6 addresses in the same request. You cannot specify + // this option if you've specified a minimum number of instances to launch. + // + // You cannot specify this option and the network interfaces option in the same + // request. Ipv6Addresses []*InstanceIpv6Address `locationName:"Ipv6Address" locationNameList:"item" type:"list"` // The ID of the kernel. // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more - // information, see PV-GRUB (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + // information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) // in the Amazon Elastic Compute Cloud User Guide. KernelId *string `type:"string"` - // The name of the key pair. You can create a key pair using CreateKeyPair or - // ImportKeyPair. + // The name of the key pair. You can create a key pair using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) + // or ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html). // // If you do not specify a key pair, you can't connect to the instance unless // you choose an AMI that is configured to allow users another way to log in. @@ -75356,6 +95577,10 @@ type RunInstancesInput struct { // MaxCount is a required field MaxCount *int64 `type:"integer" required:"true"` + // The metadata options for the instance. For more information, see Instance + // Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). + MetadataOptions *InstanceMetadataOptionsRequest `type:"structure"` + // The minimum number of instances to launch. If you specify a minimum that // is more instances than Amazon EC2 can launch in the target Availability Zone, // Amazon EC2 launches no instances. @@ -75368,10 +95593,12 @@ type RunInstancesInput struct { // MinCount is a required field MinCount *int64 `type:"integer" required:"true"` - // The monitoring for the instance. + // Specifies whether detailed monitoring is enabled for the instance. Monitoring *RunInstancesMonitoringEnabled `type:"structure"` - // One or more network interfaces. + // The network interfaces to associate with the instance. If you specify a network + // interface, you must specify any security groups and subnets as part of the + // network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterface" locationNameList:"item" type:"list"` // The placement for the instance. @@ -75384,41 +95611,55 @@ type RunInstancesInput struct { // this option if you've specified the option to designate a private IP address // as the primary IP address in a network interface specification. You cannot // specify this option if you're launching more than one instance in the request. + // + // You cannot specify this option and the network interfaces option in the same + // request. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // The ID of the RAM disk. + // The ID of the RAM disk to select. Some kernels require additional drivers + // at launch. Check the kernel requirements for information about whether you + // need to specify a RAM disk. To find kernel requirements, go to the AWS Resource + // Center and search for the kernel ID. // // We recommend that you use PV-GRUB instead of kernels and RAM disks. For more - // information, see PV-GRUB (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + // information, see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) // in the Amazon Elastic Compute Cloud User Guide. RamdiskId *string `type:"string"` - // One or more security group IDs. You can create a security group using CreateSecurityGroup. + // The IDs of the security groups. You can create a security group using CreateSecurityGroup + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). // - // Default: Amazon EC2 uses the default security group. + // If you specify a network interface, you must specify any security groups + // as part of the network interface. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` - // [EC2-Classic, default VPC] One or more security group names. For a nondefault + // [EC2-Classic, default VPC] The names of the security groups. For a nondefault // VPC, you must use security group IDs instead. // + // If you specify a network interface, you must specify any security groups + // as part of the network interface. + // // Default: Amazon EC2 uses the default security group. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` // [EC2-VPC] The ID of the subnet to launch the instance into. + // + // If you specify a network interface, you must specify any subnets as part + // of the network interface. SubnetId *string `type:"string"` // The tags to apply to the resources during launch. You can only tag instances // and volumes on launch. The specified tags are applied to all instances or // volumes that are created during launch. To tag a resource after it has been - // created, see CreateTags. + // created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The user data to make available to the instance. For more information, see - // Running Commands on Your Linux Instance at Launch (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) - // (Linux) and Adding User Data (http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data) + // Running Commands on Your Linux Instance at Launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) + // (Linux) and Adding User Data (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data) // (Windows). If you are using a command line tool, base64-encoding is performed // for you, and you can load the text from a file. Otherwise, you must provide - // base64-encoded text. + // base64-encoded text. User data is limited to 16 KB. UserData *string `type:"string"` } @@ -75622,6 +95863,12 @@ func (s *RunInstancesInput) SetMaxCount(v int64) *RunInstancesInput { return s } +// SetMetadataOptions sets the MetadataOptions field's value. +func (s *RunInstancesInput) SetMetadataOptions(v *InstanceMetadataOptionsRequest) *RunInstancesInput { + s.MetadataOptions = v + return s +} + // SetMinCount sets the MinCount field's value. func (s *RunInstancesInput) SetMinCount(v int64) *RunInstancesInput { s.MinCount = &v @@ -75733,7 +95980,7 @@ type RunScheduledInstancesInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that ensures the idempotency of the request. - // For more information, see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` // Checks whether you have the required permissions for the action, without @@ -75851,7 +96098,7 @@ type S3Storage struct { // The access key ID of the owner of the bucket. Before you specify a value // for your access key ID, review and follow the guidance in Best Practices - // for Managing AWS Access Keys (http://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). + // for Managing AWS Access Keys (https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). AWSAccessKeyId *string `type:"string"` // The bucket in which to store the AMI. You can specify a bucket that you already @@ -76404,7 +96651,7 @@ type ScheduledInstancesEbs struct { // for the volume. For gp2 volumes, this represents the baseline performance // of the volume and the rate at which the volume accumulates I/O credits for // bursting. For more information about gp2 baseline performance, I/O credits, - // and bursting, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // and bursting, see Amazon EBS Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for @@ -76426,7 +96673,7 @@ type ScheduledInstancesEbs struct { // The volume type. gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, // Throughput Optimized HDD for st1, Cold HDD for sc1, or standard for Magnetic. // - // Default: standard + // Default: gp2 VolumeType *string `type:"string"` } @@ -76541,7 +96788,7 @@ func (s *ScheduledInstancesIpv6Address) SetIpv6Address(v string) *ScheduledInsta type ScheduledInstancesLaunchSpecification struct { _ struct{} `type:"structure"` - // One or more block device mapping entries. + // The block device mapping entries. BlockDeviceMappings []*ScheduledInstancesBlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // Indicates whether the instances are optimized for EBS I/O. This optimization @@ -76573,7 +96820,7 @@ type ScheduledInstancesLaunchSpecification struct { // Enable or disable monitoring for the instances. Monitoring *ScheduledInstancesMonitoring `type:"structure"` - // One or more network interfaces. + // The network interfaces. NetworkInterfaces []*ScheduledInstancesNetworkInterface `locationName:"NetworkInterface" locationNameList:"NetworkInterface" type:"list"` // The placement information. @@ -76582,7 +96829,7 @@ type ScheduledInstancesLaunchSpecification struct { // The ID of the RAM disk. RamdiskId *string `type:"string"` - // The IDs of one or more security groups. + // The IDs of the security groups. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // The ID of the subnet in which to launch the instances. @@ -76743,14 +96990,14 @@ type ScheduledInstancesNetworkInterface struct { // The index of the device for the network interface attachment. DeviceIndex *int64 `type:"integer"` - // The IDs of one or more security groups. + // The IDs of the security groups. Groups []*string `locationName:"Group" locationNameList:"SecurityGroupId" type:"list"` // The number of IPv6 addresses to assign to the network interface. The IPv6 // addresses are automatically selected from the subnet range. Ipv6AddressCount *int64 `type:"integer"` - // One or more specific IPv6 addresses from the subnet range. + // The specific IPv6 addresses from the subnet range. Ipv6Addresses []*ScheduledInstancesIpv6Address `locationName:"Ipv6Address" locationNameList:"Ipv6Address" type:"list"` // The ID of the network interface. @@ -76918,6 +97165,255 @@ func (s *ScheduledInstancesPrivateIpAddressConfig) SetPrivateIpAddress(v string) return s } +type SearchLocalGatewayRoutesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // Filters is a required field + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list" required:"true"` + + // The ID of the local gateway route table. + // + // LocalGatewayRouteTableId is a required field + LocalGatewayRouteTableId *string `type:"string" required:"true"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s SearchLocalGatewayRoutesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SearchLocalGatewayRoutesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SearchLocalGatewayRoutesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SearchLocalGatewayRoutesInput"} + if s.Filters == nil { + invalidParams.Add(request.NewErrParamRequired("Filters")) + } + if s.LocalGatewayRouteTableId == nil { + invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *SearchLocalGatewayRoutesInput) SetDryRun(v bool) *SearchLocalGatewayRoutesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *SearchLocalGatewayRoutesInput) SetFilters(v []*Filter) *SearchLocalGatewayRoutesInput { + s.Filters = v + return s +} + +// SetLocalGatewayRouteTableId sets the LocalGatewayRouteTableId field's value. +func (s *SearchLocalGatewayRoutesInput) SetLocalGatewayRouteTableId(v string) *SearchLocalGatewayRoutesInput { + s.LocalGatewayRouteTableId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *SearchLocalGatewayRoutesInput) SetMaxResults(v int64) *SearchLocalGatewayRoutesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *SearchLocalGatewayRoutesInput) SetNextToken(v string) *SearchLocalGatewayRoutesInput { + s.NextToken = &v + return s +} + +type SearchLocalGatewayRoutesOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the routes. + Routes []*LocalGatewayRoute `locationName:"routeSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s SearchLocalGatewayRoutesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SearchLocalGatewayRoutesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *SearchLocalGatewayRoutesOutput) SetNextToken(v string) *SearchLocalGatewayRoutesOutput { + s.NextToken = &v + return s +} + +// SetRoutes sets the Routes field's value. +func (s *SearchLocalGatewayRoutesOutput) SetRoutes(v []*LocalGatewayRoute) *SearchLocalGatewayRoutesOutput { + s.Routes = v + return s +} + +type SearchTransitGatewayMulticastGroupsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * group-ip-address - The IP address of the transit gateway multicast group. + // + // * is-group-member - The resource is a group member. Valid values are true + // | false. + // + // * is-group-source - The resource is a group source. Valid values are true + // | false. + // + // * member-type - The member type. Valid values are igmp | static. + // + // * resource-id - The ID of the resource. + // + // * resource-type - The type of resource. Valid values are vpc | vpn | direct-connect-gateway + // | tgw-peering. + // + // * source-type - The source type. Valid values are igmp | static. + // + // * state - The state of the subnet association. Valid values are associated + // | associated | disassociated | disassociating. + // + // * subnet-id - The ID of the subnet. + // + // * transit-gateway-attachment-id - The id of the transit gateway attachment. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `type:"string"` +} + +// String returns the string representation +func (s SearchTransitGatewayMulticastGroupsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SearchTransitGatewayMulticastGroupsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SearchTransitGatewayMulticastGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SearchTransitGatewayMulticastGroupsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *SearchTransitGatewayMulticastGroupsInput) SetDryRun(v bool) *SearchTransitGatewayMulticastGroupsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *SearchTransitGatewayMulticastGroupsInput) SetFilters(v []*Filter) *SearchTransitGatewayMulticastGroupsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *SearchTransitGatewayMulticastGroupsInput) SetMaxResults(v int64) *SearchTransitGatewayMulticastGroupsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *SearchTransitGatewayMulticastGroupsInput) SetNextToken(v string) *SearchTransitGatewayMulticastGroupsInput { + s.NextToken = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *SearchTransitGatewayMulticastGroupsInput) SetTransitGatewayMulticastDomainId(v string) *SearchTransitGatewayMulticastGroupsInput { + s.TransitGatewayMulticastDomainId = &v + return s +} + +type SearchTransitGatewayMulticastGroupsOutput struct { + _ struct{} `type:"structure"` + + // Information about the transit gateway multicast group. + MulticastGroups []*TransitGatewayMulticastGroup `locationName:"multicastGroups" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s SearchTransitGatewayMulticastGroupsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SearchTransitGatewayMulticastGroupsOutput) GoString() string { + return s.String() +} + +// SetMulticastGroups sets the MulticastGroups field's value. +func (s *SearchTransitGatewayMulticastGroupsOutput) SetMulticastGroups(v []*TransitGatewayMulticastGroup) *SearchTransitGatewayMulticastGroupsOutput { + s.MulticastGroups = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *SearchTransitGatewayMulticastGroupsOutput) SetNextToken(v string) *SearchTransitGatewayMulticastGroupsOutput { + s.NextToken = &v + return s +} + type SearchTransitGatewayRoutesInput struct { _ struct{} `type:"structure"` @@ -76929,14 +97425,29 @@ type SearchTransitGatewayRoutesInput struct { // One or more filters. The possible values are: // - // * transit-gateway-route-destination-cidr-block - The CIDR range. - // - // * transit-gateway-route-state - The state of the route (active | blackhole). - // - // * transit-gateway-route-transit-gateway-attachment-id - The ID of the + // * attachment.transit-gateway-attachment-id- The id of the transit gateway // attachment. // - // * transit-gateway-route-type - The route type (static | propagated). + // * attachment.resource-id - The resource id of the transit gateway attachment. + // + // * attachment.resource-type - The attachment resource type (vpc | vpn). + // + // * route-search.exact-match - The exact match of the specified filter. + // + // * route-search.longest-prefix-match - The longest prefix that matches + // the route. + // + // * route-search.subnet-of-match - The routes with a subnet that match the + // specified CIDR filter. + // + // * route-search.supernet-of-match - The routes with a CIDR that encompass + // the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 + // routes in your route table and you specify supernet-of-match as 10.0.1.0/30, + // then the result returns 10.0.1.0/29. + // + // * state - The state of the route (active | blackhole). + // + // * type - The type of route (propagated | static). // // Filters is a required field Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list" required:"true"` @@ -77048,10 +97559,10 @@ type SecurityGroup struct { // The name of the security group. GroupName *string `locationName:"groupName" type:"string"` - // One or more inbound rules associated with the security group. + // The inbound rules associated with the security group. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` - // [EC2-VPC] One or more outbound rules associated with the security group. + // [VPC only] The outbound rules associated with the security group. IpPermissionsEgress []*IpPermission `locationName:"ipPermissionsEgress" locationNameList:"item" type:"list"` // The AWS account ID of the owner of the security group. @@ -77060,7 +97571,7 @@ type SecurityGroup struct { // Any tags assigned to the security group. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` - // [EC2-VPC] The ID of the VPC for the security group. + // [VPC only] The ID of the VPC for the security group. VpcId *string `locationName:"vpcId" type:"string"` } @@ -77197,6 +97708,70 @@ func (s *SecurityGroupReference) SetVpcPeeringConnectionId(v string) *SecurityGr return s } +type SendDiagnosticInterruptInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the instance. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s SendDiagnosticInterruptInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SendDiagnosticInterruptInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SendDiagnosticInterruptInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SendDiagnosticInterruptInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *SendDiagnosticInterruptInput) SetDryRun(v bool) *SendDiagnosticInterruptInput { + s.DryRun = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *SendDiagnosticInterruptInput) SetInstanceId(v string) *SendDiagnosticInterruptInput { + s.InstanceId = &v + return s +} + +type SendDiagnosticInterruptOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s SendDiagnosticInterruptOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SendDiagnosticInterruptOutput) GoString() string { + return s.String() +} + // Describes a service configuration for a VPC endpoint service. type ServiceConfiguration struct { _ struct{} `type:"structure"` @@ -77205,18 +97780,25 @@ type ServiceConfiguration struct { // to the service must first be accepted. AcceptanceRequired *bool `locationName:"acceptanceRequired" type:"boolean"` - // In the Availability Zones in which the service is available. + // The Availability Zones in which the service is available. AvailabilityZones []*string `locationName:"availabilityZoneSet" locationNameList:"item" type:"list"` // The DNS names for the service. BaseEndpointDnsNames []*string `locationName:"baseEndpointDnsNameSet" locationNameList:"item" type:"list"` + // Indicates whether the service manages its VPC endpoints. Management of the + // service VPC endpoints using the VPC endpoint API is restricted. + ManagesVpcEndpoints *bool `locationName:"managesVpcEndpoints" type:"boolean"` + // The Amazon Resource Names (ARNs) of the Network Load Balancers for the service. NetworkLoadBalancerArns []*string `locationName:"networkLoadBalancerArnSet" locationNameList:"item" type:"list"` // The private DNS name for the service. PrivateDnsName *string `locationName:"privateDnsName" type:"string"` + // Information about the endpoint service private DNS name configuration. + PrivateDnsNameConfiguration *PrivateDnsNameConfiguration `locationName:"privateDnsNameConfiguration" type:"structure"` + // The ID of the service. ServiceId *string `locationName:"serviceId" type:"string"` @@ -77228,6 +97810,9 @@ type ServiceConfiguration struct { // The type of service. ServiceType []*ServiceTypeDetail `locationName:"serviceType" locationNameList:"item" type:"list"` + + // Any tags assigned to the service. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -77258,6 +97843,12 @@ func (s *ServiceConfiguration) SetBaseEndpointDnsNames(v []*string) *ServiceConf return s } +// SetManagesVpcEndpoints sets the ManagesVpcEndpoints field's value. +func (s *ServiceConfiguration) SetManagesVpcEndpoints(v bool) *ServiceConfiguration { + s.ManagesVpcEndpoints = &v + return s +} + // SetNetworkLoadBalancerArns sets the NetworkLoadBalancerArns field's value. func (s *ServiceConfiguration) SetNetworkLoadBalancerArns(v []*string) *ServiceConfiguration { s.NetworkLoadBalancerArns = v @@ -77270,6 +97861,12 @@ func (s *ServiceConfiguration) SetPrivateDnsName(v string) *ServiceConfiguration return s } +// SetPrivateDnsNameConfiguration sets the PrivateDnsNameConfiguration field's value. +func (s *ServiceConfiguration) SetPrivateDnsNameConfiguration(v *PrivateDnsNameConfiguration) *ServiceConfiguration { + s.PrivateDnsNameConfiguration = v + return s +} + // SetServiceId sets the ServiceId field's value. func (s *ServiceConfiguration) SetServiceId(v string) *ServiceConfiguration { s.ServiceId = &v @@ -77294,6 +97891,12 @@ func (s *ServiceConfiguration) SetServiceType(v []*ServiceTypeDetail) *ServiceCo return s } +// SetTags sets the Tags field's value. +func (s *ServiceConfiguration) SetTags(v []*Tag) *ServiceConfiguration { + s.Tags = v + return s +} + // Describes a VPC endpoint service. type ServiceDetail struct { _ struct{} `type:"structure"` @@ -77308,18 +97911,34 @@ type ServiceDetail struct { // The DNS names for the service. BaseEndpointDnsNames []*string `locationName:"baseEndpointDnsNameSet" locationNameList:"item" type:"list"` + // Indicates whether the service manages its VPC endpoints. Management of the + // service VPC endpoints using the VPC endpoint API is restricted. + ManagesVpcEndpoints *bool `locationName:"managesVpcEndpoints" type:"boolean"` + // The AWS account ID of the service owner. Owner *string `locationName:"owner" type:"string"` // The private DNS name for the service. PrivateDnsName *string `locationName:"privateDnsName" type:"string"` + // The verification state of the VPC endpoint service. + // + // Consumers of the endpoint service cannot use the private name when the state + // is not verified. + PrivateDnsNameVerificationState *string `locationName:"privateDnsNameVerificationState" type:"string" enum:"DnsNameState"` + + // The ID of the endpoint service. + ServiceId *string `locationName:"serviceId" type:"string"` + // The Amazon Resource Name (ARN) of the service. ServiceName *string `locationName:"serviceName" type:"string"` // The type of service. ServiceType []*ServiceTypeDetail `locationName:"serviceType" locationNameList:"item" type:"list"` + // Any tags assigned to the service. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // Indicates whether the service supports endpoint policies. VpcEndpointPolicySupported *bool `locationName:"vpcEndpointPolicySupported" type:"boolean"` } @@ -77352,6 +97971,12 @@ func (s *ServiceDetail) SetBaseEndpointDnsNames(v []*string) *ServiceDetail { return s } +// SetManagesVpcEndpoints sets the ManagesVpcEndpoints field's value. +func (s *ServiceDetail) SetManagesVpcEndpoints(v bool) *ServiceDetail { + s.ManagesVpcEndpoints = &v + return s +} + // SetOwner sets the Owner field's value. func (s *ServiceDetail) SetOwner(v string) *ServiceDetail { s.Owner = &v @@ -77364,6 +97989,18 @@ func (s *ServiceDetail) SetPrivateDnsName(v string) *ServiceDetail { return s } +// SetPrivateDnsNameVerificationState sets the PrivateDnsNameVerificationState field's value. +func (s *ServiceDetail) SetPrivateDnsNameVerificationState(v string) *ServiceDetail { + s.PrivateDnsNameVerificationState = &v + return s +} + +// SetServiceId sets the ServiceId field's value. +func (s *ServiceDetail) SetServiceId(v string) *ServiceDetail { + s.ServiceId = &v + return s +} + // SetServiceName sets the ServiceName field's value. func (s *ServiceDetail) SetServiceName(v string) *ServiceDetail { s.ServiceName = &v @@ -77376,6 +98013,12 @@ func (s *ServiceDetail) SetServiceType(v []*ServiceTypeDetail) *ServiceDetail { return s } +// SetTags sets the Tags field's value. +func (s *ServiceDetail) SetTags(v []*Tag) *ServiceDetail { + s.Tags = v + return s +} + // SetVpcEndpointPolicySupported sets the VpcEndpointPolicySupported field's value. func (s *ServiceDetail) SetVpcEndpointPolicySupported(v bool) *ServiceDetail { s.VpcEndpointPolicySupported = &v @@ -77504,7 +98147,7 @@ type Snapshot struct { // the original volume or snapshot copy. Because data encryption keys are inherited // by volumes created from snapshots, and vice versa, if snapshots share the // same data encryption key identifier, then they belong to the same volume/snapshot - // lineage. This parameter is only returned by the DescribeSnapshots API operation. + // lineage. This parameter is only returned by DescribeSnapshots. DataEncryptionKeyId *string `locationName:"dataEncryptionKeyId" type:"string"` // The description for the snapshot. @@ -77513,14 +98156,14 @@ type Snapshot struct { // Indicates whether the snapshot is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // The full ARN of the AWS Key Management Service (AWS KMS) customer master - // key (CMK) that was used to protect the volume encryption key for the parent - // volume. + // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) + // customer master key (CMK) that was used to protect the volume encryption + // key for the parent volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` - // Value from an Amazon-maintained list (amazon | aws-marketplace | microsoft) - // of snapshot owners. Not to be confused with the user-configured AWS account - // alias, which is set from the IAM console. + // Value from an Amazon-maintained list (amazon | self | all | aws-marketplace + // | microsoft) of snapshot owners. Not to be confused with the user-configured + // AWS account alias, which is set from the IAM console. OwnerAlias *string `locationName:"ownerAlias" type:"string"` // The AWS account ID of the EBS snapshot owner. @@ -77543,7 +98186,7 @@ type Snapshot struct { // operation fails (for example, if the proper AWS Key Management Service (AWS // KMS) permissions are not obtained) this field displays error state details // to help you diagnose why the error occurred. This parameter is only returned - // by the DescribeSnapshots API operation. + // by DescribeSnapshots. StateMessage *string `locationName:"statusMessage" type:"string"` // Any tags assigned to the snapshot. @@ -77811,6 +98454,113 @@ func (s *SnapshotDiskContainer) SetUserBucket(v *UserBucket) *SnapshotDiskContai return s } +// Information about a snapshot. +type SnapshotInfo struct { + _ struct{} `type:"structure"` + + // Description specified by the CreateSnapshotRequest that has been applied + // to all snapshots. + Description *string `locationName:"description" type:"string"` + + // Indicates whether the snapshot is encrypted. + Encrypted *bool `locationName:"encrypted" type:"boolean"` + + // Account id used when creating this snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // Progress this snapshot has made towards completing. + Progress *string `locationName:"progress" type:"string"` + + // Snapshot id that can be used to describe this snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` + + // Time this snapshot was started. This is the same for all snapshots initiated + // by the same request. + StartTime *time.Time `locationName:"startTime" type:"timestamp"` + + // Current state of the snapshot. + State *string `locationName:"state" type:"string" enum:"SnapshotState"` + + // Tags associated with this snapshot. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // Source volume from which this snapshot was created. + VolumeId *string `locationName:"volumeId" type:"string"` + + // Size of the volume from which this snapshot was created. + VolumeSize *int64 `locationName:"volumeSize" type:"integer"` +} + +// String returns the string representation +func (s SnapshotInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SnapshotInfo) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *SnapshotInfo) SetDescription(v string) *SnapshotInfo { + s.Description = &v + return s +} + +// SetEncrypted sets the Encrypted field's value. +func (s *SnapshotInfo) SetEncrypted(v bool) *SnapshotInfo { + s.Encrypted = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *SnapshotInfo) SetOwnerId(v string) *SnapshotInfo { + s.OwnerId = &v + return s +} + +// SetProgress sets the Progress field's value. +func (s *SnapshotInfo) SetProgress(v string) *SnapshotInfo { + s.Progress = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *SnapshotInfo) SetSnapshotId(v string) *SnapshotInfo { + s.SnapshotId = &v + return s +} + +// SetStartTime sets the StartTime field's value. +func (s *SnapshotInfo) SetStartTime(v time.Time) *SnapshotInfo { + s.StartTime = &v + return s +} + +// SetState sets the State field's value. +func (s *SnapshotInfo) SetState(v string) *SnapshotInfo { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *SnapshotInfo) SetTags(v []*Tag) *SnapshotInfo { + s.Tags = v + return s +} + +// SetVolumeId sets the VolumeId field's value. +func (s *SnapshotInfo) SetVolumeId(v string) *SnapshotInfo { + s.VolumeId = &v + return s +} + +// SetVolumeSize sets the VolumeSize field's value. +func (s *SnapshotInfo) SetVolumeSize(v int64) *SnapshotInfo { + s.VolumeSize = &v + return s +} + // Details about the import snapshot task. type SnapshotTaskDetail struct { _ struct{} `type:"structure"` @@ -77986,17 +98736,20 @@ func (s *SpotDatafeedSubscription) SetState(v string) *SpotDatafeedSubscription return s } -// Describes the launch specification for one or more Spot Instances. +// Describes the launch specification for one or more Spot Instances. If you +// include On-Demand capacity in your fleet request, you can't use SpotFleetLaunchSpecification; +// you must use LaunchTemplateConfig (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html). type SpotFleetLaunchSpecification struct { _ struct{} `type:"structure"` // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block device mapping entries. You can't specify both a snapshot - // ID and an encryption value. This is because only blank volumes can be encrypted - // on creation. If a snapshot is the basis for a volume, it is not blank and - // its encryption status is used for the volume encryption status. + // One or more block devices that are mapped to the Spot Instances. You can't + // specify both a snapshot ID and an encryption value. This is because only + // blank volumes can be encrypted on creation. If a snapshot is the basis for + // a volume, it is not blank and its encryption status is used for the volume + // encryption status. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` // Indicates whether the instances are optimized for EBS I/O. This optimization @@ -78033,7 +98786,10 @@ type SpotFleetLaunchSpecification struct { // The placement information. Placement *SpotPlacement `locationName:"placement" type:"structure"` - // The ID of the RAM disk. + // The ID of the RAM disk. Some kernels require additional drivers at launch. + // Check the kernel requirements for information about whether you need to specify + // a RAM disk. To find kernel requirements, refer to the AWS Resource Center + // and search for the kernel ID. RamdiskId *string `locationName:"ramdiskId" type:"string"` // One or more security groups. When requesting instances in a VPC, you must @@ -78047,23 +98803,24 @@ type SpotFleetLaunchSpecification struct { // by the value of WeightedCapacity. SpotPrice *string `locationName:"spotPrice" type:"string"` - // The ID of the subnet in which to launch the instances. To specify multiple - // subnets, separate them using commas; for example, "subnet-a61dafcf, subnet-65ea5f08". + // The IDs of the subnets in which to launch the instances. To specify multiple + // subnets, separate them using commas; for example, "subnet-1234abcdeexample1, + // subnet-0987cdef6example2". SubnetId *string `locationName:"subnetId" type:"string"` // The tags to apply during creation. TagSpecifications []*SpotFleetTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` - // The Base64-encoded user data to make available to the instances. + // The Base64-encoded user data that instances use when starting up. UserData *string `locationName:"userData" type:"string"` // The number of units provided by the specified instance type. These are the - // same units that you chose to set the target capacity in terms (instances - // or a performance characteristic such as vCPUs, memory, or I/O). + // same units that you chose to set the target capacity in terms of instances, + // or a performance characteristic such as vCPUs, memory, or I/O. // - // If the target capacity divided by this value is not a whole number, we round - // the number of instances to the next whole number. If this value is not specified, - // the default is 1. + // If the target capacity divided by this value is not a whole number, Amazon + // EC2 rounds the number of instances to the next whole number. If this value + // is not specified, the default is 1. WeightedCapacity *float64 `locationName:"weightedCapacity" type:"double"` } @@ -78279,27 +99036,43 @@ func (s *SpotFleetRequestConfig) SetSpotFleetRequestState(v string) *SpotFleetRe type SpotFleetRequestConfigData struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowestPrice. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the Spot Fleet request. + // + // If the allocation strategy is lowestPrice, Spot Fleet launches instances + // from the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, Spot Fleet launches instances + // from all the Spot Instance pools that you specify. + // + // If the allocation strategy is capacityOptimized, Spot Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"AllocationStrategy"` // A unique, case-sensitive identifier that you provide to ensure the idempotency // of your listings. This helps to avoid duplicate listings. For more information, - // see Ensuring Idempotency (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` - // Indicates whether running Spot Instances should be terminated if the target - // capacity of the Spot Fleet request is decreased below the current size of - // the Spot Fleet. + // Indicates whether running Spot Instances should be terminated if you decrease + // the target capacity of the Spot Fleet request below the current size of the + // Spot Fleet. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` // The number of units fulfilled by this request compared to the set target // capacity. You cannot set this value. FulfilledCapacity *float64 `locationName:"fulfilledCapacity" type:"double"` - // Grants the Spot Fleet permission to terminate Spot Instances on your behalf - // when you cancel its Spot Fleet request using CancelSpotFleetRequests or when - // the Spot Fleet request expires, if you set terminateInstancesWithExpiration. + // The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) + // role that grants the Spot Fleet the permission to request, launch, terminate, + // and tag instances on your behalf. For more information, see Spot Fleet Prerequisites + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) + // in the Amazon EC2 User Guide for Linux Instances. Spot Fleet can terminate + // Spot Instances on your behalf when you cancel its Spot Fleet request using + // CancelSpotFleetRequests or when the Spot Fleet request expires, if you set + // TerminateInstancesWithExpiration. // // IamFleetRole is a required field IamFleetRole *string `locationName:"iamFleetRole" type:"string" required:"true"` @@ -78313,10 +99086,14 @@ type SpotFleetRequestConfigData struct { // across the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `locationName:"instancePoolsToUseCount" type:"integer"` - // The launch specifications for the Spot Fleet request. + // The launch specifications for the Spot Fleet request. If you specify LaunchSpecifications, + // you can't specify LaunchTemplateConfigs. If you include On-Demand capacity + // in your request, you must use LaunchTemplateConfigs. LaunchSpecifications []*SpotFleetLaunchSpecification `locationName:"launchSpecifications" locationNameList:"item" type:"list"` - // The launch template and overrides. + // The launch template and overrides. If you specify LaunchTemplateConfigs, + // you can't specify LaunchSpecifications. If you include On-Demand capacity + // in your request, you must use LaunchTemplateConfigs. LaunchTemplateConfigs []*LaunchTemplateConfig `locationName:"launchTemplateConfigs" locationNameList:"item" type:"list"` // One or more Classic Load Balancers and target groups to attach to the Spot @@ -78340,6 +99117,16 @@ type SpotFleetRequestConfigData struct { // target On-Demand capacity. OnDemandFulfilledCapacity *float64 `locationName:"onDemandFulfilledCapacity" type:"double"` + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. You can use the onDemandMaxTotalPrice parameter, the spotMaxTotalPrice + // parameter, or both parameters to ensure that your fleet cost does not exceed + // your budget. If you set a maximum price per hour for the On-Demand Instances + // and Spot Instances in your request, Spot Fleet will launch instances until + // it reaches the maximum amount you're willing to pay. When the maximum amount + // you're willing to pay is reached, the fleet stops launching instances even + // if it hasn’t met the target capacity. + OnDemandMaxTotalPrice *string `locationName:"onDemandMaxTotalPrice" type:"string"` + // The number of On-Demand units to request. You can choose to set the target // capacity in terms of instances or a performance characteristic that is important // to your application workload, such as vCPUs, memory, or I/O. If the request @@ -78350,21 +99137,31 @@ type SpotFleetRequestConfigData struct { // Indicates whether Spot Fleet should replace unhealthy instances. ReplaceUnhealthyInstances *bool `locationName:"replaceUnhealthyInstances" type:"boolean"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + // You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, + // or both parameters to ensure that your fleet cost does not exceed your budget. + // If you set a maximum price per hour for the On-Demand Instances and Spot + // Instances in your request, Spot Fleet will launch instances until it reaches + // the maximum amount you're willing to pay. When the maximum amount you're + // willing to pay is reached, the fleet stops launching instances even if it + // hasn’t met the target capacity. + SpotMaxTotalPrice *string `locationName:"spotMaxTotalPrice" type:"string"` + // The maximum price per unit hour that you are willing to pay for a Spot Instance. // The default is the On-Demand price. SpotPrice *string `locationName:"spotPrice" type:"string"` - // The number of units to request. You can choose to set the target capacity - // in terms of instances or a performance characteristic that is important to - // your application workload, such as vCPUs, memory, or I/O. If the request - // type is maintain, you can specify a target capacity of 0 and add capacity - // later. + // The number of units to request for the Spot Fleet. You can choose to set + // the target capacity in terms of instances or a performance characteristic + // that is important to your application workload, such as vCPUs, memory, or + // I/O. If the request type is maintain, you can specify a target capacity of + // 0 and add capacity later. // // TargetCapacity is a required field TargetCapacity *int64 `locationName:"targetCapacity" type:"integer" required:"true"` - // Indicates whether running Spot Instances should be terminated when the Spot - // Fleet request expires. + // Indicates whether running Spot Instances are terminated when the Spot Fleet + // request expires. TerminateInstancesWithExpiration *bool `locationName:"terminateInstancesWithExpiration" type:"boolean"` // The type of request. Indicates whether the Spot Fleet only requests the target @@ -78377,13 +99174,14 @@ type SpotFleetRequestConfigData struct { // Default: maintain. instant is listed but is not used by Spot Fleet. Type *string `locationName:"type" type:"string" enum:"FleetType"` - // The start date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). - // The default is to start fulfilling the request immediately. + // The start date and time of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). + // By default, Amazon EC2 starts fulfilling the request immediately. ValidFrom *time.Time `locationName:"validFrom" type:"timestamp"` - // The end date and time of the request, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). - // At this point, no new Spot Instance requests are placed or able to fulfill - // the request. The default end date is 7 days from the current date. + // The end date and time of the request, in UTC format (YYYY-MM-DDTHH:MM:SSZ). + // After the end date and time, no new Spot Instance requests are placed or + // able to fulfill the request. If no value is specified, the Spot Fleet request + // remains until you cancel it. ValidUntil *time.Time `locationName:"validUntil" type:"timestamp"` } @@ -78500,6 +99298,12 @@ func (s *SpotFleetRequestConfigData) SetOnDemandFulfilledCapacity(v float64) *Sp return s } +// SetOnDemandMaxTotalPrice sets the OnDemandMaxTotalPrice field's value. +func (s *SpotFleetRequestConfigData) SetOnDemandMaxTotalPrice(v string) *SpotFleetRequestConfigData { + s.OnDemandMaxTotalPrice = &v + return s +} + // SetOnDemandTargetCapacity sets the OnDemandTargetCapacity field's value. func (s *SpotFleetRequestConfigData) SetOnDemandTargetCapacity(v int64) *SpotFleetRequestConfigData { s.OnDemandTargetCapacity = &v @@ -78512,6 +99316,12 @@ func (s *SpotFleetRequestConfigData) SetReplaceUnhealthyInstances(v bool) *SpotF return s } +// SetSpotMaxTotalPrice sets the SpotMaxTotalPrice field's value. +func (s *SpotFleetRequestConfigData) SetSpotMaxTotalPrice(v string) *SpotFleetRequestConfigData { + s.SpotMaxTotalPrice = &v + return s +} + // SetSpotPrice sets the SpotPrice field's value. func (s *SpotFleetRequestConfigData) SetSpotPrice(v string) *SpotFleetRequestConfigData { s.SpotPrice = &v @@ -78632,7 +99442,7 @@ type SpotInstanceRequest struct { SpotPrice *string `locationName:"spotPrice" type:"string"` // The state of the Spot Instance request. Spot status information helps track - // your Spot Instance requests. For more information, see Spot Status (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) + // your Spot Instance requests. For more information, see Spot Status (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html) // in the Amazon EC2 User Guide for Linux Instances. State *string `locationName:"state" type:"string" enum:"SpotInstanceState"` @@ -78818,7 +99628,7 @@ func (s *SpotInstanceStateFault) SetMessage(v string) *SpotInstanceStateFault { type SpotInstanceStatus struct { _ struct{} `type:"structure"` - // The status code. For a list of status codes, see Spot Status Codes (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html#spot-instance-bid-status-understand) + // The status code. For a list of status codes, see Spot Status Codes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html#spot-instance-bid-status-understand) // in the Amazon EC2 User Guide for Linux Instances. Code *string `locationName:"code" type:"string"` @@ -78931,29 +99741,43 @@ func (s *SpotMarketOptions) SetValidUntil(v time.Time) *SpotMarketOptions { type SpotOptions struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowest-price. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the EC2 Fleet. + // + // If the allocation strategy is lowest-price, EC2 Fleet launches instances + // from the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, EC2 Fleet launches instances from + // all of the Spot Instance pools that you specify. + // + // If the allocation strategy is capacity-optimized, EC2 Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"SpotAllocationStrategy"` // The behavior when a Spot Instance is interrupted. The default is terminate. InstanceInterruptionBehavior *string `locationName:"instanceInterruptionBehavior" type:"string" enum:"SpotInstanceInterruptionBehavior"` // The number of Spot pools across which to allocate your target Spot capacity. - // Valid only when AllocationStrategy is set to lowestPrice. EC2 Fleet selects + // Valid only when AllocationStrategy is set to lowest-price. EC2 Fleet selects // the cheapest Spot pools and evenly allocates your target Spot capacity across // the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `locationName:"instancePoolsToUseCount" type:"integer"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` + // The minimum target capacity for Spot Instances in the fleet. If the minimum // target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `locationName:"minTargetCapacity" type:"integer"` // Indicates that the fleet launches all Spot Instances into a single Availability - // Zone. + // Zone. Supported only for fleets of type instant. SingleAvailabilityZone *bool `locationName:"singleAvailabilityZone" type:"boolean"` // Indicates that the fleet uses a single instance type to launch all Spot Instances - // in the fleet. + // in the fleet. Supported only for fleets of type instant. SingleInstanceType *bool `locationName:"singleInstanceType" type:"boolean"` } @@ -78985,6 +99809,12 @@ func (s *SpotOptions) SetInstancePoolsToUseCount(v int64) *SpotOptions { return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *SpotOptions) SetMaxTotalPrice(v string) *SpotOptions { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *SpotOptions) SetMinTargetCapacity(v int64) *SpotOptions { s.MinTargetCapacity = &v @@ -79007,8 +99837,19 @@ func (s *SpotOptions) SetSingleInstanceType(v bool) *SpotOptions { type SpotOptionsRequest struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowestPrice. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the EC2 Fleet. + // + // If the allocation strategy is lowest-price, EC2 Fleet launches instances + // from the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, EC2 Fleet launches instances from + // all of the Spot Instance pools that you specify. + // + // If the allocation strategy is capacity-optimized, EC2 Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `type:"string" enum:"SpotAllocationStrategy"` // The behavior when a Spot Instance is interrupted. The default is terminate. @@ -79020,16 +99861,19 @@ type SpotOptionsRequest struct { // across the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `type:"integer"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + MaxTotalPrice *string `type:"string"` + // The minimum target capacity for Spot Instances in the fleet. If the minimum // target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `type:"integer"` // Indicates that the fleet launches all Spot Instances into a single Availability - // Zone. + // Zone. Supported only for fleets of type instant. SingleAvailabilityZone *bool `type:"boolean"` // Indicates that the fleet uses a single instance type to launch all Spot Instances - // in the fleet. + // in the fleet. Supported only for fleets of type instant. SingleInstanceType *bool `type:"boolean"` } @@ -79061,6 +99905,12 @@ func (s *SpotOptionsRequest) SetInstancePoolsToUseCount(v int64) *SpotOptionsReq return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *SpotOptionsRequest) SetMaxTotalPrice(v string) *SpotOptionsRequest { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *SpotOptionsRequest) SetMinTargetCapacity(v int64) *SpotOptionsRequest { s.MinTargetCapacity = &v @@ -79199,19 +100049,19 @@ type StaleIpPermission struct { // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). IpProtocol *string `locationName:"ipProtocol" type:"string"` - // One or more IP ranges. Not applicable for stale security group rules. + // The IP ranges. Not applicable for stale security group rules. IpRanges []*string `locationName:"ipRanges" locationNameList:"item" type:"list"` - // One or more prefix list IDs for an AWS service. Not applicable for stale - // security group rules. + // The prefix list IDs for an AWS service. Not applicable for stale security + // group rules. PrefixListIds []*string `locationName:"prefixListIds" locationNameList:"item" type:"list"` // The end of the port range for the TCP and UDP protocols, or an ICMP type // number. A value of -1 indicates all ICMP types. ToPort *int64 `locationName:"toPort" type:"integer"` - // One or more security group pairs. Returns the ID of the referenced security - // group and VPC, and the ID and status of the VPC peering connection. + // The security group pairs. Returns the ID of the referenced security group + // and VPC, and the ID and status of the VPC peering connection. UserIdGroupPairs []*UserIdGroupPair `locationName:"groups" locationNameList:"item" type:"list"` } @@ -79342,7 +100192,7 @@ type StartInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more instance IDs. + // The IDs of the instances. // // InstanceIds is a required field InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list" required:"true"` @@ -79392,7 +100242,7 @@ func (s *StartInstancesInput) SetInstanceIds(v []*string) *StartInstancesInput { type StartInstancesOutput struct { _ struct{} `type:"structure"` - // Information about one or more started instances. + // Information about the started instances. StartingInstances []*InstanceStateChange `locationName:"instancesSet" locationNameList:"item" type:"list"` } @@ -79412,6 +100262,79 @@ func (s *StartInstancesOutput) SetStartingInstances(v []*InstanceStateChange) *S return s } +type StartVpcEndpointServicePrivateDnsVerificationInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the endpoint service. + // + // ServiceId is a required field + ServiceId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s StartVpcEndpointServicePrivateDnsVerificationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartVpcEndpointServicePrivateDnsVerificationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartVpcEndpointServicePrivateDnsVerificationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartVpcEndpointServicePrivateDnsVerificationInput"} + if s.ServiceId == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *StartVpcEndpointServicePrivateDnsVerificationInput) SetDryRun(v bool) *StartVpcEndpointServicePrivateDnsVerificationInput { + s.DryRun = &v + return s +} + +// SetServiceId sets the ServiceId field's value. +func (s *StartVpcEndpointServicePrivateDnsVerificationInput) SetServiceId(v string) *StartVpcEndpointServicePrivateDnsVerificationInput { + s.ServiceId = &v + return s +} + +type StartVpcEndpointServicePrivateDnsVerificationOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + ReturnValue *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation +func (s StartVpcEndpointServicePrivateDnsVerificationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartVpcEndpointServicePrivateDnsVerificationOutput) GoString() string { + return s.String() +} + +// SetReturnValue sets the ReturnValue field's value. +func (s *StartVpcEndpointServicePrivateDnsVerificationOutput) SetReturnValue(v bool) *StartVpcEndpointServicePrivateDnsVerificationOutput { + s.ReturnValue = &v + return s +} + // Describes a state change. type StateReason struct { _ struct{} `type:"structure"` @@ -79502,13 +100425,13 @@ type StopInstancesInput struct { // Hibernates the instance if the instance was enabled for hibernation at launch. // If the instance cannot hibernate successfully, a normal shutdown occurs. - // For more information, see Hibernate Your Instance (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon Elastic Compute Cloud User Guide. // // Default: false Hibernate *bool `type:"boolean"` - // One or more instance IDs. + // The IDs of the instances. // // InstanceIds is a required field InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list" required:"true"` @@ -79564,7 +100487,7 @@ func (s *StopInstancesInput) SetInstanceIds(v []*string) *StopInstancesInput { type StopInstancesOutput struct { _ struct{} `type:"structure"` - // Information about one or more stopped instances. + // Information about the stopped instances. StoppingInstances []*InstanceStateChange `locationName:"instancesSet" locationNameList:"item" type:"list"` } @@ -79672,6 +100595,9 @@ type Subnet struct { // address. MapPublicIpOnLaunch *bool `locationName:"mapPublicIpOnLaunch" type:"boolean"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The ID of the AWS account that owns the subnet. OwnerId *string `locationName:"ownerId" type:"string"` @@ -79749,6 +100675,12 @@ func (s *Subnet) SetMapPublicIpOnLaunch(v bool) *Subnet { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *Subnet) SetOutpostArn(v string) *Subnet { + s.OutpostArn = &v + return s +} + // SetOwnerId sets the OwnerId field's value. func (s *Subnet) SetOwnerId(v string) *Subnet { s.OwnerId = &v @@ -79785,6 +100717,39 @@ func (s *Subnet) SetVpcId(v string) *Subnet { return s } +// Describes the subnet association with the transit gateway multicast domain. +type SubnetAssociation struct { + _ struct{} `type:"structure"` + + // The state of the subnet association. + State *string `locationName:"state" type:"string" enum:"TransitGatewayMulitcastDomainAssociationState"` + + // The ID of the subnet. + SubnetId *string `locationName:"subnetId" type:"string"` +} + +// String returns the string representation +func (s SubnetAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SubnetAssociation) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *SubnetAssociation) SetState(v string) *SubnetAssociation { + s.State = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *SubnetAssociation) SetSubnetId(v string) *SubnetAssociation { + s.SubnetId = &v + return s +} + // Describes the state of a CIDR block. type SubnetCidrBlockState struct { _ struct{} `type:"structure"` @@ -79860,8 +100825,8 @@ func (s *SubnetIpv6CidrBlockAssociation) SetIpv6CidrBlockState(v *SubnetCidrBloc return s } -// Describes the T2 or T3 instance whose credit option for CPU usage was successfully -// modified. +// Describes the burstable performance instance whose credit option for CPU +// usage was successfully modified. type SuccessfulInstanceCreditSpecificationItem struct { _ struct{} `type:"structure"` @@ -79885,6 +100850,30 @@ func (s *SuccessfulInstanceCreditSpecificationItem) SetInstanceId(v string) *Suc return s } +// Describes a Reserved Instance whose queued purchase was successfully deleted. +type SuccessfulQueuedPurchaseDeletion struct { + _ struct{} `type:"structure"` + + // The ID of the Reserved Instance. + ReservedInstancesId *string `locationName:"reservedInstancesId" type:"string"` +} + +// String returns the string representation +func (s SuccessfulQueuedPurchaseDeletion) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SuccessfulQueuedPurchaseDeletion) GoString() string { + return s.String() +} + +// SetReservedInstancesId sets the ReservedInstancesId field's value. +func (s *SuccessfulQueuedPurchaseDeletion) SetReservedInstancesId(v string) *SuccessfulQueuedPurchaseDeletion { + s.ReservedInstancesId = &v + return s +} + // Describes a tag. type Tag struct { _ struct{} `type:"structure"` @@ -79980,8 +100969,13 @@ type TagSpecification struct { _ struct{} `type:"structure"` // The type of resource to tag. Currently, the resource types that support tagging - // on creation are fleet, dedicated-host, instance, snapshot, and volume. To - // tag a resource after it has been created, see CreateTags. + // on creation are: capacity-reservation | client-vpn-endpoint | dedicated-host + // | fleet | fpga-image | instance | key-pair | launch-template | placement-group + // | snapshot | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target + // | transit-gateway | transit-gateway-attachment | transit-gateway-route-table + // | volume. + // + // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` // The tags to apply to the resource. @@ -80015,16 +101009,27 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { // your application workload, such as vCPUs, memory, or I/O. If the request // type is maintain, you can specify a target capacity of 0 and add capacity // later. +// +// You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance +// MaxTotalPrice, or both to ensure that your fleet cost does not exceed your +// budget. If you set a maximum price per hour for the On-Demand Instances and +// Spot Instances in your request, EC2 Fleet will launch instances until it +// reaches the maximum amount that you're willing to pay. When the maximum amount +// you're willing to pay is reached, the fleet stops launching instances even +// if it hasn’t met the target capacity. The MaxTotalPrice parameters are +// located in and type TargetCapacitySpecification struct { _ struct{} `type:"structure"` // The default TotalTargetCapacity, which is either Spot or On-Demand. DefaultTargetCapacityType *string `locationName:"defaultTargetCapacityType" type:"string" enum:"DefaultTargetCapacityType"` - // The number of On-Demand units to request. + // The number of On-Demand units to request. If you specify a target capacity + // for Spot units, you cannot specify a target capacity for On-Demand units. OnDemandTargetCapacity *int64 `locationName:"onDemandTargetCapacity" type:"integer"` - // The maximum number of Spot units to launch. + // The maximum number of Spot units to launch. If you specify a target capacity + // for On-Demand units, you cannot specify a target capacity for Spot units. SpotTargetCapacity *int64 `locationName:"spotTargetCapacity" type:"integer"` // The number of units to request, filled using DefaultTargetCapacityType. @@ -80066,10 +101071,19 @@ func (s *TargetCapacitySpecification) SetTotalTargetCapacity(v int64) *TargetCap } // The number of units to request. You can choose to set the target capacity -// in terms of instances or a performance characteristic that is important to -// your application workload, such as vCPUs, memory, or I/O. If the request -// type is maintain, you can specify a target capacity of 0 and add capacity -// later. +// as the number of instances. Or you can set the target capacity to a performance +// characteristic that is important to your application workload, such as vCPUs, +// memory, or I/O. If the request type is maintain, you can specify a target +// capacity of 0 and add capacity later. +// +// You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance +// MaxTotalPrice parameter, or both parameters to ensure that your fleet cost +// does not exceed your budget. If you set a maximum price per hour for the +// On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch +// instances until it reaches the maximum amount that you're willing to pay. +// When the maximum amount you're willing to pay is reached, the fleet stops +// launching instances even if it hasn’t met the target capacity. The MaxTotalPrice +// parameters are located in and . type TargetCapacitySpecificationRequest struct { _ struct{} `type:"structure"` @@ -80547,7 +101561,7 @@ type TerminateInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more instance IDs. + // The IDs of the instances. // // Constraints: Up to 1000 instance IDs. We recommend breaking up this request // into smaller batches. @@ -80594,7 +101608,7 @@ func (s *TerminateInstancesInput) SetInstanceIds(v []*string) *TerminateInstance type TerminateInstancesOutput struct { _ struct{} `type:"structure"` - // Information about one or more terminated instances. + // Information about the terminated instances. TerminatingInstances []*InstanceStateChange `locationName:"instancesSet" locationNameList:"item" type:"list"` } @@ -80614,6 +101628,452 @@ func (s *TerminateInstancesOutput) SetTerminatingInstances(v []*InstanceStateCha return s } +// Describes the Traffic Mirror filter. +type TrafficMirrorFilter struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror filter. + Description *string `locationName:"description" type:"string"` + + // Information about the egress rules that are associated with the Traffic Mirror + // filter. + EgressFilterRules []*TrafficMirrorFilterRule `locationName:"egressFilterRuleSet" locationNameList:"item" type:"list"` + + // Information about the ingress rules that are associated with the Traffic + // Mirror filter. + IngressFilterRules []*TrafficMirrorFilterRule `locationName:"ingressFilterRuleSet" locationNameList:"item" type:"list"` + + // The network service traffic that is associated with the Traffic Mirror filter. + NetworkServices []*string `locationName:"networkServiceSet" locationNameList:"item" type:"list"` + + // The tags assigned to the Traffic Mirror filter. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` +} + +// String returns the string representation +func (s TrafficMirrorFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorFilter) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorFilter) SetDescription(v string) *TrafficMirrorFilter { + s.Description = &v + return s +} + +// SetEgressFilterRules sets the EgressFilterRules field's value. +func (s *TrafficMirrorFilter) SetEgressFilterRules(v []*TrafficMirrorFilterRule) *TrafficMirrorFilter { + s.EgressFilterRules = v + return s +} + +// SetIngressFilterRules sets the IngressFilterRules field's value. +func (s *TrafficMirrorFilter) SetIngressFilterRules(v []*TrafficMirrorFilterRule) *TrafficMirrorFilter { + s.IngressFilterRules = v + return s +} + +// SetNetworkServices sets the NetworkServices field's value. +func (s *TrafficMirrorFilter) SetNetworkServices(v []*string) *TrafficMirrorFilter { + s.NetworkServices = v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorFilter) SetTags(v []*Tag) *TrafficMirrorFilter { + s.Tags = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorFilter) SetTrafficMirrorFilterId(v string) *TrafficMirrorFilter { + s.TrafficMirrorFilterId = &v + return s +} + +// Describes the Traffic Mirror rule. +type TrafficMirrorFilterRule struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror rule. + Description *string `locationName:"description" type:"string"` + + // The destination CIDR block assigned to the Traffic Mirror rule. + DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + + // The destination port range assigned to the Traffic Mirror rule. + DestinationPortRange *TrafficMirrorPortRange `locationName:"destinationPortRange" type:"structure"` + + // The protocol assigned to the Traffic Mirror rule. + Protocol *int64 `locationName:"protocol" type:"integer"` + + // The action assigned to the Traffic Mirror rule. + RuleAction *string `locationName:"ruleAction" type:"string" enum:"TrafficMirrorRuleAction"` + + // The rule number of the Traffic Mirror rule. + RuleNumber *int64 `locationName:"ruleNumber" type:"integer"` + + // The source CIDR block assigned to the Traffic Mirror rule. + SourceCidrBlock *string `locationName:"sourceCidrBlock" type:"string"` + + // The source port range assigned to the Traffic Mirror rule. + SourcePortRange *TrafficMirrorPortRange `locationName:"sourcePortRange" type:"structure"` + + // The traffic direction assigned to the Traffic Mirror rule. + TrafficDirection *string `locationName:"trafficDirection" type:"string" enum:"TrafficDirection"` + + // The ID of the Traffic Mirror filter that the rule is associated with. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` + + // The ID of the Traffic Mirror rule. + TrafficMirrorFilterRuleId *string `locationName:"trafficMirrorFilterRuleId" type:"string"` +} + +// String returns the string representation +func (s TrafficMirrorFilterRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorFilterRule) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorFilterRule) SetDescription(v string) *TrafficMirrorFilterRule { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *TrafficMirrorFilterRule) SetDestinationCidrBlock(v string) *TrafficMirrorFilterRule { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *TrafficMirrorFilterRule) SetDestinationPortRange(v *TrafficMirrorPortRange) *TrafficMirrorFilterRule { + s.DestinationPortRange = v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *TrafficMirrorFilterRule) SetProtocol(v int64) *TrafficMirrorFilterRule { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *TrafficMirrorFilterRule) SetRuleAction(v string) *TrafficMirrorFilterRule { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *TrafficMirrorFilterRule) SetRuleNumber(v int64) *TrafficMirrorFilterRule { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *TrafficMirrorFilterRule) SetSourceCidrBlock(v string) *TrafficMirrorFilterRule { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *TrafficMirrorFilterRule) SetSourcePortRange(v *TrafficMirrorPortRange) *TrafficMirrorFilterRule { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *TrafficMirrorFilterRule) SetTrafficDirection(v string) *TrafficMirrorFilterRule { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorFilterRule) SetTrafficMirrorFilterId(v string) *TrafficMirrorFilterRule { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *TrafficMirrorFilterRule) SetTrafficMirrorFilterRuleId(v string) *TrafficMirrorFilterRule { + s.TrafficMirrorFilterRuleId = &v + return s +} + +// Describes the Traffic Mirror port range. +type TrafficMirrorPortRange struct { + _ struct{} `type:"structure"` + + // The start of the Traffic Mirror port range. This applies to the TCP and UDP + // protocols. + FromPort *int64 `locationName:"fromPort" type:"integer"` + + // The end of the Traffic Mirror port range. This applies to the TCP and UDP + // protocols. + ToPort *int64 `locationName:"toPort" type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *TrafficMirrorPortRange) SetFromPort(v int64) *TrafficMirrorPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *TrafficMirrorPortRange) SetToPort(v int64) *TrafficMirrorPortRange { + s.ToPort = &v + return s +} + +// Information about the Traffic Mirror filter rule port range. +type TrafficMirrorPortRangeRequest struct { + _ struct{} `type:"structure"` + + // The first port in the Traffic Mirror port range. This applies to the TCP + // and UDP protocols. + FromPort *int64 `type:"integer"` + + // The last port in the Traffic Mirror port range. This applies to the TCP and + // UDP protocols. + ToPort *int64 `type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorPortRangeRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorPortRangeRequest) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *TrafficMirrorPortRangeRequest) SetFromPort(v int64) *TrafficMirrorPortRangeRequest { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *TrafficMirrorPortRangeRequest) SetToPort(v int64) *TrafficMirrorPortRangeRequest { + s.ToPort = &v + return s +} + +// Describes a Traffic Mirror session. +type TrafficMirrorSession struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror session. + Description *string `locationName:"description" type:"string"` + + // The ID of the Traffic Mirror session's network interface. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The ID of the account that owns the Traffic Mirror session. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The number of bytes in each packet to mirror. These are the bytes after the + // VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. + // For example, if you set this value to 100, then the first 100 bytes that + // meet the filter criteria are copied to the target. Do not specify this parameter + // when you want to mirror the entire packet + PacketLength *int64 `locationName:"packetLength" type:"integer"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + SessionNumber *int64 `locationName:"sessionNumber" type:"integer"` + + // The tags assigned to the Traffic Mirror session. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` + + // The ID for the Traffic Mirror session. + TrafficMirrorSessionId *string `locationName:"trafficMirrorSessionId" type:"string"` + + // The ID of the Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` + + // The virtual network ID associated with the Traffic Mirror session. + VirtualNetworkId *int64 `locationName:"virtualNetworkId" type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorSession) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorSession) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorSession) SetDescription(v string) *TrafficMirrorSession { + s.Description = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *TrafficMirrorSession) SetNetworkInterfaceId(v string) *TrafficMirrorSession { + s.NetworkInterfaceId = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *TrafficMirrorSession) SetOwnerId(v string) *TrafficMirrorSession { + s.OwnerId = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *TrafficMirrorSession) SetPacketLength(v int64) *TrafficMirrorSession { + s.PacketLength = &v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *TrafficMirrorSession) SetSessionNumber(v int64) *TrafficMirrorSession { + s.SessionNumber = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorSession) SetTags(v []*Tag) *TrafficMirrorSession { + s.Tags = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorFilterId(v string) *TrafficMirrorSession { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorSessionId(v string) *TrafficMirrorSession { + s.TrafficMirrorSessionId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorTargetId(v string) *TrafficMirrorSession { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *TrafficMirrorSession) SetVirtualNetworkId(v int64) *TrafficMirrorSession { + s.VirtualNetworkId = &v + return s +} + +// Describes a Traffic Mirror target. +type TrafficMirrorTarget struct { + _ struct{} `type:"structure"` + + // Information about the Traffic Mirror target. + Description *string `locationName:"description" type:"string"` + + // The network interface ID that is attached to the target. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The Amazon Resource Name (ARN) of the Network Load Balancer. + NetworkLoadBalancerArn *string `locationName:"networkLoadBalancerArn" type:"string"` + + // The ID of the account that owns the Traffic Mirror target. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The tags assigned to the Traffic Mirror target. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` + + // The type of Traffic Mirror target. + Type *string `locationName:"type" type:"string" enum:"TrafficMirrorTargetType"` +} + +// String returns the string representation +func (s TrafficMirrorTarget) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorTarget) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorTarget) SetDescription(v string) *TrafficMirrorTarget { + s.Description = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *TrafficMirrorTarget) SetNetworkInterfaceId(v string) *TrafficMirrorTarget { + s.NetworkInterfaceId = &v + return s +} + +// SetNetworkLoadBalancerArn sets the NetworkLoadBalancerArn field's value. +func (s *TrafficMirrorTarget) SetNetworkLoadBalancerArn(v string) *TrafficMirrorTarget { + s.NetworkLoadBalancerArn = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *TrafficMirrorTarget) SetOwnerId(v string) *TrafficMirrorTarget { + s.OwnerId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorTarget) SetTags(v []*Tag) *TrafficMirrorTarget { + s.Tags = v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *TrafficMirrorTarget) SetTrafficMirrorTargetId(v string) *TrafficMirrorTarget { + s.TrafficMirrorTargetId = &v + return s +} + +// SetType sets the Type field's value. +func (s *TrafficMirrorTarget) SetType(v string) *TrafficMirrorTarget { + s.Type = &v + return s +} + // Describes a transit gateway. type TransitGateway struct { _ struct{} `type:"structure"` @@ -80933,6 +102393,451 @@ func (s *TransitGatewayAttachmentPropagation) SetTransitGatewayRouteTableId(v st return s } +// Describes the deregistered transit gateway multicast group members. +type TransitGatewayMulticastDeregisteredGroupMembers struct { + _ struct{} `type:"structure"` + + // The network interface IDs of the deregistered members. + DeregisteredNetworkInterfaceIds []*string `locationName:"deregisteredNetworkInterfaceIds" locationNameList:"item" type:"list"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `locationName:"groupIpAddress" type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDeregisteredGroupMembers) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDeregisteredGroupMembers) GoString() string { + return s.String() +} + +// SetDeregisteredNetworkInterfaceIds sets the DeregisteredNetworkInterfaceIds field's value. +func (s *TransitGatewayMulticastDeregisteredGroupMembers) SetDeregisteredNetworkInterfaceIds(v []*string) *TransitGatewayMulticastDeregisteredGroupMembers { + s.DeregisteredNetworkInterfaceIds = v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *TransitGatewayMulticastDeregisteredGroupMembers) SetGroupIpAddress(v string) *TransitGatewayMulticastDeregisteredGroupMembers { + s.GroupIpAddress = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastDeregisteredGroupMembers) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastDeregisteredGroupMembers { + s.TransitGatewayMulticastDomainId = &v + return s +} + +// Describes the deregistered transit gateway multicast group sources. +type TransitGatewayMulticastDeregisteredGroupSources struct { + _ struct{} `type:"structure"` + + // The network interface IDs of the non-registered members. + DeregisteredNetworkInterfaceIds []*string `locationName:"deregisteredNetworkInterfaceIds" locationNameList:"item" type:"list"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `locationName:"groupIpAddress" type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDeregisteredGroupSources) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDeregisteredGroupSources) GoString() string { + return s.String() +} + +// SetDeregisteredNetworkInterfaceIds sets the DeregisteredNetworkInterfaceIds field's value. +func (s *TransitGatewayMulticastDeregisteredGroupSources) SetDeregisteredNetworkInterfaceIds(v []*string) *TransitGatewayMulticastDeregisteredGroupSources { + s.DeregisteredNetworkInterfaceIds = v + return s +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *TransitGatewayMulticastDeregisteredGroupSources) SetGroupIpAddress(v string) *TransitGatewayMulticastDeregisteredGroupSources { + s.GroupIpAddress = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastDeregisteredGroupSources) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastDeregisteredGroupSources { + s.TransitGatewayMulticastDomainId = &v + return s +} + +// Describes the transit gateway multicast domain. +type TransitGatewayMulticastDomain struct { + _ struct{} `type:"structure"` + + // The time the transit gateway multicast domain was created. + CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` + + // The state of the transit gateway multicast domain. + State *string `locationName:"state" type:"string" enum:"TransitGatewayMulticastDomainState"` + + // The tags for the transit gateway multicast domain. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the transit gateway. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDomain) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDomain) GoString() string { + return s.String() +} + +// SetCreationTime sets the CreationTime field's value. +func (s *TransitGatewayMulticastDomain) SetCreationTime(v time.Time) *TransitGatewayMulticastDomain { + s.CreationTime = &v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayMulticastDomain) SetState(v string) *TransitGatewayMulticastDomain { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TransitGatewayMulticastDomain) SetTags(v []*Tag) *TransitGatewayMulticastDomain { + s.Tags = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *TransitGatewayMulticastDomain) SetTransitGatewayId(v string) *TransitGatewayMulticastDomain { + s.TransitGatewayId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastDomain) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastDomain { + s.TransitGatewayMulticastDomainId = &v + return s +} + +// Describes the resources associated with the transit gateway multicast domain. +type TransitGatewayMulticastDomainAssociation struct { + _ struct{} `type:"structure"` + + // The ID of the resource. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The type of resource, for example a VPC attachment. + ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` + + // The subnet associated with the transit gateway multicast domain. + Subnet *SubnetAssociation `locationName:"subnet" type:"structure"` + + // The ID of the transit gateway attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDomainAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDomainAssociation) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *TransitGatewayMulticastDomainAssociation) SetResourceId(v string) *TransitGatewayMulticastDomainAssociation { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *TransitGatewayMulticastDomainAssociation) SetResourceType(v string) *TransitGatewayMulticastDomainAssociation { + s.ResourceType = &v + return s +} + +// SetSubnet sets the Subnet field's value. +func (s *TransitGatewayMulticastDomainAssociation) SetSubnet(v *SubnetAssociation) *TransitGatewayMulticastDomainAssociation { + s.Subnet = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayMulticastDomainAssociation) SetTransitGatewayAttachmentId(v string) *TransitGatewayMulticastDomainAssociation { + s.TransitGatewayAttachmentId = &v + return s +} + +// Describes the multicast domain associations. +type TransitGatewayMulticastDomainAssociations struct { + _ struct{} `type:"structure"` + + // The ID of the resource. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The type of resource, for example a VPC attachment. + ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` + + // The subnets associated with the multicast domain. + Subnets []*SubnetAssociation `locationName:"subnets" locationNameList:"item" type:"list"` + + // The ID of the transit gateway attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastDomainAssociations) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastDomainAssociations) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetResourceId(v string) *TransitGatewayMulticastDomainAssociations { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetResourceType(v string) *TransitGatewayMulticastDomainAssociations { + s.ResourceType = &v + return s +} + +// SetSubnets sets the Subnets field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetSubnets(v []*SubnetAssociation) *TransitGatewayMulticastDomainAssociations { + s.Subnets = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetTransitGatewayAttachmentId(v string) *TransitGatewayMulticastDomainAssociations { + s.TransitGatewayAttachmentId = &v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastDomainAssociations) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastDomainAssociations { + s.TransitGatewayMulticastDomainId = &v + return s +} + +// Describes the transit gateway multicast group resources. +type TransitGatewayMulticastGroup struct { + _ struct{} `type:"structure"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `locationName:"groupIpAddress" type:"string"` + + // Indicates that the resource is a transit gateway multicast group member. + GroupMember *bool `locationName:"groupMember" type:"boolean"` + + // Indicates that the resource is a transit gateway multicast group member. + GroupSource *bool `locationName:"groupSource" type:"boolean"` + + // The member type (for example, static). + MemberType *string `locationName:"memberType" type:"string" enum:"MembershipType"` + + // The ID of the transit gateway attachment. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The ID of the resource. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The type of resource, for example a VPC attachment. + ResourceType *string `locationName:"resourceType" type:"string" enum:"TransitGatewayAttachmentResourceType"` + + // The source type. + SourceType *string `locationName:"sourceType" type:"string" enum:"MembershipType"` + + // The ID of the subnet. + SubnetId *string `locationName:"subnetId" type:"string"` + + // The ID of the transit gateway attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastGroup) GoString() string { + return s.String() +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *TransitGatewayMulticastGroup) SetGroupIpAddress(v string) *TransitGatewayMulticastGroup { + s.GroupIpAddress = &v + return s +} + +// SetGroupMember sets the GroupMember field's value. +func (s *TransitGatewayMulticastGroup) SetGroupMember(v bool) *TransitGatewayMulticastGroup { + s.GroupMember = &v + return s +} + +// SetGroupSource sets the GroupSource field's value. +func (s *TransitGatewayMulticastGroup) SetGroupSource(v bool) *TransitGatewayMulticastGroup { + s.GroupSource = &v + return s +} + +// SetMemberType sets the MemberType field's value. +func (s *TransitGatewayMulticastGroup) SetMemberType(v string) *TransitGatewayMulticastGroup { + s.MemberType = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *TransitGatewayMulticastGroup) SetNetworkInterfaceId(v string) *TransitGatewayMulticastGroup { + s.NetworkInterfaceId = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *TransitGatewayMulticastGroup) SetResourceId(v string) *TransitGatewayMulticastGroup { + s.ResourceId = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *TransitGatewayMulticastGroup) SetResourceType(v string) *TransitGatewayMulticastGroup { + s.ResourceType = &v + return s +} + +// SetSourceType sets the SourceType field's value. +func (s *TransitGatewayMulticastGroup) SetSourceType(v string) *TransitGatewayMulticastGroup { + s.SourceType = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *TransitGatewayMulticastGroup) SetSubnetId(v string) *TransitGatewayMulticastGroup { + s.SubnetId = &v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayMulticastGroup) SetTransitGatewayAttachmentId(v string) *TransitGatewayMulticastGroup { + s.TransitGatewayAttachmentId = &v + return s +} + +// Describes the registered transit gateway multicast group members. +type TransitGatewayMulticastRegisteredGroupMembers struct { + _ struct{} `type:"structure"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `locationName:"groupIpAddress" type:"string"` + + // The ID of the registered network interfaces. + RegisteredNetworkInterfaceIds []*string `locationName:"registeredNetworkInterfaceIds" locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastRegisteredGroupMembers) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastRegisteredGroupMembers) GoString() string { + return s.String() +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *TransitGatewayMulticastRegisteredGroupMembers) SetGroupIpAddress(v string) *TransitGatewayMulticastRegisteredGroupMembers { + s.GroupIpAddress = &v + return s +} + +// SetRegisteredNetworkInterfaceIds sets the RegisteredNetworkInterfaceIds field's value. +func (s *TransitGatewayMulticastRegisteredGroupMembers) SetRegisteredNetworkInterfaceIds(v []*string) *TransitGatewayMulticastRegisteredGroupMembers { + s.RegisteredNetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastRegisteredGroupMembers) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastRegisteredGroupMembers { + s.TransitGatewayMulticastDomainId = &v + return s +} + +// Describes the members registered with the transit gateway multicast group. +type TransitGatewayMulticastRegisteredGroupSources struct { + _ struct{} `type:"structure"` + + // The IP address assigned to the transit gateway multicast group. + GroupIpAddress *string `locationName:"groupIpAddress" type:"string"` + + // The IDs of the network interfaces members registered with the transit gateway + // multicast group. + RegisteredNetworkInterfaceIds []*string `locationName:"registeredNetworkInterfaceIds" locationNameList:"item" type:"list"` + + // The ID of the transit gateway multicast domain. + TransitGatewayMulticastDomainId *string `locationName:"transitGatewayMulticastDomainId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayMulticastRegisteredGroupSources) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayMulticastRegisteredGroupSources) GoString() string { + return s.String() +} + +// SetGroupIpAddress sets the GroupIpAddress field's value. +func (s *TransitGatewayMulticastRegisteredGroupSources) SetGroupIpAddress(v string) *TransitGatewayMulticastRegisteredGroupSources { + s.GroupIpAddress = &v + return s +} + +// SetRegisteredNetworkInterfaceIds sets the RegisteredNetworkInterfaceIds field's value. +func (s *TransitGatewayMulticastRegisteredGroupSources) SetRegisteredNetworkInterfaceIds(v []*string) *TransitGatewayMulticastRegisteredGroupSources { + s.RegisteredNetworkInterfaceIds = v + return s +} + +// SetTransitGatewayMulticastDomainId sets the TransitGatewayMulticastDomainId field's value. +func (s *TransitGatewayMulticastRegisteredGroupSources) SetTransitGatewayMulticastDomainId(v string) *TransitGatewayMulticastRegisteredGroupSources { + s.TransitGatewayMulticastDomainId = &v + return s +} + // Describes the options for a transit gateway. type TransitGatewayOptions struct { _ struct{} `type:"structure"` @@ -80959,6 +102864,9 @@ type TransitGatewayOptions struct { // Indicates whether DNS support is enabled. DnsSupport *string `locationName:"dnsSupport" type:"string" enum:"DnsSupportValue"` + // Indicates whether multicast is enabled on the transit gateway + MulticastSupport *string `locationName:"multicastSupport" type:"string" enum:"MulticastSupportValue"` + // The ID of the default propagation route table. PropagationDefaultRouteTableId *string `locationName:"propagationDefaultRouteTableId" type:"string"` @@ -81012,6 +102920,12 @@ func (s *TransitGatewayOptions) SetDnsSupport(v string) *TransitGatewayOptions { return s } +// SetMulticastSupport sets the MulticastSupport field's value. +func (s *TransitGatewayOptions) SetMulticastSupport(v string) *TransitGatewayOptions { + s.MulticastSupport = &v + return s +} + // SetPropagationDefaultRouteTableId sets the PropagationDefaultRouteTableId field's value. func (s *TransitGatewayOptions) SetPropagationDefaultRouteTableId(v string) *TransitGatewayOptions { s.PropagationDefaultRouteTableId = &v @@ -81024,6 +102938,84 @@ func (s *TransitGatewayOptions) SetVpnEcmpSupport(v string) *TransitGatewayOptio return s } +// Describes the transit gateway peering attachment. +type TransitGatewayPeeringAttachment struct { + _ struct{} `type:"structure"` + + // Information about the accepter transit gateway. + AccepterTgwInfo *PeeringTgwInfo `locationName:"accepterTgwInfo" type:"structure"` + + // The time the transit gateway peering attachment was created. + CreationTime *time.Time `locationName:"creationTime" type:"timestamp"` + + // Information about the requester transit gateway. + RequesterTgwInfo *PeeringTgwInfo `locationName:"requesterTgwInfo" type:"structure"` + + // The state of the transit gateway peering attachment. + State *string `locationName:"state" type:"string" enum:"TransitGatewayAttachmentState"` + + // The status of the transit gateway peering attachment. + Status *PeeringAttachmentStatus `locationName:"status" type:"structure"` + + // The tags for the transit gateway peering attachment. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the transit gateway peering attachment. + TransitGatewayAttachmentId *string `locationName:"transitGatewayAttachmentId" type:"string"` +} + +// String returns the string representation +func (s TransitGatewayPeeringAttachment) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TransitGatewayPeeringAttachment) GoString() string { + return s.String() +} + +// SetAccepterTgwInfo sets the AccepterTgwInfo field's value. +func (s *TransitGatewayPeeringAttachment) SetAccepterTgwInfo(v *PeeringTgwInfo) *TransitGatewayPeeringAttachment { + s.AccepterTgwInfo = v + return s +} + +// SetCreationTime sets the CreationTime field's value. +func (s *TransitGatewayPeeringAttachment) SetCreationTime(v time.Time) *TransitGatewayPeeringAttachment { + s.CreationTime = &v + return s +} + +// SetRequesterTgwInfo sets the RequesterTgwInfo field's value. +func (s *TransitGatewayPeeringAttachment) SetRequesterTgwInfo(v *PeeringTgwInfo) *TransitGatewayPeeringAttachment { + s.RequesterTgwInfo = v + return s +} + +// SetState sets the State field's value. +func (s *TransitGatewayPeeringAttachment) SetState(v string) *TransitGatewayPeeringAttachment { + s.State = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *TransitGatewayPeeringAttachment) SetStatus(v *PeeringAttachmentStatus) *TransitGatewayPeeringAttachment { + s.Status = v + return s +} + +// SetTags sets the Tags field's value. +func (s *TransitGatewayPeeringAttachment) SetTags(v []*Tag) *TransitGatewayPeeringAttachment { + s.Tags = v + return s +} + +// SetTransitGatewayAttachmentId sets the TransitGatewayAttachmentId field's value. +func (s *TransitGatewayPeeringAttachment) SetTransitGatewayAttachmentId(v string) *TransitGatewayPeeringAttachment { + s.TransitGatewayAttachmentId = &v + return s +} + // Describes route propagation. type TransitGatewayPropagation struct { _ struct{} `type:"structure"` @@ -81108,6 +103100,9 @@ type TransitGatewayRequestOptions struct { // Enable or disable DNS support. DnsSupport *string `type:"string" enum:"DnsSupportValue"` + // Indicates whether multicast is enabled on the transit gateway + MulticastSupport *string `type:"string" enum:"MulticastSupportValue"` + // Enable or disable Equal Cost Multipath Protocol support. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -81152,6 +103147,12 @@ func (s *TransitGatewayRequestOptions) SetDnsSupport(v string) *TransitGatewayRe return s } +// SetMulticastSupport sets the MulticastSupport field's value. +func (s *TransitGatewayRequestOptions) SetMulticastSupport(v string) *TransitGatewayRequestOptions { + s.MulticastSupport = &v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *TransitGatewayRequestOptions) SetVpnEcmpSupport(v string) *TransitGatewayRequestOptions { s.VpnEcmpSupport = &v @@ -81562,6 +103563,170 @@ func (s *TransitGatewayVpcAttachmentOptions) SetIpv6Support(v string) *TransitGa return s } +// The VPN tunnel options. +type TunnelOption struct { + _ struct{} `type:"structure"` + + // The number of seconds after which a DPD timeout occurs. + DpdTimeoutSeconds *int64 `locationName:"dpdTimeoutSeconds" type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + IkeVersions []*IKEVersionsListValue `locationName:"ikeVersionSet" locationNameList:"item" type:"list"` + + // The external IP address of the VPN tunnel. + OutsideIpAddress *string `locationName:"outsideIpAddress" type:"string"` + + // The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 + // IKE negotiations. + Phase1DHGroupNumbers []*Phase1DHGroupNumbersListValue `locationName:"phase1DHGroupNumberSet" locationNameList:"item" type:"list"` + + // The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations. + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsListValue `locationName:"phase1EncryptionAlgorithmSet" locationNameList:"item" type:"list"` + + // The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations. + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsListValue `locationName:"phase1IntegrityAlgorithmSet" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + Phase1LifetimeSeconds *int64 `locationName:"phase1LifetimeSeconds" type:"integer"` + + // The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 + // IKE negotiations. + Phase2DHGroupNumbers []*Phase2DHGroupNumbersListValue `locationName:"phase2DHGroupNumberSet" locationNameList:"item" type:"list"` + + // The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations. + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsListValue `locationName:"phase2EncryptionAlgorithmSet" locationNameList:"item" type:"list"` + + // The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations. + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsListValue `locationName:"phase2IntegrityAlgorithmSet" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + Phase2LifetimeSeconds *int64 `locationName:"phase2LifetimeSeconds" type:"integer"` + + // The pre-shared key (PSK) to establish initial authentication between the + // virtual private gateway and the customer gateway. + PreSharedKey *string `locationName:"preSharedKey" type:"string"` + + // The percentage of the rekey window determined by RekeyMarginTimeSeconds during + // which the rekey time is randomly selected. + RekeyFuzzPercentage *int64 `locationName:"rekeyFuzzPercentage" type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. + RekeyMarginTimeSeconds *int64 `locationName:"rekeyMarginTimeSeconds" type:"integer"` + + // The number of packets in an IKE replay window. + ReplayWindowSize *int64 `locationName:"replayWindowSize" type:"integer"` + + // The range of inside IP addresses for the tunnel. + TunnelInsideCidr *string `locationName:"tunnelInsideCidr" type:"string"` +} + +// String returns the string representation +func (s TunnelOption) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TunnelOption) GoString() string { + return s.String() +} + +// SetDpdTimeoutSeconds sets the DpdTimeoutSeconds field's value. +func (s *TunnelOption) SetDpdTimeoutSeconds(v int64) *TunnelOption { + s.DpdTimeoutSeconds = &v + return s +} + +// SetIkeVersions sets the IkeVersions field's value. +func (s *TunnelOption) SetIkeVersions(v []*IKEVersionsListValue) *TunnelOption { + s.IkeVersions = v + return s +} + +// SetOutsideIpAddress sets the OutsideIpAddress field's value. +func (s *TunnelOption) SetOutsideIpAddress(v string) *TunnelOption { + s.OutsideIpAddress = &v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *TunnelOption) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersListValue) *TunnelOption { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *TunnelOption) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsListValue) *TunnelOption { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *TunnelOption) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsListValue) *TunnelOption { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *TunnelOption) SetPhase1LifetimeSeconds(v int64) *TunnelOption { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *TunnelOption) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersListValue) *TunnelOption { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *TunnelOption) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsListValue) *TunnelOption { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *TunnelOption) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsListValue) *TunnelOption { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *TunnelOption) SetPhase2LifetimeSeconds(v int64) *TunnelOption { + s.Phase2LifetimeSeconds = &v + return s +} + +// SetPreSharedKey sets the PreSharedKey field's value. +func (s *TunnelOption) SetPreSharedKey(v string) *TunnelOption { + s.PreSharedKey = &v + return s +} + +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *TunnelOption) SetRekeyFuzzPercentage(v int64) *TunnelOption { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *TunnelOption) SetRekeyMarginTimeSeconds(v int64) *TunnelOption { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *TunnelOption) SetReplayWindowSize(v int64) *TunnelOption { + s.ReplayWindowSize = &v + return s +} + +// SetTunnelInsideCidr sets the TunnelInsideCidr field's value. +func (s *TunnelOption) SetTunnelInsideCidr(v string) *TunnelOption { + s.TunnelInsideCidr = &v + return s +} + type UnassignIpv6AddressesInput struct { _ struct{} `type:"structure"` @@ -81723,7 +103888,7 @@ type UnmonitorInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more instance IDs. + // The IDs of the instances. // // InstanceIds is a required field InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list" required:"true"` @@ -81787,13 +103952,13 @@ func (s *UnmonitorInstancesOutput) SetInstanceMonitorings(v []*InstanceMonitorin return s } -// Describes the T2 or T3 instance whose credit option for CPU usage was not -// modified. +// Describes the burstable performance instance whose credit option for CPU +// usage was not modified. type UnsuccessfulInstanceCreditSpecificationItem struct { _ struct{} `type:"structure"` - // The applicable error for the T2 or T3 instance whose credit option for CPU - // usage was not modified. + // The applicable error for the burstable performance instance whose credit + // option for CPU usage was not modified. Error *UnsuccessfulInstanceCreditSpecificationItemError `locationName:"error" type:"structure"` // The ID of the instance. @@ -81822,8 +103987,8 @@ func (s *UnsuccessfulInstanceCreditSpecificationItem) SetInstanceId(v string) *U return s } -// Information about the error for the T2 or T3 instance whose credit option -// for CPU usage was not modified. +// Information about the error for the burstable performance instance whose +// credit option for CPU usage was not modified. type UnsuccessfulInstanceCreditSpecificationItemError struct { _ struct{} `type:"structure"` @@ -81890,7 +104055,7 @@ func (s *UnsuccessfulItem) SetResourceId(v string) *UnsuccessfulItem { } // Information about the error that occurred. For more information about errors, -// see Error Codes (http://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). +// see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). type UnsuccessfulItemError struct { _ struct{} `type:"structure"` @@ -82179,7 +104344,7 @@ func (s *UserBucketDetails) SetS3Key(v string) *UserBucketDetails { // Describes the user data for an instance. type UserData struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The user data. If you are using an AWS SDK or command line tool, Base64-encoding // is performed for you, and you can load the text from a file. Otherwise, you @@ -82297,6 +104462,68 @@ func (s *UserIdGroupPair) SetVpcPeeringConnectionId(v string) *UserIdGroupPair { return s } +// Describes the vCPU configurations for the instance type. +type VCpuInfo struct { + _ struct{} `type:"structure"` + + // The default number of cores for the instance type. + DefaultCores *int64 `locationName:"defaultCores" type:"integer"` + + // The default number of threads per core for the instance type. + DefaultThreadsPerCore *int64 `locationName:"defaultThreadsPerCore" type:"integer"` + + // The default number of vCPUs for the instance type. + DefaultVCpus *int64 `locationName:"defaultVCpus" type:"integer"` + + // List of the valid number of cores that can be configured for the instance + // type. + ValidCores []*int64 `locationName:"validCores" locationNameList:"item" type:"list"` + + // List of the valid number of threads per core that can be configured for the + // instance type. + ValidThreadsPerCore []*int64 `locationName:"validThreadsPerCore" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s VCpuInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VCpuInfo) GoString() string { + return s.String() +} + +// SetDefaultCores sets the DefaultCores field's value. +func (s *VCpuInfo) SetDefaultCores(v int64) *VCpuInfo { + s.DefaultCores = &v + return s +} + +// SetDefaultThreadsPerCore sets the DefaultThreadsPerCore field's value. +func (s *VCpuInfo) SetDefaultThreadsPerCore(v int64) *VCpuInfo { + s.DefaultThreadsPerCore = &v + return s +} + +// SetDefaultVCpus sets the DefaultVCpus field's value. +func (s *VCpuInfo) SetDefaultVCpus(v int64) *VCpuInfo { + s.DefaultVCpus = &v + return s +} + +// SetValidCores sets the ValidCores field's value. +func (s *VCpuInfo) SetValidCores(v []*int64) *VCpuInfo { + s.ValidCores = v + return s +} + +// SetValidThreadsPerCore sets the ValidThreadsPerCore field's value. +func (s *VCpuInfo) SetValidThreadsPerCore(v []*int64) *VCpuInfo { + s.ValidThreadsPerCore = v + return s +} + // Describes telemetry for a VPN tunnel. type VgwTelemetry struct { _ struct{} `type:"structure"` @@ -82304,6 +104531,9 @@ type VgwTelemetry struct { // The number of accepted routes. AcceptedRouteCount *int64 `locationName:"acceptedRouteCount" type:"integer"` + // The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate. + CertificateArn *string `locationName:"certificateArn" type:"string"` + // The date and time of the last change in status. LastStatusChange *time.Time `locationName:"lastStatusChange" type:"timestamp"` @@ -82334,6 +104564,12 @@ func (s *VgwTelemetry) SetAcceptedRouteCount(v int64) *VgwTelemetry { return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *VgwTelemetry) SetCertificateArn(v string) *VgwTelemetry { + s.CertificateArn = &v + return s +} + // SetLastStatusChange sets the LastStatusChange field's value. func (s *VgwTelemetry) SetLastStatusChange(v time.Time) *VgwTelemetry { s.LastStatusChange = &v @@ -82371,33 +104607,37 @@ type Volume struct { // The time stamp when volume creation was initiated. CreateTime *time.Time `locationName:"createTime" type:"timestamp"` - // Indicates whether the volume will be encrypted. + // Indicates whether the volume is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` + // Indicates whether the volume was created using fast snapshot restore. + FastRestored *bool `locationName:"fastRestored" type:"boolean"` + // The number of I/O operations per second (IOPS) that the volume supports. // For Provisioned IOPS SSD volumes, this represents the number of IOPS that // are provisioned for the volume. For General Purpose SSD volumes, this represents // the baseline performance of the volume and the rate at which the volume accumulates - // I/O credits for bursting. For more information about General Purpose SSD - // baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types - // (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) + // I/O credits for bursting. For more information, see Amazon EBS Volume Types + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) // in the Amazon Elastic Compute Cloud User Guide. // // Constraints: Range is 100-16,000 IOPS for gp2 volumes and 100 to 64,000IOPS - // for io1 volumes in most regions. Maximum io1IOPS of 64,000 is guaranteed - // only on Nitro-based instances (AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS Volume Types (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // for io1 volumes, in most Regions. The maximum IOPS for io1 of 64,000 is guaranteed + // only on Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // Other instance families guarantee performance up to 32,000 IOPS. // // Condition: This parameter is required for requests to create io1 volumes; // it is not used in requests to create gp2, st1, sc1, or standard volumes. Iops *int64 `locationName:"iops" type:"integer"` - // The full ARN of the AWS Key Management Service (AWS KMS) customer master - // key (CMK) that was used to protect the volume encryption key for the volume. + // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) + // customer master key (CMK) that was used to protect the volume encryption + // key for the volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The size of the volume, in GiBs. Size *int64 `locationName:"size" type:"integer"` @@ -82453,6 +104693,12 @@ func (s *Volume) SetEncrypted(v bool) *Volume { return s } +// SetFastRestored sets the FastRestored field's value. +func (s *Volume) SetFastRestored(v bool) *Volume { + s.FastRestored = &v + return s +} + // SetIops sets the Iops field's value. func (s *Volume) SetIops(v int64) *Volume { s.Iops = &v @@ -82465,6 +104711,12 @@ func (s *Volume) SetKmsKeyId(v string) *Volume { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *Volume) SetOutpostArn(v string) *Volume { + s.OutpostArn = &v + return s +} + // SetSize sets the Size field's value. func (s *Volume) SetSize(v int64) *Volume { s.Size = &v @@ -82925,6 +105177,9 @@ type VolumeStatusItem struct { // A list of events associated with the volume. Events []*VolumeStatusEvent `locationName:"eventsSet" locationNameList:"item" type:"list"` + // The Amazon Resource Name (ARN) of the Outpost. + OutpostArn *string `locationName:"outpostArn" type:"string"` + // The volume ID. VolumeId *string `locationName:"volumeId" type:"string"` @@ -82960,6 +105215,12 @@ func (s *VolumeStatusItem) SetEvents(v []*VolumeStatusEvent) *VolumeStatusItem { return s } +// SetOutpostArn sets the OutpostArn field's value. +func (s *VolumeStatusItem) SetOutpostArn(v string) *VolumeStatusItem { + s.OutpostArn = &v + return s +} + // SetVolumeId sets the VolumeId field's value. func (s *VolumeStatusItem) SetVolumeId(v string) *VolumeStatusItem { s.VolumeId = &v @@ -83232,19 +105493,25 @@ func (s *VpcClassicLink) SetVpcId(v string) *VpcClassicLink { type VpcEndpoint struct { _ struct{} `type:"structure"` - // The date and time the VPC endpoint was created. + // The date and time that the VPC endpoint was created. CreationTimestamp *time.Time `locationName:"creationTimestamp" type:"timestamp"` // (Interface endpoint) The DNS entries for the endpoint. DnsEntries []*DnsEntry `locationName:"dnsEntrySet" locationNameList:"item" type:"list"` - // (Interface endpoint) Information about the security groups associated with - // the network interface. + // (Interface endpoint) Information about the security groups that are associated + // with the network interface. Groups []*SecurityGroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` + // The last error that occurred for VPC endpoint. + LastError *LastError `locationName:"lastError" type:"structure"` + // (Interface endpoint) One or more network interfaces for the endpoint. NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` + // The ID of the AWS account that owns the VPC endpoint. + OwnerId *string `locationName:"ownerId" type:"string"` + // The policy document associated with the endpoint, if applicable. PolicyDocument *string `locationName:"policyDocument" type:"string"` @@ -83252,6 +105519,9 @@ type VpcEndpoint struct { // hosted zone. PrivateDnsEnabled *bool `locationName:"privateDnsEnabled" type:"boolean"` + // Indicates whether the VPC endpoint is being managed by its service. + RequesterManaged *bool `locationName:"requesterManaged" type:"boolean"` + // (Gateway endpoint) One or more route tables associated with the endpoint. RouteTableIds []*string `locationName:"routeTableIdSet" locationNameList:"item" type:"list"` @@ -83264,6 +105534,9 @@ type VpcEndpoint struct { // (Interface endpoint) One or more subnets in which the endpoint is located. SubnetIds []*string `locationName:"subnetIdSet" locationNameList:"item" type:"list"` + // Any tags assigned to the VPC endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + // The ID of the VPC endpoint. VpcEndpointId *string `locationName:"vpcEndpointId" type:"string"` @@ -83302,12 +105575,24 @@ func (s *VpcEndpoint) SetGroups(v []*SecurityGroupIdentifier) *VpcEndpoint { return s } +// SetLastError sets the LastError field's value. +func (s *VpcEndpoint) SetLastError(v *LastError) *VpcEndpoint { + s.LastError = v + return s +} + // SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. func (s *VpcEndpoint) SetNetworkInterfaceIds(v []*string) *VpcEndpoint { s.NetworkInterfaceIds = v return s } +// SetOwnerId sets the OwnerId field's value. +func (s *VpcEndpoint) SetOwnerId(v string) *VpcEndpoint { + s.OwnerId = &v + return s +} + // SetPolicyDocument sets the PolicyDocument field's value. func (s *VpcEndpoint) SetPolicyDocument(v string) *VpcEndpoint { s.PolicyDocument = &v @@ -83320,6 +105605,12 @@ func (s *VpcEndpoint) SetPrivateDnsEnabled(v bool) *VpcEndpoint { return s } +// SetRequesterManaged sets the RequesterManaged field's value. +func (s *VpcEndpoint) SetRequesterManaged(v bool) *VpcEndpoint { + s.RequesterManaged = &v + return s +} + // SetRouteTableIds sets the RouteTableIds field's value. func (s *VpcEndpoint) SetRouteTableIds(v []*string) *VpcEndpoint { s.RouteTableIds = v @@ -83344,6 +105635,12 @@ func (s *VpcEndpoint) SetSubnetIds(v []*string) *VpcEndpoint { return s } +// SetTags sets the Tags field's value. +func (s *VpcEndpoint) SetTags(v []*Tag) *VpcEndpoint { + s.Tags = v + return s +} + // SetVpcEndpointId sets the VpcEndpointId field's value. func (s *VpcEndpoint) SetVpcEndpointId(v string) *VpcEndpoint { s.VpcEndpointId = &v @@ -83366,9 +105663,15 @@ func (s *VpcEndpoint) SetVpcId(v string) *VpcEndpoint { type VpcEndpointConnection struct { _ struct{} `type:"structure"` - // The date and time the VPC endpoint was created. + // The date and time that the VPC endpoint was created. CreationTimestamp *time.Time `locationName:"creationTimestamp" type:"timestamp"` + // The DNS entries for the VPC endpoint. + DnsEntries []*DnsEntry `locationName:"dnsEntrySet" locationNameList:"item" type:"list"` + + // The Amazon Resource Names (ARNs) of the network load balancers for the service. + NetworkLoadBalancerArns []*string `locationName:"networkLoadBalancerArnSet" locationNameList:"item" type:"list"` + // The ID of the service to which the endpoint is connected. ServiceId *string `locationName:"serviceId" type:"string"` @@ -83398,6 +105701,18 @@ func (s *VpcEndpointConnection) SetCreationTimestamp(v time.Time) *VpcEndpointCo return s } +// SetDnsEntries sets the DnsEntries field's value. +func (s *VpcEndpointConnection) SetDnsEntries(v []*DnsEntry) *VpcEndpointConnection { + s.DnsEntries = v + return s +} + +// SetNetworkLoadBalancerArns sets the NetworkLoadBalancerArns field's value. +func (s *VpcEndpointConnection) SetNetworkLoadBalancerArns(v []*string) *VpcEndpointConnection { + s.NetworkLoadBalancerArns = v + return s +} + // SetServiceId sets the ServiceId field's value. func (s *VpcEndpointConnection) SetServiceId(v string) *VpcEndpointConnection { s.ServiceId = &v @@ -83434,6 +105749,9 @@ type VpcIpv6CidrBlockAssociation struct { // Information about the state of the CIDR block. Ipv6CidrBlockState *VpcCidrBlockState `locationName:"ipv6CidrBlockState" type:"structure"` + + // The name of the location from which we advertise the IPV6 CIDR block. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` } // String returns the string representation @@ -83464,6 +105782,12 @@ func (s *VpcIpv6CidrBlockAssociation) SetIpv6CidrBlockState(v *VpcCidrBlockState return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *VpcIpv6CidrBlockAssociation) SetNetworkBorderGroup(v string) *VpcIpv6CidrBlockAssociation { + s.NetworkBorderGroup = &v + return s +} + // Describes a VPC peering connection. type VpcPeeringConnection struct { _ struct{} `type:"structure"` @@ -83633,7 +105957,7 @@ type VpcPeeringConnectionVpcInfo struct { // requester VPC. PeeringOptions *VpcPeeringConnectionOptionsDescription `locationName:"peeringOptions" type:"structure"` - // The region in which the VPC is located. + // The Region in which the VPC is located. Region *string `locationName:"region" type:"string"` // The ID of the VPC. @@ -83697,9 +106021,7 @@ type VpnConnection struct { _ struct{} `type:"structure"` // The category of the VPN connection. A value of VPN indicates an AWS VPN connection. - // A value of VPN-Classic indicates an AWS Classic VPN connection. For more - // information, see AWS Managed VPN Categories (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html#vpn-categories) - // in the Amazon Virtual Private Cloud User Guide. + // A value of VPN-Classic indicates an AWS Classic VPN connection. Category *string `locationName:"category" type:"string"` // The configuration information for the VPN connection's customer gateway (in @@ -83825,9 +106147,15 @@ func (s *VpnConnection) SetVpnGatewayId(v string) *VpnConnection { type VpnConnectionOptions struct { _ struct{} `type:"structure"` + // Indicates whether acceleration is enabled for the VPN connection. + EnableAcceleration *bool `locationName:"enableAcceleration" type:"boolean"` + // Indicates whether the VPN connection uses static routes only. Static routes // must be used for devices that don't support BGP. StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` + + // Indicates the VPN tunnel options. + TunnelOptions []*TunnelOption `locationName:"tunnelOptionSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -83840,16 +106168,33 @@ func (s VpnConnectionOptions) GoString() string { return s.String() } +// SetEnableAcceleration sets the EnableAcceleration field's value. +func (s *VpnConnectionOptions) SetEnableAcceleration(v bool) *VpnConnectionOptions { + s.EnableAcceleration = &v + return s +} + // SetStaticRoutesOnly sets the StaticRoutesOnly field's value. func (s *VpnConnectionOptions) SetStaticRoutesOnly(v bool) *VpnConnectionOptions { s.StaticRoutesOnly = &v return s } +// SetTunnelOptions sets the TunnelOptions field's value. +func (s *VpnConnectionOptions) SetTunnelOptions(v []*TunnelOption) *VpnConnectionOptions { + s.TunnelOptions = v + return s +} + // Describes VPN connection options. type VpnConnectionOptionsSpecification struct { _ struct{} `type:"structure"` + // Indicate whether to enable acceleration for the VPN connection. + // + // Default: false + EnableAcceleration *bool `type:"boolean"` + // Indicate whether the VPN connection uses static routes only. If you are creating // a VPN connection for a device that does not support BGP, you must specify // true. Use CreateVpnConnectionRoute to create a static route. @@ -83858,7 +106203,7 @@ type VpnConnectionOptionsSpecification struct { StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` // The tunnel options for the VPN connection. - TunnelOptions []*VpnTunnelOptionsSpecification `locationNameList:"item" type:"list"` + TunnelOptions []*VpnTunnelOptionsSpecification `type:"list"` } // String returns the string representation @@ -83871,6 +106216,12 @@ func (s VpnConnectionOptionsSpecification) GoString() string { return s.String() } +// SetEnableAcceleration sets the EnableAcceleration field's value. +func (s *VpnConnectionOptionsSpecification) SetEnableAcceleration(v bool) *VpnConnectionOptionsSpecification { + s.EnableAcceleration = &v + return s +} + // SetStaticRoutesOnly sets the StaticRoutesOnly field's value. func (s *VpnConnectionOptionsSpecification) SetStaticRoutesOnly(v bool) *VpnConnectionOptionsSpecification { s.StaticRoutesOnly = &v @@ -84008,13 +106359,101 @@ func (s *VpnStaticRoute) SetState(v string) *VpnStaticRoute { type VpnTunnelOptionsSpecification struct { _ struct{} `type:"structure"` + // The number of seconds after which a DPD timeout occurs. + // + // Constraints: A value between 0 and 30. + // + // Default: 30 + DPDTimeoutSeconds *int64 `type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + // + // Valid values: ikev1 | ikev2 + IKEVersions []*IKEVersionsRequestListValue `locationName:"IKEVersion" locationNameList:"item" type:"list"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 1 IKE negotiations. + // + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 28,800. + // + // Default: 28800 + Phase1LifetimeSeconds *int64 `type:"integer"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 2 IKE negotiations. + // + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 3,600. The value must be less than the + // value for Phase1LifetimeSeconds. + // + // Default: 3600 + Phase2LifetimeSeconds *int64 `type:"integer"` + // The pre-shared key (PSK) to establish initial authentication between the // virtual private gateway and customer gateway. // - // Constraints: Allowed characters are alphanumeric characters and ._. Must - // be between 8 and 64 characters in length and cannot start with zero (0). + // Constraints: Allowed characters are alphanumeric characters, periods (.), + // and underscores (_). Must be between 8 and 64 characters in length and cannot + // start with zero (0). PreSharedKey *string `type:"string"` + // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) + // during which the rekey time is randomly selected. + // + // Constraints: A value between 0 and 100. + // + // Default: 100 + RekeyFuzzPercentage *int64 `type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. The exact + // time of the rekey is randomly selected based on the value for RekeyFuzzPercentage. + // + // Constraints: A value between 60 and half of Phase2LifetimeSeconds. + // + // Default: 540 + RekeyMarginTimeSeconds *int64 `type:"integer"` + + // The number of packets in an IKE replay window. + // + // Constraints: A value between 64 and 2048. + // + // Default: 1024 + ReplayWindowSize *int64 `type:"integer"` + // The range of inside IP addresses for the tunnel. Any specified CIDR blocks // must be unique across all VPN connections that use the same virtual private // gateway. @@ -84048,12 +106487,90 @@ func (s VpnTunnelOptionsSpecification) GoString() string { return s.String() } +// SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *VpnTunnelOptionsSpecification { + s.DPDTimeoutSeconds = &v + return s +} + +// SetIKEVersions sets the IKEVersions field's value. +func (s *VpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *VpnTunnelOptionsSpecification { + s.IKEVersions = v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1LifetimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2LifetimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.Phase2LifetimeSeconds = &v + return s +} + // SetPreSharedKey sets the PreSharedKey field's value. func (s *VpnTunnelOptionsSpecification) SetPreSharedKey(v string) *VpnTunnelOptionsSpecification { s.PreSharedKey = &v return s } +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *VpnTunnelOptionsSpecification) SetRekeyFuzzPercentage(v int64) *VpnTunnelOptionsSpecification { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetRekeyMarginTimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *VpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *VpnTunnelOptionsSpecification { + s.ReplayWindowSize = &v + return s +} + // SetTunnelInsideCidr sets the TunnelInsideCidr field's value. func (s *VpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *VpnTunnelOptionsSpecification { s.TunnelInsideCidr = &v @@ -84178,6 +106695,9 @@ const ( // AllocationStateReleasedPermanentFailure is a AllocationState enum value AllocationStateReleasedPermanentFailure = "released-permanent-failure" + + // AllocationStatePending is a AllocationState enum value + AllocationStatePending = "pending" ) const ( @@ -84186,6 +106706,28 @@ const ( // AllocationStrategyDiversified is a AllocationStrategy enum value AllocationStrategyDiversified = "diversified" + + // AllocationStrategyCapacityOptimized is a AllocationStrategy enum value + AllocationStrategyCapacityOptimized = "capacityOptimized" +) + +const ( + // AllowsMultipleInstanceTypesOn is a AllowsMultipleInstanceTypes enum value + AllowsMultipleInstanceTypesOn = "on" + + // AllowsMultipleInstanceTypesOff is a AllowsMultipleInstanceTypes enum value + AllowsMultipleInstanceTypesOff = "off" +) + +const ( + // ArchitectureTypeI386 is a ArchitectureType enum value + ArchitectureTypeI386 = "i386" + + // ArchitectureTypeX8664 is a ArchitectureType enum value + ArchitectureTypeX8664 = "x86_64" + + // ArchitectureTypeArm64 is a ArchitectureType enum value + ArchitectureTypeArm64 = "arm64" ) const ( @@ -84251,6 +106793,17 @@ const ( AutoPlacementOff = "off" ) +const ( + // AvailabilityZoneOptInStatusOptInNotRequired is a AvailabilityZoneOptInStatus enum value + AvailabilityZoneOptInStatusOptInNotRequired = "opt-in-not-required" + + // AvailabilityZoneOptInStatusOptedIn is a AvailabilityZoneOptInStatus enum value + AvailabilityZoneOptInStatusOptedIn = "opted-in" + + // AvailabilityZoneOptInStatusNotOptedIn is a AvailabilityZoneOptInStatus enum value + AvailabilityZoneOptInStatusNotOptedIn = "not-opted-in" +) + const ( // AvailabilityZoneStateAvailable is a AvailabilityZoneState enum value AvailabilityZoneStateAvailable = "available" @@ -84389,6 +106942,15 @@ const ( // CapacityReservationInstancePlatformWindowswithSqlserverWeb is a CapacityReservationInstancePlatform enum value CapacityReservationInstancePlatformWindowswithSqlserverWeb = "Windows with SQL Server Web" + + // CapacityReservationInstancePlatformLinuxwithSqlserverStandard is a CapacityReservationInstancePlatform enum value + CapacityReservationInstancePlatformLinuxwithSqlserverStandard = "Linux with SQL Server Standard" + + // CapacityReservationInstancePlatformLinuxwithSqlserverWeb is a CapacityReservationInstancePlatform enum value + CapacityReservationInstancePlatformLinuxwithSqlserverWeb = "Linux with SQL Server Web" + + // CapacityReservationInstancePlatformLinuxwithSqlserverEnterprise is a CapacityReservationInstancePlatform enum value + CapacityReservationInstancePlatformLinuxwithSqlserverEnterprise = "Linux with SQL Server Enterprise" ) const ( @@ -84528,6 +107090,11 @@ const ( ConversionTaskStateCompleted = "completed" ) +const ( + // CopyTagsFromSourceVolume is a CopyTagsFromSource enum value + CopyTagsFromSourceVolume = "volume" +) + const ( // CurrencyCodeValuesUsd is a CurrencyCodeValues enum value CurrencyCodeValuesUsd = "USD" @@ -84579,6 +107146,17 @@ const ( DeleteFleetErrorCodeUnexpectedError = "unexpectedError" ) +const ( + // DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid = "reserved-instances-id-invalid" + + // DeleteQueuedReservedInstancesErrorCodeReservedInstancesNotInQueuedState is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeReservedInstancesNotInQueuedState = "reserved-instances-not-in-queued-state" + + // DeleteQueuedReservedInstancesErrorCodeUnexpectedError is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeUnexpectedError = "unexpected-error" +) + const ( // DeviceTypeEbs is a DeviceType enum value DeviceTypeEbs = "ebs" @@ -84598,6 +107176,25 @@ const ( DiskImageFormatVhd = "VHD" ) +const ( + // DiskTypeHdd is a DiskType enum value + DiskTypeHdd = "hdd" + + // DiskTypeSsd is a DiskType enum value + DiskTypeSsd = "ssd" +) + +const ( + // DnsNameStatePendingVerification is a DnsNameState enum value + DnsNameStatePendingVerification = "pendingVerification" + + // DnsNameStateVerified is a DnsNameState enum value + DnsNameStateVerified = "verified" + + // DnsNameStateFailed is a DnsNameState enum value + DnsNameStateFailed = "failed" +) + const ( // DnsSupportValueEnable is a DnsSupportValue enum value DnsSupportValueEnable = "enable" @@ -84614,6 +107211,25 @@ const ( DomainTypeStandard = "standard" ) +const ( + // EbsEncryptionSupportUnsupported is a EbsEncryptionSupport enum value + EbsEncryptionSupportUnsupported = "unsupported" + + // EbsEncryptionSupportSupported is a EbsEncryptionSupport enum value + EbsEncryptionSupportSupported = "supported" +) + +const ( + // EbsOptimizedSupportUnsupported is a EbsOptimizedSupport enum value + EbsOptimizedSupportUnsupported = "unsupported" + + // EbsOptimizedSupportSupported is a EbsOptimizedSupport enum value + EbsOptimizedSupportSupported = "supported" + + // EbsOptimizedSupportDefault is a EbsOptimizedSupport enum value + EbsOptimizedSupportDefault = "default" +) + const ( // ElasticGpuStateAttached is a ElasticGpuState enum value ElasticGpuStateAttached = "ATTACHED" @@ -84627,6 +107243,17 @@ const ( ElasticGpuStatusImpaired = "IMPAIRED" ) +const ( + // EnaSupportUnsupported is a EnaSupport enum value + EnaSupportUnsupported = "unsupported" + + // EnaSupportSupported is a EnaSupport enum value + EnaSupportSupported = "supported" + + // EnaSupportRequired is a EnaSupport enum value + EnaSupportRequired = "required" +) + const ( // EndDateTypeUnlimited is a EndDateType enum value EndDateTypeUnlimited = "unlimited" @@ -84661,6 +107288,9 @@ const ( // EventTypeError is a EventType enum value EventTypeError = "error" + + // EventTypeInformation is a EventType enum value + EventTypeInformation = "information" ) const ( @@ -84696,20 +107326,42 @@ const ( ExportTaskStateCompleted = "completed" ) +const ( + // FastSnapshotRestoreStateCodeEnabling is a FastSnapshotRestoreStateCode enum value + FastSnapshotRestoreStateCodeEnabling = "enabling" + + // FastSnapshotRestoreStateCodeOptimizing is a FastSnapshotRestoreStateCode enum value + FastSnapshotRestoreStateCodeOptimizing = "optimizing" + + // FastSnapshotRestoreStateCodeEnabled is a FastSnapshotRestoreStateCode enum value + FastSnapshotRestoreStateCodeEnabled = "enabled" + + // FastSnapshotRestoreStateCodeDisabling is a FastSnapshotRestoreStateCode enum value + FastSnapshotRestoreStateCodeDisabling = "disabling" + + // FastSnapshotRestoreStateCodeDisabled is a FastSnapshotRestoreStateCode enum value + FastSnapshotRestoreStateCodeDisabled = "disabled" +) + const ( // FleetActivityStatusError is a FleetActivityStatus enum value FleetActivityStatusError = "error" // FleetActivityStatusPendingFulfillment is a FleetActivityStatus enum value - FleetActivityStatusPendingFulfillment = "pending-fulfillment" + FleetActivityStatusPendingFulfillment = "pending_fulfillment" // FleetActivityStatusPendingTermination is a FleetActivityStatus enum value - FleetActivityStatusPendingTermination = "pending-termination" + FleetActivityStatusPendingTermination = "pending_termination" // FleetActivityStatusFulfilled is a FleetActivityStatus enum value FleetActivityStatusFulfilled = "fulfilled" ) +const ( + // FleetCapacityReservationUsageStrategyUseCapacityReservationsFirst is a FleetCapacityReservationUsageStrategy enum value + FleetCapacityReservationUsageStrategyUseCapacityReservationsFirst = "use-capacity-reservations-first" +) + const ( // FleetEventTypeInstanceChange is a FleetEventType enum value FleetEventTypeInstanceChange = "instance-change" @@ -84751,10 +107403,10 @@ const ( FleetStateCodeFailed = "failed" // FleetStateCodeDeletedRunning is a FleetStateCode enum value - FleetStateCodeDeletedRunning = "deleted-running" + FleetStateCodeDeletedRunning = "deleted_running" // FleetStateCodeDeletedTerminating is a FleetStateCode enum value - FleetStateCodeDeletedTerminating = "deleted-terminating" + FleetStateCodeDeletedTerminating = "deleted_terminating" // FleetStateCodeModifying is a FleetStateCode enum value FleetStateCodeModifying = "modifying" @@ -84815,6 +107467,14 @@ const ( GatewayTypeIpsec1 = "ipsec.1" ) +const ( + // HostRecoveryOn is a HostRecovery enum value + HostRecoveryOn = "on" + + // HostRecoveryOff is a HostRecovery enum value + HostRecoveryOff = "off" +) + const ( // HostTenancyDedicated is a HostTenancy enum value HostTenancyDedicated = "dedicated" @@ -84823,6 +107483,14 @@ const ( HostTenancyHost = "host" ) +const ( + // HttpTokensStateOptional is a HttpTokensState enum value + HttpTokensStateOptional = "optional" + + // HttpTokensStateRequired is a HttpTokensState enum value + HttpTokensStateRequired = "required" +) + const ( // HypervisorTypeOvm is a HypervisorType enum value HypervisorTypeOvm = "ovm" @@ -84989,6 +107657,22 @@ const ( InstanceMatchCriteriaTargeted = "targeted" ) +const ( + // InstanceMetadataEndpointStateDisabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateDisabled = "disabled" + + // InstanceMetadataEndpointStateEnabled is a InstanceMetadataEndpointState enum value + InstanceMetadataEndpointStateEnabled = "enabled" +) + +const ( + // InstanceMetadataOptionsStatePending is a InstanceMetadataOptionsState enum value + InstanceMetadataOptionsStatePending = "pending" + + // InstanceMetadataOptionsStateApplied is a InstanceMetadataOptionsState enum value + InstanceMetadataOptionsStateApplied = "applied" +) + const ( // InstanceStateNamePending is a InstanceStateName enum value InstanceStateNamePending = "pending" @@ -85055,6 +107739,27 @@ const ( // InstanceTypeT32xlarge is a InstanceType enum value InstanceTypeT32xlarge = "t3.2xlarge" + // InstanceTypeT3aNano is a InstanceType enum value + InstanceTypeT3aNano = "t3a.nano" + + // InstanceTypeT3aMicro is a InstanceType enum value + InstanceTypeT3aMicro = "t3a.micro" + + // InstanceTypeT3aSmall is a InstanceType enum value + InstanceTypeT3aSmall = "t3a.small" + + // InstanceTypeT3aMedium is a InstanceType enum value + InstanceTypeT3aMedium = "t3a.medium" + + // InstanceTypeT3aLarge is a InstanceType enum value + InstanceTypeT3aLarge = "t3a.large" + + // InstanceTypeT3aXlarge is a InstanceType enum value + InstanceTypeT3aXlarge = "t3a.xlarge" + + // InstanceTypeT3a2xlarge is a InstanceType enum value + InstanceTypeT3a2xlarge = "t3a.2xlarge" + // InstanceTypeM1Small is a InstanceType enum value InstanceTypeM1Small = "m1.small" @@ -85154,9 +107859,15 @@ const ( // InstanceTypeR54xlarge is a InstanceType enum value InstanceTypeR54xlarge = "r5.4xlarge" + // InstanceTypeR58xlarge is a InstanceType enum value + InstanceTypeR58xlarge = "r5.8xlarge" + // InstanceTypeR512xlarge is a InstanceType enum value InstanceTypeR512xlarge = "r5.12xlarge" + // InstanceTypeR516xlarge is a InstanceType enum value + InstanceTypeR516xlarge = "r5.16xlarge" + // InstanceTypeR524xlarge is a InstanceType enum value InstanceTypeR524xlarge = "r5.24xlarge" @@ -85175,9 +107886,15 @@ const ( // InstanceTypeR5a4xlarge is a InstanceType enum value InstanceTypeR5a4xlarge = "r5a.4xlarge" + // InstanceTypeR5a8xlarge is a InstanceType enum value + InstanceTypeR5a8xlarge = "r5a.8xlarge" + // InstanceTypeR5a12xlarge is a InstanceType enum value InstanceTypeR5a12xlarge = "r5a.12xlarge" + // InstanceTypeR5a16xlarge is a InstanceType enum value + InstanceTypeR5a16xlarge = "r5a.16xlarge" + // InstanceTypeR5a24xlarge is a InstanceType enum value InstanceTypeR5a24xlarge = "r5a.24xlarge" @@ -85193,15 +107910,45 @@ const ( // InstanceTypeR5d4xlarge is a InstanceType enum value InstanceTypeR5d4xlarge = "r5d.4xlarge" + // InstanceTypeR5d8xlarge is a InstanceType enum value + InstanceTypeR5d8xlarge = "r5d.8xlarge" + // InstanceTypeR5d12xlarge is a InstanceType enum value InstanceTypeR5d12xlarge = "r5d.12xlarge" + // InstanceTypeR5d16xlarge is a InstanceType enum value + InstanceTypeR5d16xlarge = "r5d.16xlarge" + // InstanceTypeR5d24xlarge is a InstanceType enum value InstanceTypeR5d24xlarge = "r5d.24xlarge" // InstanceTypeR5dMetal is a InstanceType enum value InstanceTypeR5dMetal = "r5d.metal" + // InstanceTypeR5adLarge is a InstanceType enum value + InstanceTypeR5adLarge = "r5ad.large" + + // InstanceTypeR5adXlarge is a InstanceType enum value + InstanceTypeR5adXlarge = "r5ad.xlarge" + + // InstanceTypeR5ad2xlarge is a InstanceType enum value + InstanceTypeR5ad2xlarge = "r5ad.2xlarge" + + // InstanceTypeR5ad4xlarge is a InstanceType enum value + InstanceTypeR5ad4xlarge = "r5ad.4xlarge" + + // InstanceTypeR5ad8xlarge is a InstanceType enum value + InstanceTypeR5ad8xlarge = "r5ad.8xlarge" + + // InstanceTypeR5ad12xlarge is a InstanceType enum value + InstanceTypeR5ad12xlarge = "r5ad.12xlarge" + + // InstanceTypeR5ad16xlarge is a InstanceType enum value + InstanceTypeR5ad16xlarge = "r5ad.16xlarge" + + // InstanceTypeR5ad24xlarge is a InstanceType enum value + InstanceTypeR5ad24xlarge = "r5ad.24xlarge" + // InstanceTypeX116xlarge is a InstanceType enum value InstanceTypeX116xlarge = "x1.16xlarge" @@ -85259,6 +108006,30 @@ const ( // InstanceTypeI3Metal is a InstanceType enum value InstanceTypeI3Metal = "i3.metal" + // InstanceTypeI3enLarge is a InstanceType enum value + InstanceTypeI3enLarge = "i3en.large" + + // InstanceTypeI3enXlarge is a InstanceType enum value + InstanceTypeI3enXlarge = "i3en.xlarge" + + // InstanceTypeI3en2xlarge is a InstanceType enum value + InstanceTypeI3en2xlarge = "i3en.2xlarge" + + // InstanceTypeI3en3xlarge is a InstanceType enum value + InstanceTypeI3en3xlarge = "i3en.3xlarge" + + // InstanceTypeI3en6xlarge is a InstanceType enum value + InstanceTypeI3en6xlarge = "i3en.6xlarge" + + // InstanceTypeI3en12xlarge is a InstanceType enum value + InstanceTypeI3en12xlarge = "i3en.12xlarge" + + // InstanceTypeI3en24xlarge is a InstanceType enum value + InstanceTypeI3en24xlarge = "i3en.24xlarge" + + // InstanceTypeI3enMetal is a InstanceType enum value + InstanceTypeI3enMetal = "i3en.metal" + // InstanceTypeHi14xlarge is a InstanceType enum value InstanceTypeHi14xlarge = "hi1.4xlarge" @@ -85316,9 +108087,18 @@ const ( // InstanceTypeC59xlarge is a InstanceType enum value InstanceTypeC59xlarge = "c5.9xlarge" + // InstanceTypeC512xlarge is a InstanceType enum value + InstanceTypeC512xlarge = "c5.12xlarge" + // InstanceTypeC518xlarge is a InstanceType enum value InstanceTypeC518xlarge = "c5.18xlarge" + // InstanceTypeC524xlarge is a InstanceType enum value + InstanceTypeC524xlarge = "c5.24xlarge" + + // InstanceTypeC5Metal is a InstanceType enum value + InstanceTypeC5Metal = "c5.metal" + // InstanceTypeC5dLarge is a InstanceType enum value InstanceTypeC5dLarge = "c5d.large" @@ -85334,9 +108114,18 @@ const ( // InstanceTypeC5d9xlarge is a InstanceType enum value InstanceTypeC5d9xlarge = "c5d.9xlarge" + // InstanceTypeC5d12xlarge is a InstanceType enum value + InstanceTypeC5d12xlarge = "c5d.12xlarge" + // InstanceTypeC5d18xlarge is a InstanceType enum value InstanceTypeC5d18xlarge = "c5d.18xlarge" + // InstanceTypeC5d24xlarge is a InstanceType enum value + InstanceTypeC5d24xlarge = "c5d.24xlarge" + + // InstanceTypeC5dMetal is a InstanceType enum value + InstanceTypeC5dMetal = "c5d.metal" + // InstanceTypeC5nLarge is a InstanceType enum value InstanceTypeC5nLarge = "c5n.large" @@ -85379,6 +108168,24 @@ const ( // InstanceTypeG3sXlarge is a InstanceType enum value InstanceTypeG3sXlarge = "g3s.xlarge" + // InstanceTypeG4dnXlarge is a InstanceType enum value + InstanceTypeG4dnXlarge = "g4dn.xlarge" + + // InstanceTypeG4dn2xlarge is a InstanceType enum value + InstanceTypeG4dn2xlarge = "g4dn.2xlarge" + + // InstanceTypeG4dn4xlarge is a InstanceType enum value + InstanceTypeG4dn4xlarge = "g4dn.4xlarge" + + // InstanceTypeG4dn8xlarge is a InstanceType enum value + InstanceTypeG4dn8xlarge = "g4dn.8xlarge" + + // InstanceTypeG4dn12xlarge is a InstanceType enum value + InstanceTypeG4dn12xlarge = "g4dn.12xlarge" + + // InstanceTypeG4dn16xlarge is a InstanceType enum value + InstanceTypeG4dn16xlarge = "g4dn.16xlarge" + // InstanceTypeCg14xlarge is a InstanceType enum value InstanceTypeCg14xlarge = "cg1.4xlarge" @@ -85436,12 +108243,21 @@ const ( // InstanceTypeM54xlarge is a InstanceType enum value InstanceTypeM54xlarge = "m5.4xlarge" + // InstanceTypeM58xlarge is a InstanceType enum value + InstanceTypeM58xlarge = "m5.8xlarge" + // InstanceTypeM512xlarge is a InstanceType enum value InstanceTypeM512xlarge = "m5.12xlarge" + // InstanceTypeM516xlarge is a InstanceType enum value + InstanceTypeM516xlarge = "m5.16xlarge" + // InstanceTypeM524xlarge is a InstanceType enum value InstanceTypeM524xlarge = "m5.24xlarge" + // InstanceTypeM5Metal is a InstanceType enum value + InstanceTypeM5Metal = "m5.metal" + // InstanceTypeM5aLarge is a InstanceType enum value InstanceTypeM5aLarge = "m5a.large" @@ -85454,9 +108270,15 @@ const ( // InstanceTypeM5a4xlarge is a InstanceType enum value InstanceTypeM5a4xlarge = "m5a.4xlarge" + // InstanceTypeM5a8xlarge is a InstanceType enum value + InstanceTypeM5a8xlarge = "m5a.8xlarge" + // InstanceTypeM5a12xlarge is a InstanceType enum value InstanceTypeM5a12xlarge = "m5a.12xlarge" + // InstanceTypeM5a16xlarge is a InstanceType enum value + InstanceTypeM5a16xlarge = "m5a.16xlarge" + // InstanceTypeM5a24xlarge is a InstanceType enum value InstanceTypeM5a24xlarge = "m5a.24xlarge" @@ -85472,12 +108294,45 @@ const ( // InstanceTypeM5d4xlarge is a InstanceType enum value InstanceTypeM5d4xlarge = "m5d.4xlarge" + // InstanceTypeM5d8xlarge is a InstanceType enum value + InstanceTypeM5d8xlarge = "m5d.8xlarge" + // InstanceTypeM5d12xlarge is a InstanceType enum value InstanceTypeM5d12xlarge = "m5d.12xlarge" + // InstanceTypeM5d16xlarge is a InstanceType enum value + InstanceTypeM5d16xlarge = "m5d.16xlarge" + // InstanceTypeM5d24xlarge is a InstanceType enum value InstanceTypeM5d24xlarge = "m5d.24xlarge" + // InstanceTypeM5dMetal is a InstanceType enum value + InstanceTypeM5dMetal = "m5d.metal" + + // InstanceTypeM5adLarge is a InstanceType enum value + InstanceTypeM5adLarge = "m5ad.large" + + // InstanceTypeM5adXlarge is a InstanceType enum value + InstanceTypeM5adXlarge = "m5ad.xlarge" + + // InstanceTypeM5ad2xlarge is a InstanceType enum value + InstanceTypeM5ad2xlarge = "m5ad.2xlarge" + + // InstanceTypeM5ad4xlarge is a InstanceType enum value + InstanceTypeM5ad4xlarge = "m5ad.4xlarge" + + // InstanceTypeM5ad8xlarge is a InstanceType enum value + InstanceTypeM5ad8xlarge = "m5ad.8xlarge" + + // InstanceTypeM5ad12xlarge is a InstanceType enum value + InstanceTypeM5ad12xlarge = "m5ad.12xlarge" + + // InstanceTypeM5ad16xlarge is a InstanceType enum value + InstanceTypeM5ad16xlarge = "m5ad.16xlarge" + + // InstanceTypeM5ad24xlarge is a InstanceType enum value + InstanceTypeM5ad24xlarge = "m5ad.24xlarge" + // InstanceTypeH12xlarge is a InstanceType enum value InstanceTypeH12xlarge = "h1.2xlarge" @@ -85508,6 +108363,9 @@ const ( // InstanceTypeZ1d12xlarge is a InstanceType enum value InstanceTypeZ1d12xlarge = "z1d.12xlarge" + // InstanceTypeZ1dMetal is a InstanceType enum value + InstanceTypeZ1dMetal = "z1d.metal" + // InstanceTypeU6tb1Metal is a InstanceType enum value InstanceTypeU6tb1Metal = "u-6tb1.metal" @@ -85517,6 +108375,12 @@ const ( // InstanceTypeU12tb1Metal is a InstanceType enum value InstanceTypeU12tb1Metal = "u-12tb1.metal" + // InstanceTypeU18tb1Metal is a InstanceType enum value + InstanceTypeU18tb1Metal = "u-18tb1.metal" + + // InstanceTypeU24tb1Metal is a InstanceType enum value + InstanceTypeU24tb1Metal = "u-24tb1.metal" + // InstanceTypeA1Medium is a InstanceType enum value InstanceTypeA1Medium = "a1.medium" @@ -85531,6 +108395,125 @@ const ( // InstanceTypeA14xlarge is a InstanceType enum value InstanceTypeA14xlarge = "a1.4xlarge" + + // InstanceTypeA1Metal is a InstanceType enum value + InstanceTypeA1Metal = "a1.metal" + + // InstanceTypeM5dnLarge is a InstanceType enum value + InstanceTypeM5dnLarge = "m5dn.large" + + // InstanceTypeM5dnXlarge is a InstanceType enum value + InstanceTypeM5dnXlarge = "m5dn.xlarge" + + // InstanceTypeM5dn2xlarge is a InstanceType enum value + InstanceTypeM5dn2xlarge = "m5dn.2xlarge" + + // InstanceTypeM5dn4xlarge is a InstanceType enum value + InstanceTypeM5dn4xlarge = "m5dn.4xlarge" + + // InstanceTypeM5dn8xlarge is a InstanceType enum value + InstanceTypeM5dn8xlarge = "m5dn.8xlarge" + + // InstanceTypeM5dn12xlarge is a InstanceType enum value + InstanceTypeM5dn12xlarge = "m5dn.12xlarge" + + // InstanceTypeM5dn16xlarge is a InstanceType enum value + InstanceTypeM5dn16xlarge = "m5dn.16xlarge" + + // InstanceTypeM5dn24xlarge is a InstanceType enum value + InstanceTypeM5dn24xlarge = "m5dn.24xlarge" + + // InstanceTypeM5nLarge is a InstanceType enum value + InstanceTypeM5nLarge = "m5n.large" + + // InstanceTypeM5nXlarge is a InstanceType enum value + InstanceTypeM5nXlarge = "m5n.xlarge" + + // InstanceTypeM5n2xlarge is a InstanceType enum value + InstanceTypeM5n2xlarge = "m5n.2xlarge" + + // InstanceTypeM5n4xlarge is a InstanceType enum value + InstanceTypeM5n4xlarge = "m5n.4xlarge" + + // InstanceTypeM5n8xlarge is a InstanceType enum value + InstanceTypeM5n8xlarge = "m5n.8xlarge" + + // InstanceTypeM5n12xlarge is a InstanceType enum value + InstanceTypeM5n12xlarge = "m5n.12xlarge" + + // InstanceTypeM5n16xlarge is a InstanceType enum value + InstanceTypeM5n16xlarge = "m5n.16xlarge" + + // InstanceTypeM5n24xlarge is a InstanceType enum value + InstanceTypeM5n24xlarge = "m5n.24xlarge" + + // InstanceTypeR5dnLarge is a InstanceType enum value + InstanceTypeR5dnLarge = "r5dn.large" + + // InstanceTypeR5dnXlarge is a InstanceType enum value + InstanceTypeR5dnXlarge = "r5dn.xlarge" + + // InstanceTypeR5dn2xlarge is a InstanceType enum value + InstanceTypeR5dn2xlarge = "r5dn.2xlarge" + + // InstanceTypeR5dn4xlarge is a InstanceType enum value + InstanceTypeR5dn4xlarge = "r5dn.4xlarge" + + // InstanceTypeR5dn8xlarge is a InstanceType enum value + InstanceTypeR5dn8xlarge = "r5dn.8xlarge" + + // InstanceTypeR5dn12xlarge is a InstanceType enum value + InstanceTypeR5dn12xlarge = "r5dn.12xlarge" + + // InstanceTypeR5dn16xlarge is a InstanceType enum value + InstanceTypeR5dn16xlarge = "r5dn.16xlarge" + + // InstanceTypeR5dn24xlarge is a InstanceType enum value + InstanceTypeR5dn24xlarge = "r5dn.24xlarge" + + // InstanceTypeR5nLarge is a InstanceType enum value + InstanceTypeR5nLarge = "r5n.large" + + // InstanceTypeR5nXlarge is a InstanceType enum value + InstanceTypeR5nXlarge = "r5n.xlarge" + + // InstanceTypeR5n2xlarge is a InstanceType enum value + InstanceTypeR5n2xlarge = "r5n.2xlarge" + + // InstanceTypeR5n4xlarge is a InstanceType enum value + InstanceTypeR5n4xlarge = "r5n.4xlarge" + + // InstanceTypeR5n8xlarge is a InstanceType enum value + InstanceTypeR5n8xlarge = "r5n.8xlarge" + + // InstanceTypeR5n12xlarge is a InstanceType enum value + InstanceTypeR5n12xlarge = "r5n.12xlarge" + + // InstanceTypeR5n16xlarge is a InstanceType enum value + InstanceTypeR5n16xlarge = "r5n.16xlarge" + + // InstanceTypeR5n24xlarge is a InstanceType enum value + InstanceTypeR5n24xlarge = "r5n.24xlarge" + + // InstanceTypeInf1Xlarge is a InstanceType enum value + InstanceTypeInf1Xlarge = "inf1.xlarge" + + // InstanceTypeInf12xlarge is a InstanceType enum value + InstanceTypeInf12xlarge = "inf1.2xlarge" + + // InstanceTypeInf16xlarge is a InstanceType enum value + InstanceTypeInf16xlarge = "inf1.6xlarge" + + // InstanceTypeInf124xlarge is a InstanceType enum value + InstanceTypeInf124xlarge = "inf1.24xlarge" +) + +const ( + // InstanceTypeHypervisorNitro is a InstanceTypeHypervisor enum value + InstanceTypeHypervisorNitro = "nitro" + + // InstanceTypeHypervisorXen is a InstanceTypeHypervisor enum value + InstanceTypeHypervisorXen = "xen" ) const ( @@ -85569,6 +108552,30 @@ const ( LaunchTemplateErrorCodeUnexpectedError = "unexpectedError" ) +const ( + // LaunchTemplateHttpTokensStateOptional is a LaunchTemplateHttpTokensState enum value + LaunchTemplateHttpTokensStateOptional = "optional" + + // LaunchTemplateHttpTokensStateRequired is a LaunchTemplateHttpTokensState enum value + LaunchTemplateHttpTokensStateRequired = "required" +) + +const ( + // LaunchTemplateInstanceMetadataEndpointStateDisabled is a LaunchTemplateInstanceMetadataEndpointState enum value + LaunchTemplateInstanceMetadataEndpointStateDisabled = "disabled" + + // LaunchTemplateInstanceMetadataEndpointStateEnabled is a LaunchTemplateInstanceMetadataEndpointState enum value + LaunchTemplateInstanceMetadataEndpointStateEnabled = "enabled" +) + +const ( + // LaunchTemplateInstanceMetadataOptionsStatePending is a LaunchTemplateInstanceMetadataOptionsState enum value + LaunchTemplateInstanceMetadataOptionsStatePending = "pending" + + // LaunchTemplateInstanceMetadataOptionsStateApplied is a LaunchTemplateInstanceMetadataOptionsState enum value + LaunchTemplateInstanceMetadataOptionsStateApplied = "applied" +) + const ( // ListingStateAvailable is a ListingState enum value ListingStateAvailable = "available" @@ -85597,6 +108604,42 @@ const ( ListingStatusClosed = "closed" ) +const ( + // LocalGatewayRouteStatePending is a LocalGatewayRouteState enum value + LocalGatewayRouteStatePending = "pending" + + // LocalGatewayRouteStateActive is a LocalGatewayRouteState enum value + LocalGatewayRouteStateActive = "active" + + // LocalGatewayRouteStateBlackhole is a LocalGatewayRouteState enum value + LocalGatewayRouteStateBlackhole = "blackhole" + + // LocalGatewayRouteStateDeleting is a LocalGatewayRouteState enum value + LocalGatewayRouteStateDeleting = "deleting" + + // LocalGatewayRouteStateDeleted is a LocalGatewayRouteState enum value + LocalGatewayRouteStateDeleted = "deleted" +) + +const ( + // LocalGatewayRouteTypeStatic is a LocalGatewayRouteType enum value + LocalGatewayRouteTypeStatic = "static" + + // LocalGatewayRouteTypePropagated is a LocalGatewayRouteType enum value + LocalGatewayRouteTypePropagated = "propagated" +) + +const ( + // LocationTypeRegion is a LocationType enum value + LocationTypeRegion = "region" + + // LocationTypeAvailabilityZone is a LocationType enum value + LocationTypeAvailabilityZone = "availability-zone" + + // LocationTypeAvailabilityZoneId is a LocationType enum value + LocationTypeAvailabilityZoneId = "availability-zone-id" +) + const ( // LogDestinationTypeCloudWatchLogs is a LogDestinationType enum value LogDestinationTypeCloudWatchLogs = "cloud-watch-logs" @@ -85610,6 +108653,14 @@ const ( MarketTypeSpot = "spot" ) +const ( + // MembershipTypeStatic is a MembershipType enum value + MembershipTypeStatic = "static" + + // MembershipTypeIgmp is a MembershipType enum value + MembershipTypeIgmp = "igmp" +) + const ( // MonitoringStateDisabled is a MonitoringState enum value MonitoringStateDisabled = "disabled" @@ -85632,6 +108683,14 @@ const ( MoveStatusRestoringToClassic = "restoringToClassic" ) +const ( + // MulticastSupportValueEnable is a MulticastSupportValue enum value + MulticastSupportValueEnable = "enable" + + // MulticastSupportValueDisable is a MulticastSupportValue enum value + MulticastSupportValueDisable = "disable" +) + const ( // NatGatewayStatePending is a NatGatewayState enum value NatGatewayStatePending = "pending" @@ -85663,6 +108722,11 @@ const ( NetworkInterfaceAttributeAttachment = "attachment" ) +const ( + // NetworkInterfaceCreationTypeEfa is a NetworkInterfaceCreationType enum value + NetworkInterfaceCreationTypeEfa = "efa" +) + const ( // NetworkInterfacePermissionStateCodePending is a NetworkInterfacePermissionStateCode enum value NetworkInterfacePermissionStateCodePending = "pending" @@ -85700,6 +108764,9 @@ const ( // NetworkInterfaceTypeNatGateway is a NetworkInterfaceType enum value NetworkInterfaceTypeNatGateway = "natGateway" + + // NetworkInterfaceTypeEfa is a NetworkInterfaceType enum value + NetworkInterfaceTypeEfa = "efa" ) const ( @@ -85776,6 +108843,17 @@ const ( PlacementGroupStateDeleted = "deleted" ) +const ( + // PlacementGroupStrategyCluster is a PlacementGroupStrategy enum value + PlacementGroupStrategyCluster = "cluster" + + // PlacementGroupStrategyPartition is a PlacementGroupStrategy enum value + PlacementGroupStrategyPartition = "partition" + + // PlacementGroupStrategySpread is a PlacementGroupStrategy enum value + PlacementGroupStrategySpread = "spread" +) + const ( // PlacementStrategyCluster is a PlacementStrategy enum value PlacementStrategyCluster = "cluster" @@ -85902,6 +108980,12 @@ const ( // ReservedInstanceStateRetired is a ReservedInstanceState enum value ReservedInstanceStateRetired = "retired" + + // ReservedInstanceStateQueued is a ReservedInstanceState enum value + ReservedInstanceStateQueued = "queued" + + // ReservedInstanceStateQueuedDeleted is a ReservedInstanceState enum value + ReservedInstanceStateQueuedDeleted = "queued-deleted" ) const ( @@ -85915,6 +108999,9 @@ const ( ) const ( + // ResourceTypeClientVpnEndpoint is a ResourceType enum value + ResourceTypeClientVpnEndpoint = "client-vpn-endpoint" + // ResourceTypeCustomerGateway is a ResourceType enum value ResourceTypeCustomerGateway = "customer-gateway" @@ -85933,6 +109020,9 @@ const ( // ResourceTypeFpgaImage is a ResourceType enum value ResourceTypeFpgaImage = "fpga-image" + // ResourceTypeHostReservation is a ResourceType enum value + ResourceTypeHostReservation = "host-reservation" + // ResourceTypeImage is a ResourceType enum value ResourceTypeImage = "image" @@ -85942,6 +109032,9 @@ const ( // ResourceTypeInternetGateway is a ResourceType enum value ResourceTypeInternetGateway = "internet-gateway" + // ResourceTypeKeyPair is a ResourceType enum value + ResourceTypeKeyPair = "key-pair" + // ResourceTypeLaunchTemplate is a ResourceType enum value ResourceTypeLaunchTemplate = "launch-template" @@ -85954,6 +109047,9 @@ const ( // ResourceTypeNetworkInterface is a ResourceType enum value ResourceTypeNetworkInterface = "network-interface" + // ResourceTypePlacementGroup is a ResourceType enum value + ResourceTypePlacementGroup = "placement-group" + // ResourceTypeReservedInstances is a ResourceType enum value ResourceTypeReservedInstances = "reserved-instances" @@ -85966,18 +109062,33 @@ const ( // ResourceTypeSnapshot is a ResourceType enum value ResourceTypeSnapshot = "snapshot" + // ResourceTypeSpotFleetRequest is a ResourceType enum value + ResourceTypeSpotFleetRequest = "spot-fleet-request" + // ResourceTypeSpotInstancesRequest is a ResourceType enum value ResourceTypeSpotInstancesRequest = "spot-instances-request" // ResourceTypeSubnet is a ResourceType enum value ResourceTypeSubnet = "subnet" + // ResourceTypeTrafficMirrorFilter is a ResourceType enum value + ResourceTypeTrafficMirrorFilter = "traffic-mirror-filter" + + // ResourceTypeTrafficMirrorSession is a ResourceType enum value + ResourceTypeTrafficMirrorSession = "traffic-mirror-session" + + // ResourceTypeTrafficMirrorTarget is a ResourceType enum value + ResourceTypeTrafficMirrorTarget = "traffic-mirror-target" + // ResourceTypeTransitGateway is a ResourceType enum value ResourceTypeTransitGateway = "transit-gateway" // ResourceTypeTransitGatewayAttachment is a ResourceType enum value ResourceTypeTransitGatewayAttachment = "transit-gateway-attachment" + // ResourceTypeTransitGatewayMulticastDomain is a ResourceType enum value + ResourceTypeTransitGatewayMulticastDomain = "transit-gateway-multicast-domain" + // ResourceTypeTransitGatewayRouteTable is a ResourceType enum value ResourceTypeTransitGatewayRouteTable = "transit-gateway-route-table" @@ -85997,6 +109108,14 @@ const ( ResourceTypeVpnGateway = "vpn-gateway" ) +const ( + // RootDeviceTypeEbs is a RootDeviceType enum value + RootDeviceTypeEbs = "ebs" + + // RootDeviceTypeInstanceStore is a RootDeviceType enum value + RootDeviceTypeInstanceStore = "instance-store" +) + const ( // RouteOriginCreateRouteTable is a RouteOrigin enum value RouteOriginCreateRouteTable = "CreateRouteTable" @@ -86016,6 +109135,23 @@ const ( RouteStateBlackhole = "blackhole" ) +const ( + // RouteTableAssociationStateCodeAssociating is a RouteTableAssociationStateCode enum value + RouteTableAssociationStateCodeAssociating = "associating" + + // RouteTableAssociationStateCodeAssociated is a RouteTableAssociationStateCode enum value + RouteTableAssociationStateCodeAssociated = "associated" + + // RouteTableAssociationStateCodeDisassociating is a RouteTableAssociationStateCode enum value + RouteTableAssociationStateCodeDisassociating = "disassociating" + + // RouteTableAssociationStateCodeDisassociated is a RouteTableAssociationStateCode enum value + RouteTableAssociationStateCodeDisassociated = "disassociated" + + // RouteTableAssociationStateCodeFailed is a RouteTableAssociationStateCode enum value + RouteTableAssociationStateCodeFailed = "failed" +) + const ( // RuleActionAllow is a RuleAction enum value RuleActionAllow = "allow" @@ -86024,6 +109160,14 @@ const ( RuleActionDeny = "deny" ) +const ( + // ScopeAvailabilityZone is a Scope enum value + ScopeAvailabilityZone = "Availability Zone" + + // ScopeRegion is a Scope enum value + ScopeRegion = "Region" +) + const ( // ServiceStatePending is a ServiceState enum value ServiceStatePending = "Pending" @@ -86082,6 +109226,9 @@ const ( // SpotAllocationStrategyDiversified is a SpotAllocationStrategy enum value SpotAllocationStrategyDiversified = "diversified" + + // SpotAllocationStrategyCapacityOptimized is a SpotAllocationStrategy enum value + SpotAllocationStrategyCapacityOptimized = "capacity-optimized" ) const ( @@ -86240,6 +109387,60 @@ const ( TenancyHost = "host" ) +const ( + // TrafficDirectionIngress is a TrafficDirection enum value + TrafficDirectionIngress = "ingress" + + // TrafficDirectionEgress is a TrafficDirection enum value + TrafficDirectionEgress = "egress" +) + +const ( + // TrafficMirrorFilterRuleFieldDestinationPortRange is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldDestinationPortRange = "destination-port-range" + + // TrafficMirrorFilterRuleFieldSourcePortRange is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldSourcePortRange = "source-port-range" + + // TrafficMirrorFilterRuleFieldProtocol is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldProtocol = "protocol" + + // TrafficMirrorFilterRuleFieldDescription is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldDescription = "description" +) + +const ( + // TrafficMirrorNetworkServiceAmazonDns is a TrafficMirrorNetworkService enum value + TrafficMirrorNetworkServiceAmazonDns = "amazon-dns" +) + +const ( + // TrafficMirrorRuleActionAccept is a TrafficMirrorRuleAction enum value + TrafficMirrorRuleActionAccept = "accept" + + // TrafficMirrorRuleActionReject is a TrafficMirrorRuleAction enum value + TrafficMirrorRuleActionReject = "reject" +) + +const ( + // TrafficMirrorSessionFieldPacketLength is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldPacketLength = "packet-length" + + // TrafficMirrorSessionFieldDescription is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldDescription = "description" + + // TrafficMirrorSessionFieldVirtualNetworkId is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldVirtualNetworkId = "virtual-network-id" +) + +const ( + // TrafficMirrorTargetTypeNetworkInterface is a TrafficMirrorTargetType enum value + TrafficMirrorTargetTypeNetworkInterface = "network-interface" + + // TrafficMirrorTargetTypeNetworkLoadBalancer is a TrafficMirrorTargetType enum value + TrafficMirrorTargetTypeNetworkLoadBalancer = "network-load-balancer" +) + const ( // TrafficTypeAccept is a TrafficType enum value TrafficTypeAccept = "ACCEPT" @@ -86271,9 +109472,18 @@ const ( // TransitGatewayAttachmentResourceTypeVpn is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeVpn = "vpn" + + // TransitGatewayAttachmentResourceTypeDirectConnectGateway is a TransitGatewayAttachmentResourceType enum value + TransitGatewayAttachmentResourceTypeDirectConnectGateway = "direct-connect-gateway" + + // TransitGatewayAttachmentResourceTypeTgwPeering is a TransitGatewayAttachmentResourceType enum value + TransitGatewayAttachmentResourceTypeTgwPeering = "tgw-peering" ) const ( + // TransitGatewayAttachmentStateInitiating is a TransitGatewayAttachmentState enum value + TransitGatewayAttachmentStateInitiating = "initiating" + // TransitGatewayAttachmentStatePendingAcceptance is a TransitGatewayAttachmentState enum value TransitGatewayAttachmentStatePendingAcceptance = "pendingAcceptance" @@ -86308,6 +109518,34 @@ const ( TransitGatewayAttachmentStateFailing = "failing" ) +const ( + // TransitGatewayMulitcastDomainAssociationStateAssociating is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateAssociating = "associating" + + // TransitGatewayMulitcastDomainAssociationStateAssociated is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateAssociated = "associated" + + // TransitGatewayMulitcastDomainAssociationStateDisassociating is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateDisassociating = "disassociating" + + // TransitGatewayMulitcastDomainAssociationStateDisassociated is a TransitGatewayMulitcastDomainAssociationState enum value + TransitGatewayMulitcastDomainAssociationStateDisassociated = "disassociated" +) + +const ( + // TransitGatewayMulticastDomainStatePending is a TransitGatewayMulticastDomainState enum value + TransitGatewayMulticastDomainStatePending = "pending" + + // TransitGatewayMulticastDomainStateAvailable is a TransitGatewayMulticastDomainState enum value + TransitGatewayMulticastDomainStateAvailable = "available" + + // TransitGatewayMulticastDomainStateDeleting is a TransitGatewayMulticastDomainState enum value + TransitGatewayMulticastDomainStateDeleting = "deleting" + + // TransitGatewayMulticastDomainStateDeleted is a TransitGatewayMulticastDomainState enum value + TransitGatewayMulticastDomainStateDeleted = "deleted" +) + const ( // TransitGatewayPropagationStateEnabling is a TransitGatewayPropagationState enum value TransitGatewayPropagationStateEnabling = "enabling" @@ -86386,6 +109624,17 @@ const ( TransportProtocolUdp = "udp" ) +const ( + // UnlimitedSupportedInstanceFamilyT2 is a UnlimitedSupportedInstanceFamily enum value + UnlimitedSupportedInstanceFamilyT2 = "t2" + + // UnlimitedSupportedInstanceFamilyT3 is a UnlimitedSupportedInstanceFamily enum value + UnlimitedSupportedInstanceFamilyT3 = "t3" + + // UnlimitedSupportedInstanceFamilyT3a is a UnlimitedSupportedInstanceFamily enum value + UnlimitedSupportedInstanceFamilyT3a = "t3a" +) + const ( // UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdMalformed is a UnsuccessfulInstanceCreditSpecificationErrorCode enum value UnsuccessfulInstanceCreditSpecificationErrorCodeInvalidInstanceIdMalformed = "InvalidInstanceID.Malformed" @@ -86400,6 +109649,14 @@ const ( UnsuccessfulInstanceCreditSpecificationErrorCodeInstanceCreditSpecificationNotSupported = "InstanceCreditSpecification.NotSupported" ) +const ( + // UsageClassTypeSpot is a UsageClassType enum value + UsageClassTypeSpot = "spot" + + // UsageClassTypeOnDemand is a UsageClassType enum value + UsageClassTypeOnDemand = "on-demand" +) + const ( // VirtualizationTypeHvm is a VirtualizationType enum value VirtualizationTypeHvm = "hvm" @@ -86612,11 +109869,3 @@ const ( // VpnStaticRouteSourceStatic is a VpnStaticRouteSource enum value VpnStaticRouteSourceStatic = "Static" ) - -const ( - // ScopeAvailabilityZone is a scope enum value - ScopeAvailabilityZone = "Availability Zone" - - // ScopeRegion is a scope enum value - ScopeRegion = "Region" -) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go index 7b42719d653..efec8d8a94e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go @@ -8,65 +8,32 @@ import ( "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkrand" ) -type retryer struct { - client.DefaultRetryer -} +const ( + // customRetryerMinRetryDelay sets min retry delay + customRetryerMinRetryDelay = 1 * time.Second -func (d retryer) RetryRules(r *request.Request) time.Duration { - switch r.Operation.Name { - case opModifyNetworkInterfaceAttribute: - fallthrough - case opAssignPrivateIpAddresses: - return customRetryRule(r) - default: - return d.DefaultRetryer.RetryRules(r) - } -} - -func customRetryRule(r *request.Request) time.Duration { - retryTimes := []time.Duration{ - time.Second, - 3 * time.Second, - 5 * time.Second, - } - - count := r.RetryCount - if count >= len(retryTimes) { - count = len(retryTimes) - 1 - } - - minTime := int(retryTimes[count]) - return time.Duration(sdkrand.SeededRand.Intn(minTime) + minTime) -} - -func setCustomRetryer(c *client.Client) { - maxRetries := aws.IntValue(c.Config.MaxRetries) - if c.Config.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries { - maxRetries = 3 - } - - c.Retryer = retryer{ - DefaultRetryer: client.DefaultRetryer{ - NumMaxRetries: maxRetries, - }, - } -} + // customRetryerMaxRetryDelay sets max retry delay + customRetryerMaxRetryDelay = 8 * time.Second +) func init() { - initClient = func(c *client.Client) { - if c.Config.Retryer == nil { - // Only override the retryer with a custom one if the config - // does not already contain a retryer - setCustomRetryer(c) - } - } initRequest = func(r *request.Request) { if r.Operation.Name == opCopySnapshot { // fill the PresignedURL parameter r.Handlers.Build.PushFront(fillPresignedURL) } + + // only set the retryer on request if config doesn't have a retryer + if r.Config.Retryer == nil && (r.Operation.Name == opModifyNetworkInterfaceAttribute || r.Operation.Name == opAssignPrivateIpAddresses) { + r.Retryer = client.DefaultRetryer{ + NumMaxRetries: client.DefaultRetryerMaxNumRetries, + MinRetryDelay: customRetryerMinRetryDelay, + MinThrottleDelay: customRetryerMinRetryDelay, + MaxRetryDelay: customRetryerMaxRetryDelay, + MaxThrottleDelay: customRetryerMaxRetryDelay, + } + } } } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go index c258e0e85c0..31c314e0e5f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go @@ -7,18 +7,19 @@ // capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest // in hardware up front, so you can develop and deploy applications faster. // -// To learn more about Amazon EC2, Amazon EBS, and Amazon VPC, see the following -// resources: +// To learn more, see the following resources: // -// * Amazon EC2 product page (http://aws.amazon.com/ec2) +// * Amazon EC2: AmazonEC2 product page (http://aws.amazon.com/ec2), Amazon +// EC2 documentation (http://aws.amazon.com/documentation/ec2) // -// * Amazon EC2 documentation (http://aws.amazon.com/documentation/ec2) +// * Amazon EBS: Amazon EBS product page (http://aws.amazon.com/ebs), Amazon +// EBS documentation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) // -// * Amazon EBS product page (http://aws.amazon.com/ebs) +// * Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon +// VPC documentation (http://aws.amazon.com/documentation/vpc) // -// * Amazon VPC product page (http://aws.amazon.com/vpc) -// -// * Amazon VPC documentation (http://aws.amazon.com/documentation/vpc) +// * AWS VPN: AWS VPN product page (http://aws.amazon.com/vpn), AWS VPN documentation +// (http://aws.amazon.com/documentation/vpn) // // See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/service.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/service.go index 6acbc43fe3d..1bde2c2f5c5 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "ec2" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "EC2" // ServiceID is a unique identifer of a specific service. + ServiceID = "EC2" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the EC2 client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a EC2 client from just a session. // svc := ec2.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := ec2.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2 { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *EC2 { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *EC2 { svc := &EC2{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2016-11-15", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go index 0469f0f01a1..b9bdbde157f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go @@ -952,6 +952,57 @@ func (c *EC2) WaitUntilPasswordDataAvailableWithContext(ctx aws.Context, input * return w.WaitWithContext(ctx) } +// WaitUntilSecurityGroupExists uses the Amazon EC2 API operation +// DescribeSecurityGroups to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *EC2) WaitUntilSecurityGroupExists(input *DescribeSecurityGroupsInput) error { + return c.WaitUntilSecurityGroupExistsWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilSecurityGroupExistsWithContext is an extended version of WaitUntilSecurityGroupExists. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) WaitUntilSecurityGroupExistsWithContext(ctx aws.Context, input *DescribeSecurityGroupsInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilSecurityGroupExists", + MaxAttempts: 6, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "length(SecurityGroups[].GroupId) > `0`", + Expected: true, + }, + { + State: request.RetryWaiterState, + Matcher: request.ErrorWaiterMatch, + Expected: "InvalidGroupNotFound", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeSecurityGroupsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeSecurityGroupsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilSnapshotCompleted uses the Amazon EC2 API operation // DescribeSnapshots to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/BUILD b/vendor/github.com/aws/aws-sdk-go/service/ecr/BUILD index e1717c955ea..0438f92e6eb 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/BUILD @@ -7,6 +7,7 @@ go_library( "doc.go", "errors.go", "service.go", + "waiters.go", ], importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/service/ecr", importpath = "github.com/aws/aws-sdk-go/service/ecr", diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go index e3284308c8a..5fcf63e6bb3 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/api.go @@ -3,6 +3,7 @@ package ecr import ( + "fmt" "time" "github.com/aws/aws-sdk-go/aws" @@ -70,16 +71,16 @@ func (c *ECR) BatchCheckLayerAvailabilityRequest(input *BatchCheckLayerAvailabil // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation BatchCheckLayerAvailability for usage and error information. // -// Returned Error Codes: -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// Returned Error Types: +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeServerException "ServerException" +// * ServerException // These errors are usually caused by a server-side issue. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchCheckLayerAvailability @@ -165,15 +166,15 @@ func (c *ECR) BatchDeleteImageRequest(input *BatchDeleteImageInput) (req *reques // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation BatchDeleteImage for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -253,15 +254,15 @@ func (c *ECR) BatchGetImageRequest(input *BatchGetImageInput) (req *request.Requ // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation BatchGetImage for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -346,33 +347,33 @@ func (c *ECR) CompleteLayerUploadRequest(input *CompleteLayerUploadInput) (req * // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation CompleteLayerUpload for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeUploadNotFoundException "UploadNotFoundException" +// * UploadNotFoundException // The upload could not be found, or the specified upload id is not valid for // this repository. // -// * ErrCodeInvalidLayerException "InvalidLayerException" +// * InvalidLayerException // The layer digest calculation performed by Amazon ECR upon receipt of the // image layer does not match the digest specified. // -// * ErrCodeLayerPartTooSmallException "LayerPartTooSmallException" +// * LayerPartTooSmallException // Layer parts must be at least 5 MiB in size. // -// * ErrCodeLayerAlreadyExistsException "LayerAlreadyExistsException" +// * LayerAlreadyExistsException // The image layer already exists in the associated repository. // -// * ErrCodeEmptyUploadException "EmptyUploadException" +// * EmptyUploadException // The specified layer upload does not contain any layer parts. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CompleteLayerUpload @@ -441,7 +442,10 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques // CreateRepository API operation for Amazon EC2 Container Registry. // -// Creates an image repository. +// Creates an Amazon Elastic Container Registry (Amazon ECR) repository, where +// users can push and pull Docker images. For more information, see Amazon ECR +// Repositories (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Repositories.html) +// in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -450,30 +454,30 @@ func (c *ECR) CreateRepositoryRequest(input *CreateRepositoryInput) (req *reques // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation CreateRepository for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeInvalidTagParameterException "InvalidTagParameterException" +// * InvalidTagParameterException // An invalid parameter has been specified. Tag keys can have a maximum character // length of 128 characters, and tag values can have a maximum length of 256 // characters. // -// * ErrCodeTooManyTagsException "TooManyTagsException" +// * TooManyTagsException // The list of tags on the repository is over the limit. The maximum number // of tags that can be applied to a repository is 50. // -// * ErrCodeRepositoryAlreadyExistsException "RepositoryAlreadyExistsException" +// * RepositoryAlreadyExistsException // The specified repository already exists in the specified registry. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The operation did not succeed because it would have exceeded a service limit // for your account. For more information, see Amazon ECR Default Service Limits -// (http://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) // in the Amazon Elastic Container Registry User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreateRepository @@ -551,19 +555,19 @@ func (c *ECR) DeleteLifecyclePolicyRequest(input *DeleteLifecyclePolicyInput) (r // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation DeleteLifecyclePolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeLifecyclePolicyNotFoundException "LifecyclePolicyNotFoundException" +// * LifecyclePolicyNotFoundException // The lifecycle policy could not be found, and no policy is set to the repository. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteLifecyclePolicy @@ -642,19 +646,19 @@ func (c *ECR) DeleteRepositoryRequest(input *DeleteRepositoryInput) (req *reques // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation DeleteRepository for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeRepositoryNotEmptyException "RepositoryNotEmptyException" +// * RepositoryNotEmptyException // The specified repository contains images. To delete a repository that contains // images, you must force the deletion with the force parameter. // @@ -733,19 +737,19 @@ func (c *ECR) DeleteRepositoryPolicyRequest(input *DeleteRepositoryPolicyInput) // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation DeleteRepositoryPolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeRepositoryPolicyNotFoundException "RepositoryPolicyNotFoundException" +// * RepositoryPolicyNotFoundException // The specified repository and registry combination does not have an associated // repository policy. // @@ -771,6 +775,158 @@ func (c *ECR) DeleteRepositoryPolicyWithContext(ctx aws.Context, input *DeleteRe return out, req.Send() } +const opDescribeImageScanFindings = "DescribeImageScanFindings" + +// DescribeImageScanFindingsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeImageScanFindings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeImageScanFindings for more information on using the DescribeImageScanFindings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeImageScanFindingsRequest method. +// req, resp := client.DescribeImageScanFindingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImageScanFindings +func (c *ECR) DescribeImageScanFindingsRequest(input *DescribeImageScanFindingsInput) (req *request.Request, output *DescribeImageScanFindingsOutput) { + op := &request.Operation{ + Name: opDescribeImageScanFindings, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeImageScanFindingsInput{} + } + + output = &DescribeImageScanFindingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeImageScanFindings API operation for Amazon EC2 Container Registry. +// +// Describes the image scan findings for the specified image. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EC2 Container Registry's +// API operation DescribeImageScanFindings for usage and error information. +// +// Returned Error Types: +// * ServerException +// These errors are usually caused by a server-side issue. +// +// * InvalidParameterException +// The specified parameter is invalid. Review the available parameters for the +// API request. +// +// * RepositoryNotFoundException +// The specified repository could not be found. Check the spelling of the specified +// repository and ensure that you are performing operations on the correct registry. +// +// * ImageNotFoundException +// The image requested does not exist in the specified repository. +// +// * ScanNotFoundException +// The specified image scan could not be found. Ensure that image scanning is +// enabled on the repository and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImageScanFindings +func (c *ECR) DescribeImageScanFindings(input *DescribeImageScanFindingsInput) (*DescribeImageScanFindingsOutput, error) { + req, out := c.DescribeImageScanFindingsRequest(input) + return out, req.Send() +} + +// DescribeImageScanFindingsWithContext is the same as DescribeImageScanFindings with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeImageScanFindings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) DescribeImageScanFindingsWithContext(ctx aws.Context, input *DescribeImageScanFindingsInput, opts ...request.Option) (*DescribeImageScanFindingsOutput, error) { + req, out := c.DescribeImageScanFindingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeImageScanFindingsPages iterates over the pages of a DescribeImageScanFindings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeImageScanFindings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeImageScanFindings operation. +// pageNum := 0 +// err := client.DescribeImageScanFindingsPages(params, +// func(page *ecr.DescribeImageScanFindingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *ECR) DescribeImageScanFindingsPages(input *DescribeImageScanFindingsInput, fn func(*DescribeImageScanFindingsOutput, bool) bool) error { + return c.DescribeImageScanFindingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeImageScanFindingsPagesWithContext same as DescribeImageScanFindingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) DescribeImageScanFindingsPagesWithContext(ctx aws.Context, input *DescribeImageScanFindingsInput, fn func(*DescribeImageScanFindingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeImageScanFindingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImageScanFindingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeImageScanFindingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeImages = "DescribeImages" // DescribeImagesRequest generates a "aws/request.Request" representing the @@ -836,19 +992,19 @@ func (c *ECR) DescribeImagesRequest(input *DescribeImagesInput) (req *request.Re // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation DescribeImages for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeImageNotFoundException "ImageNotFoundException" +// * ImageNotFoundException // The image requested does not exist in the specified repository. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribeImages @@ -884,7 +1040,7 @@ func (c *ECR) DescribeImagesWithContext(ctx aws.Context, input *DescribeImagesIn // // Example iterating over at most 3 pages of a DescribeImages operation. // pageNum := 0 // err := client.DescribeImagesPages(params, -// func(page *DescribeImagesOutput, lastPage bool) bool { +// func(page *ecr.DescribeImagesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -916,10 +1072,12 @@ func (c *ECR) DescribeImagesPagesWithContext(ctx aws.Context, input *DescribeIma }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeImagesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeImagesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -982,15 +1140,15 @@ func (c *ECR) DescribeRepositoriesRequest(input *DescribeRepositoriesInput) (req // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation DescribeRepositories for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -1027,7 +1185,7 @@ func (c *ECR) DescribeRepositoriesWithContext(ctx aws.Context, input *DescribeRe // // Example iterating over at most 3 pages of a DescribeRepositories operation. // pageNum := 0 // err := client.DescribeRepositoriesPages(params, -// func(page *DescribeRepositoriesOutput, lastPage bool) bool { +// func(page *ecr.DescribeRepositoriesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1059,10 +1217,12 @@ func (c *ECR) DescribeRepositoriesPagesWithContext(ctx aws.Context, input *Descr }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeRepositoriesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeRepositoriesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1126,11 +1286,11 @@ func (c *ECR) GetAuthorizationTokenRequest(input *GetAuthorizationTokenInput) (r // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation GetAuthorizationToken for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // @@ -1214,23 +1374,23 @@ func (c *ECR) GetDownloadUrlForLayerRequest(input *GetDownloadUrlForLayerInput) // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation GetDownloadUrlForLayer for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeLayersNotFoundException "LayersNotFoundException" +// * LayersNotFoundException // The specified layers could not be found, or the specified layer is not valid // for this repository. // -// * ErrCodeLayerInaccessibleException "LayerInaccessibleException" +// * LayerInaccessibleException // The specified layer is not available because it is not associated with an // image. Unassociated image layers may be cleaned up at any time. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -1309,19 +1469,19 @@ func (c *ECR) GetLifecyclePolicyRequest(input *GetLifecyclePolicyInput) (req *re // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation GetLifecyclePolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeLifecyclePolicyNotFoundException "LifecyclePolicyNotFoundException" +// * LifecyclePolicyNotFoundException // The lifecycle policy could not be found, and no policy is set to the repository. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetLifecyclePolicy @@ -1377,6 +1537,12 @@ func (c *ECR) GetLifecyclePolicyPreviewRequest(input *GetLifecyclePolicyPreviewI Name: opGetLifecyclePolicyPreview, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { @@ -1399,19 +1565,19 @@ func (c *ECR) GetLifecyclePolicyPreviewRequest(input *GetLifecyclePolicyPreviewI // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation GetLifecyclePolicyPreview for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeLifecyclePolicyPreviewNotFoundException "LifecyclePolicyPreviewNotFoundException" +// * LifecyclePolicyPreviewNotFoundException // There is no dry run for this repository. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/GetLifecyclePolicyPreview @@ -1436,6 +1602,58 @@ func (c *ECR) GetLifecyclePolicyPreviewWithContext(ctx aws.Context, input *GetLi return out, req.Send() } +// GetLifecyclePolicyPreviewPages iterates over the pages of a GetLifecyclePolicyPreview operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetLifecyclePolicyPreview method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetLifecyclePolicyPreview operation. +// pageNum := 0 +// err := client.GetLifecyclePolicyPreviewPages(params, +// func(page *ecr.GetLifecyclePolicyPreviewOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *ECR) GetLifecyclePolicyPreviewPages(input *GetLifecyclePolicyPreviewInput, fn func(*GetLifecyclePolicyPreviewOutput, bool) bool) error { + return c.GetLifecyclePolicyPreviewPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetLifecyclePolicyPreviewPagesWithContext same as GetLifecyclePolicyPreviewPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) GetLifecyclePolicyPreviewPagesWithContext(ctx aws.Context, input *GetLifecyclePolicyPreviewInput, fn func(*GetLifecyclePolicyPreviewOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetLifecyclePolicyPreviewInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetLifecyclePolicyPreviewRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetLifecyclePolicyPreviewOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetRepositoryPolicy = "GetRepositoryPolicy" // GetRepositoryPolicyRequest generates a "aws/request.Request" representing the @@ -1489,19 +1707,19 @@ func (c *ECR) GetRepositoryPolicyRequest(input *GetRepositoryPolicyInput) (req * // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation GetRepositoryPolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeRepositoryPolicyNotFoundException "RepositoryPolicyNotFoundException" +// * RepositoryPolicyNotFoundException // The specified repository and registry combination does not have an associated // repository policy. // @@ -1584,15 +1802,15 @@ func (c *ECR) InitiateLayerUploadRequest(input *InitiateLayerUploadInput) (req * // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation InitiateLayerUpload for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -1683,15 +1901,15 @@ func (c *ECR) ListImagesRequest(input *ListImagesInput) (req *request.Request, o // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation ListImages for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -1728,7 +1946,7 @@ func (c *ECR) ListImagesWithContext(ctx aws.Context, input *ListImagesInput, opt // // Example iterating over at most 3 pages of a ListImages operation. // pageNum := 0 // err := client.ListImagesPages(params, -// func(page *ListImagesOutput, lastPage bool) bool { +// func(page *ecr.ListImagesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1760,10 +1978,12 @@ func (c *ECR) ListImagesPagesWithContext(ctx aws.Context, input *ListImagesInput }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*ListImagesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*ListImagesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1820,16 +2040,16 @@ func (c *ECR) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req * // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation ListTagsForResource for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidParameterException "InvalidParameterException" +// Returned Error Types: +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeServerException "ServerException" +// * ServerException // These errors are usually caused by a server-side issue. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ListTagsForResource @@ -1911,32 +2131,36 @@ func (c *ECR) PutImageRequest(input *PutImageInput) (req *request.Request, outpu // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation PutImage for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeImageAlreadyExistsException "ImageAlreadyExistsException" +// * ImageAlreadyExistsException // The specified image has already been pushed, and there were no changes to // the manifest or image tag after the last push. // -// * ErrCodeLayersNotFoundException "LayersNotFoundException" +// * LayersNotFoundException // The specified layers could not be found, or the specified layer is not valid // for this repository. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The operation did not succeed because it would have exceeded a service limit // for your account. For more information, see Amazon ECR Default Service Limits -// (http://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) // in the Amazon Elastic Container Registry User Guide. // +// * ImageTagAlreadyExistsException +// The specified image is tagged with a tag that already exists. The repository +// is configured for tag immutability. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImage func (c *ECR) PutImage(input *PutImageInput) (*PutImageOutput, error) { req, out := c.PutImageRequest(input) @@ -1959,6 +2183,184 @@ func (c *ECR) PutImageWithContext(ctx aws.Context, input *PutImageInput, opts .. return out, req.Send() } +const opPutImageScanningConfiguration = "PutImageScanningConfiguration" + +// PutImageScanningConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the PutImageScanningConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutImageScanningConfiguration for more information on using the PutImageScanningConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutImageScanningConfigurationRequest method. +// req, resp := client.PutImageScanningConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageScanningConfiguration +func (c *ECR) PutImageScanningConfigurationRequest(input *PutImageScanningConfigurationInput) (req *request.Request, output *PutImageScanningConfigurationOutput) { + op := &request.Operation{ + Name: opPutImageScanningConfiguration, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutImageScanningConfigurationInput{} + } + + output = &PutImageScanningConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutImageScanningConfiguration API operation for Amazon EC2 Container Registry. +// +// Updates the image scanning configuration for a repository. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EC2 Container Registry's +// API operation PutImageScanningConfiguration for usage and error information. +// +// Returned Error Types: +// * ServerException +// These errors are usually caused by a server-side issue. +// +// * InvalidParameterException +// The specified parameter is invalid. Review the available parameters for the +// API request. +// +// * RepositoryNotFoundException +// The specified repository could not be found. Check the spelling of the specified +// repository and ensure that you are performing operations on the correct registry. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageScanningConfiguration +func (c *ECR) PutImageScanningConfiguration(input *PutImageScanningConfigurationInput) (*PutImageScanningConfigurationOutput, error) { + req, out := c.PutImageScanningConfigurationRequest(input) + return out, req.Send() +} + +// PutImageScanningConfigurationWithContext is the same as PutImageScanningConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See PutImageScanningConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) PutImageScanningConfigurationWithContext(ctx aws.Context, input *PutImageScanningConfigurationInput, opts ...request.Option) (*PutImageScanningConfigurationOutput, error) { + req, out := c.PutImageScanningConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutImageTagMutability = "PutImageTagMutability" + +// PutImageTagMutabilityRequest generates a "aws/request.Request" representing the +// client's request for the PutImageTagMutability operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutImageTagMutability for more information on using the PutImageTagMutability +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the PutImageTagMutabilityRequest method. +// req, resp := client.PutImageTagMutabilityRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageTagMutability +func (c *ECR) PutImageTagMutabilityRequest(input *PutImageTagMutabilityInput) (req *request.Request, output *PutImageTagMutabilityOutput) { + op := &request.Operation{ + Name: opPutImageTagMutability, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutImageTagMutabilityInput{} + } + + output = &PutImageTagMutabilityOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutImageTagMutability API operation for Amazon EC2 Container Registry. +// +// Updates the image tag mutability settings for a repository. When a repository +// is configured with tag immutability, all image tags within the repository +// will be prevented them from being overwritten. For more information, see +// Image Tag Mutability (https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html) +// in the Amazon Elastic Container Registry User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EC2 Container Registry's +// API operation PutImageTagMutability for usage and error information. +// +// Returned Error Types: +// * ServerException +// These errors are usually caused by a server-side issue. +// +// * InvalidParameterException +// The specified parameter is invalid. Review the available parameters for the +// API request. +// +// * RepositoryNotFoundException +// The specified repository could not be found. Check the spelling of the specified +// repository and ensure that you are performing operations on the correct registry. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutImageTagMutability +func (c *ECR) PutImageTagMutability(input *PutImageTagMutabilityInput) (*PutImageTagMutabilityOutput, error) { + req, out := c.PutImageTagMutabilityRequest(input) + return out, req.Send() +} + +// PutImageTagMutabilityWithContext is the same as PutImageTagMutability with the addition of +// the ability to pass a context and additional request options. +// +// See PutImageTagMutability for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) PutImageTagMutabilityWithContext(ctx aws.Context, input *PutImageTagMutabilityInput, opts ...request.Option) (*PutImageTagMutabilityOutput, error) { + req, out := c.PutImageTagMutabilityRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opPutLifecyclePolicy = "PutLifecyclePolicy" // PutLifecyclePolicyRequest generates a "aws/request.Request" representing the @@ -2004,7 +2406,7 @@ func (c *ECR) PutLifecyclePolicyRequest(input *PutLifecyclePolicyInput) (req *re // PutLifecyclePolicy API operation for Amazon EC2 Container Registry. // // Creates or updates a lifecycle policy. For information about lifecycle policy -// syntax, see Lifecycle Policy Template (http://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html). +// syntax, see Lifecycle Policy Template (https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2013,15 +2415,15 @@ func (c *ECR) PutLifecyclePolicyRequest(input *PutLifecyclePolicyInput) (req *re // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation PutLifecyclePolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -2092,6 +2494,8 @@ func (c *ECR) SetRepositoryPolicyRequest(input *SetRepositoryPolicyInput) (req * // SetRepositoryPolicy API operation for Amazon EC2 Container Registry. // // Applies a repository policy on a specified repository to control access permissions. +// For more information, see Amazon ECR Repository Policies (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicies.html) +// in the Amazon Elastic Container Registry User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2100,15 +2504,15 @@ func (c *ECR) SetRepositoryPolicyRequest(input *SetRepositoryPolicyInput) (req * // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation SetRepositoryPolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // @@ -2134,6 +2538,99 @@ func (c *ECR) SetRepositoryPolicyWithContext(ctx aws.Context, input *SetReposito return out, req.Send() } +const opStartImageScan = "StartImageScan" + +// StartImageScanRequest generates a "aws/request.Request" representing the +// client's request for the StartImageScan operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartImageScan for more information on using the StartImageScan +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the StartImageScanRequest method. +// req, resp := client.StartImageScanRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartImageScan +func (c *ECR) StartImageScanRequest(input *StartImageScanInput) (req *request.Request, output *StartImageScanOutput) { + op := &request.Operation{ + Name: opStartImageScan, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartImageScanInput{} + } + + output = &StartImageScanOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartImageScan API operation for Amazon EC2 Container Registry. +// +// Starts an image vulnerability scan. An image scan can only be started once +// per day on an individual image. This limit includes if an image was scanned +// on initial push. For more information, see Image Scanning (https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html) +// in the Amazon Elastic Container Registry User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon EC2 Container Registry's +// API operation StartImageScan for usage and error information. +// +// Returned Error Types: +// * ServerException +// These errors are usually caused by a server-side issue. +// +// * InvalidParameterException +// The specified parameter is invalid. Review the available parameters for the +// API request. +// +// * RepositoryNotFoundException +// The specified repository could not be found. Check the spelling of the specified +// repository and ensure that you are performing operations on the correct registry. +// +// * ImageNotFoundException +// The image requested does not exist in the specified repository. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/StartImageScan +func (c *ECR) StartImageScan(input *StartImageScanInput) (*StartImageScanOutput, error) { + req, out := c.StartImageScanRequest(input) + return out, req.Send() +} + +// StartImageScanWithContext is the same as StartImageScan with the addition of +// the ability to pass a context and additional request options. +// +// See StartImageScan for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) StartImageScanWithContext(ctx aws.Context, input *StartImageScanInput, opts ...request.Option) (*StartImageScanOutput, error) { + req, out := c.StartImageScanRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStartLifecyclePolicyPreview = "StartLifecyclePolicyPreview" // StartLifecyclePolicyPreviewRequest generates a "aws/request.Request" representing the @@ -2188,22 +2685,22 @@ func (c *ECR) StartLifecyclePolicyPreviewRequest(input *StartLifecyclePolicyPrev // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation StartLifecyclePolicyPreview for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeLifecyclePolicyNotFoundException "LifecyclePolicyNotFoundException" +// * LifecyclePolicyNotFoundException // The lifecycle policy could not be found, and no policy is set to the repository. // -// * ErrCodeLifecyclePolicyPreviewInProgressException "LifecyclePolicyPreviewInProgressException" +// * LifecyclePolicyPreviewInProgressException // The previous lifecycle policy preview request has not completed. Please try // again later. // @@ -2284,25 +2781,25 @@ func (c *ECR) TagResourceRequest(input *TagResourceInput) (req *request.Request, // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation TagResource for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidParameterException "InvalidParameterException" +// Returned Error Types: +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeInvalidTagParameterException "InvalidTagParameterException" +// * InvalidTagParameterException // An invalid parameter has been specified. Tag keys can have a maximum character // length of 128 characters, and tag values can have a maximum length of 256 // characters. // -// * ErrCodeTooManyTagsException "TooManyTagsException" +// * TooManyTagsException // The list of tags on the repository is over the limit. The maximum number // of tags that can be applied to a repository is 50. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeServerException "ServerException" +// * ServerException // These errors are usually caused by a server-side issue. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/TagResource @@ -2381,25 +2878,25 @@ func (c *ECR) UntagResourceRequest(input *UntagResourceInput) (req *request.Requ // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation UntagResource for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidParameterException "InvalidParameterException" +// Returned Error Types: +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeInvalidTagParameterException "InvalidTagParameterException" +// * InvalidTagParameterException // An invalid parameter has been specified. Tag keys can have a maximum character // length of 128 characters, and tag values can have a maximum length of 256 // characters. // -// * ErrCodeTooManyTagsException "TooManyTagsException" +// * TooManyTagsException // The list of tags on the repository is over the limit. The maximum number // of tags that can be applied to a repository is 50. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeServerException "ServerException" +// * ServerException // These errors are usually caused by a server-side issue. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UntagResource @@ -2481,30 +2978,30 @@ func (c *ECR) UploadLayerPartRequest(input *UploadLayerPartInput) (req *request. // See the AWS API reference guide for Amazon EC2 Container Registry's // API operation UploadLayerPart for usage and error information. // -// Returned Error Codes: -// * ErrCodeServerException "ServerException" +// Returned Error Types: +// * ServerException // These errors are usually caused by a server-side issue. // -// * ErrCodeInvalidParameterException "InvalidParameterException" +// * InvalidParameterException // The specified parameter is invalid. Review the available parameters for the // API request. // -// * ErrCodeInvalidLayerPartException "InvalidLayerPartException" +// * InvalidLayerPartException // The layer part size is not valid, or the first byte specified is not consecutive // to the last byte of a previous layer part upload. // -// * ErrCodeRepositoryNotFoundException "RepositoryNotFoundException" +// * RepositoryNotFoundException // The specified repository could not be found. Check the spelling of the specified // repository and ensure that you are performing operations on the correct registry. // -// * ErrCodeUploadNotFoundException "UploadNotFoundException" +// * UploadNotFoundException // The upload could not be found, or the specified upload id is not valid for // this repository. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The operation did not succeed because it would have exceeded a service limit // for your account. For more information, see Amazon ECR Default Service Limits -// (http://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) // in the Amazon Elastic Container Registry User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UploadLayerPart @@ -2529,6 +3026,41 @@ func (c *ECR) UploadLayerPartWithContext(ctx aws.Context, input *UploadLayerPart return out, req.Send() } +// This data type is used in the ImageScanFinding data type. +type Attribute struct { + _ struct{} `type:"structure"` + + // The attribute key. + // + // Key is a required field + Key *string `locationName:"key" min:"1" type:"string" required:"true"` + + // The value assigned to the attribute key. + Value *string `locationName:"value" min:"1" type:"string"` +} + +// String returns the string representation +func (s Attribute) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Attribute) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *Attribute) SetKey(v string) *Attribute { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *Attribute) SetValue(v string) *Attribute { + s.Value = &v + return s +} + // An object representing authorization data for an Amazon ECR registry. type AuthorizationData struct { _ struct{} `type:"structure"` @@ -2723,6 +3255,16 @@ func (s *BatchDeleteImageInput) Validate() error { if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) } + if s.ImageIds != nil { + for i, v := range s.ImageIds { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ImageIds", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -2833,6 +3375,16 @@ func (s *BatchGetImageInput) Validate() error { if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) } + if s.ImageIds != nil { + for i, v := range s.ImageIds { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ImageIds", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -3032,6 +3584,17 @@ func (s *CompleteLayerUploadOutput) SetUploadId(v string) *CompleteLayerUploadOu type CreateRepositoryInput struct { _ struct{} `type:"structure"` + // The image scanning configuration for the repository. This setting determines + // whether images are scanned for known vulnerabilities after being pushed to + // the repository. + ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"` + + // The tag mutability setting for the repository. If this parameter is omitted, + // the default setting of MUTABLE will be used which will allow image tags to + // be overwritten. If IMMUTABLE is specified, all image tags within the repository + // will be immutable which will prevent them from being overwritten. + ImageTagMutability *string `locationName:"imageTagMutability" type:"string" enum:"ImageTagMutability"` + // The name to use for the repository. The repository name may be specified // on its own (such as nginx-web-app) or it can be prepended with a namespace // to group the repository into a category (such as project-a/nginx-web-app). @@ -3039,6 +3602,10 @@ type CreateRepositoryInput struct { // RepositoryName is a required field RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` + // The metadata that you apply to the repository to help you categorize and + // organize them. Each tag consists of a key and an optional value, both of + // which you define. Tag keys can have a maximum character length of 128 characters, + // and tag values can have a maximum length of 256 characters. Tags []*Tag `locationName:"tags" type:"list"` } @@ -3068,6 +3635,18 @@ func (s *CreateRepositoryInput) Validate() error { return nil } +// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. +func (s *CreateRepositoryInput) SetImageScanningConfiguration(v *ImageScanningConfiguration) *CreateRepositoryInput { + s.ImageScanningConfiguration = v + return s +} + +// SetImageTagMutability sets the ImageTagMutability field's value. +func (s *CreateRepositoryInput) SetImageTagMutability(v string) *CreateRepositoryInput { + s.ImageTagMutability = &v + return s +} + // SetRepositoryName sets the RepositoryName field's value. func (s *CreateRepositoryInput) SetRepositoryName(v string) *CreateRepositoryInput { s.RepositoryName = &v @@ -3381,6 +3960,180 @@ func (s *DeleteRepositoryPolicyOutput) SetRepositoryName(v string) *DeleteReposi return s } +type DescribeImageScanFindingsInput struct { + _ struct{} `type:"structure"` + + // An object with identifying information for an Amazon ECR image. + // + // ImageId is a required field + ImageId *ImageIdentifier `locationName:"imageId" type:"structure" required:"true"` + + // The maximum number of image scan results returned by DescribeImageScanFindings + // in paginated output. When this parameter is used, DescribeImageScanFindings + // only returns maxResults results in a single page along with a nextToken response + // element. The remaining results of the initial request can be seen by sending + // another DescribeImageScanFindings request with the returned nextToken value. + // This value can be between 1 and 1000. If this parameter is not used, then + // DescribeImageScanFindings returns up to 100 results and a nextToken value, + // if applicable. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // The nextToken value returned from a previous paginated DescribeImageScanFindings + // request where maxResults was used and the results exceeded the value of that + // parameter. Pagination continues from the end of the previous results that + // returned the nextToken value. This value is null when there are no more results + // to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The AWS account ID associated with the registry that contains the repository + // in which to describe the image scan findings for. If you do not specify a + // registry, the default registry is assumed. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository for the image for which to describe the scan findings. + // + // RepositoryName is a required field + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` +} + +// String returns the string representation +func (s DescribeImageScanFindingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeImageScanFindingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeImageScanFindingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeImageScanFindingsInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.RepositoryName == nil { + invalidParams.Add(request.NewErrParamRequired("RepositoryName")) + } + if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { + invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) + } + if s.ImageId != nil { + if err := s.ImageId.Validate(); err != nil { + invalidParams.AddNested("ImageId", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetImageId sets the ImageId field's value. +func (s *DescribeImageScanFindingsInput) SetImageId(v *ImageIdentifier) *DescribeImageScanFindingsInput { + s.ImageId = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeImageScanFindingsInput) SetMaxResults(v int64) *DescribeImageScanFindingsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeImageScanFindingsInput) SetNextToken(v string) *DescribeImageScanFindingsInput { + s.NextToken = &v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *DescribeImageScanFindingsInput) SetRegistryId(v string) *DescribeImageScanFindingsInput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *DescribeImageScanFindingsInput) SetRepositoryName(v string) *DescribeImageScanFindingsInput { + s.RepositoryName = &v + return s +} + +type DescribeImageScanFindingsOutput struct { + _ struct{} `type:"structure"` + + // An object with identifying information for an Amazon ECR image. + ImageId *ImageIdentifier `locationName:"imageId" type:"structure"` + + // The information contained in the image scan findings. + ImageScanFindings *ImageScanFindings `locationName:"imageScanFindings" type:"structure"` + + // The current state of the scan. + ImageScanStatus *ImageScanStatus `locationName:"imageScanStatus" type:"structure"` + + // The nextToken value to include in a future DescribeImageScanFindings request. + // When the results of a DescribeImageScanFindings request exceed maxResults, + // this value can be used to retrieve the next page of results. This value is + // null when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The registry ID associated with the request. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository name associated with the request. + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` +} + +// String returns the string representation +func (s DescribeImageScanFindingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeImageScanFindingsOutput) GoString() string { + return s.String() +} + +// SetImageId sets the ImageId field's value. +func (s *DescribeImageScanFindingsOutput) SetImageId(v *ImageIdentifier) *DescribeImageScanFindingsOutput { + s.ImageId = v + return s +} + +// SetImageScanFindings sets the ImageScanFindings field's value. +func (s *DescribeImageScanFindingsOutput) SetImageScanFindings(v *ImageScanFindings) *DescribeImageScanFindingsOutput { + s.ImageScanFindings = v + return s +} + +// SetImageScanStatus sets the ImageScanStatus field's value. +func (s *DescribeImageScanFindingsOutput) SetImageScanStatus(v *ImageScanStatus) *DescribeImageScanFindingsOutput { + s.ImageScanStatus = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeImageScanFindingsOutput) SetNextToken(v string) *DescribeImageScanFindingsOutput { + s.NextToken = &v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *DescribeImageScanFindingsOutput) SetRegistryId(v string) *DescribeImageScanFindingsOutput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *DescribeImageScanFindingsOutput) SetRepositoryName(v string) *DescribeImageScanFindingsOutput { + s.RepositoryName = &v + return s +} + // An object representing a filter on a DescribeImages operation. type DescribeImagesFilter struct { _ struct{} `type:"structure"` @@ -3437,7 +4190,7 @@ type DescribeImagesInput struct { // registry is assumed. RegistryId *string `locationName:"registryId" type:"string"` - // A list of repositories to describe. + // The repository that contains the images to describe. // // RepositoryName is a required field RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` @@ -3468,6 +4221,16 @@ func (s *DescribeImagesInput) Validate() error { if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) } + if s.ImageIds != nil { + for i, v := range s.ImageIds { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ImageIds", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -3665,6 +4428,63 @@ func (s *DescribeRepositoriesOutput) SetRepositories(v []*Repository) *DescribeR return s } +// The specified layer upload does not contain any layer parts. +type EmptyUploadException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s EmptyUploadException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s EmptyUploadException) GoString() string { + return s.String() +} + +func newErrorEmptyUploadException(v protocol.ResponseMetadata) error { + return &EmptyUploadException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s EmptyUploadException) Code() string { + return "EmptyUploadException" +} + +// Message returns the exception's message. +func (s EmptyUploadException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s EmptyUploadException) OrigErr() error { + return nil +} + +func (s EmptyUploadException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s EmptyUploadException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s EmptyUploadException) RequestID() string { + return s.respMetadata.RequestID +} + type GetAuthorizationTokenInput struct { _ struct{} `type:"structure"` @@ -3936,22 +4756,21 @@ type GetLifecyclePolicyPreviewInput struct { ImageIds []*ImageIdentifier `locationName:"imageIds" min:"1" type:"list"` // The maximum number of repository results returned by GetLifecyclePolicyPreviewRequest - // in
 paginated output. When this parameter is used, GetLifecyclePolicyPreviewRequest - // only returns
 maxResults results in a single page along with a nextToken - // response element. The remaining results of the initial request can be seen - // by sending
 another GetLifecyclePolicyPreviewRequest request with the returned - // nextToken
 value. This value can be between 1 and 1000. If this
 parameter - // is not used, then GetLifecyclePolicyPreviewRequest returns up to
 100 results - // and a nextToken value, if
 applicable. This option cannot be used when you - // specify images with imageIds. + // in paginated output. When this parameter is used, GetLifecyclePolicyPreviewRequest + // only returns maxResults results in a single page along with a nextToken response + // element. The remaining results of the initial request can be seen by sending + // another GetLifecyclePolicyPreviewRequest request with the returned nextToken + // value. This value can be between 1 and 1000. If this parameter is not used, + // then GetLifecyclePolicyPreviewRequest returns up to 100 results and a nextToken + // value, if applicable. This option cannot be used when you specify images + // with imageIds. MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The nextToken value returned from a previous paginated
 GetLifecyclePolicyPreviewRequest - // request where maxResults was used and the
 results exceeded the value of - // that parameter. Pagination continues from the end of the
 previous results - // that returned the nextToken value. This value is
 null when there are no - // more results to return. This option cannot be used when you specify images - // with imageIds. + // The nextToken value returned from a previous paginated GetLifecyclePolicyPreviewRequest + // request where maxResults was used and the results exceeded the value of that + // parameter. Pagination continues from the end of the previous results that + // returned the nextToken value. This value is null when there are no more results + // to return. This option cannot be used when you specify images with imageIds. NextToken *string `locationName:"nextToken" type:"string"` // The AWS account ID associated with the registry that contains the repository. @@ -3989,6 +4808,16 @@ func (s *GetLifecyclePolicyPreviewInput) Validate() error { if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) } + if s.ImageIds != nil { + for i, v := range s.ImageIds { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ImageIds", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -4212,7 +5041,7 @@ type Image struct { ImageId *ImageIdentifier `locationName:"imageId" type:"structure"` // The image manifest associated with the image. - ImageManifest *string `locationName:"imageManifest" type:"string"` + ImageManifest *string `locationName:"imageManifest" min:"1" type:"string"` // The AWS account ID associated with the registry containing the image. RegistryId *string `locationName:"registryId" type:"string"` @@ -4255,6 +5084,64 @@ func (s *Image) SetRepositoryName(v string) *Image { return s } +// The specified image has already been pushed, and there were no changes to +// the manifest or image tag after the last push. +type ImageAlreadyExistsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ImageAlreadyExistsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageAlreadyExistsException) GoString() string { + return s.String() +} + +func newErrorImageAlreadyExistsException(v protocol.ResponseMetadata) error { + return &ImageAlreadyExistsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ImageAlreadyExistsException) Code() string { + return "ImageAlreadyExistsException" +} + +// Message returns the exception's message. +func (s ImageAlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ImageAlreadyExistsException) OrigErr() error { + return nil +} + +func (s ImageAlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ImageAlreadyExistsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ImageAlreadyExistsException) RequestID() string { + return s.respMetadata.RequestID +} + // An object that describes an image returned by a DescribeImages operation. type ImageDetail struct { _ struct{} `type:"structure"` @@ -4266,6 +5153,12 @@ type ImageDetail struct { // the current image was pushed to the repository. ImagePushedAt *time.Time `locationName:"imagePushedAt" type:"timestamp"` + // A summary of the last completed image scan. + ImageScanFindingsSummary *ImageScanFindingsSummary `locationName:"imageScanFindingsSummary" type:"structure"` + + // The current state of the scan. + ImageScanStatus *ImageScanStatus `locationName:"imageScanStatus" type:"structure"` + // The size, in bytes, of the image in the repository. // // Beginning with Docker version 1.9, the Docker client compresses image layers @@ -4306,6 +5199,18 @@ func (s *ImageDetail) SetImagePushedAt(v time.Time) *ImageDetail { return s } +// SetImageScanFindingsSummary sets the ImageScanFindingsSummary field's value. +func (s *ImageDetail) SetImageScanFindingsSummary(v *ImageScanFindingsSummary) *ImageDetail { + s.ImageScanFindingsSummary = v + return s +} + +// SetImageScanStatus sets the ImageScanStatus field's value. +func (s *ImageDetail) SetImageScanStatus(v *ImageScanStatus) *ImageDetail { + s.ImageScanStatus = v + return s +} + // SetImageSizeInBytes sets the ImageSizeInBytes field's value. func (s *ImageDetail) SetImageSizeInBytes(v int64) *ImageDetail { s.ImageSizeInBytes = &v @@ -4380,7 +5285,7 @@ type ImageIdentifier struct { ImageDigest *string `locationName:"imageDigest" type:"string"` // The tag used for the image. - ImageTag *string `locationName:"imageTag" type:"string"` + ImageTag *string `locationName:"imageTag" min:"1" type:"string"` } // String returns the string representation @@ -4393,6 +5298,19 @@ func (s ImageIdentifier) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *ImageIdentifier) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ImageIdentifier"} + if s.ImageTag != nil && len(*s.ImageTag) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ImageTag", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetImageDigest sets the ImageDigest field's value. func (s *ImageIdentifier) SetImageDigest(v string) *ImageIdentifier { s.ImageDigest = &v @@ -4405,6 +5323,333 @@ func (s *ImageIdentifier) SetImageTag(v string) *ImageIdentifier { return s } +// The image requested does not exist in the specified repository. +type ImageNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ImageNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageNotFoundException) GoString() string { + return s.String() +} + +func newErrorImageNotFoundException(v protocol.ResponseMetadata) error { + return &ImageNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ImageNotFoundException) Code() string { + return "ImageNotFoundException" +} + +// Message returns the exception's message. +func (s ImageNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ImageNotFoundException) OrigErr() error { + return nil +} + +func (s ImageNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ImageNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ImageNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// Contains information about an image scan finding. +type ImageScanFinding struct { + _ struct{} `type:"structure"` + + // A collection of attributes of the host from which the finding is generated. + Attributes []*Attribute `locationName:"attributes" type:"list"` + + // The description of the finding. + Description *string `locationName:"description" type:"string"` + + // The name associated with the finding, usually a CVE number. + Name *string `locationName:"name" type:"string"` + + // The finding severity. + Severity *string `locationName:"severity" type:"string" enum:"FindingSeverity"` + + // A link containing additional details about the security vulnerability. + Uri *string `locationName:"uri" type:"string"` +} + +// String returns the string representation +func (s ImageScanFinding) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageScanFinding) GoString() string { + return s.String() +} + +// SetAttributes sets the Attributes field's value. +func (s *ImageScanFinding) SetAttributes(v []*Attribute) *ImageScanFinding { + s.Attributes = v + return s +} + +// SetDescription sets the Description field's value. +func (s *ImageScanFinding) SetDescription(v string) *ImageScanFinding { + s.Description = &v + return s +} + +// SetName sets the Name field's value. +func (s *ImageScanFinding) SetName(v string) *ImageScanFinding { + s.Name = &v + return s +} + +// SetSeverity sets the Severity field's value. +func (s *ImageScanFinding) SetSeverity(v string) *ImageScanFinding { + s.Severity = &v + return s +} + +// SetUri sets the Uri field's value. +func (s *ImageScanFinding) SetUri(v string) *ImageScanFinding { + s.Uri = &v + return s +} + +// The details of an image scan. +type ImageScanFindings struct { + _ struct{} `type:"structure"` + + // The image vulnerability counts, sorted by severity. + FindingSeverityCounts map[string]*int64 `locationName:"findingSeverityCounts" type:"map"` + + // The findings from the image scan. + Findings []*ImageScanFinding `locationName:"findings" type:"list"` + + // The time of the last completed image scan. + ImageScanCompletedAt *time.Time `locationName:"imageScanCompletedAt" type:"timestamp"` + + // The time when the vulnerability data was last scanned. + VulnerabilitySourceUpdatedAt *time.Time `locationName:"vulnerabilitySourceUpdatedAt" type:"timestamp"` +} + +// String returns the string representation +func (s ImageScanFindings) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageScanFindings) GoString() string { + return s.String() +} + +// SetFindingSeverityCounts sets the FindingSeverityCounts field's value. +func (s *ImageScanFindings) SetFindingSeverityCounts(v map[string]*int64) *ImageScanFindings { + s.FindingSeverityCounts = v + return s +} + +// SetFindings sets the Findings field's value. +func (s *ImageScanFindings) SetFindings(v []*ImageScanFinding) *ImageScanFindings { + s.Findings = v + return s +} + +// SetImageScanCompletedAt sets the ImageScanCompletedAt field's value. +func (s *ImageScanFindings) SetImageScanCompletedAt(v time.Time) *ImageScanFindings { + s.ImageScanCompletedAt = &v + return s +} + +// SetVulnerabilitySourceUpdatedAt sets the VulnerabilitySourceUpdatedAt field's value. +func (s *ImageScanFindings) SetVulnerabilitySourceUpdatedAt(v time.Time) *ImageScanFindings { + s.VulnerabilitySourceUpdatedAt = &v + return s +} + +// A summary of the last completed image scan. +type ImageScanFindingsSummary struct { + _ struct{} `type:"structure"` + + // The image vulnerability counts, sorted by severity. + FindingSeverityCounts map[string]*int64 `locationName:"findingSeverityCounts" type:"map"` + + // The time of the last completed image scan. + ImageScanCompletedAt *time.Time `locationName:"imageScanCompletedAt" type:"timestamp"` + + // The time when the vulnerability data was last scanned. + VulnerabilitySourceUpdatedAt *time.Time `locationName:"vulnerabilitySourceUpdatedAt" type:"timestamp"` +} + +// String returns the string representation +func (s ImageScanFindingsSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageScanFindingsSummary) GoString() string { + return s.String() +} + +// SetFindingSeverityCounts sets the FindingSeverityCounts field's value. +func (s *ImageScanFindingsSummary) SetFindingSeverityCounts(v map[string]*int64) *ImageScanFindingsSummary { + s.FindingSeverityCounts = v + return s +} + +// SetImageScanCompletedAt sets the ImageScanCompletedAt field's value. +func (s *ImageScanFindingsSummary) SetImageScanCompletedAt(v time.Time) *ImageScanFindingsSummary { + s.ImageScanCompletedAt = &v + return s +} + +// SetVulnerabilitySourceUpdatedAt sets the VulnerabilitySourceUpdatedAt field's value. +func (s *ImageScanFindingsSummary) SetVulnerabilitySourceUpdatedAt(v time.Time) *ImageScanFindingsSummary { + s.VulnerabilitySourceUpdatedAt = &v + return s +} + +// The current status of an image scan. +type ImageScanStatus struct { + _ struct{} `type:"structure"` + + // The description of the image scan status. + Description *string `locationName:"description" type:"string"` + + // The current state of an image scan. + Status *string `locationName:"status" type:"string" enum:"ScanStatus"` +} + +// String returns the string representation +func (s ImageScanStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageScanStatus) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *ImageScanStatus) SetDescription(v string) *ImageScanStatus { + s.Description = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ImageScanStatus) SetStatus(v string) *ImageScanStatus { + s.Status = &v + return s +} + +// The image scanning configuration for a repository. +type ImageScanningConfiguration struct { + _ struct{} `type:"structure"` + + // The setting that determines whether images are scanned after being pushed + // to a repository. If set to true, images will be scanned after being pushed. + // If this parameter is not specified, it will default to false and images will + // not be scanned unless a scan is manually started with the StartImageScan + // API. + ScanOnPush *bool `locationName:"scanOnPush" type:"boolean"` +} + +// String returns the string representation +func (s ImageScanningConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageScanningConfiguration) GoString() string { + return s.String() +} + +// SetScanOnPush sets the ScanOnPush field's value. +func (s *ImageScanningConfiguration) SetScanOnPush(v bool) *ImageScanningConfiguration { + s.ScanOnPush = &v + return s +} + +// The specified image is tagged with a tag that already exists. The repository +// is configured for tag immutability. +type ImageTagAlreadyExistsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ImageTagAlreadyExistsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ImageTagAlreadyExistsException) GoString() string { + return s.String() +} + +func newErrorImageTagAlreadyExistsException(v protocol.ResponseMetadata) error { + return &ImageTagAlreadyExistsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ImageTagAlreadyExistsException) Code() string { + return "ImageTagAlreadyExistsException" +} + +// Message returns the exception's message. +func (s ImageTagAlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ImageTagAlreadyExistsException) OrigErr() error { + return nil +} + +func (s ImageTagAlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ImageTagAlreadyExistsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ImageTagAlreadyExistsException) RequestID() string { + return s.respMetadata.RequestID +} + type InitiateLayerUploadInput struct { _ struct{} `type:"structure"` @@ -4490,6 +5735,251 @@ func (s *InitiateLayerUploadOutput) SetUploadId(v string) *InitiateLayerUploadOu return s } +// The layer digest calculation performed by Amazon ECR upon receipt of the +// image layer does not match the digest specified. +type InvalidLayerException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidLayerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidLayerException) GoString() string { + return s.String() +} + +func newErrorInvalidLayerException(v protocol.ResponseMetadata) error { + return &InvalidLayerException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidLayerException) Code() string { + return "InvalidLayerException" +} + +// Message returns the exception's message. +func (s InvalidLayerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidLayerException) OrigErr() error { + return nil +} + +func (s InvalidLayerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidLayerException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidLayerException) RequestID() string { + return s.respMetadata.RequestID +} + +// The layer part size is not valid, or the first byte specified is not consecutive +// to the last byte of a previous layer part upload. +type InvalidLayerPartException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The last valid byte received from the layer part upload that is associated + // with the exception. + LastValidByteReceived *int64 `locationName:"lastValidByteReceived" type:"long"` + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` + + // The registry ID associated with the exception. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository name associated with the exception. + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` + + // The upload ID associated with the exception. + UploadId *string `locationName:"uploadId" type:"string"` +} + +// String returns the string representation +func (s InvalidLayerPartException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidLayerPartException) GoString() string { + return s.String() +} + +func newErrorInvalidLayerPartException(v protocol.ResponseMetadata) error { + return &InvalidLayerPartException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidLayerPartException) Code() string { + return "InvalidLayerPartException" +} + +// Message returns the exception's message. +func (s InvalidLayerPartException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidLayerPartException) OrigErr() error { + return nil +} + +func (s InvalidLayerPartException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidLayerPartException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidLayerPartException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified parameter is invalid. Review the available parameters for the +// API request. +type InvalidParameterException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidParameterException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidParameterException) GoString() string { + return s.String() +} + +func newErrorInvalidParameterException(v protocol.ResponseMetadata) error { + return &InvalidParameterException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidParameterException) Code() string { + return "InvalidParameterException" +} + +// Message returns the exception's message. +func (s InvalidParameterException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidParameterException) OrigErr() error { + return nil +} + +func (s InvalidParameterException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidParameterException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidParameterException) RequestID() string { + return s.respMetadata.RequestID +} + +// An invalid parameter has been specified. Tag keys can have a maximum character +// length of 128 characters, and tag values can have a maximum length of 256 +// characters. +type InvalidTagParameterException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidTagParameterException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidTagParameterException) GoString() string { + return s.String() +} + +func newErrorInvalidTagParameterException(v protocol.ResponseMetadata) error { + return &InvalidTagParameterException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidTagParameterException) Code() string { + return "InvalidTagParameterException" +} + +// Message returns the exception's message. +func (s InvalidTagParameterException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidTagParameterException) OrigErr() error { + return nil +} + +func (s InvalidTagParameterException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidTagParameterException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidTagParameterException) RequestID() string { + return s.respMetadata.RequestID +} + // An object representing an Amazon ECR image layer. type Layer struct { _ struct{} `type:"structure"` @@ -4542,6 +6032,63 @@ func (s *Layer) SetMediaType(v string) *Layer { return s } +// The image layer already exists in the associated repository. +type LayerAlreadyExistsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LayerAlreadyExistsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LayerAlreadyExistsException) GoString() string { + return s.String() +} + +func newErrorLayerAlreadyExistsException(v protocol.ResponseMetadata) error { + return &LayerAlreadyExistsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LayerAlreadyExistsException) Code() string { + return "LayerAlreadyExistsException" +} + +// Message returns the exception's message. +func (s LayerAlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LayerAlreadyExistsException) OrigErr() error { + return nil +} + +func (s LayerAlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LayerAlreadyExistsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LayerAlreadyExistsException) RequestID() string { + return s.respMetadata.RequestID +} + // An object representing an Amazon ECR image layer failure. type LayerFailure struct { _ struct{} `type:"structure"` @@ -4584,6 +6131,235 @@ func (s *LayerFailure) SetLayerDigest(v string) *LayerFailure { return s } +// The specified layer is not available because it is not associated with an +// image. Unassociated image layers may be cleaned up at any time. +type LayerInaccessibleException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LayerInaccessibleException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LayerInaccessibleException) GoString() string { + return s.String() +} + +func newErrorLayerInaccessibleException(v protocol.ResponseMetadata) error { + return &LayerInaccessibleException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LayerInaccessibleException) Code() string { + return "LayerInaccessibleException" +} + +// Message returns the exception's message. +func (s LayerInaccessibleException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LayerInaccessibleException) OrigErr() error { + return nil +} + +func (s LayerInaccessibleException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LayerInaccessibleException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LayerInaccessibleException) RequestID() string { + return s.respMetadata.RequestID +} + +// Layer parts must be at least 5 MiB in size. +type LayerPartTooSmallException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LayerPartTooSmallException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LayerPartTooSmallException) GoString() string { + return s.String() +} + +func newErrorLayerPartTooSmallException(v protocol.ResponseMetadata) error { + return &LayerPartTooSmallException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LayerPartTooSmallException) Code() string { + return "LayerPartTooSmallException" +} + +// Message returns the exception's message. +func (s LayerPartTooSmallException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LayerPartTooSmallException) OrigErr() error { + return nil +} + +func (s LayerPartTooSmallException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LayerPartTooSmallException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LayerPartTooSmallException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified layers could not be found, or the specified layer is not valid +// for this repository. +type LayersNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LayersNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LayersNotFoundException) GoString() string { + return s.String() +} + +func newErrorLayersNotFoundException(v protocol.ResponseMetadata) error { + return &LayersNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LayersNotFoundException) Code() string { + return "LayersNotFoundException" +} + +// Message returns the exception's message. +func (s LayersNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LayersNotFoundException) OrigErr() error { + return nil +} + +func (s LayersNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LayersNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LayersNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// The lifecycle policy could not be found, and no policy is set to the repository. +type LifecyclePolicyNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LifecyclePolicyNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LifecyclePolicyNotFoundException) GoString() string { + return s.String() +} + +func newErrorLifecyclePolicyNotFoundException(v protocol.ResponseMetadata) error { + return &LifecyclePolicyNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LifecyclePolicyNotFoundException) Code() string { + return "LifecyclePolicyNotFoundException" +} + +// Message returns the exception's message. +func (s LifecyclePolicyNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LifecyclePolicyNotFoundException) OrigErr() error { + return nil +} + +func (s LifecyclePolicyNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LifecyclePolicyNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LifecyclePolicyNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + // The filter for the lifecycle policy preview. type LifecyclePolicyPreviewFilter struct { _ struct{} `type:"structure"` @@ -4608,6 +6384,119 @@ func (s *LifecyclePolicyPreviewFilter) SetTagStatus(v string) *LifecyclePolicyPr return s } +// The previous lifecycle policy preview request has not completed. Please try +// again later. +type LifecyclePolicyPreviewInProgressException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LifecyclePolicyPreviewInProgressException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LifecyclePolicyPreviewInProgressException) GoString() string { + return s.String() +} + +func newErrorLifecyclePolicyPreviewInProgressException(v protocol.ResponseMetadata) error { + return &LifecyclePolicyPreviewInProgressException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LifecyclePolicyPreviewInProgressException) Code() string { + return "LifecyclePolicyPreviewInProgressException" +} + +// Message returns the exception's message. +func (s LifecyclePolicyPreviewInProgressException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LifecyclePolicyPreviewInProgressException) OrigErr() error { + return nil +} + +func (s LifecyclePolicyPreviewInProgressException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LifecyclePolicyPreviewInProgressException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LifecyclePolicyPreviewInProgressException) RequestID() string { + return s.respMetadata.RequestID +} + +// There is no dry run for this repository. +type LifecyclePolicyPreviewNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LifecyclePolicyPreviewNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LifecyclePolicyPreviewNotFoundException) GoString() string { + return s.String() +} + +func newErrorLifecyclePolicyPreviewNotFoundException(v protocol.ResponseMetadata) error { + return &LifecyclePolicyPreviewNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LifecyclePolicyPreviewNotFoundException) Code() string { + return "LifecyclePolicyPreviewNotFoundException" +} + +// Message returns the exception's message. +func (s LifecyclePolicyPreviewNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LifecyclePolicyPreviewNotFoundException) OrigErr() error { + return nil +} + +func (s LifecyclePolicyPreviewNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LifecyclePolicyPreviewNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LifecyclePolicyPreviewNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + // The result of the lifecycle policy preview. type LifecyclePolicyPreviewResult struct { _ struct{} `type:"structure"` @@ -4717,6 +6606,66 @@ func (s *LifecyclePolicyRuleAction) SetType(v string) *LifecyclePolicyRuleAction return s } +// The operation did not succeed because it would have exceeded a service limit +// for your account. For more information, see Amazon ECR Default Service Limits +// (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) +// in the Amazon Elastic Container Registry User Guide. +type LimitExceededException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LimitExceededException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LimitExceededException) GoString() string { + return s.String() +} + +func newErrorLimitExceededException(v protocol.ResponseMetadata) error { + return &LimitExceededException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LimitExceededException) Code() string { + return "LimitExceededException" +} + +// Message returns the exception's message. +func (s LimitExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LimitExceededException) OrigErr() error { + return nil +} + +func (s LimitExceededException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LimitExceededException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LimitExceededException) RequestID() string { + return s.respMetadata.RequestID +} + // An object representing a filter on a ListImages operation. type ListImagesFilter struct { _ struct{} `type:"structure"` @@ -4939,11 +6888,11 @@ type PutImageInput struct { // The image manifest corresponding to the image to be uploaded. // // ImageManifest is a required field - ImageManifest *string `locationName:"imageManifest" type:"string" required:"true"` + ImageManifest *string `locationName:"imageManifest" min:"1" type:"string" required:"true"` // The tag to associate with the image. This parameter is required for images // that use the Docker Image Manifest V2 Schema 2 or OCI formats. - ImageTag *string `locationName:"imageTag" type:"string"` + ImageTag *string `locationName:"imageTag" min:"1" type:"string"` // The AWS account ID associated with the registry that contains the repository // in which to put the image. If you do not specify a registry, the default @@ -4972,6 +6921,12 @@ func (s *PutImageInput) Validate() error { if s.ImageManifest == nil { invalidParams.Add(request.NewErrParamRequired("ImageManifest")) } + if s.ImageManifest != nil && len(*s.ImageManifest) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ImageManifest", 1)) + } + if s.ImageTag != nil && len(*s.ImageTag) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ImageTag", 1)) + } if s.RepositoryName == nil { invalidParams.Add(request.NewErrParamRequired("RepositoryName")) } @@ -5032,6 +6987,225 @@ func (s *PutImageOutput) SetImage(v *Image) *PutImageOutput { return s } +type PutImageScanningConfigurationInput struct { + _ struct{} `type:"structure"` + + // The image scanning configuration for the repository. This setting determines + // whether images are scanned for known vulnerabilities after being pushed to + // the repository. + // + // ImageScanningConfiguration is a required field + ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure" required:"true"` + + // The AWS account ID associated with the registry that contains the repository + // in which to update the image scanning configuration setting. If you do not + // specify a registry, the default registry is assumed. + RegistryId *string `locationName:"registryId" type:"string"` + + // The name of the repository in which to update the image scanning configuration + // setting. + // + // RepositoryName is a required field + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` +} + +// String returns the string representation +func (s PutImageScanningConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutImageScanningConfigurationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutImageScanningConfigurationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutImageScanningConfigurationInput"} + if s.ImageScanningConfiguration == nil { + invalidParams.Add(request.NewErrParamRequired("ImageScanningConfiguration")) + } + if s.RepositoryName == nil { + invalidParams.Add(request.NewErrParamRequired("RepositoryName")) + } + if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { + invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. +func (s *PutImageScanningConfigurationInput) SetImageScanningConfiguration(v *ImageScanningConfiguration) *PutImageScanningConfigurationInput { + s.ImageScanningConfiguration = v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *PutImageScanningConfigurationInput) SetRegistryId(v string) *PutImageScanningConfigurationInput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *PutImageScanningConfigurationInput) SetRepositoryName(v string) *PutImageScanningConfigurationInput { + s.RepositoryName = &v + return s +} + +type PutImageScanningConfigurationOutput struct { + _ struct{} `type:"structure"` + + // The image scanning configuration setting for the repository. + ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"` + + // The registry ID associated with the request. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository name associated with the request. + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` +} + +// String returns the string representation +func (s PutImageScanningConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutImageScanningConfigurationOutput) GoString() string { + return s.String() +} + +// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. +func (s *PutImageScanningConfigurationOutput) SetImageScanningConfiguration(v *ImageScanningConfiguration) *PutImageScanningConfigurationOutput { + s.ImageScanningConfiguration = v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *PutImageScanningConfigurationOutput) SetRegistryId(v string) *PutImageScanningConfigurationOutput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *PutImageScanningConfigurationOutput) SetRepositoryName(v string) *PutImageScanningConfigurationOutput { + s.RepositoryName = &v + return s +} + +type PutImageTagMutabilityInput struct { + _ struct{} `type:"structure"` + + // The tag mutability setting for the repository. If MUTABLE is specified, image + // tags can be overwritten. If IMMUTABLE is specified, all image tags within + // the repository will be immutable which will prevent them from being overwritten. + // + // ImageTagMutability is a required field + ImageTagMutability *string `locationName:"imageTagMutability" type:"string" required:"true" enum:"ImageTagMutability"` + + // The AWS account ID associated with the registry that contains the repository + // in which to update the image tag mutability settings. If you do not specify + // a registry, the default registry is assumed. + RegistryId *string `locationName:"registryId" type:"string"` + + // The name of the repository in which to update the image tag mutability settings. + // + // RepositoryName is a required field + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` +} + +// String returns the string representation +func (s PutImageTagMutabilityInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutImageTagMutabilityInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutImageTagMutabilityInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutImageTagMutabilityInput"} + if s.ImageTagMutability == nil { + invalidParams.Add(request.NewErrParamRequired("ImageTagMutability")) + } + if s.RepositoryName == nil { + invalidParams.Add(request.NewErrParamRequired("RepositoryName")) + } + if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { + invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetImageTagMutability sets the ImageTagMutability field's value. +func (s *PutImageTagMutabilityInput) SetImageTagMutability(v string) *PutImageTagMutabilityInput { + s.ImageTagMutability = &v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *PutImageTagMutabilityInput) SetRegistryId(v string) *PutImageTagMutabilityInput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *PutImageTagMutabilityInput) SetRepositoryName(v string) *PutImageTagMutabilityInput { + s.RepositoryName = &v + return s +} + +type PutImageTagMutabilityOutput struct { + _ struct{} `type:"structure"` + + // The image tag mutability setting for the repository. + ImageTagMutability *string `locationName:"imageTagMutability" type:"string" enum:"ImageTagMutability"` + + // The registry ID associated with the request. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository name associated with the request. + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` +} + +// String returns the string representation +func (s PutImageTagMutabilityOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PutImageTagMutabilityOutput) GoString() string { + return s.String() +} + +// SetImageTagMutability sets the ImageTagMutability field's value. +func (s *PutImageTagMutabilityOutput) SetImageTagMutability(v string) *PutImageTagMutabilityOutput { + s.ImageTagMutability = &v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *PutImageTagMutabilityOutput) SetRegistryId(v string) *PutImageTagMutabilityOutput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *PutImageTagMutabilityOutput) SetRepositoryName(v string) *PutImageTagMutabilityOutput { + s.RepositoryName = &v + return s +} + type PutLifecyclePolicyInput struct { _ struct{} `type:"structure"` @@ -5041,7 +7215,7 @@ type PutLifecyclePolicyInput struct { LifecyclePolicyText *string `locationName:"lifecyclePolicyText" min:"100" type:"string" required:"true"` // The AWS account ID associated with the registry that contains the repository. - // If you do
 not specify a registry, the default registry is assumed. + // If you do not specify a registry, the default registry is assumed. RegistryId *string `locationName:"registryId" type:"string"` // The name of the repository to receive the policy. @@ -5148,6 +7322,12 @@ type Repository struct { // The date and time, in JavaScript date format, when the repository was created. CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + // The image scanning configuration for a repository. + ImageScanningConfiguration *ImageScanningConfiguration `locationName:"imageScanningConfiguration" type:"structure"` + + // The tag mutability setting for the repository. + ImageTagMutability *string `locationName:"imageTagMutability" type:"string" enum:"ImageTagMutability"` + // The AWS account ID associated with the registry that contains the repository. RegistryId *string `locationName:"registryId" type:"string"` @@ -5181,6 +7361,18 @@ func (s *Repository) SetCreatedAt(v time.Time) *Repository { return s } +// SetImageScanningConfiguration sets the ImageScanningConfiguration field's value. +func (s *Repository) SetImageScanningConfiguration(v *ImageScanningConfiguration) *Repository { + s.ImageScanningConfiguration = v + return s +} + +// SetImageTagMutability sets the ImageTagMutability field's value. +func (s *Repository) SetImageTagMutability(v string) *Repository { + s.ImageTagMutability = &v + return s +} + // SetRegistryId sets the RegistryId field's value. func (s *Repository) SetRegistryId(v string) *Repository { s.RegistryId = &v @@ -5205,6 +7397,351 @@ func (s *Repository) SetRepositoryUri(v string) *Repository { return s } +// The specified repository already exists in the specified registry. +type RepositoryAlreadyExistsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s RepositoryAlreadyExistsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RepositoryAlreadyExistsException) GoString() string { + return s.String() +} + +func newErrorRepositoryAlreadyExistsException(v protocol.ResponseMetadata) error { + return &RepositoryAlreadyExistsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s RepositoryAlreadyExistsException) Code() string { + return "RepositoryAlreadyExistsException" +} + +// Message returns the exception's message. +func (s RepositoryAlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s RepositoryAlreadyExistsException) OrigErr() error { + return nil +} + +func (s RepositoryAlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s RepositoryAlreadyExistsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s RepositoryAlreadyExistsException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified repository contains images. To delete a repository that contains +// images, you must force the deletion with the force parameter. +type RepositoryNotEmptyException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s RepositoryNotEmptyException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RepositoryNotEmptyException) GoString() string { + return s.String() +} + +func newErrorRepositoryNotEmptyException(v protocol.ResponseMetadata) error { + return &RepositoryNotEmptyException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s RepositoryNotEmptyException) Code() string { + return "RepositoryNotEmptyException" +} + +// Message returns the exception's message. +func (s RepositoryNotEmptyException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s RepositoryNotEmptyException) OrigErr() error { + return nil +} + +func (s RepositoryNotEmptyException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s RepositoryNotEmptyException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s RepositoryNotEmptyException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified repository could not be found. Check the spelling of the specified +// repository and ensure that you are performing operations on the correct registry. +type RepositoryNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s RepositoryNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RepositoryNotFoundException) GoString() string { + return s.String() +} + +func newErrorRepositoryNotFoundException(v protocol.ResponseMetadata) error { + return &RepositoryNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s RepositoryNotFoundException) Code() string { + return "RepositoryNotFoundException" +} + +// Message returns the exception's message. +func (s RepositoryNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s RepositoryNotFoundException) OrigErr() error { + return nil +} + +func (s RepositoryNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s RepositoryNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s RepositoryNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified repository and registry combination does not have an associated +// repository policy. +type RepositoryPolicyNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s RepositoryPolicyNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RepositoryPolicyNotFoundException) GoString() string { + return s.String() +} + +func newErrorRepositoryPolicyNotFoundException(v protocol.ResponseMetadata) error { + return &RepositoryPolicyNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s RepositoryPolicyNotFoundException) Code() string { + return "RepositoryPolicyNotFoundException" +} + +// Message returns the exception's message. +func (s RepositoryPolicyNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s RepositoryPolicyNotFoundException) OrigErr() error { + return nil +} + +func (s RepositoryPolicyNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s RepositoryPolicyNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s RepositoryPolicyNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// The specified image scan could not be found. Ensure that image scanning is +// enabled on the repository and try again. +type ScanNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ScanNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ScanNotFoundException) GoString() string { + return s.String() +} + +func newErrorScanNotFoundException(v protocol.ResponseMetadata) error { + return &ScanNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ScanNotFoundException) Code() string { + return "ScanNotFoundException" +} + +// Message returns the exception's message. +func (s ScanNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ScanNotFoundException) OrigErr() error { + return nil +} + +func (s ScanNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ScanNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ScanNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// These errors are usually caused by a server-side issue. +type ServerException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ServerException) GoString() string { + return s.String() +} + +func newErrorServerException(v protocol.ResponseMetadata) error { + return &ServerException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ServerException) Code() string { + return "ServerException" +} + +// Message returns the exception's message. +func (s ServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ServerException) OrigErr() error { + return nil +} + +func (s ServerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ServerException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ServerException) RequestID() string { + return s.respMetadata.RequestID +} + type SetRepositoryPolicyInput struct { _ struct{} `type:"structure"` @@ -5213,7 +7750,9 @@ type SetRepositoryPolicyInput struct { // operation. This is intended to prevent accidental repository lock outs. Force *bool `locationName:"force" type:"boolean"` - // The JSON repository policy text to apply to the repository. + // The JSON repository policy text to apply to the repository. For more information, + // see Amazon ECR Repository Policy Examples (https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html) + // in the Amazon Elastic Container Registry User Guide. // // PolicyText is a required field PolicyText *string `locationName:"policyText" type:"string" required:"true"` @@ -5322,6 +7861,127 @@ func (s *SetRepositoryPolicyOutput) SetRepositoryName(v string) *SetRepositoryPo return s } +type StartImageScanInput struct { + _ struct{} `type:"structure"` + + // An object with identifying information for an Amazon ECR image. + // + // ImageId is a required field + ImageId *ImageIdentifier `locationName:"imageId" type:"structure" required:"true"` + + // The AWS account ID associated with the registry that contains the repository + // in which to start an image scan request. If you do not specify a registry, + // the default registry is assumed. + RegistryId *string `locationName:"registryId" type:"string"` + + // The name of the repository that contains the images to scan. + // + // RepositoryName is a required field + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string" required:"true"` +} + +// String returns the string representation +func (s StartImageScanInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartImageScanInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartImageScanInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartImageScanInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + if s.RepositoryName == nil { + invalidParams.Add(request.NewErrParamRequired("RepositoryName")) + } + if s.RepositoryName != nil && len(*s.RepositoryName) < 2 { + invalidParams.Add(request.NewErrParamMinLen("RepositoryName", 2)) + } + if s.ImageId != nil { + if err := s.ImageId.Validate(); err != nil { + invalidParams.AddNested("ImageId", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetImageId sets the ImageId field's value. +func (s *StartImageScanInput) SetImageId(v *ImageIdentifier) *StartImageScanInput { + s.ImageId = v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *StartImageScanInput) SetRegistryId(v string) *StartImageScanInput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *StartImageScanInput) SetRepositoryName(v string) *StartImageScanInput { + s.RepositoryName = &v + return s +} + +type StartImageScanOutput struct { + _ struct{} `type:"structure"` + + // An object with identifying information for an Amazon ECR image. + ImageId *ImageIdentifier `locationName:"imageId" type:"structure"` + + // The current state of the scan. + ImageScanStatus *ImageScanStatus `locationName:"imageScanStatus" type:"structure"` + + // The registry ID associated with the request. + RegistryId *string `locationName:"registryId" type:"string"` + + // The repository name associated with the request. + RepositoryName *string `locationName:"repositoryName" min:"2" type:"string"` +} + +// String returns the string representation +func (s StartImageScanOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s StartImageScanOutput) GoString() string { + return s.String() +} + +// SetImageId sets the ImageId field's value. +func (s *StartImageScanOutput) SetImageId(v *ImageIdentifier) *StartImageScanOutput { + s.ImageId = v + return s +} + +// SetImageScanStatus sets the ImageScanStatus field's value. +func (s *StartImageScanOutput) SetImageScanStatus(v *ImageScanStatus) *StartImageScanOutput { + s.ImageScanStatus = v + return s +} + +// SetRegistryId sets the RegistryId field's value. +func (s *StartImageScanOutput) SetRegistryId(v string) *StartImageScanOutput { + s.RegistryId = &v + return s +} + +// SetRepositoryName sets the RepositoryName field's value. +func (s *StartImageScanOutput) SetRepositoryName(v string) *StartImageScanOutput { + s.RepositoryName = &v + return s +} + type StartLifecyclePolicyPreviewInput struct { _ struct{} `type:"structure"` @@ -5543,6 +8203,63 @@ func (s TagResourceOutput) GoString() string { return s.String() } +// The list of tags on the repository is over the limit. The maximum number +// of tags that can be applied to a repository is 50. +type TooManyTagsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s TooManyTagsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TooManyTagsException) GoString() string { + return s.String() +} + +func newErrorTooManyTagsException(v protocol.ResponseMetadata) error { + return &TooManyTagsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s TooManyTagsException) Code() string { + return "TooManyTagsException" +} + +// Message returns the exception's message. +func (s TooManyTagsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s TooManyTagsException) OrigErr() error { + return nil +} + +func (s TooManyTagsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s TooManyTagsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s TooManyTagsException) RequestID() string { + return s.respMetadata.RequestID +} + type UntagResourceInput struct { _ struct{} `type:"structure"` @@ -5770,6 +8487,84 @@ func (s *UploadLayerPartOutput) SetUploadId(v string) *UploadLayerPartOutput { return s } +// The upload could not be found, or the specified upload id is not valid for +// this repository. +type UploadNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + // The error message associated with the exception. + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s UploadNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UploadNotFoundException) GoString() string { + return s.String() +} + +func newErrorUploadNotFoundException(v protocol.ResponseMetadata) error { + return &UploadNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s UploadNotFoundException) Code() string { + return "UploadNotFoundException" +} + +// Message returns the exception's message. +func (s UploadNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s UploadNotFoundException) OrigErr() error { + return nil +} + +func (s UploadNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s UploadNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s UploadNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +const ( + // FindingSeverityInformational is a FindingSeverity enum value + FindingSeverityInformational = "INFORMATIONAL" + + // FindingSeverityLow is a FindingSeverity enum value + FindingSeverityLow = "LOW" + + // FindingSeverityMedium is a FindingSeverity enum value + FindingSeverityMedium = "MEDIUM" + + // FindingSeverityHigh is a FindingSeverity enum value + FindingSeverityHigh = "HIGH" + + // FindingSeverityCritical is a FindingSeverity enum value + FindingSeverityCritical = "CRITICAL" + + // FindingSeverityUndefined is a FindingSeverity enum value + FindingSeverityUndefined = "UNDEFINED" +) + const ( // ImageActionTypeExpire is a ImageActionType enum value ImageActionTypeExpire = "EXPIRE" @@ -5792,6 +8587,14 @@ const ( ImageFailureCodeMissingDigestAndTag = "MissingDigestAndTag" ) +const ( + // ImageTagMutabilityMutable is a ImageTagMutability enum value + ImageTagMutabilityMutable = "MUTABLE" + + // ImageTagMutabilityImmutable is a ImageTagMutability enum value + ImageTagMutabilityImmutable = "IMMUTABLE" +) + const ( // LayerAvailabilityAvailable is a LayerAvailability enum value LayerAvailabilityAvailable = "AVAILABLE" @@ -5822,6 +8625,17 @@ const ( LifecyclePolicyPreviewStatusFailed = "FAILED" ) +const ( + // ScanStatusInProgress is a ScanStatus enum value + ScanStatusInProgress = "IN_PROGRESS" + + // ScanStatusComplete is a ScanStatus enum value + ScanStatusComplete = "COMPLETE" + + // ScanStatusFailed is a ScanStatus enum value + ScanStatusFailed = "FAILED" +) + const ( // TagStatusTagged is a TagStatus enum value TagStatusTagged = "TAGGED" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go index 834905106ab..732d865bf40 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/errors.go @@ -2,6 +2,10 @@ package ecr +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + const ( // ErrCodeEmptyUploadException for service response error code @@ -23,6 +27,13 @@ const ( // The image requested does not exist in the specified repository. ErrCodeImageNotFoundException = "ImageNotFoundException" + // ErrCodeImageTagAlreadyExistsException for service response error code + // "ImageTagAlreadyExistsException". + // + // The specified image is tagged with a tag that already exists. The repository + // is configured for tag immutability. + ErrCodeImageTagAlreadyExistsException = "ImageTagAlreadyExistsException" + // ErrCodeInvalidLayerException for service response error code // "InvalidLayerException". // @@ -102,7 +113,7 @@ const ( // // The operation did not succeed because it would have exceeded a service limit // for your account. For more information, see Amazon ECR Default Service Limits - // (http://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) + // (https://docs.aws.amazon.com/AmazonECR/latest/userguide/service_limits.html) // in the Amazon Elastic Container Registry User Guide. ErrCodeLimitExceededException = "LimitExceededException" @@ -133,6 +144,13 @@ const ( // repository policy. ErrCodeRepositoryPolicyNotFoundException = "RepositoryPolicyNotFoundException" + // ErrCodeScanNotFoundException for service response error code + // "ScanNotFoundException". + // + // The specified image scan could not be found. Ensure that image scanning is + // enabled on the repository and try again. + ErrCodeScanNotFoundException = "ScanNotFoundException" + // ErrCodeServerException for service response error code // "ServerException". // @@ -153,3 +171,30 @@ const ( // this repository. ErrCodeUploadNotFoundException = "UploadNotFoundException" ) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "EmptyUploadException": newErrorEmptyUploadException, + "ImageAlreadyExistsException": newErrorImageAlreadyExistsException, + "ImageNotFoundException": newErrorImageNotFoundException, + "ImageTagAlreadyExistsException": newErrorImageTagAlreadyExistsException, + "InvalidLayerException": newErrorInvalidLayerException, + "InvalidLayerPartException": newErrorInvalidLayerPartException, + "InvalidParameterException": newErrorInvalidParameterException, + "InvalidTagParameterException": newErrorInvalidTagParameterException, + "LayerAlreadyExistsException": newErrorLayerAlreadyExistsException, + "LayerInaccessibleException": newErrorLayerInaccessibleException, + "LayerPartTooSmallException": newErrorLayerPartTooSmallException, + "LayersNotFoundException": newErrorLayersNotFoundException, + "LifecyclePolicyNotFoundException": newErrorLifecyclePolicyNotFoundException, + "LifecyclePolicyPreviewInProgressException": newErrorLifecyclePolicyPreviewInProgressException, + "LifecyclePolicyPreviewNotFoundException": newErrorLifecyclePolicyPreviewNotFoundException, + "LimitExceededException": newErrorLimitExceededException, + "RepositoryAlreadyExistsException": newErrorRepositoryAlreadyExistsException, + "RepositoryNotEmptyException": newErrorRepositoryNotEmptyException, + "RepositoryNotFoundException": newErrorRepositoryNotFoundException, + "RepositoryPolicyNotFoundException": newErrorRepositoryPolicyNotFoundException, + "ScanNotFoundException": newErrorScanNotFoundException, + "ServerException": newErrorServerException, + "TooManyTagsException": newErrorTooManyTagsException, + "UploadNotFoundException": newErrorUploadNotFoundException, +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/service.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/service.go index 3eba7f696b6..c4392395cea 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ecr/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/service.go @@ -8,6 +8,7 @@ import ( "github.com/aws/aws-sdk-go/aws/client/metadata" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" ) @@ -31,7 +32,7 @@ var initRequest func(*request.Request) const ( ServiceName = "ecr" // Name of service. EndpointsID = "api.ecr" // ID to lookup a service endpoint with. - ServiceID = "ECR" // ServiceID is a unique identifer of a specific service. + ServiceID = "ECR" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the ECR client with a session. @@ -39,6 +40,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a ECR client from just a session. // svc := ecr.New(mySession) // @@ -49,11 +52,11 @@ func New(p client.ConfigProvider, cfgs ...*aws.Config) *ECR { if c.SigningNameDerived || len(c.SigningName) == 0 { c.SigningName = "ecr" } - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *ECR { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *ECR { svc := &ECR{ Client: client.New( cfg, @@ -62,6 +65,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2015-09-21", JSONVersion: "1.1", @@ -76,7 +80,9 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler) svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler) svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed(jsonrpc.UnmarshalErrorHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) // Run custom client initialization if present if initClient != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/service/ecr/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/ecr/waiters.go new file mode 100644 index 00000000000..4b6f88e4e15 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/ecr/waiters.go @@ -0,0 +1,112 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ecr + +import ( + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" +) + +// WaitUntilImageScanComplete uses the Amazon ECR API operation +// DescribeImageScanFindings to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *ECR) WaitUntilImageScanComplete(input *DescribeImageScanFindingsInput) error { + return c.WaitUntilImageScanCompleteWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilImageScanCompleteWithContext is an extended version of WaitUntilImageScanComplete. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) WaitUntilImageScanCompleteWithContext(ctx aws.Context, input *DescribeImageScanFindingsInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilImageScanComplete", + MaxAttempts: 60, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "imageScanStatus.status", + Expected: "COMPLETE", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathWaiterMatch, Argument: "imageScanStatus.status", + Expected: "FAILED", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeImageScanFindingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImageScanFindingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + +// WaitUntilLifecyclePolicyPreviewComplete uses the Amazon ECR API operation +// GetLifecyclePolicyPreview to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *ECR) WaitUntilLifecyclePolicyPreviewComplete(input *GetLifecyclePolicyPreviewInput) error { + return c.WaitUntilLifecyclePolicyPreviewCompleteWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilLifecyclePolicyPreviewCompleteWithContext is an extended version of WaitUntilLifecyclePolicyPreviewComplete. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ECR) WaitUntilLifecyclePolicyPreviewCompleteWithContext(ctx aws.Context, input *GetLifecyclePolicyPreviewInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilLifecyclePolicyPreviewComplete", + MaxAttempts: 20, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathWaiterMatch, Argument: "status", + Expected: "COMPLETE", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathWaiterMatch, Argument: "status", + Expected: "FAILED", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *GetLifecyclePolicyPreviewInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetLifecyclePolicyPreviewRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/elb/api.go b/vendor/github.com/aws/aws-sdk-go/service/elb/api.go index c1028cae5dc..c2e93fa72d3 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elb/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elb/api.go @@ -1775,7 +1775,7 @@ func (c *ELB) DescribeLoadBalancersWithContext(ctx aws.Context, input *DescribeL // // Example iterating over at most 3 pages of a DescribeLoadBalancers operation. // pageNum := 0 // err := client.DescribeLoadBalancersPages(params, -// func(page *DescribeLoadBalancersOutput, lastPage bool) bool { +// func(page *elb.DescribeLoadBalancersOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1807,10 +1807,12 @@ func (c *ELB) DescribeLoadBalancersPagesWithContext(ctx aws.Context, input *Desc }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeLoadBalancersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeLoadBalancersOutput), !p.HasNextPage()) { + break + } } + return p.Err() } diff --git a/vendor/github.com/aws/aws-sdk-go/service/elb/service.go b/vendor/github.com/aws/aws-sdk-go/service/elb/service.go index 5dfdd322c9b..7ed1a60988f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elb/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elb/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "elasticloadbalancing" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "Elastic Load Balancing" // ServiceID is a unique identifer of a specific service. + ServiceID = "Elastic Load Balancing" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the ELB client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a ELB client from just a session. // svc := elb.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := elb.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *ELB { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *ELB { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *ELB { svc := &ELB{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2012-06-01", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go index 89d85401b10..2e2c18c04bd 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/api.go @@ -57,14 +57,18 @@ func (c *ELBV2) AddListenerCertificatesRequest(input *AddListenerCertificatesInp // AddListenerCertificates API operation for Elastic Load Balancing. // -// Adds the specified certificate to the specified HTTPS listener. +// Adds the specified SSL server certificate to the certificate list for the +// specified HTTPS or TLS listener. // -// If the certificate was already added, the call is successful but the certificate -// is not added again. +// If the certificate in already in the certificate list, the call is successful +// but the certificate is not added again. // -// To list the certificates for your listener, use DescribeListenerCertificates. -// To remove certificates from your listener, use RemoveListenerCertificates. -// To specify the default SSL server certificate, use ModifyListener. +// To get the certificate list for a listener, use DescribeListenerCertificates. +// To remove certificates from the certificate list for a listener, use RemoveListenerCertificates. +// To replace the default certificate for a listener, use ModifyListener. +// +// For more information, see SSL Certificates (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#https-listener-certificates) +// in the Application Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -257,9 +261,9 @@ func (c *ELBV2) CreateListenerRequest(input *CreateListenerInput) (req *request. // If you attempt to create multiple listeners with the same settings, each // call succeeds. // -// For more information, see Listeners for Your Application Load Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html) +// For more information, see Listeners for Your Application Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html) // in the Application Load Balancers Guide and Listeners for Your Network Load -// Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-listeners.html) +// Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-listeners.html) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -316,6 +320,11 @@ func (c *ELBV2) CreateListenerRequest(input *CreateListenerInput) (req *request. // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateListener func (c *ELBV2) CreateListener(input *CreateListenerInput) (*CreateListenerOutput, error) { req, out := c.CreateListenerRequest(input) @@ -392,17 +401,17 @@ func (c *ELBV2) CreateLoadBalancerRequest(input *CreateLoadBalancerInput) (req * // your current load balancers, see DescribeLoadBalancers. When you are finished // with a load balancer, you can delete it using DeleteLoadBalancer. // -// For limit information, see Limits for Your Application Load Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) +// For limit information, see Limits for Your Application Load Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) // in the Application Load Balancers Guide and Limits for Your Network Load -// Balancer (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-limits.html) +// Balancer (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-limits.html) // in the Network Load Balancers Guide. // // This operation is idempotent, which means that it completes at most one time. // If you attempt to create multiple load balancers with the same settings, // each call succeeds. // -// For more information, see Application Load Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html) -// in the Application Load Balancers Guide and Network Load Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html) +// For more information, see Application Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html) +// in the Application Load Balancers Guide and Network Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -524,7 +533,7 @@ func (c *ELBV2) CreateRuleRequest(input *CreateRuleInput) (req *request.Request, // Rules are evaluated in priority order, from the lowest value to the highest // value. When the conditions for a rule are met, its actions are performed. // If the conditions for no rules are met, the actions for the default rule -// are performed. For more information, see Listener Rules (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#listener-rules) +// are performed. For more information, see Listener Rules (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#listener-rules) // in the Application Load Balancers Guide. // // To view your current rules, use DescribeRules. To update a rule, use ModifyRule. @@ -579,6 +588,11 @@ func (c *ELBV2) CreateRuleRequest(input *CreateRuleInput) (req *request.Request, // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateRule func (c *ELBV2) CreateRule(input *CreateRuleInput) (*CreateRuleOutput, error) { req, out := c.CreateRuleRequest(input) @@ -661,9 +675,9 @@ func (c *ELBV2) CreateTargetGroupRequest(input *CreateTargetGroupInput) (req *re // call succeeds. // // For more information, see Target Groups for Your Application Load Balancers -// (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html) +// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html) // in the Application Load Balancers Guide or Target Groups for Your Network -// Load Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html) +// Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1182,9 +1196,9 @@ func (c *ELBV2) DescribeAccountLimitsRequest(input *DescribeAccountLimitsInput) // Describes the current Elastic Load Balancing resource limits for your AWS // account. // -// For more information, see Limits for Your Application Load Balancers (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) +// For more information, see Limits for Your Application Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html) // in the Application Load Balancer Guide or Limits for Your Network Load Balancers -// (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-limits.html) +// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-limits.html) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1259,7 +1273,15 @@ func (c *ELBV2) DescribeListenerCertificatesRequest(input *DescribeListenerCerti // DescribeListenerCertificates API operation for Elastic Load Balancing. // -// Describes the certificates for the specified HTTPS listener. +// Describes the default certificate and the certificate list for the specified +// HTTPS or TLS listener. +// +// If the default certificate is also in the certificate list, it appears twice +// in the results (once with IsDefault set to true and once with IsDefault set +// to false). +// +// For more information, see SSL Certificates (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#https-listener-certificates) +// in the Application Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1348,6 +1370,10 @@ func (c *ELBV2) DescribeListenersRequest(input *DescribeListenersInput) (req *re // Load Balancer or Network Load Balancer. You must specify either a load balancer // or one or more listeners. // +// For an HTTPS or TLS listener, the output includes the default certificate +// for the listener. To describe the certificate list for the listener, use +// DescribeListenerCertificates. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1398,7 +1424,7 @@ func (c *ELBV2) DescribeListenersWithContext(ctx aws.Context, input *DescribeLis // // Example iterating over at most 3 pages of a DescribeListeners operation. // pageNum := 0 // err := client.DescribeListenersPages(params, -// func(page *DescribeListenersOutput, lastPage bool) bool { +// func(page *elbv2.DescribeListenersOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1430,10 +1456,12 @@ func (c *ELBV2) DescribeListenersPagesWithContext(ctx aws.Context, input *Descri }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeListenersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeListenersOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1484,8 +1512,8 @@ func (c *ELBV2) DescribeLoadBalancerAttributesRequest(input *DescribeLoadBalance // Describes the attributes for the specified Application Load Balancer or Network // Load Balancer. // -// For more information, see Load Balancer Attributes (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes) -// in the Application Load Balancers Guide or Load Balancer Attributes (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#load-balancer-attributes) +// For more information, see Load Balancer Attributes (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes) +// in the Application Load Balancers Guide or Load Balancer Attributes (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#load-balancer-attributes) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1620,7 +1648,7 @@ func (c *ELBV2) DescribeLoadBalancersWithContext(ctx aws.Context, input *Describ // // Example iterating over at most 3 pages of a DescribeLoadBalancers operation. // pageNum := 0 // err := client.DescribeLoadBalancersPages(params, -// func(page *DescribeLoadBalancersOutput, lastPage bool) bool { +// func(page *elbv2.DescribeLoadBalancersOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -1652,10 +1680,12 @@ func (c *ELBV2) DescribeLoadBalancersPagesWithContext(ctx aws.Context, input *De }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeLoadBalancersOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeLoadBalancersOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -1791,7 +1821,7 @@ func (c *ELBV2) DescribeSSLPoliciesRequest(input *DescribeSSLPoliciesInput) (req // // Describes the specified policies or all policies used for SSL negotiation. // -// For more information, see Security Policies (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) +// For more information, see Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) // in the Application Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1963,8 +1993,8 @@ func (c *ELBV2) DescribeTargetGroupAttributesRequest(input *DescribeTargetGroupA // // Describes the attributes for the specified target group. // -// For more information, see Target Group Attributes (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes) -// in the Application Load Balancers Guide or Target Group Attributes (http://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#target-group-attributes) +// For more information, see Target Group Attributes (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes) +// in the Application Load Balancers Guide or Target Group Attributes (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#target-group-attributes) // in the Network Load Balancers Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2105,7 +2135,7 @@ func (c *ELBV2) DescribeTargetGroupsWithContext(ctx aws.Context, input *Describe // // Example iterating over at most 3 pages of a DescribeTargetGroups operation. // pageNum := 0 // err := client.DescribeTargetGroupsPages(params, -// func(page *DescribeTargetGroupsOutput, lastPage bool) bool { +// func(page *elbv2.DescribeTargetGroupsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -2137,10 +2167,12 @@ func (c *ELBV2) DescribeTargetGroupsPagesWithContext(ctx aws.Context, input *Des }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*DescribeTargetGroupsOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*DescribeTargetGroupsOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -2275,13 +2307,17 @@ func (c *ELBV2) ModifyListenerRequest(input *ModifyListenerInput) (req *request. // ModifyListener API operation for Elastic Load Balancing. // -// Modifies the specified properties of the specified listener. +// Replaces the specified properties of the specified listener. Any properties +// that you do not specify remain unchanged. // -// Any properties that you do not specify retain their current values. However, -// changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the -// security policy and server certificate properties. If you change the protocol +// Changing the protocol from HTTPS to HTTP, or from TLS to TCP, removes the +// security policy and default certificate properties. If you change the protocol // from HTTP to HTTPS, or from TCP to TLS, you must add the security policy -// and server certificate properties. +// and default certificate properties. +// +// To add an item to a list, remove an item from a list, or update an item in +// a list, you must provide the entire list. For example, to add an action, +// specify a list with the current actions plus the new action. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2337,6 +2373,11 @@ func (c *ELBV2) ModifyListenerRequest(input *ModifyListenerInput) (req *request. // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyListener func (c *ELBV2) ModifyListener(input *ModifyListenerInput) (*ModifyListenerOutput, error) { req, out := c.ModifyListenerRequest(input) @@ -2490,9 +2531,12 @@ func (c *ELBV2) ModifyRuleRequest(input *ModifyRuleInput) (req *request.Request, // ModifyRule API operation for Elastic Load Balancing. // -// Modifies the specified rule. +// Replaces the specified properties of the specified rule. Any properties that +// you do not specify are unchanged. // -// Any existing properties that you do not modify retain their current values. +// To add an item to a list, remove an item from a list, or update an item in +// a list, you must provide the entire list. For example, to add an action, +// specify a list with the current actions plus the new action. // // To modify the actions for the default rule, use ModifyListener. // @@ -2535,6 +2579,11 @@ func (c *ELBV2) ModifyRuleRequest(input *ModifyRuleInput) (req *request.Request, // * ErrCodeInvalidLoadBalancerActionException "InvalidLoadBalancerAction" // The requested action is not valid. // +// * ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException "TooManyUniqueTargetGroupsPerLoadBalancer" +// You've reached the limit on the number of unique target groups per load balancer +// across all listeners. If a target group is used by multiple actions for a +// load balancer, it is counted as only one use. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyRule func (c *ELBV2) ModifyRule(input *ModifyRuleInput) (*ModifyRuleOutput, error) { req, out := c.ModifyRuleRequest(input) @@ -2875,7 +2924,8 @@ func (c *ELBV2) RemoveListenerCertificatesRequest(input *RemoveListenerCertifica // RemoveListenerCertificates API operation for Elastic Load Balancing. // -// Removes the specified certificate from the specified HTTPS listener. +// Removes the specified certificate from the certificate list for the specified +// HTTPS or TLS listener. // // You can't remove the default certificate for a listener. To replace the default // certificate, call ModifyListener. @@ -3059,8 +3109,6 @@ func (c *ELBV2) SetIpAddressTypeRequest(input *SetIpAddressTypeInput) (req *requ // Sets the type of IP addresses used by the subnets of the specified Application // Load Balancer or Network Load Balancer. // -// Network Load Balancers must use ipv4. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -3322,11 +3370,12 @@ func (c *ELBV2) SetSubnetsRequest(input *SetSubnetsInput) (req *request.Request, // SetSubnets API operation for Elastic Load Balancing. // -// Enables the Availability Zone for the specified public subnets for the specified -// Application Load Balancer. The specified subnets replace the previously enabled -// subnets. +// Enables the Availability Zones for the specified public subnets for the specified +// load balancer. The specified subnets replace the previously enabled subnets. // -// You can't change the subnets for a Network Load Balancer. +// When you specify subnets for a Network Load Balancer, you must include all +// subnets that were enabled previously, with their existing configurations, +// plus any additional subnets. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3392,9 +3441,17 @@ type Action struct { // a custom HTTP response. Specify only when Type is fixed-response. FixedResponseConfig *FixedResponseActionConfig `type:"structure"` + // Information for creating an action that distributes requests among one or + // more target groups. For Network Load Balancers, you can specify a single + // target group. Specify only when Type is forward. If you specify both ForwardConfig + // and TargetGroupArn, you can specify only one target group using ForwardConfig + // and it must be the same target group specified in TargetGroupArn. + ForwardConfig *ForwardActionConfig `type:"structure"` + // The order for the action. This value is required for rules with multiple // actions. The action with the lowest value for order is performed first. The - // final action to be performed must be a forward or a fixed-response action. + // last action to be performed must be one of the following types of actions: + // a forward, fixed-response, or redirect. Order *int64 `min:"1" type:"integer"` // [Application Load Balancer] Information for creating a redirect action. Specify @@ -3402,11 +3459,11 @@ type Action struct { RedirectConfig *RedirectActionConfig `type:"structure"` // The Amazon Resource Name (ARN) of the target group. Specify only when Type - // is forward. + // is forward and you want to route to a single target group. To route to one + // or more target groups, use ForwardConfig instead. TargetGroupArn *string `type:"string"` - // The type of action. Each rule must include exactly one of the following types - // of actions: forward, fixed-response, or redirect. + // The type of action. // // Type is a required field Type *string `type:"string" required:"true" enum:"ActionTypeEnum"` @@ -3476,6 +3533,12 @@ func (s *Action) SetFixedResponseConfig(v *FixedResponseActionConfig) *Action { return s } +// SetForwardConfig sets the ForwardConfig field's value. +func (s *Action) SetForwardConfig(v *ForwardActionConfig) *Action { + s.ForwardConfig = v + return s +} + // SetOrder sets the Order field's value. func (s *Action) SetOrder(v int64) *Action { s.Order = &v @@ -3556,7 +3619,7 @@ func (s *AddListenerCertificatesInput) SetListenerArn(v string) *AddListenerCert type AddListenerCertificatesOutput struct { _ struct{} `type:"structure"` - // Information about the certificates. + // Information about the certificates in the certificate list. Certificates []*Certificate `type:"list"` } @@ -3671,7 +3734,8 @@ type AuthenticateCognitoActionConfig struct { // // * allow - Allow the request to be forwarded to the target. // - // authenticate + // * authenticate - Redirect the request to the IdP authorization endpoint. + // This is the default value. OnUnauthenticatedRequest *string `type:"string" enum:"AuthenticateCognitoActionConditionalBehaviorEnum"` // The set of user claims to be requested from the IdP. The default is openid. @@ -3802,10 +3866,10 @@ type AuthenticateOidcActionConfig struct { // ClientId is a required field ClientId *string `type:"string" required:"true"` - // The OAuth 2.0 client secret. - // - // ClientSecret is a required field - ClientSecret *string `type:"string" required:"true"` + // The OAuth 2.0 client secret. This parameter is required if you are creating + // a rule. If you are modifying a rule, you can omit this parameter if you set + // UseExistingClientSecret to true. + ClientSecret *string `type:"string"` // The OIDC issuer identifier of the IdP. This must be a full URL, including // the HTTPS protocol, the domain, and the path. @@ -3820,7 +3884,8 @@ type AuthenticateOidcActionConfig struct { // // * allow - Allow the request to be forwarded to the target. // - // authenticate + // * authenticate - Redirect the request to the IdP authorization endpoint. + // This is the default value. OnUnauthenticatedRequest *string `type:"string" enum:"AuthenticateOidcActionConditionalBehaviorEnum"` // The set of user claims to be requested from the IdP. The default is openid. @@ -3843,6 +3908,10 @@ type AuthenticateOidcActionConfig struct { // TokenEndpoint is a required field TokenEndpoint *string `type:"string" required:"true"` + // Indicates whether to use the existing client secret when modifying a rule. + // If you are creating a rule, you can omit this parameter or set it to false. + UseExistingClientSecret *bool `type:"boolean"` + // The user info endpoint of the IdP. This must be a full URL, including the // HTTPS protocol, the domain, and the path. // @@ -3869,9 +3938,6 @@ func (s *AuthenticateOidcActionConfig) Validate() error { if s.ClientId == nil { invalidParams.Add(request.NewErrParamRequired("ClientId")) } - if s.ClientSecret == nil { - invalidParams.Add(request.NewErrParamRequired("ClientSecret")) - } if s.Issuer == nil { invalidParams.Add(request.NewErrParamRequired("Issuer")) } @@ -3948,6 +4014,12 @@ func (s *AuthenticateOidcActionConfig) SetTokenEndpoint(v string) *AuthenticateO return s } +// SetUseExistingClientSecret sets the UseExistingClientSecret field's value. +func (s *AuthenticateOidcActionConfig) SetUseExistingClientSecret(v bool) *AuthenticateOidcActionConfig { + s.UseExistingClientSecret = &v + return s +} + // SetUserInfoEndpoint sets the UserInfoEndpoint field's value. func (s *AuthenticateOidcActionConfig) SetUserInfoEndpoint(v string) *AuthenticateOidcActionConfig { s.UserInfoEndpoint = &v @@ -3958,10 +4030,13 @@ func (s *AuthenticateOidcActionConfig) SetUserInfoEndpoint(v string) *Authentica type AvailabilityZone struct { _ struct{} `type:"structure"` - // [Network Load Balancers] The static IP address. + // [Network Load Balancers] If you need static IP addresses for your load balancer, + // you can specify one Elastic IP address per Availability Zone when you create + // an internal-facing load balancer. For internal load balancers, you can specify + // a private IP address from the IPv4 range of the subnet. LoadBalancerAddresses []*LoadBalancerAddress `type:"list"` - // The ID of the subnet. + // The ID of the subnet. You can specify one subnet per Availability Zone. SubnetId *string `type:"string"` // The name of the Availability Zone. @@ -4004,7 +4079,9 @@ type Certificate struct { CertificateArn *string `type:"string"` // Indicates whether the certificate is the default certificate. Do not set - // IsDefault when specifying a certificate as an input parameter. + // this value when specifying a certificate as an input. This value is not included + // in the output when describing a listener, but is included when describing + // listener certificates. IsDefault *bool `type:"boolean"` } @@ -4066,19 +4143,20 @@ func (s *Cipher) SetPriority(v int64) *Cipher { type CreateListenerInput struct { _ struct{} `type:"structure"` - // [HTTPS and TLS listeners] The default SSL server certificate. You must provide - // exactly one certificate. Set CertificateArn to the certificate ARN but do - // not set IsDefault. + // [HTTPS and TLS listeners] The default certificate for the listener. You must + // provide exactly one certificate. Set CertificateArn to the certificate ARN + // but do not set IsDefault. // - // To create a certificate list, use AddListenerCertificates. + // To create a certificate list for the listener, use AddListenerCertificates. Certificates []*Certificate `type:"list"` // The actions for the default rule. The rule must include one forward action // or one or more fixed-response actions. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP or TLS for a Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -4107,7 +4185,7 @@ type CreateListenerInput struct { // The protocol for connections from clients to the load balancer. For Application // Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load - // Balancers, the supported protocols are TCP and TLS. + // Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. // // Protocol is a required field Protocol *string `type:"string" required:"true" enum:"ProtocolEnum"` @@ -4247,8 +4325,8 @@ type CreateLoadBalancerInput struct { // // The nodes of an internal load balancer have only private IP addresses. The // DNS name of an internal load balancer is publicly resolvable to the private - // IP addresses of the nodes. Therefore, internal load balancers can only route - // requests from clients with access to the VPC for the load balancer. + // IP addresses of the nodes. Therefore, internal load balancers can route requests + // only from clients with access to the VPC for the load balancer. // // The default is an Internet-facing load balancer. Scheme *string `type:"string" enum:"LoadBalancerSchemeEnum"` @@ -4264,7 +4342,10 @@ type CreateLoadBalancerInput struct { // Zones. You cannot specify Elastic IP addresses for your subnets. // // [Network Load Balancers] You can specify subnets from one or more Availability - // Zones. You can specify one Elastic IP address per subnet. + // Zones. You can specify one Elastic IP address per subnet if you need static + // IP addresses for your internet-facing load balancer. For internal load balancers, + // you can specify one private IP address per subnet from the IPv4 range of + // the subnet. SubnetMappings []*SubnetMapping `type:"list"` // The IDs of the public subnets. You can specify only one subnet per Availability @@ -4395,11 +4476,13 @@ type CreateRuleInput struct { _ struct{} `type:"structure"` // The actions. Each rule must include exactly one of the following types of - // actions: forward, fixed-response, or redirect. + // actions: forward, fixed-response, or redirect, and it must be the last action + // to be performed. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP or TLS for a Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -4416,35 +4499,9 @@ type CreateRuleInput struct { // Actions is a required field Actions []*Action `type:"list" required:"true"` - // The conditions. Each condition specifies a field name and a single value. - // - // If the field name is host-header, you can specify a single host name (for - // example, my.example.com). A host name is case insensitive, can be up to 128 - // characters in length, and can contain any of the following characters. You - // can include up to three wildcard characters. - // - // * A-Z, a-z, 0-9 - // - // * - . - // - // * * (matches 0 or more characters) - // - // * ? (matches exactly 1 character) - // - // If the field name is path-pattern, you can specify a single path pattern. - // A path pattern is case-sensitive, can be up to 128 characters in length, - // and can contain any of the following characters. You can include up to three - // wildcard characters. - // - // * A-Z, a-z, 0-9 - // - // * _ - . $ / ~ " ' @ : + - // - // * & (using &) - // - // * * (matches 0 or more characters) - // - // * ? (matches exactly 1 character) + // The conditions. Each rule can include zero or one of the following conditions: + // http-request-method, host-header, path-pattern, and source-ip, and zero or + // more of the following conditions: http-header and query-string. // // Conditions is a required field Conditions []*RuleCondition `type:"list" required:"true"` @@ -4555,14 +4612,14 @@ func (s *CreateRuleOutput) SetRules(v []*Rule) *CreateRuleOutput { type CreateTargetGroupInput struct { _ struct{} `type:"structure"` - // Indicates whether health checks are enabled. If the target type is instance - // or ip, the default is true. If the target type is lambda, the default is - // false. + // Indicates whether health checks are enabled. If the target type is lambda, + // health checks are disabled by default but can be enabled. If the target type + // is instance or ip, health checks are always enabled and cannot be disabled. HealthCheckEnabled *bool `type:"boolean"` // The approximate amount of time, in seconds, between health checks of an individual - // target. For Application Load Balancers, the range is 5–300 seconds. For Network - // Load Balancers, the supported values are 10 or 30 seconds. If the target + // target. For HTTP and HTTPS health checks, the range is 5–300 seconds. For + // TCP health checks, the supported values are 10 and 30 seconds. If the target // type is instance or ip, the default is 30 seconds. If the target type is // lambda, the default is 35 seconds. HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"` @@ -4579,21 +4636,22 @@ type CreateTargetGroupInput struct { // The protocol the load balancer uses when performing health checks on targets. // For Application Load Balancers, the default is HTTP. For Network Load Balancers, // the default is TCP. The TCP protocol is supported for health checks only - // if the protocol of the target group is TCP or TLS. The TLS protocol is not - // supported for health checks. + // if the protocol of the target group is TCP, TLS, UDP, or TCP_UDP. The TLS, + // UDP, and TCP_UDP protocols are not supported for health checks. HealthCheckProtocol *string `type:"string" enum:"ProtocolEnum"` // The amount of time, in seconds, during which no response from a target means - // a failed health check. For Application Load Balancers, the range is 2–120 - // seconds and the default is 5 seconds if the target type is instance or ip - // and 30 seconds if the target type is lambda. For Network Load Balancers, - // this is 10 seconds for TCP and HTTPS health checks and 6 seconds for HTTP - // health checks. + // a failed health check. For target groups with a protocol of HTTP or HTTPS, + // the default is 5 seconds. For target groups with a protocol of TCP or TLS, + // this value must be 6 seconds for HTTP health checks and 10 seconds for TCP + // and HTTPS health checks. If the target type is lambda, the default is 30 + // seconds. HealthCheckTimeoutSeconds *int64 `min:"2" type:"integer"` // The number of consecutive health checks successes required before considering - // an unhealthy target healthy. For Application Load Balancers, the default - // is 5. For Network Load Balancers, the default is 3. + // an unhealthy target healthy. For target groups with a protocol of HTTP or + // HTTPS, the default is 5. For target groups with a protocol of TCP or TLS, + // the default is 3. If the target type is lambda, the default is 5. HealthyThresholdCount *int64 `min:"2" type:"integer"` // [HTTP/HTTPS health checks] The HTTP codes to use when checking for a successful @@ -4616,8 +4674,9 @@ type CreateTargetGroupInput struct { // The protocol to use for routing traffic to the targets. For Application Load // Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, - // the supported protocols are TCP and TLS. If the target is a Lambda function, - // this parameter does not apply. + // the supported protocols are TCP, TLS, UDP, or TCP_UDP. A TCP_UDP listener + // must be associated with a TCP_UDP target group. If the target is a Lambda + // function, this parameter does not apply. Protocol *string `type:"string" enum:"ProtocolEnum"` // The type of target that you must specify when registering targets with this @@ -4625,7 +4684,8 @@ type CreateTargetGroupInput struct { // one target type. // // * instance - Targets are specified by instance ID. This is the default - // value. + // value. If the target group protocol is UDP or TCP_UDP, the target type + // must be instance. // // * ip - Targets are specified by IP address. You can specify IP addresses // from the subnets of the virtual private cloud (VPC) for the target group, @@ -4637,13 +4697,14 @@ type CreateTargetGroupInput struct { TargetType *string `type:"string" enum:"TargetTypeEnum"` // The number of consecutive health check failures required before considering - // a target unhealthy. For Application Load Balancers, the default is 2. For - // Network Load Balancers, this value must be the same as the healthy threshold - // count. + // a target unhealthy. For target groups with a protocol of HTTP or HTTPS, the + // default is 2. For target groups with a protocol of TCP or TLS, this value + // must be the same as the healthy threshold count. If the target type is lambda, + // the default is 2. UnhealthyThresholdCount *int64 `min:"2" type:"integer"` // The identifier of the virtual private cloud (VPC). If the target is a Lambda - // function, this parameter does not apply. + // function, this parameter does not apply. Otherwise, this parameter is required. VpcId *string `type:"string"` } @@ -5137,8 +5198,8 @@ type DescribeAccountLimitsOutput struct { // Information about the limits. Limits []*Limit `type:"list"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` } @@ -5230,8 +5291,8 @@ type DescribeListenerCertificatesOutput struct { // Information about the certificates. Certificates []*Certificate `type:"list"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` } @@ -5327,8 +5388,8 @@ type DescribeListenersOutput struct { // Information about the listeners. Listeners []*Listener `type:"list"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` } @@ -5486,8 +5547,8 @@ type DescribeLoadBalancersOutput struct { // Information about the load balancers. LoadBalancers []*LoadBalancer `type:"list"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` } @@ -5580,8 +5641,8 @@ func (s *DescribeRulesInput) SetRuleArns(v []*string) *DescribeRulesInput { type DescribeRulesOutput struct { _ struct{} `type:"structure"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` // Information about the rules. @@ -5668,8 +5729,8 @@ func (s *DescribeSSLPoliciesInput) SetPageSize(v int64) *DescribeSSLPoliciesInpu type DescribeSSLPoliciesOutput struct { _ struct{} `type:"structure"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` // Information about the policies. @@ -5896,8 +5957,8 @@ func (s *DescribeTargetGroupsInput) SetTargetGroupArns(v []*string) *DescribeTar type DescribeTargetGroupsOutput struct { _ struct{} `type:"structure"` - // The marker to use when requesting the next set of results. If there are no - // additional results, the string is empty. + // If there are additional results, this is the marker for the next set of results. + // Otherwise, this is null. NextMarker *string `type:"string"` // Information about the target groups. @@ -6066,6 +6127,156 @@ func (s *FixedResponseActionConfig) SetStatusCode(v string) *FixedResponseAction return s } +// Information about a forward action. +type ForwardActionConfig struct { + _ struct{} `type:"structure"` + + // The target group stickiness for the rule. + TargetGroupStickinessConfig *TargetGroupStickinessConfig `type:"structure"` + + // One or more target groups. For Network Load Balancers, you can specify a + // single target group. + TargetGroups []*TargetGroupTuple `type:"list"` +} + +// String returns the string representation +func (s ForwardActionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ForwardActionConfig) GoString() string { + return s.String() +} + +// SetTargetGroupStickinessConfig sets the TargetGroupStickinessConfig field's value. +func (s *ForwardActionConfig) SetTargetGroupStickinessConfig(v *TargetGroupStickinessConfig) *ForwardActionConfig { + s.TargetGroupStickinessConfig = v + return s +} + +// SetTargetGroups sets the TargetGroups field's value. +func (s *ForwardActionConfig) SetTargetGroups(v []*TargetGroupTuple) *ForwardActionConfig { + s.TargetGroups = v + return s +} + +// Information about a host header condition. +type HostHeaderConditionConfig struct { + _ struct{} `type:"structure"` + + // One or more host names. The maximum size of each name is 128 characters. + // The comparison is case insensitive. The following wildcard characters are + // supported: * (matches 0 or more characters) and ? (matches exactly 1 character). + // + // If you specify multiple strings, the condition is satisfied if one of the + // strings matches the host name. + Values []*string `type:"list"` +} + +// String returns the string representation +func (s HostHeaderConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HostHeaderConditionConfig) GoString() string { + return s.String() +} + +// SetValues sets the Values field's value. +func (s *HostHeaderConditionConfig) SetValues(v []*string) *HostHeaderConditionConfig { + s.Values = v + return s +} + +// Information about an HTTP header condition. +// +// There is a set of standard HTTP header fields. You can also define custom +// HTTP header fields. +type HttpHeaderConditionConfig struct { + _ struct{} `type:"structure"` + + // The name of the HTTP header field. The maximum size is 40 characters. The + // header name is case insensitive. The allowed characters are specified by + // RFC 7230. Wildcards are not supported. + // + // You can't use an HTTP header condition to specify the host header. Use HostHeaderConditionConfig + // to specify a host header condition. + HttpHeaderName *string `type:"string"` + + // One or more strings to compare against the value of the HTTP header. The + // maximum size of each string is 128 characters. The comparison strings are + // case insensitive. The following wildcard characters are supported: * (matches + // 0 or more characters) and ? (matches exactly 1 character). + // + // If the same header appears multiple times in the request, we search them + // in order until a match is found. + // + // If you specify multiple strings, the condition is satisfied if one of the + // strings matches the value of the HTTP header. To require that all of the + // strings are a match, create one condition per string. + Values []*string `type:"list"` +} + +// String returns the string representation +func (s HttpHeaderConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpHeaderConditionConfig) GoString() string { + return s.String() +} + +// SetHttpHeaderName sets the HttpHeaderName field's value. +func (s *HttpHeaderConditionConfig) SetHttpHeaderName(v string) *HttpHeaderConditionConfig { + s.HttpHeaderName = &v + return s +} + +// SetValues sets the Values field's value. +func (s *HttpHeaderConditionConfig) SetValues(v []*string) *HttpHeaderConditionConfig { + s.Values = v + return s +} + +// Information about an HTTP method condition. +// +// HTTP defines a set of request methods, also referred to as HTTP verbs. For +// more information, see the HTTP Method Registry (https://www.iana.org/assignments/http-methods/http-methods.xhtml). +// You can also define custom HTTP methods. +type HttpRequestMethodConditionConfig struct { + _ struct{} `type:"structure"` + + // The name of the request method. The maximum size is 40 characters. The allowed + // characters are A-Z, hyphen (-), and underscore (_). The comparison is case + // sensitive. Wildcards are not supported; therefore, the method name must be + // an exact match. + // + // If you specify multiple strings, the condition is satisfied if one of the + // strings matches the HTTP request method. We recommend that you route GET + // and HEAD requests in the same way, because the response to a HEAD request + // may be cached. + Values []*string `type:"list"` +} + +// String returns the string representation +func (s HttpRequestMethodConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s HttpRequestMethodConditionConfig) GoString() string { + return s.String() +} + +// SetValues sets the Values field's value. +func (s *HttpRequestMethodConditionConfig) SetValues(v []*string) *HttpRequestMethodConditionConfig { + s.Values = v + return s +} + // Information about an Elastic Load Balancing resource limit for your AWS account. type Limit struct { _ struct{} `type:"structure"` @@ -6087,6 +6298,12 @@ type Limit struct { // // * target-groups // + // * target-groups-per-action-on-application-load-balancer + // + // * target-groups-per-action-on-network-load-balancer + // + // * target-groups-per-application-load-balancer + // // * targets-per-application-load-balancer // // * targets-per-availability-zone-per-network-load-balancer @@ -6121,8 +6338,7 @@ func (s *Limit) SetName(v string) *Limit { type Listener struct { _ struct{} `type:"structure"` - // The SSL server certificate. You must provide a certificate if the protocol - // is HTTPS or TLS. + // [HTTPS or TLS listener] The default certificate for the listener. Certificates []*Certificate `type:"list"` // The default actions for the listener. @@ -6140,8 +6356,8 @@ type Listener struct { // The protocol for connections from clients to the load balancer. Protocol *string `type:"string" enum:"ProtocolEnum"` - // The security policy that defines which ciphers and protocols are supported. - // The default is the current predefined security policy. + // [HTTPS or TLS listener] The security policy that defines which ciphers and + // protocols are supported. The default is the current predefined security policy. SslPolicy *string `type:"string"` } @@ -6231,8 +6447,8 @@ type LoadBalancer struct { // // The nodes of an internal load balancer have only private IP addresses. The // DNS name of an internal load balancer is publicly resolvable to the private - // IP addresses of the nodes. Therefore, internal load balancers can only route - // requests from clients with access to the VPC for the load balancer. + // IP addresses of the nodes. Therefore, internal load balancers can route requests + // only from clients with access to the VPC for the load balancer. Scheme *string `type:"string" enum:"LoadBalancerSchemeEnum"` // The IDs of the security groups for the load balancer. @@ -6334,11 +6550,15 @@ func (s *LoadBalancer) SetVpcId(v string) *LoadBalancer { type LoadBalancerAddress struct { _ struct{} `type:"structure"` - // [Network Load Balancers] The allocation ID of the Elastic IP address. + // [Network Load Balancers] The allocation ID of the Elastic IP address for + // an internal-facing load balancer. AllocationId *string `type:"string"` // The static IP address. IpAddress *string `type:"string"` + + // [Network Load Balancers] The private IPv4 address for an internal load balancer. + PrivateIPv4Address *string `type:"string"` } // String returns the string representation @@ -6363,6 +6583,12 @@ func (s *LoadBalancerAddress) SetIpAddress(v string) *LoadBalancerAddress { return s } +// SetPrivateIPv4Address sets the PrivateIPv4Address field's value. +func (s *LoadBalancerAddress) SetPrivateIPv4Address(v string) *LoadBalancerAddress { + s.PrivateIPv4Address = &v + return s +} + // Information about a load balancer attribute. type LoadBalancerAttribute struct { _ struct{} `type:"structure"` @@ -6372,11 +6598,6 @@ type LoadBalancerAttribute struct { // The following attributes are supported by both Application Load Balancers // and Network Load Balancers: // - // * deletion_protection.enabled - Indicates whether deletion protection - // is enabled. The value is true or false. The default is false. - // - // The following attributes are supported by only Application Load Balancers: - // // * access_logs.s3.enabled - Indicates whether access logs are enabled. // The value is true or false. The default is false. // @@ -6388,9 +6609,18 @@ type LoadBalancerAttribute struct { // * access_logs.s3.prefix - The prefix for the location in the S3 bucket // for the access logs. // + // * deletion_protection.enabled - Indicates whether deletion protection + // is enabled. The value is true or false. The default is false. + // + // The following attributes are supported by only Application Load Balancers: + // // * idle_timeout.timeout_seconds - The idle timeout value, in seconds. The // valid range is 1-4000 seconds. The default is 60 seconds. // + // * routing.http.drop_invalid_header_fields.enabled - Indicates whether + // HTTP headers with invalid header fields are removed by the load balancer + // (true) or routed to targets (false). The default is false. + // // * routing.http2.enabled - Indicates whether HTTP/2 is enabled. The value // is true or false. The default is true. // @@ -6509,9 +6739,9 @@ func (s *Matcher) SetHttpCode(v string) *Matcher { type ModifyListenerInput struct { _ struct{} `type:"structure"` - // [HTTPS and TLS listeners] The default SSL server certificate. You must provide - // exactly one certificate. Set CertificateArn to the certificate ARN but do - // not set IsDefault. + // [HTTPS and TLS listeners] The default certificate for the listener. You must + // provide exactly one certificate. Set CertificateArn to the certificate ARN + // but do not set IsDefault. // // To create a certificate list, use AddListenerCertificates. Certificates []*Certificate `type:"list"` @@ -6519,9 +6749,10 @@ type ModifyListenerInput struct { // The actions for the default rule. The rule must include one forward action // or one or more fixed-response actions. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP or TLS for a Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -6546,11 +6777,11 @@ type ModifyListenerInput struct { // The protocol for connections from clients to the load balancer. Application // Load Balancers support the HTTP and HTTPS protocols. Network Load Balancers - // support the TCP and TLS protocols. + // support the TCP, TLS, UDP, and TCP_UDP protocols. Protocol *string `type:"string" enum:"ProtocolEnum"` // [HTTPS and TLS listeners] The security policy that defines which protocols - // and ciphers are supported. For more information, see Security Policies (http://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) + // and ciphers are supported. For more information, see Security Policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) // in the Application Load Balancers Guide. SslPolicy *string `type:"string"` } @@ -6728,11 +6959,14 @@ func (s *ModifyLoadBalancerAttributesOutput) SetAttributes(v []*LoadBalancerAttr type ModifyRuleInput struct { _ struct{} `type:"structure"` - // The actions. + // The actions. Each rule must include exactly one of the following types of + // actions: forward, fixed-response, or redirect, and it must be the last action + // to be performed. // - // If the action type is forward, you specify a target group. The protocol of - // the target group must be HTTP or HTTPS for an Application Load Balancer. - // The protocol of the target group must be TCP or TLS for a Network Load Balancer. + // If the action type is forward, you specify one or more target groups. The + // protocol of the target group must be HTTP or HTTPS for an Application Load + // Balancer. The protocol of the target group must be TCP, TLS, UDP, or TCP_UDP + // for a Network Load Balancer. // // [HTTPS listeners] If the action type is authenticate-oidc, you authenticate // users through an identity provider that is OpenID Connect (OIDC) compliant. @@ -6747,35 +6981,9 @@ type ModifyRuleInput struct { // specified client requests and return a custom HTTP response. Actions []*Action `type:"list"` - // The conditions. Each condition specifies a field name and a single value. - // - // If the field name is host-header, you can specify a single host name (for - // example, my.example.com). A host name is case insensitive, can be up to 128 - // characters in length, and can contain any of the following characters. You - // can include up to three wildcard characters. - // - // * A-Z, a-z, 0-9 - // - // * - . - // - // * * (matches 0 or more characters) - // - // * ? (matches exactly 1 character) - // - // If the field name is path-pattern, you can specify a single path pattern. - // A path pattern is case-sensitive, can be up to 128 characters in length, - // and can contain any of the following characters. You can include up to three - // wildcard characters. - // - // * A-Z, a-z, 0-9 - // - // * _ - . $ / ~ " ' @ : + - // - // * & (using &) - // - // * * (matches 0 or more characters) - // - // * ? (matches exactly 1 character) + // The conditions. Each rule can include zero or one of the following conditions: + // http-request-method, host-header, path-pattern, and source-ip, and zero or + // more of the following conditions: http-header and query-string. Conditions []*RuleCondition `type:"list"` // The Amazon Resource Name (ARN) of the rule. @@ -6940,10 +7148,10 @@ type ModifyTargetGroupInput struct { HealthCheckEnabled *bool `type:"boolean"` // The approximate amount of time, in seconds, between health checks of an individual - // target. For Application Load Balancers, the range is 5–300 seconds. For Network - // Load Balancers, the supported values are 10 or 30 seconds. + // target. For Application Load Balancers, the range is 5 to 300 seconds. For + // Network Load Balancers, the supported values are 10 or 30 seconds. // - // If the protocol of the target group is TCP, you can't modify this setting. + // With Network Load Balancers, you can't modify this setting. HealthCheckIntervalSeconds *int64 `min:"5" type:"integer"` // [HTTP/HTTPS health checks] The ping path that is the destination for the @@ -6955,16 +7163,16 @@ type ModifyTargetGroupInput struct { // The protocol the load balancer uses when performing health checks on targets. // The TCP protocol is supported for health checks only if the protocol of the - // target group is TCP or TLS. The TLS protocol is not supported for health - // checks. + // target group is TCP, TLS, UDP, or TCP_UDP. The TLS, UDP, and TCP_UDP protocols + // are not supported for health checks. // - // If the protocol of the target group is TCP, you can't modify this setting. + // With Network Load Balancers, you can't modify this setting. HealthCheckProtocol *string `type:"string" enum:"ProtocolEnum"` // [HTTP/HTTPS health checks] The amount of time, in seconds, during which no // response means a failed health check. // - // If the protocol of the target group is TCP, you can't modify this setting. + // With Network Load Balancers, you can't modify this setting. HealthCheckTimeoutSeconds *int64 `min:"2" type:"integer"` // The number of consecutive health checks successes required before considering @@ -6974,7 +7182,7 @@ type ModifyTargetGroupInput struct { // [HTTP/HTTPS health checks] The HTTP codes to use when checking for a successful // response from a target. // - // If the protocol of the target group is TCP, you can't modify this setting. + // With Network Load Balancers, you can't modify this setting. Matcher *Matcher `type:"structure"` // The Amazon Resource Name (ARN) of the target group. @@ -7114,6 +7322,108 @@ func (s *ModifyTargetGroupOutput) SetTargetGroups(v []*TargetGroup) *ModifyTarge return s } +// Information about a path pattern condition. +type PathPatternConditionConfig struct { + _ struct{} `type:"structure"` + + // One or more path patterns to compare against the request URL. The maximum + // size of each string is 128 characters. The comparison is case sensitive. + // The following wildcard characters are supported: * (matches 0 or more characters) + // and ? (matches exactly 1 character). + // + // If you specify multiple strings, the condition is satisfied if one of them + // matches the request URL. The path pattern is compared only to the path of + // the URL, not to its query string. To compare against the query string, use + // QueryStringConditionConfig. + Values []*string `type:"list"` +} + +// String returns the string representation +func (s PathPatternConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PathPatternConditionConfig) GoString() string { + return s.String() +} + +// SetValues sets the Values field's value. +func (s *PathPatternConditionConfig) SetValues(v []*string) *PathPatternConditionConfig { + s.Values = v + return s +} + +// Information about a query string condition. +// +// The query string component of a URI starts after the first '?' character +// and is terminated by either a '#' character or the end of the URI. A typical +// query string contains key/value pairs separated by '&' characters. The allowed +// characters are specified by RFC 3986. Any character can be percentage encoded. +type QueryStringConditionConfig struct { + _ struct{} `type:"structure"` + + // One or more key/value pairs or values to find in the query string. The maximum + // size of each string is 128 characters. The comparison is case insensitive. + // The following wildcard characters are supported: * (matches 0 or more characters) + // and ? (matches exactly 1 character). To search for a literal '*' or '?' character + // in a query string, you must escape these characters in Values using a '\' + // character. + // + // If you specify multiple key/value pairs or values, the condition is satisfied + // if one of them is found in the query string. + Values []*QueryStringKeyValuePair `type:"list"` +} + +// String returns the string representation +func (s QueryStringConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s QueryStringConditionConfig) GoString() string { + return s.String() +} + +// SetValues sets the Values field's value. +func (s *QueryStringConditionConfig) SetValues(v []*QueryStringKeyValuePair) *QueryStringConditionConfig { + s.Values = v + return s +} + +// Information about a key/value pair. +type QueryStringKeyValuePair struct { + _ struct{} `type:"structure"` + + // The key. You can omit the key. + Key *string `type:"string"` + + // The value. + Value *string `type:"string"` +} + +// String returns the string representation +func (s QueryStringKeyValuePair) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s QueryStringKeyValuePair) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *QueryStringKeyValuePair) SetKey(v string) *QueryStringKeyValuePair { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *QueryStringKeyValuePair) SetValue(v string) *QueryStringKeyValuePair { + s.Value = &v + return s +} + // Information about a redirect action. // // A URI consists of the following components: protocol://hostname:port/path?query. @@ -7448,10 +7758,14 @@ func (s RemoveTagsOutput) GoString() string { type Rule struct { _ struct{} `type:"structure"` - // The actions. + // The actions. Each rule must include exactly one of the following types of + // actions: forward, redirect, or fixed-response, and it must be the last action + // to be performed. Actions []*Action `type:"list"` - // The conditions. + // The conditions. Each rule can include zero or one of the following conditions: + // http-request-method, host-header, path-pattern, and source-ip, and zero or + // more of the following conditions: http-header and query-string. Conditions []*RuleCondition `type:"list"` // Indicates whether this is the default rule. @@ -7508,15 +7822,46 @@ func (s *Rule) SetRuleArn(v string) *Rule { type RuleCondition struct { _ struct{} `type:"structure"` - // The name of the field. The possible values are host-header and path-pattern. + // The field in the HTTP request. The following are the possible values: + // + // * http-header + // + // * http-request-method + // + // * host-header + // + // * path-pattern + // + // * query-string + // + // * source-ip Field *string `type:"string"` - // The condition value. + // Information for a host header condition. Specify only when Field is host-header. + HostHeaderConfig *HostHeaderConditionConfig `type:"structure"` + + // Information for an HTTP header condition. Specify only when Field is http-header. + HttpHeaderConfig *HttpHeaderConditionConfig `type:"structure"` + + // Information for an HTTP method condition. Specify only when Field is http-request-method. + HttpRequestMethodConfig *HttpRequestMethodConditionConfig `type:"structure"` + + // Information for a path pattern condition. Specify only when Field is path-pattern. + PathPatternConfig *PathPatternConditionConfig `type:"structure"` + + // Information for a query string condition. Specify only when Field is query-string. + QueryStringConfig *QueryStringConditionConfig `type:"structure"` + + // Information for a source IP condition. Specify only when Field is source-ip. + SourceIpConfig *SourceIpConditionConfig `type:"structure"` + + // The condition value. You can use Values if the rule contains only host-header + // and path-pattern conditions. Otherwise, you can use HostHeaderConfig for + // host-header conditions and PathPatternConfig for path-pattern conditions. // - // If the field name is host-header, you can specify a single host name (for - // example, my.example.com). A host name is case insensitive, can be up to 128 - // characters in length, and can contain any of the following characters. You - // can include up to three wildcard characters. + // If Field is host-header, you can specify a single host name (for example, + // my.example.com). A host name is case insensitive, can be up to 128 characters + // in length, and can contain any of the following characters. // // * A-Z, a-z, 0-9 // @@ -7526,10 +7871,9 @@ type RuleCondition struct { // // * ? (matches exactly 1 character) // - // If the field name is path-pattern, you can specify a single path pattern - // (for example, /img/*). A path pattern is case-sensitive, can be up to 128 - // characters in length, and can contain any of the following characters. You - // can include up to three wildcard characters. + // If Field is path-pattern, you can specify a single path pattern (for example, + // /img/*). A path pattern is case-sensitive, can be up to 128 characters in + // length, and can contain any of the following characters. // // * A-Z, a-z, 0-9 // @@ -7559,6 +7903,42 @@ func (s *RuleCondition) SetField(v string) *RuleCondition { return s } +// SetHostHeaderConfig sets the HostHeaderConfig field's value. +func (s *RuleCondition) SetHostHeaderConfig(v *HostHeaderConditionConfig) *RuleCondition { + s.HostHeaderConfig = v + return s +} + +// SetHttpHeaderConfig sets the HttpHeaderConfig field's value. +func (s *RuleCondition) SetHttpHeaderConfig(v *HttpHeaderConditionConfig) *RuleCondition { + s.HttpHeaderConfig = v + return s +} + +// SetHttpRequestMethodConfig sets the HttpRequestMethodConfig field's value. +func (s *RuleCondition) SetHttpRequestMethodConfig(v *HttpRequestMethodConditionConfig) *RuleCondition { + s.HttpRequestMethodConfig = v + return s +} + +// SetPathPatternConfig sets the PathPatternConfig field's value. +func (s *RuleCondition) SetPathPatternConfig(v *PathPatternConditionConfig) *RuleCondition { + s.PathPatternConfig = v + return s +} + +// SetQueryStringConfig sets the QueryStringConfig field's value. +func (s *RuleCondition) SetQueryStringConfig(v *QueryStringConditionConfig) *RuleCondition { + s.QueryStringConfig = v + return s +} + +// SetSourceIpConfig sets the SourceIpConfig field's value. +func (s *RuleCondition) SetSourceIpConfig(v *SourceIpConditionConfig) *RuleCondition { + s.SourceIpConfig = v + return s +} + // SetValues sets the Values field's value. func (s *RuleCondition) SetValues(v []*string) *RuleCondition { s.Values = v @@ -7616,7 +7996,7 @@ type SetIpAddressTypeInput struct { // The IP address type. The possible values are ipv4 (for IPv4 addresses) and // dualstack (for IPv4 and IPv6 addresses). Internal load balancers must use - // ipv4. + // ipv4. Network Load Balancers must use ipv4. // // IpAddressType is a required field IpAddressType *string `type:"string" required:"true" enum:"IpAddressType"` @@ -7842,11 +8222,17 @@ type SetSubnetsInput struct { // LoadBalancerArn is a required field LoadBalancerArn *string `type:"string" required:"true"` - // The IDs of the public subnets. You must specify subnets from at least two - // Availability Zones. You can specify only one subnet per Availability Zone. - // You must specify either subnets or subnet mappings. + // The IDs of the public subnets. You can specify only one subnet per Availability + // Zone. You must specify either subnets or subnet mappings. // - // You cannot specify Elastic IP addresses for your subnets. + // [Application Load Balancers] You must specify subnets from at least two Availability + // Zones. You cannot specify Elastic IP addresses for your subnets. + // + // [Network Load Balancers] You can specify subnets from one or more Availability + // Zones. If you need static IP addresses for your internet-facing load balancer, + // you can specify one Elastic IP address per subnet. For internal load balancers, + // you can specify one private IP address per subnet from the IPv4 range of + // the subnet. SubnetMappings []*SubnetMapping `type:"list"` // The IDs of the public subnets. You must specify subnets from at least two @@ -7919,6 +8305,40 @@ func (s *SetSubnetsOutput) SetAvailabilityZones(v []*AvailabilityZone) *SetSubne return s } +// Information about a source IP condition. +// +// You can use this condition to route based on the IP address of the source +// that connects to the load balancer. If a client is behind a proxy, this is +// the IP address of the proxy not the IP address of the client. +type SourceIpConditionConfig struct { + _ struct{} `type:"structure"` + + // One or more source IP addresses, in CIDR format. You can use both IPv4 and + // IPv6 addresses. Wildcards are not supported. + // + // If you specify multiple addresses, the condition is satisfied if the source + // IP address of the request matches one of the CIDR blocks. This condition + // is not satisfied by the addresses in the X-Forwarded-For header. To search + // for addresses in the X-Forwarded-For header, use HttpHeaderConditionConfig. + Values []*string `type:"list"` +} + +// String returns the string representation +func (s SourceIpConditionConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SourceIpConditionConfig) GoString() string { + return s.String() +} + +// SetValues sets the Values field's value. +func (s *SourceIpConditionConfig) SetValues(v []*string) *SourceIpConditionConfig { + s.Values = v + return s +} + // Information about a policy used for SSL negotiation. type SslPolicy struct { _ struct{} `type:"structure"` @@ -7965,9 +8385,13 @@ func (s *SslPolicy) SetSslProtocols(v []*string) *SslPolicy { type SubnetMapping struct { _ struct{} `type:"structure"` - // [Network Load Balancers] The allocation ID of the Elastic IP address. + // [Network Load Balancers] The allocation ID of the Elastic IP address for + // an internet-facing load balancer. AllocationId *string `type:"string"` + // [Network Load Balancers] The private IPv4 address for an internal load balancer. + PrivateIPv4Address *string `type:"string"` + // The ID of the subnet. SubnetId *string `type:"string"` } @@ -7988,6 +8412,12 @@ func (s *SubnetMapping) SetAllocationId(v string) *SubnetMapping { return s } +// SetPrivateIPv4Address sets the PrivateIPv4Address field's value. +func (s *SubnetMapping) SetPrivateIPv4Address(v string) *SubnetMapping { + s.PrivateIPv4Address = &v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *SubnetMapping) SetSubnetId(v string) *SubnetMapping { s.SubnetId = &v @@ -8108,7 +8538,8 @@ type TargetDescription struct { // Id is a required field Id *string `type:"string" required:"true"` - // The port on which the target is listening. + // The port on which the target is listening. Not used if the target is a Lambda + // function. Port *int64 `min:"1" type:"integer"` } @@ -8191,7 +8622,8 @@ type TargetGroup struct { // The HTTP codes to use when checking for a successful response from a target. Matcher *Matcher `type:"structure"` - // The port on which the targets are listening. + // The port on which the targets are listening. Not used if the target is a + // Lambda function. Port *int64 `min:"1" type:"integer"` // The protocol to use for routing traffic to the targets. @@ -8340,6 +8772,10 @@ type TargetGroupAttribute struct { // The following attributes are supported by Application Load Balancers if the // target is not a Lambda function: // + // * load_balancing.algorithm.type - The load balancing algorithm determines + // how the load balancer selects targets when routing requests. The value + // is round_robin or least_outstanding_requests. The default is round_robin. + // // * slow_start.duration_seconds - The time period, in seconds, during which // a newly registered target receives a linearly increasing share of the // traffic to the target group. After this time period ends, the target receives @@ -8399,6 +8835,74 @@ func (s *TargetGroupAttribute) SetValue(v string) *TargetGroupAttribute { return s } +// Information about the target group stickiness for a rule. +type TargetGroupStickinessConfig struct { + _ struct{} `type:"structure"` + + // The time period, in seconds, during which requests from a client should be + // routed to the same target group. The range is 1-604800 seconds (7 days). + DurationSeconds *int64 `type:"integer"` + + // Indicates whether target group stickiness is enabled. + Enabled *bool `type:"boolean"` +} + +// String returns the string representation +func (s TargetGroupStickinessConfig) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TargetGroupStickinessConfig) GoString() string { + return s.String() +} + +// SetDurationSeconds sets the DurationSeconds field's value. +func (s *TargetGroupStickinessConfig) SetDurationSeconds(v int64) *TargetGroupStickinessConfig { + s.DurationSeconds = &v + return s +} + +// SetEnabled sets the Enabled field's value. +func (s *TargetGroupStickinessConfig) SetEnabled(v bool) *TargetGroupStickinessConfig { + s.Enabled = &v + return s +} + +// Information about how traffic will be distributed between multiple target +// groups in a forward rule. +type TargetGroupTuple struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the target group. + TargetGroupArn *string `type:"string"` + + // The weight. The range is 0 to 999. + Weight *int64 `type:"integer"` +} + +// String returns the string representation +func (s TargetGroupTuple) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TargetGroupTuple) GoString() string { + return s.String() +} + +// SetTargetGroupArn sets the TargetGroupArn field's value. +func (s *TargetGroupTuple) SetTargetGroupArn(v string) *TargetGroupTuple { + s.TargetGroupArn = &v + return s +} + +// SetWeight sets the Weight field's value. +func (s *TargetGroupTuple) SetWeight(v int64) *TargetGroupTuple { + s.Weight = &v + return s +} + // Information about the current health of a target. type TargetHealth struct { _ struct{} `type:"structure"` @@ -8424,15 +8928,16 @@ type TargetHealth struct { // values: // // * Target.ResponseCodeMismatch - The health checks did not return an expected - // HTTP code. + // HTTP code. Applies only to Application Load Balancers. // - // * Target.Timeout - The health check requests timed out. + // * Target.Timeout - The health check requests timed out. Applies only to + // Application Load Balancers. // - // * Target.FailedHealthChecks - The health checks failed because the connection - // to the target timed out, the target response was malformed, or the target - // failed the health check for an unknown reason. + // * Target.FailedHealthChecks - The load balancer received an error while + // establishing a connection to the target or the target response was malformed. // // * Elb.InternalError - The health checks failed due to an internal error. + // Applies only to Application Load Balancers. // // If the target state is unused, the reason code can be one of the following // values: @@ -8444,11 +8949,11 @@ type TargetHealth struct { // or the target is in an Availability Zone that is not enabled for its load // balancer. // + // * Target.InvalidState - The target is in the stopped or terminated state. + // // * Target.IpUnusable - The target IP address is reserved for use by a load // balancer. // - // * Target.InvalidState - The target is in the stopped or terminated state. - // // If the target state is draining, the reason code can be the following value: // // * Target.DeregistrationInProgress - The target is in the process of being @@ -8458,7 +8963,10 @@ type TargetHealth struct { // value: // // * Target.HealthCheckDisabled - Health checks are disabled for the target - // group. + // group. Applies only to Application Load Balancers. + // + // * Elb.InternalError - Target health is unavailable due to an internal + // error. Applies only to Network Load Balancers. Reason *string `type:"string" enum:"TargetHealthReasonEnum"` // The state of the target. @@ -8624,6 +9132,12 @@ const ( // ProtocolEnumTls is a ProtocolEnum enum value ProtocolEnumTls = "TLS" + + // ProtocolEnumUdp is a ProtocolEnum enum value + ProtocolEnumUdp = "UDP" + + // ProtocolEnumTcpUdp is a ProtocolEnum enum value + ProtocolEnumTcpUdp = "TCP_UDP" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/doc.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/doc.go index cae80a9514d..9a67fe29932 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/doc.go @@ -15,40 +15,16 @@ // the targets. // // Elastic Load Balancing supports the following types of load balancers: Application -// Load Balancers, Network Load Balancers, and Classic Load Balancers. +// Load Balancers, Network Load Balancers, and Classic Load Balancers. This +// reference covers Application Load Balancers and Network Load Balancers. // // An Application Load Balancer makes routing and load balancing decisions at // the application layer (HTTP/HTTPS). A Network Load Balancer makes routing // and load balancing decisions at the transport layer (TCP/TLS). Both Application // Load Balancers and Network Load Balancers can route requests to one or more // ports on each EC2 instance or container instance in your virtual private -// cloud (VPC). -// -// A Classic Load Balancer makes routing and load balancing decisions either -// at the transport layer (TCP/SSL) or the application layer (HTTP/HTTPS), and -// supports either EC2-Classic or a VPC. For more information, see the Elastic -// Load Balancing User Guide (http://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/). -// -// This reference covers the 2015-12-01 API, which supports Application Load -// Balancers and Network Load Balancers. The 2012-06-01 API supports Classic -// Load Balancers. -// -// To get started, complete the following tasks: -// -// Create a load balancer using CreateLoadBalancer. -// -// Create a target group using CreateTargetGroup. -// -// Register targets for the target group using RegisterTargets. -// -// Create one or more listeners for your load balancer using CreateListener. -// -// To delete a load balancer and its related resources, complete the following -// tasks: -// -// Delete the load balancer using DeleteLoadBalancer. -// -// Delete the target group using DeleteTargetGroup. +// cloud (VPC). For more information, see the Elastic Load Balancing User Guide +// (https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/). // // All Elastic Load Balancing operations are idempotent, which means that they // complete at most one time. If you repeat an operation, it succeeds. diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go index b813ebeff7a..fa10830ff9c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/errors.go @@ -211,6 +211,14 @@ const ( // You've reached the limit on the number of targets. ErrCodeTooManyTargetsException = "TooManyTargets" + // ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException for service response error code + // "TooManyUniqueTargetGroupsPerLoadBalancer". + // + // You've reached the limit on the number of unique target groups per load balancer + // across all listeners. If a target group is used by multiple actions for a + // load balancer, it is counted as only one use. + ErrCodeTooManyUniqueTargetGroupsPerLoadBalancerException = "TooManyUniqueTargetGroupsPerLoadBalancer" + // ErrCodeUnsupportedProtocolException for service response error code // "UnsupportedProtocol". // diff --git a/vendor/github.com/aws/aws-sdk-go/service/elbv2/service.go b/vendor/github.com/aws/aws-sdk-go/service/elbv2/service.go index ad97e8df885..1c869cf040b 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/elbv2/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/elbv2/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "elasticloadbalancing" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "Elastic Load Balancing v2" // ServiceID is a unique identifer of a specific service. + ServiceID = "Elastic Load Balancing v2" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the ELBV2 client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a ELBV2 client from just a session. // svc := elbv2.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := elbv2.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *ELBV2 { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *ELBV2 { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *ELBV2 { svc := &ELBV2{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2015-12-01", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go index e669ba46ff6..caa94ee95a6 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go @@ -58,16 +58,15 @@ func (c *KMS) CancelKeyDeletionRequest(input *CancelKeyDeletionInput) (req *requ // CancelKeyDeletion API operation for AWS Key Management Service. // // Cancels the deletion of a customer master key (CMK). When this operation -// is successful, the CMK is set to the Disabled state. To enable a CMK, use -// EnableKey. You cannot perform this operation on a CMK in a different AWS -// account. +// succeeds, the key state of the CMK is Disabled. To enable the CMK, use EnableKey. +// You cannot perform this operation on a CMK in a different AWS account. // // For more information about scheduling and canceling deletion of a CMK, see -// Deleting Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) +// Deleting Customer Master Keys (https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) // in the AWS Key Management Service Developer Guide. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -77,29 +76,30 @@ func (c *KMS) CancelKeyDeletionRequest(input *CancelKeyDeletionInput) (req *requ // See the AWS API reference guide for AWS Key Management Service's // API operation CancelKeyDeletion for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CancelKeyDeletion func (c *KMS) CancelKeyDeletion(input *CancelKeyDeletionInput) (*CancelKeyDeletionOutput, error) { @@ -168,7 +168,7 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // ConnectCustomKeyStore API operation for AWS Key Management Service. // -// Connects or reconnects a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) +// Connects or reconnects a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // to its associated AWS CloudHSM cluster. // // The custom key store must be connected before you can create customer master @@ -177,8 +177,8 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // // To connect a custom key store, its associated AWS CloudHSM cluster must have // at least one active HSM. To get the number of active HSMs in a cluster, use -// the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters) -// operation. To add HSMs to the cluster, use the CreateHsm (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm) +// the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) +// operation. To add HSMs to the cluster, use the CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) // operation. // // The connection process can take an extended amount of time to complete; up @@ -192,8 +192,8 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // During the connection process, AWS KMS finds the AWS CloudHSM cluster that // is associated with the custom key store, creates the connection infrastructure, // connects to the cluster, logs into the AWS CloudHSM client as the kmsuser -// (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) -// crypto user (CU), and rotates its password. +// crypto user (https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) +// (CU), and rotates its password. // // The ConnectCustomKeyStore operation might fail for various reasons. To find // the reason, use the DescribeCustomKeyStores operation and see the ConnectionErrorCode @@ -204,7 +204,7 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // if necessary, and then use ConnectCustomKeyStore again. // // If you are having trouble connecting or disconnecting a custom key store, -// see Troubleshooting a Custom Key Store (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) +// see Troubleshooting a Custom Key Store (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -214,15 +214,15 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // See the AWS API reference guide for AWS Key Management Service's // API operation ConnectCustomKeyStore for usage and error information. // -// Returned Error Codes: -// * ErrCodeCloudHsmClusterNotActiveException "CloudHsmClusterNotActiveException" +// Returned Error Types: +// * CloudHsmClusterNotActiveException // The request was rejected because the AWS CloudHSM cluster that is associated // with the custom key store is not active. Initialize and activate the cluster // and try the command again. For detailed instructions, see Getting Started -// (http://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) +// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) // in the AWS CloudHSM User Guide. // -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -241,31 +241,45 @@ func (c *KMS) ConnectCustomKeyStoreRequest(input *ConnectCustomKeyStoreInput) (r // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. // -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeCloudHsmClusterInvalidConfigurationException "CloudHsmClusterInvalidConfigurationException" +// * CloudHsmClusterInvalidConfigurationException // The request was rejected because the associated AWS CloudHSM cluster did -// not meet the configuration requirements for a custom key store. The cluster -// must be configured with private subnets in at least two different Availability -// Zones in the Region. Also, it must contain at least as many HSMs as the operation -// requires. +// not meet the configuration requirements for a custom key store. // -// For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, -// the AWS CloudHSM cluster must have at least two active HSMs, each in a different -// Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM -// must contain at least one active HSM. +// * The cluster must be configured with private subnets in at least two +// different Availability Zones in the Region. // -// For information about creating a private subnet for a AWS CloudHSM cluster, -// see Create a Private Subnet (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) -// in the AWS CloudHSM User Guide. To add HSMs, use the AWS CloudHSM CreateHsm -// (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) -// operation. +// * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// (cloudhsm-cluster--sg) must include inbound rules and outbound +// rules that allow TCP traffic on ports 2223-2225. The Source in the inbound +// rules and the Destination in the outbound rules must match the security +// group ID. These rules are set by default when you create the cluster. +// Do not delete or change them. To get information about a particular security +// group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) +// operation. +// +// * The cluster must contain at least as many HSMs as the operation requires. +// To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) +// operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey +// operations, the AWS CloudHSM cluster must have at least two active HSMs, +// each in a different Availability Zone. For the ConnectCustomKeyStore operation, +// the AWS CloudHSM must contain at least one active HSM. +// +// For information about the requirements for an AWS CloudHSM cluster that is +// associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. For information about +// creating a private subnet for an AWS CloudHSM cluster, see Create a Private +// Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) +// in the AWS CloudHSM User Guide. For information about cluster security groups, +// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// in the AWS CloudHSM User Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ConnectCustomKeyStore func (c *KMS) ConnectCustomKeyStore(input *ConnectCustomKeyStoreInput) (*ConnectCustomKeyStoreOutput, error) { @@ -334,32 +348,69 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, // CreateAlias API operation for AWS Key Management Service. // -// Creates a display name for a customer master key (CMK). You can use an alias -// to identify a CMK in selected operations, such as Encrypt and GenerateDataKey. +// Creates a display name for a customer managed customer master key (CMK). +// You can use an alias to identify a CMK in cryptographic operations, such +// as Encrypt and GenerateDataKey. You can change the CMK associated with the +// alias at any time. // -// Each CMK can have multiple aliases, but each alias points to only one CMK. -// The alias name must be unique in the AWS account and region. To simplify -// code that runs in multiple regions, use the same alias name, but point it -// to a different CMK in each region. +// Aliases are easier to remember than key IDs. They can also help to simplify +// your applications. For example, if you use an alias in your code, you can +// change the CMK your code uses by associating a given alias with a different +// CMK. +// +// To run the same code in multiple AWS regions, use an alias in your code, +// such as alias/ApplicationKey. Then, in each AWS Region, create an alias/ApplicationKey +// alias that is associated with a CMK in that Region. When you run your code, +// it uses the alias/ApplicationKey CMK for that AWS Region without any Region-specific +// code. +// +// This operation does not return a response. To get the alias that you created, +// use the ListAliases operation. +// +// To use aliases successfully, be aware of the following information. +// +// * Each alias points to only one CMK at a time, although a single CMK can +// have multiple aliases. The alias and its associated CMK must be in the +// same AWS account and Region. +// +// * You can associate an alias with any customer managed CMK in the same +// AWS account and Region. However, you do not have permission to associate +// an alias with an AWS managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) +// or an AWS owned CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk). +// +// * To change the CMK associated with an alias, use the UpdateAlias operation. +// The current CMK and the new CMK must be the same type (both symmetric +// or both asymmetric) and they must have the same key usage (ENCRYPT_DECRYPT +// or SIGN_VERIFY). This restriction prevents cryptographic errors in code +// that uses aliases. +// +// * The alias name must begin with alias/ followed by a name, such as alias/ExampleAlias. +// It can contain only alphanumeric characters, forward slashes (/), underscores +// (_), and dashes (-). The alias name cannot begin with alias/aws/. The +// alias/aws/ prefix is reserved for AWS managed CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). +// +// * The alias name must be unique within an AWS Region. However, you can +// use the same alias name in multiple Regions of the same AWS account. Each +// instance of the alias is associated with a CMK in its Region. +// +// * After you create an alias, you cannot change its alias name. However, +// you can use the DeleteAlias operation to delete the alias and then create +// a new alias with the desired name. +// +// * You can use an alias name or alias ARN to identify a CMK in AWS KMS +// cryptographic operations and in the DescribeKey operation. However, you +// cannot use alias names or alias ARNs in API operations that manage CMKs, +// such as DisableKey or GetKeyPolicy. For information about the valid CMK +// identifiers for each AWS KMS API operation, see the descriptions of the +// KeyId parameter in the API operation documentation. // // Because an alias is not a property of a CMK, you can delete and change the // aliases of a CMK without affecting the CMK. Also, aliases do not appear in -// the response from the DescribeKey operation. To get the aliases of all CMKs, -// use the ListAliases operation. +// the response from the DescribeKey operation. To get the aliases and alias +// ARNs of CMKs in each AWS account and Region, use the ListAliases operation. // -// An alias must start with the word alias followed by a forward slash (alias/). -// The alias name can contain only alphanumeric characters, forward slashes -// (/), underscores (_), and dashes (-). Alias names cannot begin with aws; -// that alias name prefix is reserved by Amazon Web Services (AWS). -// -// The alias and the CMK it is mapped to must be in the same AWS account and -// the same region. You cannot perform this operation on an alias in a different -// AWS account. -// -// To map an existing alias to a different CMK, call UpdateAlias. -// -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -369,38 +420,38 @@ func (c *KMS) CreateAliasRequest(input *CreateAliasInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation CreateAlias for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeAlreadyExistsException "AlreadyExistsException" +// * AlreadyExistsException // The request was rejected because it attempted to create a resource that already // exists. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidAliasNameException "InvalidAliasNameException" +// * InvalidAliasNameException // The request was rejected because the specified alias name is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateAlias func (c *KMS) CreateAlias(input *CreateAliasInput) (*CreateAliasOutput, error) { @@ -468,71 +519,29 @@ func (c *KMS) CreateCustomKeyStoreRequest(input *CreateCustomKeyStoreInput) (req // CreateCustomKeyStore API operation for AWS Key Management Service. // -// Creates a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) -// that is associated with an AWS CloudHSM cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html) +// Creates a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// that is associated with an AWS CloudHSM cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html) // that you own and manage. // -// This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // feature in AWS KMS, which combines the convenience and extensive integration // of AWS KMS with the isolation and control of a single-tenant key store. // +// Before you create the custom key store, you must assemble the required elements, +// including an AWS CloudHSM cluster that fulfills the requirements for a custom +// key store. For details about the required elements, see Assemble the Prerequisites +// (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. +// // When the operation completes successfully, it returns the ID of the new custom // key store. Before you can use your new custom key store, you need to use // the ConnectCustomKeyStore operation to connect the new key store to its AWS -// CloudHSM cluster. +// CloudHSM cluster. Even if you are not going to use your custom key store +// immediately, you might want to connect it to verify that all settings are +// correct and then disconnect it until you are ready to use it. // -// The CreateCustomKeyStore operation requires the following elements. -// -// * You must specify an active AWS CloudHSM cluster in the same account -// and AWS Region as the custom key store. You can use an existing cluster -// or create and activate a new AWS CloudHSM cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-cluster.html) -// for the key store. AWS KMS does not require exclusive use of the cluster. -// -// * You must include the content of the trust anchor certificate for the -// cluster. You created this certificate, and saved it in the customerCA.crt -// file, when you initialized the cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr). -// -// * You must provide the password of the dedicated kmsuser (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) -// crypto user (CU) account in the cluster. -// -// Before you create the custom key store, use the createUser (http://docs.aws.amazon.com/cloudhsm/latest/userguide/cloudhsm_mgmt_util-createUser.html) -// command in cloudhsm_mgmt_util to create a crypto user (CU) named (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser)kmsuserin -// specified AWS CloudHSM cluster. AWS KMS uses the kmsuser CU account to -// create and manage key material on your behalf. For instructions, see Create -// the kmsuser Crypto User (http://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) -// in the AWS Key Management Service Developer Guide. -// -// The AWS CloudHSM cluster that you specify must meet the following requirements. -// -// * The cluster must be active and be in the same AWS account and Region -// as the custom key store. -// -// * Each custom key store must be associated with a different AWS CloudHSM -// cluster. The cluster cannot be associated with another custom key store -// or have the same cluster certificate as a cluster that is associated with -// another custom key store. To view the cluster certificate, use the AWS -// CloudHSM DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) -// operation. Clusters that share a backup history have the same cluster -// certificate. -// -// * The cluster must be configured with subnets in at least two different -// Availability Zones in the Region. Because AWS CloudHSM is not supported -// in all Availability Zones, we recommend that the cluster have subnets -// in all Availability Zones in the Region. -// -// * The cluster must contain at least two active HSMs, each in a different -// Availability Zone. -// -// New custom key stores are not automatically connected. After you create your -// custom key store, use the ConnectCustomKeyStore operation to connect the -// custom key store to its associated AWS CloudHSM cluster. Even if you are -// not going to use your custom key store immediately, you might want to connect -// it to verify that all settings are correct and then disconnect it until you -// are ready to use it. -// -// If this operation succeeds, it returns the ID of the new custom key store. -// For help with failures, see Troubleshoot a Custom Key Store (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) -// in the AWS KMS Developer Guide. +// For help with failures, see Troubleshooting a Custom Key Store (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) +// in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -541,63 +550,77 @@ func (c *KMS) CreateCustomKeyStoreRequest(input *CreateCustomKeyStoreInput) (req // See the AWS API reference guide for AWS Key Management Service's // API operation CreateCustomKeyStore for usage and error information. // -// Returned Error Codes: -// * ErrCodeCloudHsmClusterInUseException "CloudHsmClusterInUseException" +// Returned Error Types: +// * CloudHsmClusterInUseException // The request was rejected because the specified AWS CloudHSM cluster is already // associated with a custom key store or it shares a backup history with a cluster // that is associated with a custom key store. Each custom key store must be // associated with a different AWS CloudHSM cluster. // // Clusters that share a backup history have the same cluster certificate. To -// view the cluster certificate of a cluster, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) +// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. // -// * ErrCodeCustomKeyStoreNameInUseException "CustomKeyStoreNameInUseException" +// * CustomKeyStoreNameInUseException // The request was rejected because the specified custom key store name is already // assigned to another custom key store in the account. Try again with a custom // key store name that is unique in the account. // -// * ErrCodeCloudHsmClusterNotFoundException "CloudHsmClusterNotFoundException" +// * CloudHsmClusterNotFoundException // The request was rejected because AWS KMS cannot find the AWS CloudHSM cluster // with the specified cluster ID. Retry the request with a different cluster // ID. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeCloudHsmClusterNotActiveException "CloudHsmClusterNotActiveException" +// * CloudHsmClusterNotActiveException // The request was rejected because the AWS CloudHSM cluster that is associated // with the custom key store is not active. Initialize and activate the cluster // and try the command again. For detailed instructions, see Getting Started -// (http://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) +// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) // in the AWS CloudHSM User Guide. // -// * ErrCodeIncorrectTrustAnchorException "IncorrectTrustAnchorException" +// * IncorrectTrustAnchorException // The request was rejected because the trust anchor certificate in the request // is not the trust anchor certificate for the specified AWS CloudHSM cluster. // -// When you initialize the cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), +// When you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), // you create the trust anchor certificate and save it in the customerCA.crt // file. // -// * ErrCodeCloudHsmClusterInvalidConfigurationException "CloudHsmClusterInvalidConfigurationException" +// * CloudHsmClusterInvalidConfigurationException // The request was rejected because the associated AWS CloudHSM cluster did -// not meet the configuration requirements for a custom key store. The cluster -// must be configured with private subnets in at least two different Availability -// Zones in the Region. Also, it must contain at least as many HSMs as the operation -// requires. +// not meet the configuration requirements for a custom key store. // -// For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, -// the AWS CloudHSM cluster must have at least two active HSMs, each in a different -// Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM -// must contain at least one active HSM. +// * The cluster must be configured with private subnets in at least two +// different Availability Zones in the Region. // -// For information about creating a private subnet for a AWS CloudHSM cluster, -// see Create a Private Subnet (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) -// in the AWS CloudHSM User Guide. To add HSMs, use the AWS CloudHSM CreateHsm -// (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) -// operation. +// * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// (cloudhsm-cluster--sg) must include inbound rules and outbound +// rules that allow TCP traffic on ports 2223-2225. The Source in the inbound +// rules and the Destination in the outbound rules must match the security +// group ID. These rules are set by default when you create the cluster. +// Do not delete or change them. To get information about a particular security +// group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) +// operation. +// +// * The cluster must contain at least as many HSMs as the operation requires. +// To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) +// operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey +// operations, the AWS CloudHSM cluster must have at least two active HSMs, +// each in a different Availability Zone. For the ConnectCustomKeyStore operation, +// the AWS CloudHSM must contain at least one active HSM. +// +// For information about the requirements for an AWS CloudHSM cluster that is +// associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. For information about +// creating a private subnet for an AWS CloudHSM cluster, see Create a Private +// Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) +// in the AWS CloudHSM User Guide. For information about cluster security groups, +// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// in the AWS CloudHSM User Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateCustomKeyStore func (c *KMS) CreateCustomKeyStore(input *CreateCustomKeyStoreInput) (*CreateCustomKeyStoreOutput, error) { @@ -665,17 +688,48 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request, // CreateGrant API operation for AWS Key Management Service. // -// Adds a grant to a customer master key (CMK). The grant specifies who can -// use the CMK and under what conditions. When setting permissions, grants are -// an alternative to key policies. +// Adds a grant to a customer master key (CMK). The grant allows the grantee +// principal to use the CMK when the conditions specified in the grant are met. +// When setting permissions, grants are an alternative to key policies. +// +// To create a grant that allows a cryptographic operation only when the request +// includes a particular encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context), +// use the Constraints parameter. For details, see GrantConstraints. +// +// You can create grants on symmetric and asymmetric CMKs. However, if the grant +// allows an operation that the CMK does not support, CreateGrant fails with +// a ValidationException. +// +// * Grants for symmetric CMKs cannot allow operations that are not supported +// for symmetric CMKs, including Sign, Verify, and GetPublicKey. (There are +// limited exceptions to this rule for legacy operations, but you should +// not create a grant for an operation that AWS KMS does not support.) +// +// * Grants for asymmetric CMKs cannot allow operations that are not supported +// for asymmetric CMKs, including operations that generate data keys (https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKey) +// or data key pairs (https://docs.aws.amazon.com/kms/latest/APIReference/API_GenerateDataKeyPair), +// or operations related to automatic key rotation (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html), +// imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html), +// or CMKs in custom key stores (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). +// +// * Grants for asymmetric CMKs with a KeyUsage of ENCRYPT_DECRYPT cannot +// allow the Sign or Verify operations. Grants for asymmetric CMKs with a +// KeyUsage of SIGN_VERIFY cannot allow the Encrypt or Decrypt operations. +// +// * Grants for asymmetric CMKs cannot include an encryption context grant +// constraint. An encryption context is not supported on asymmetric CMKs. +// +// For information about symmetric and asymmetric CMKs, see Using Symmetric +// and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. // // To perform this operation on a CMK in a different AWS account, specify the // key ARN in the value of the KeyId parameter. For more information about grants, -// see Grants (http://docs.aws.amazon.com/kms/latest/developerguide/grants.html) -// in the AWS Key Management Service Developer Guide. +// see Grants (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html) +// in the AWS Key Management Service Developer Guide . // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -685,40 +739,41 @@ func (c *KMS) CreateGrantRequest(input *CreateGrantInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation CreateGrant for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateGrant func (c *KMS) CreateGrant(input *CreateGrantInput) (*CreateGrantOutput, error) { @@ -786,29 +841,67 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out // CreateKey API operation for AWS Key Management Service. // -// Creates a customer master key (CMK) in the caller's AWS account. +// Creates a unique customer managed customer master key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master-keys) +// (CMK) in your AWS account and Region. You cannot use this operation to create +// a CMK in a different AWS account. // -// You can use a CMK to encrypt small amounts of data (4 KiB or less) directly, -// but CMKs are more commonly used to encrypt data keys, which are used to encrypt -// raw data. For more information about data keys and the difference between -// CMKs and data keys, see the following: +// You can use the CreateKey operation to create symmetric or asymmetric CMKs. // -// * The GenerateDataKey operation +// * Symmetric CMKs contain a 256-bit symmetric key that never leaves AWS +// KMS unencrypted. To use the CMK, you must call AWS KMS. You can use a +// symmetric CMK to encrypt and decrypt small amounts of data, but they are +// typically used to generate data keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys) +// or data key pairs. For details, see GenerateDataKey and GenerateDataKeyPair. // -// * AWS Key Management Service Concepts (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) -// in the AWS Key Management Service Developer Guide +// * Asymmetric CMKs can contain an RSA key pair or an Elliptic Curve (ECC) +// key pair. The private key in an asymmetric CMK never leaves AWS KMS unencrypted. +// However, you can use the GetPublicKey operation to download the public +// key so it can be used outside of AWS KMS. CMKs with RSA key pairs can +// be used to encrypt or decrypt data or sign and verify messages (but not +// both). CMKs with ECC key pairs can be used only to sign and verify messages. // -// If you plan to import key material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html), -// use the Origin parameter with a value of EXTERNAL to create a CMK with no -// key material. +// For information about symmetric and asymmetric CMKs, see Using Symmetric +// and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. // -// To create a CMK in a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html), -// use CustomKeyStoreId parameter to specify the custom key store. You must +// To create different types of CMKs, use the following guidance: +// +// Asymmetric CMKs +// +// To create an asymmetric CMK, use the CustomerMasterKeySpec parameter to specify +// the type of key material in the CMK. Then, use the KeyUsage parameter to +// determine whether the CMK will be used to encrypt and decrypt or sign and +// verify. You can't change these properties after the CMK is created. +// +// Symmetric CMKs +// +// When creating a symmetric CMK, you don't need to specify the CustomerMasterKeySpec +// or KeyUsage parameters. The default value for CustomerMasterKeySpec, SYMMETRIC_DEFAULT, +// and the default value for KeyUsage, ENCRYPT_DECRYPT, are the only valid values +// for symmetric CMKs. +// +// Imported Key Material +// +// To import your own key material, begin by creating a symmetric CMK with no +// key material. To do this, use the Origin parameter of CreateKey with a value +// of EXTERNAL. Next, use GetParametersForImport operation to get a public key +// and import token, and use the public key to encrypt your key material. Then, +// use ImportKeyMaterial with your import token to import the key material. +// For step-by-step instructions, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) +// in the AWS Key Management Service Developer Guide . You cannot import the +// key material into an asymmetric CMK. +// +// Custom Key Stores +// +// To create a symmetric CMK in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), +// use the CustomKeyStoreId parameter to specify the custom key store. You must // also use the Origin parameter with a value of AWS_CLOUDHSM. The AWS CloudHSM // cluster that is associated with the custom key store must have at least two -// active HSMs, each in a different Availability Zone in the Region. +// active HSMs in different Availability Zones in the AWS Region. // -// You cannot use this operation to create a CMK in a different AWS account. +// You cannot create an asymmetric CMK in a custom key store. For information +// about custom key stores in AWS KMS see Using Custom Key Stores (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// in the AWS Key Management Service Developer Guide . // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -817,39 +910,40 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out // See the AWS API reference guide for AWS Key Management Service's // API operation CreateKey for usage and error information. // -// Returned Error Codes: -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException" +// Returned Error Types: +// * MalformedPolicyDocumentException // The request was rejected because the specified policy is not syntactically // or semantically correct. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeTagException "TagException" +// * TagException // The request was rejected because one or more tags are not valid. // -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -868,23 +962,37 @@ func (c *KMS) CreateKeyRequest(input *CreateKeyInput) (req *request.Request, out // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. // -// * ErrCodeCloudHsmClusterInvalidConfigurationException "CloudHsmClusterInvalidConfigurationException" +// * CloudHsmClusterInvalidConfigurationException // The request was rejected because the associated AWS CloudHSM cluster did -// not meet the configuration requirements for a custom key store. The cluster -// must be configured with private subnets in at least two different Availability -// Zones in the Region. Also, it must contain at least as many HSMs as the operation -// requires. +// not meet the configuration requirements for a custom key store. // -// For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, -// the AWS CloudHSM cluster must have at least two active HSMs, each in a different -// Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM -// must contain at least one active HSM. +// * The cluster must be configured with private subnets in at least two +// different Availability Zones in the Region. // -// For information about creating a private subnet for a AWS CloudHSM cluster, -// see Create a Private Subnet (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) -// in the AWS CloudHSM User Guide. To add HSMs, use the AWS CloudHSM CreateHsm -// (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) -// operation. +// * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// (cloudhsm-cluster--sg) must include inbound rules and outbound +// rules that allow TCP traffic on ports 2223-2225. The Source in the inbound +// rules and the Destination in the outbound rules must match the security +// group ID. These rules are set by default when you create the cluster. +// Do not delete or change them. To get information about a particular security +// group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) +// operation. +// +// * The cluster must contain at least as many HSMs as the operation requires. +// To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) +// operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey +// operations, the AWS CloudHSM cluster must have at least two active HSMs, +// each in a different Availability Zone. For the ConnectCustomKeyStore operation, +// the AWS CloudHSM must contain at least one active HSM. +// +// For information about the requirements for an AWS CloudHSM cluster that is +// associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. For information about +// creating a private subnet for an AWS CloudHSM cluster, see Create a Private +// Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) +// in the AWS CloudHSM User Guide. For information about cluster security groups, +// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// in the AWS CloudHSM User Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/CreateKey func (c *KMS) CreateKey(input *CreateKeyInput) (*CreateKeyOutput, error) { @@ -952,26 +1060,51 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output // Decrypt API operation for AWS Key Management Service. // -// Decrypts ciphertext. Ciphertext is plaintext that has been previously encrypted -// by using any of the following operations: -// -// * GenerateDataKey -// -// * GenerateDataKeyWithoutPlaintext +// Decrypts ciphertext that was encrypted by a AWS KMS customer master key (CMK) +// using any of the following operations: // // * Encrypt // -// Note that if a caller has been granted access permissions to all keys (through, -// for example, IAM user policies that grant Decrypt permission on all resources), -// then ciphertext encrypted by using keys in other accounts where the key grants -// access to the caller can be decrypted. To remedy this, we recommend that -// you do not grant Decrypt access in an IAM user policy. Instead grant Decrypt -// access only in key policies. If you must grant Decrypt access in an IAM user -// policy, you should scope the resource to specific keys or to specific trusted -// accounts. +// * GenerateDataKey // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// * GenerateDataKeyPair +// +// * GenerateDataKeyWithoutPlaintext +// +// * GenerateDataKeyPairWithoutPlaintext +// +// You can use this operation to decrypt ciphertext that was encrypted under +// a symmetric or asymmetric CMK. When the CMK is asymmetric, you must specify +// the CMK and the encryption algorithm that was used to encrypt the ciphertext. +// For information about symmetric and asymmetric CMKs, see Using Symmetric +// and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. +// +// The Decrypt operation also decrypts ciphertext that was encrypted outside +// of AWS KMS by the public key in an AWS KMS asymmetric CMK. However, it cannot +// decrypt ciphertext produced by other libraries, such as the AWS Encryption +// SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/) +// or Amazon S3 client-side encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html). +// These libraries return a ciphertext format that is incompatible with AWS +// KMS. +// +// If the ciphertext was encrypted under a symmetric CMK, you do not need to +// specify the CMK or the encryption algorithm. AWS KMS can get this information +// from metadata that it adds to the symmetric ciphertext blob. However, if +// you prefer, you can specify the KeyId to ensure that a particular CMK is +// used to decrypt the ciphertext. If you specify a different CMK than the one +// used to encrypt the ciphertext, the Decrypt operation fails. +// +// Whenever possible, use key policies to give users permission to call the +// Decrypt operation on a particular CMK, instead of using IAM policies. Otherwise, +// you might create an IAM user policy that gives the user Decrypt permission +// on all CMKs. This user could decrypt ciphertext that was encrypted by CMKs +// in other accounts if the key policy for the cross-account CMK permits it. +// If you must use an IAM policy for Decrypt permissions, limit the user to +// particular CMKs or particular trusted accounts. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -981,41 +1114,65 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output // See the AWS API reference guide for AWS Key Management Service's // API operation Decrypt for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeInvalidCiphertextException "InvalidCiphertextException" -// The request was rejected because the specified ciphertext, or additional -// authenticated data incorporated into the ciphertext, such as the encryption -// context, is corrupted, missing, or otherwise invalid. +// * InvalidCiphertextException +// From the Decrypt or ReEncrypt operation, the request was rejected because +// the specified ciphertext, or additional authenticated data incorporated into +// the ciphertext, such as the encryption context, is corrupted, missing, or +// otherwise invalid. // -// * ErrCodeKeyUnavailableException "KeyUnavailableException" -// The request was rejected because the specified CMK was not available. The -// request can be retried. +// From the ImportKeyMaterial operation, the request was rejected because AWS +// KMS could not decrypt the encrypted (wrapped) key material. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * IncorrectKeyException +// The request was rejected because the specified CMK cannot decrypt the data. +// The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request +// must identify the same CMK that was used to encrypt the ciphertext. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Decrypt func (c *KMS) Decrypt(input *DecryptInput) (*DecryptOutput, error) { @@ -1103,26 +1260,26 @@ func (c *KMS) DeleteAliasRequest(input *DeleteAliasInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation DeleteAlias for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteAlias func (c *KMS) DeleteAlias(input *DeleteAliasInput) (*DeleteAliasOutput, error) { @@ -1191,19 +1348,19 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req // DeleteCustomKeyStore API operation for AWS Key Management Service. // -// Deletes a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html). +// Deletes a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). // This operation does not delete the AWS CloudHSM cluster that is associated // with the custom key store, or affect any users or keys in the cluster. // // The custom key store that you delete cannot contain any AWS KMS customer -// master keys (CMKs) (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys). +// master keys (CMKs) (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys). // Before deleting the key store, verify that you will never need to use any // of the CMKs in the key store for any cryptographic operations. Then, use // ScheduleKeyDeletion to delete the AWS KMS customer master keys (CMKs) from // the key store. When the scheduled waiting period expires, the ScheduleKeyDeletion // operation deletes the CMKs. Then it makes a best effort to delete the key // material from the associated cluster. However, you might need to manually -// delete the orphaned key material (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) +// delete the orphaned key material (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) // from the cluster and its backups. // // After all CMKs are deleted from AWS KMS, use DisconnectCustomKeyStore to @@ -1217,7 +1374,7 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req // // If the operation succeeds, it returns a JSON object with no properties. // -// This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // feature in AWS KMS, which combines the convenience and extensive integration // of AWS KMS with the isolation and control of a single-tenant key store. // @@ -1228,14 +1385,14 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req // See the AWS API reference guide for AWS Key Management Service's // API operation DeleteCustomKeyStore for usage and error information. // -// Returned Error Codes: -// * ErrCodeCustomKeyStoreHasCMKsException "CustomKeyStoreHasCMKsException" +// Returned Error Types: +// * CustomKeyStoreHasCMKsException // The request was rejected because the custom key store contains AWS KMS customer // master keys (CMKs). After verifying that you do not need to use the CMKs, // use the ScheduleKeyDeletion operation to delete the CMKs. After they are // deleted, you can delete the custom key store. // -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -1254,11 +1411,11 @@ func (c *KMS) DeleteCustomKeyStoreRequest(input *DeleteCustomKeyStoreInput) (req // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. // -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // @@ -1331,7 +1488,7 @@ func (c *KMS) DeleteImportedKeyMaterialRequest(input *DeleteImportedKeyMaterialI // // Deletes key material that you previously imported. This operation makes the // specified customer master key (CMK) unusable. For more information about -// importing key material into AWS KMS, see Importing Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) +// importing key material into AWS KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) // in the AWS Key Management Service Developer Guide. You cannot perform this // operation on a CMK in a different AWS account. // @@ -1341,8 +1498,8 @@ func (c *KMS) DeleteImportedKeyMaterialRequest(input *DeleteImportedKeyMaterialI // After you delete key material, you can use ImportKeyMaterial to reimport // the same key material into the CMK. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1352,33 +1509,34 @@ func (c *KMS) DeleteImportedKeyMaterialRequest(input *DeleteImportedKeyMaterialI // See the AWS API reference guide for AWS Key Management Service's // API operation DeleteImportedKeyMaterial for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// Returned Error Types: +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DeleteImportedKeyMaterial func (c *KMS) DeleteImportedKeyMaterial(input *DeleteImportedKeyMaterialInput) (*DeleteImportedKeyMaterialOutput, error) { @@ -1446,10 +1604,10 @@ func (c *KMS) DescribeCustomKeyStoresRequest(input *DescribeCustomKeyStoresInput // DescribeCustomKeyStores API operation for AWS Key Management Service. // -// Gets information about custom key stores (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) +// Gets information about custom key stores (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // in the account and region. // -// This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // feature in AWS KMS, which combines the convenience and extensive integration // of AWS KMS with the isolation and control of a single-tenant key store. // @@ -1471,7 +1629,7 @@ func (c *KMS) DescribeCustomKeyStoresRequest(input *DescribeCustomKeyStoresInput // and contains the minimum number of HSMs required for the operation, if any. // // For help repairing your custom key store, see the Troubleshooting Custom -// Key Stores (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore-html) +// Key Stores (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) // topic in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1481,12 +1639,12 @@ func (c *KMS) DescribeCustomKeyStoresRequest(input *DescribeCustomKeyStoresInput // See the AWS API reference guide for AWS Key Management Service's // API operation DescribeCustomKeyStores for usage and error information. // -// Returned Error Codes: -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// Returned Error Types: +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // @@ -1556,11 +1714,38 @@ func (c *KMS) DescribeKeyRequest(input *DescribeKeyInput) (req *request.Request, // DescribeKey API operation for AWS Key Management Service. // -// Provides detailed information about the specified customer master key (CMK). +// Provides detailed information about a customer master key (CMK). You can +// run DescribeKey on a customer managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) +// or an AWS managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk). // -// If you use DescribeKey on a predefined AWS alias, that is, an AWS alias with -// no key ID, AWS KMS associates the alias with an AWS managed CMK (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) -// and returns its KeyId and Arn in the response. +// This detailed information includes the key ARN, creation date (and deletion +// date, if applicable), the key state, and the origin and expiration date (if +// any) of the key material. For CMKs in custom key stores, it includes information +// about the custom key store, such as the key store ID and the AWS CloudHSM +// cluster ID. It includes fields, like KeySpec, that help you distinguish symmetric +// from asymmetric CMKs. It also provides information that is particularly important +// to asymmetric CMKs, such as the key usage (encryption or signing) and the +// encryption algorithms or signing algorithms that the CMK supports. +// +// DescribeKey does not return the following information: +// +// * Aliases associated with the CMK. To get this information, use ListAliases. +// +// * Whether automatic key rotation is enabled on the CMK. To get this information, +// use GetKeyRotationStatus. Also, some key states prevent a CMK from being +// automatically rotated. For details, see How Automatic Key Rotation Works +// (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works) +// in AWS Key Management Service Developer Guide. +// +// * Tags on the CMK. To get this information, use ListResourceTags. +// +// * Key policies and grants on the CMK. To get this information, use GetKeyPolicy +// and ListGrants. +// +// If you call the DescribeKey operation on a predefined AWS alias, that is, +// an AWS alias with no key ID, AWS KMS creates an AWS managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys). +// Then, it associates the alias with the new CMK, and returns the KeyId and +// Arn of the new CMK in the response. // // To perform this operation on a CMK in a different AWS account, specify the // key ARN or alias ARN in the value of the KeyId parameter. @@ -1572,19 +1757,20 @@ func (c *KMS) DescribeKeyRequest(input *DescribeKeyInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation DescribeKey for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // @@ -1660,11 +1846,11 @@ func (c *KMS) DisableKeyRequest(input *DisableKeyInput) (req *request.Request, o // a CMK in a different AWS account. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects the Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects the Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1674,29 +1860,30 @@ func (c *KMS) DisableKeyRequest(input *DisableKeyInput) (req *request.Request, o // See the AWS API reference guide for AWS Key Management Service's // API operation DisableKey for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DisableKey func (c *KMS) DisableKey(input *DisableKeyInput) (*DisableKeyOutput, error) { @@ -1765,12 +1952,15 @@ func (c *KMS) DisableKeyRotationRequest(input *DisableKeyRotationInput) (req *re // DisableKeyRotation API operation for AWS Key Management Service. // -// Disables automatic rotation of the key material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) -// for the specified customer master key (CMK). You cannot perform this operation -// on a CMK in a different AWS account. +// Disables automatic rotation of the key material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) +// for the specified symmetric customer master key (CMK). // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// You cannot enable automatic rotation of asymmetric CMKs, CMKs with imported +// key material, or CMKs in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). +// You cannot perform this operation on a CMK in a different AWS account. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1780,34 +1970,35 @@ func (c *KMS) DisableKeyRotationRequest(input *DisableKeyRotationInput) (req *re // See the AWS API reference guide for AWS Key Management Service's // API operation DisableKeyRotation for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // @@ -1878,7 +2069,7 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp // DisconnectCustomKeyStore API operation for AWS Key Management Service. // -// Disconnects the custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) +// Disconnects the custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // from its associated AWS CloudHSM cluster. While a custom key store is disconnected, // you can manage the custom key store and its customer master keys (CMKs), // but you cannot create or use CMKs in the custom key store. You can reconnect @@ -1889,11 +2080,15 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp // operations will fail. This action can prevent users from storing and accessing // sensitive data. // -// To find the connection state of a custom key store, use the DescribeCustomKeyStoresoperation. To reconnect a custom key store, use the ConnectCustomKeyStoreoperation. +// To find the connection state of a custom key store, use the DescribeCustomKeyStores +// operation. To reconnect a custom key store, use the ConnectCustomKeyStore +// operation. // // If the operation succeeds, it returns a JSON object with no properties. // -// This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// feature in AWS KMS, which combines the convenience and extensive integration +// of AWS KMS with the isolation and control of a single-tenant key store. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1902,8 +2097,8 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp // See the AWS API reference guide for AWS Key Management Service's // API operation DisconnectCustomKeyStore for usage and error information. // -// Returned Error Codes: -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// Returned Error Types: +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -1922,11 +2117,11 @@ func (c *KMS) DisconnectCustomKeyStoreRequest(input *DisconnectCustomKeyStoreInp // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. // -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // @@ -2001,8 +2196,8 @@ func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, out // you to use the CMK for cryptographic operations. You cannot perform this // operation on a CMK in a different AWS account. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2012,34 +2207,35 @@ func (c *KMS) EnableKeyRequest(input *EnableKeyInput) (req *request.Request, out // See the AWS API reference guide for AWS Key Management Service's // API operation EnableKey for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKey func (c *KMS) EnableKey(input *EnableKeyInput) (*EnableKeyOutput, error) { @@ -2108,15 +2304,15 @@ func (c *KMS) EnableKeyRotationRequest(input *EnableKeyRotationInput) (req *requ // EnableKeyRotation API operation for AWS Key Management Service. // -// Enables automatic rotation of the key material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) -// for the specified customer master key (CMK). You cannot perform this operation -// on a CMK in a different AWS account. +// Enables automatic rotation of the key material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) +// for the specified symmetric customer master key (CMK). You cannot perform +// this operation on a CMK in a different AWS account. // -// You cannot enable automatic rotation of CMKs with imported key material or -// CMKs in a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html). +// You cannot enable automatic rotation of asymmetric CMKs, CMKs with imported +// key material, or CMKs in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2126,34 +2322,35 @@ func (c *KMS) EnableKeyRotationRequest(input *EnableKeyRotationInput) (req *requ // See the AWS API reference guide for AWS Key Management Service's // API operation EnableKeyRotation for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // @@ -2226,31 +2423,65 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output // Encrypts plaintext into ciphertext by using a customer master key (CMK). // The Encrypt operation has two primary use cases: // -// * You can encrypt up to 4 kilobytes (4096 bytes) of arbitrary data such -// as an RSA key, a database password, or other sensitive information. +// * You can encrypt small amounts of arbitrary data, such as a personal +// identifier or database password, or other sensitive information. // -// * To move encrypted data from one AWS region to another, you can use this -// operation to encrypt in the new region the plaintext data key that was -// used to encrypt the data in the original region. This provides you with -// an encrypted copy of the data key that can be decrypted in the new region -// and used there to decrypt the encrypted data. +// * You can use the Encrypt operation to move encrypted data from one AWS +// region to another. In the first region, generate a data key and use the +// plaintext key to encrypt the data. Then, in the new region, call the Encrypt +// method on same plaintext data key. Now, you can safely move the encrypted +// data and encrypted data key to the new region, and decrypt in the new +// region when necessary. +// +// You don't need to use the Encrypt operation to encrypt a data key. The GenerateDataKey +// and GenerateDataKeyPair operations return a plaintext data key and an encrypted +// copy of that data key. +// +// When you encrypt data, you must specify a symmetric or asymmetric CMK to +// use in the encryption operation. The CMK must have a KeyUsage value of ENCRYPT_DECRYPT. +// To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// If you use a symmetric CMK, you can use an encryption context to add additional +// security to your encryption operation. If you specify an EncryptionContext +// when encrypting data, you must specify the same encryption context (a case-sensitive +// exact match) when decrypting the data. Otherwise, the request to decrypt +// fails with an InvalidCiphertextException. For more information, see Encryption +// Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// in the AWS Key Management Service Developer Guide. +// +// If you specify an asymmetric CMK, you must also specify the encryption algorithm. +// The algorithm must be compatible with the CMK type. +// +// When you use an asymmetric CMK to encrypt or reencrypt data, be sure to record +// the CMK and encryption algorithm that you choose. You will be required to +// provide the same CMK and encryption algorithm when you decrypt the data. +// If the CMK and algorithm do not match the values used to encrypt the data, +// the decrypt operation fails. +// +// You are not required to supply the CMK ID and encryption algorithm when you +// decrypt with symmetric CMKs because AWS KMS stores this information in the +// ciphertext blob. AWS KMS cannot store metadata in ciphertext generated with +// asymmetric keys. The standard format for asymmetric key ciphertext does not +// include configurable fields. +// +// The maximum size of the data that you can encrypt varies with the type of +// CMK and the encryption algorithm that you choose. +// +// * Symmetric CMKs SYMMETRIC_DEFAULT: 4096 bytes +// +// * RSA_2048 RSAES_OAEP_SHA_1: 214 bytes RSAES_OAEP_SHA_256: 190 bytes +// +// * RSA_3072 RSAES_OAEP_SHA_1: 342 bytes RSAES_OAEP_SHA_256: 318 bytes +// +// * RSA_4096 RSAES_OAEP_SHA_1: 470 bytes RSAES_OAEP_SHA_256: 446 bytes +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. // // To perform this operation on a CMK in a different AWS account, specify the // key ARN or alias ARN in the value of the KeyId parameter. // -// Unless you are moving encrypted data from one region to another, you don't -// use this operation to encrypt a generated data key within a region. To get -// data keys that are already encrypted, call the GenerateDataKey or GenerateDataKeyWithoutPlaintext -// operation. Data keys don't need to be encrypted again by calling Encrypt. -// -// To encrypt data locally in your application, use the GenerateDataKey operation -// to return a plaintext data encryption key and a copy of the key encrypted -// under the CMK of your choosing. -// -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2258,39 +2489,51 @@ func (c *KMS) EncryptRequest(input *EncryptInput) (req *request.Request, output // See the AWS API reference guide for AWS Key Management Service's // API operation Encrypt for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeKeyUnavailableException "KeyUnavailableException" -// The request was rejected because the specified CMK was not available. The -// request can be retried. +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException" -// The request was rejected because the specified KeySpec value is not valid. +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Encrypt func (c *KMS) Encrypt(input *EncryptInput) (*EncryptOutput, error) { @@ -2358,57 +2601,61 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request. // GenerateDataKey API operation for AWS Key Management Service. // -// Returns a data encryption key that you can use in your application to encrypt -// data locally. +// Generates a unique symmetric data key. This operation returns a plaintext +// copy of the data key and a copy that is encrypted under a customer master +// key (CMK) that you specify. You can use the plaintext key to encrypt your +// data outside of AWS KMS and store the encrypted data key with the encrypted +// data. // -// You must specify the customer master key (CMK) under which to generate the -// data key. You must also specify the length of the data key using either the -// KeySpec or NumberOfBytes field. You must specify one field or the other, -// but not both. For common key lengths (128-bit and 256-bit symmetric keys), -// we recommend that you use KeySpec. To perform this operation on a CMK in -// a different AWS account, specify the key ARN or alias ARN in the value of -// the KeyId parameter. +// GenerateDataKey returns a unique data key for each request. The bytes in +// the key are not related to the caller or CMK that is used to encrypt the +// data key. // -// This operation returns a plaintext copy of the data key in the Plaintext -// field of the response, and an encrypted copy of the data key in the CiphertextBlob -// field. The data key is encrypted under the CMK specified in the KeyId field -// of the request. +// To generate a data key, specify the symmetric CMK that will be used to encrypt +// the data key. You cannot use an asymmetric CMK to generate data keys. +// +// You must also specify the length of the data key. Use either the KeySpec +// or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data +// keys, use the KeySpec parameter. +// +// If the operation succeeds, the plaintext copy of the data key is in the Plaintext +// field of the response, and the encrypted copy of the data key in the CiphertextBlob +// field. +// +// To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. +// To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext +// operation. To get a cryptographically secure random byte string, use GenerateRandom. +// +// You can use the optional encryption context to add additional security to +// the encryption operation. If you specify an EncryptionContext, you must specify +// the same encryption context (a case-sensitive exact match) when decrypting +// the encrypted data key. Otherwise, the request to decrypt fails with an InvalidCiphertextException. +// For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// in the AWS Key Management Service Developer Guide. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. // // We recommend that you use the following pattern to encrypt data locally in // your application: // -// Use this operation (GenerateDataKey) to get a data encryption key. +// Use the GenerateDataKey operation to get a data encryption key. // -// Use the plaintext data encryption key (returned in the Plaintext field of -// the response) to encrypt data locally, then erase the plaintext data key -// from memory. +// Use the plaintext data key (returned in the Plaintext field of the response) +// to encrypt data locally, then erase the plaintext data key from memory. // // Store the encrypted data key (returned in the CiphertextBlob field of the // response) alongside the locally encrypted data. // // To decrypt data locally: // -// Use the Decrypt operation to decrypt the encrypted data key into a plaintext -// copy of the data key. +// Use the Decrypt operation to decrypt the encrypted data key. The operation +// returns a plaintext copy of the data key. // // Use the plaintext data key to decrypt data locally, then erase the plaintext // data key from memory. // -// To return only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. -// To return a random byte string that is cryptographically secure, use GenerateRandom. -// -// If you use the optional EncryptionContext field, you must store at least -// enough information to be able to reconstruct the full encryption context -// when you later send the ciphertext to the Decrypt operation. It is a good -// practice to choose an encryption context that you can reconstruct on the -// fly to better secure the ciphertext. For more information, see Encryption -// Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html) -// in the AWS Key Management Service Developer Guide. -// -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2416,39 +2663,51 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request. // See the AWS API reference guide for AWS Key Management Service's // API operation GenerateDataKey for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeKeyUnavailableException "KeyUnavailableException" -// The request was rejected because the specified CMK was not available. The -// request can be retried. +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException" -// The request was rejected because the specified KeySpec value is not valid. +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKey func (c *KMS) GenerateDataKey(input *GenerateDataKeyInput) (*GenerateDataKeyOutput, error) { @@ -2472,6 +2731,312 @@ func (c *KMS) GenerateDataKeyWithContext(ctx aws.Context, input *GenerateDataKey return out, req.Send() } +const opGenerateDataKeyPair = "GenerateDataKeyPair" + +// GenerateDataKeyPairRequest generates a "aws/request.Request" representing the +// client's request for the GenerateDataKeyPair operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GenerateDataKeyPair for more information on using the GenerateDataKeyPair +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GenerateDataKeyPairRequest method. +// req, resp := client.GenerateDataKeyPairRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPair +func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req *request.Request, output *GenerateDataKeyPairOutput) { + op := &request.Operation{ + Name: opGenerateDataKeyPair, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GenerateDataKeyPairInput{} + } + + output = &GenerateDataKeyPairOutput{} + req = c.newRequest(op, input, output) + return +} + +// GenerateDataKeyPair API operation for AWS Key Management Service. +// +// Generates a unique asymmetric data key pair. The GenerateDataKeyPair operation +// returns a plaintext public key, a plaintext private key, and a copy of the +// private key that is encrypted under the symmetric CMK you specify. You can +// use the data key pair to perform asymmetric cryptography outside of AWS KMS. +// +// GenerateDataKeyPair returns a unique data key pair for each request. The +// bytes in the keys are not related to the caller or the CMK that is used to +// encrypt the private key. +// +// You can use the public key that GenerateDataKeyPair returns to encrypt data +// or verify a signature outside of AWS KMS. Then, store the encrypted private +// key with the data. When you are ready to decrypt data or sign a message, +// you can use the Decrypt operation to decrypt the encrypted private key. +// +// To generate a data key pair, you must specify a symmetric customer master +// key (CMK) to encrypt the private key in a data key pair. You cannot use an +// asymmetric CMK. To get the type of your CMK, use the DescribeKey operation. +// +// If you are using the data key pair to encrypt data, or for any operation +// where you don't immediately need a private key, consider using the GenerateDataKeyPairWithoutPlaintext +// operation. GenerateDataKeyPairWithoutPlaintext returns a plaintext public +// key and an encrypted private key, but omits the plaintext private key that +// you need only to decrypt ciphertext or sign a message. Later, when you need +// to decrypt the data or sign a message, use the Decrypt operation to decrypt +// the encrypted private key in the data key pair. +// +// You can use the optional encryption context to add additional security to +// the encryption operation. If you specify an EncryptionContext, you must specify +// the same encryption context (a case-sensitive exact match) when decrypting +// the encrypted data key. Otherwise, the request to decrypt fails with an InvalidCiphertextException. +// For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// in the AWS Key Management Service Developer Guide. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Key Management Service's +// API operation GenerateDataKeyPair for usage and error information. +// +// Returned Error Types: +// * NotFoundException +// The request was rejected because the specified entity or resource could not +// be found. +// +// * DisabledException +// The request was rejected because the specified CMK is not enabled. +// +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * DependencyTimeoutException +// The system timed out while trying to fulfill the request. The request can +// be retried. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException +// The request was rejected because the specified grant token is not valid. +// +// * InternalException +// The request was rejected because an internal exception occurred. The request +// can be retried. +// +// * InvalidStateException +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPair +func (c *KMS) GenerateDataKeyPair(input *GenerateDataKeyPairInput) (*GenerateDataKeyPairOutput, error) { + req, out := c.GenerateDataKeyPairRequest(input) + return out, req.Send() +} + +// GenerateDataKeyPairWithContext is the same as GenerateDataKeyPair with the addition of +// the ability to pass a context and additional request options. +// +// See GenerateDataKeyPair for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *KMS) GenerateDataKeyPairWithContext(ctx aws.Context, input *GenerateDataKeyPairInput, opts ...request.Option) (*GenerateDataKeyPairOutput, error) { + req, out := c.GenerateDataKeyPairRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGenerateDataKeyPairWithoutPlaintext = "GenerateDataKeyPairWithoutPlaintext" + +// GenerateDataKeyPairWithoutPlaintextRequest generates a "aws/request.Request" representing the +// client's request for the GenerateDataKeyPairWithoutPlaintext operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GenerateDataKeyPairWithoutPlaintext for more information on using the GenerateDataKeyPairWithoutPlaintext +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GenerateDataKeyPairWithoutPlaintextRequest method. +// req, resp := client.GenerateDataKeyPairWithoutPlaintextRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPairWithoutPlaintext +func (c *KMS) GenerateDataKeyPairWithoutPlaintextRequest(input *GenerateDataKeyPairWithoutPlaintextInput) (req *request.Request, output *GenerateDataKeyPairWithoutPlaintextOutput) { + op := &request.Operation{ + Name: opGenerateDataKeyPairWithoutPlaintext, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GenerateDataKeyPairWithoutPlaintextInput{} + } + + output = &GenerateDataKeyPairWithoutPlaintextOutput{} + req = c.newRequest(op, input, output) + return +} + +// GenerateDataKeyPairWithoutPlaintext API operation for AWS Key Management Service. +// +// Generates a unique asymmetric data key pair. The GenerateDataKeyPairWithoutPlaintext +// operation returns a plaintext public key and a copy of the private key that +// is encrypted under the symmetric CMK you specify. Unlike GenerateDataKeyPair, +// this operation does not return a plaintext private key. +// +// To generate a data key pair, you must specify a symmetric customer master +// key (CMK) to encrypt the private key in the data key pair. You cannot use +// an asymmetric CMK. To get the type of your CMK, use the KeySpec field in +// the DescribeKey response. +// +// You can use the public key that GenerateDataKeyPairWithoutPlaintext returns +// to encrypt data or verify a signature outside of AWS KMS. Then, store the +// encrypted private key with the data. When you are ready to decrypt data or +// sign a message, you can use the Decrypt operation to decrypt the encrypted +// private key. +// +// GenerateDataKeyPairWithoutPlaintext returns a unique data key pair for each +// request. The bytes in the key are not related to the caller or CMK that is +// used to encrypt the private key. +// +// You can use the optional encryption context to add additional security to +// the encryption operation. If you specify an EncryptionContext, you must specify +// the same encryption context (a case-sensitive exact match) when decrypting +// the encrypted data key. Otherwise, the request to decrypt fails with an InvalidCiphertextException. +// For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// in the AWS Key Management Service Developer Guide. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Key Management Service's +// API operation GenerateDataKeyPairWithoutPlaintext for usage and error information. +// +// Returned Error Types: +// * NotFoundException +// The request was rejected because the specified entity or resource could not +// be found. +// +// * DisabledException +// The request was rejected because the specified CMK is not enabled. +// +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * DependencyTimeoutException +// The system timed out while trying to fulfill the request. The request can +// be retried. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException +// The request was rejected because the specified grant token is not valid. +// +// * InternalException +// The request was rejected because an internal exception occurred. The request +// can be retried. +// +// * InvalidStateException +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyPairWithoutPlaintext +func (c *KMS) GenerateDataKeyPairWithoutPlaintext(input *GenerateDataKeyPairWithoutPlaintextInput) (*GenerateDataKeyPairWithoutPlaintextOutput, error) { + req, out := c.GenerateDataKeyPairWithoutPlaintextRequest(input) + return out, req.Send() +} + +// GenerateDataKeyPairWithoutPlaintextWithContext is the same as GenerateDataKeyPairWithoutPlaintext with the addition of +// the ability to pass a context and additional request options. +// +// See GenerateDataKeyPairWithoutPlaintext for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *KMS) GenerateDataKeyPairWithoutPlaintextWithContext(ctx aws.Context, input *GenerateDataKeyPairWithoutPlaintextInput, opts ...request.Option) (*GenerateDataKeyPairWithoutPlaintextOutput, error) { + req, out := c.GenerateDataKeyPairWithoutPlaintextRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGenerateDataKeyWithoutPlaintext = "GenerateDataKeyWithoutPlaintext" // GenerateDataKeyWithoutPlaintextRequest generates a "aws/request.Request" representing the @@ -2516,27 +3081,51 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho // GenerateDataKeyWithoutPlaintext API operation for AWS Key Management Service. // -// Returns a data encryption key encrypted under a customer master key (CMK). -// This operation is identical to GenerateDataKey but returns only the encrypted -// copy of the data key. +// Generates a unique symmetric data key. This operation returns a data key +// that is encrypted under a customer master key (CMK) that you specify. To +// request an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext +// operations. // -// To perform this operation on a CMK in a different AWS account, specify the -// key ARN or alias ARN in the value of the KeyId parameter. +// GenerateDataKeyWithoutPlaintext is identical to the GenerateDataKey operation +// except that returns only the encrypted copy of the data key. This operation +// is useful for systems that need to encrypt data at some point, but not immediately. +// When you need to encrypt the data, you call the Decrypt operation on the +// encrypted copy of the key. // -// This operation is useful in a system that has multiple components with different -// degrees of trust. For example, consider a system that stores encrypted data -// in containers. Each container stores the encrypted data and an encrypted -// copy of the data key. One component of the system, called the control plane, -// creates new containers. When it creates a new container, it uses this operation -// (GenerateDataKeyWithoutPlaintext) to get an encrypted data key and then stores -// it in the container. Later, a different component of the system, called the -// data plane, puts encrypted data into the containers. To do this, it passes -// the encrypted data key to the Decrypt operation, then uses the returned plaintext -// data key to encrypt data, and finally stores the encrypted data in the container. -// In this system, the control plane never sees the plaintext data key. +// It's also useful in distributed systems with different levels of trust. For +// example, you might store encrypted data in containers. One component of your +// system creates new containers and stores an encrypted data key with each +// container. Then, a different component puts the data into the containers. +// That component first decrypts the data key, uses the plaintext data key to +// encrypt data, puts the encrypted data into the container, and then destroys +// the plaintext data key. In this system, the component that creates the containers +// never sees the plaintext data key. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// GenerateDataKeyWithoutPlaintext returns a unique data key for each request. +// The bytes in the keys are not related to the caller or CMK that is used to +// encrypt the private key. +// +// To generate a data key, you must specify the symmetric customer master key +// (CMK) that is used to encrypt the data key. You cannot use an asymmetric +// CMK to generate a data key. To get the type of your CMK, use the KeySpec +// field in the DescribeKey response. You must also specify the length of the +// data key using either the KeySpec or NumberOfBytes field (but not both). +// For common key lengths (128-bit and 256-bit symmetric keys), use the KeySpec +// parameter. +// +// If the operation succeeds, you will find the plaintext copy of the data key +// in the Plaintext field of the response, and the encrypted copy of the data +// key in the CiphertextBlob field. +// +// You can use the optional encryption context to add additional security to +// the encryption operation. If you specify an EncryptionContext, you must specify +// the same encryption context (a case-sensitive exact match) when decrypting +// the encrypted data key. Otherwise, the request to decrypt fails with an InvalidCiphertextException. +// For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) +// in the AWS Key Management Service Developer Guide. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2546,39 +3135,51 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho // See the AWS API reference guide for AWS Key Management Service's // API operation GenerateDataKeyWithoutPlaintext for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeKeyUnavailableException "KeyUnavailableException" -// The request was rejected because the specified CMK was not available. The -// request can be retried. +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException" -// The request was rejected because the specified KeySpec value is not valid. +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GenerateDataKeyWithoutPlaintext func (c *KMS) GenerateDataKeyWithoutPlaintext(input *GenerateDataKeyWithoutPlaintextInput) (*GenerateDataKeyWithoutPlaintextOutput, error) { @@ -2650,7 +3251,7 @@ func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Re // // By default, the random byte string is generated in AWS KMS. To generate the // byte string in the AWS CloudHSM cluster that is associated with a custom -// key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html), +// key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), // specify the custom key store ID. // // For more information about entropy and random number generation, see the @@ -2664,20 +3265,20 @@ func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Re // See the AWS API reference guide for AWS Key Management Service's // API operation GenerateRandom for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -2772,29 +3373,30 @@ func (c *KMS) GetKeyPolicyRequest(input *GetKeyPolicyInput) (req *request.Reques // See the AWS API reference guide for AWS Key Management Service's // API operation GetKeyPolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicy func (c *KMS) GetKeyPolicy(input *GetKeyPolicyInput) (*GetKeyPolicyOutput, error) { @@ -2863,11 +3465,15 @@ func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req // GetKeyRotationStatus API operation for AWS Key Management Service. // // Gets a Boolean value that indicates whether automatic rotation of the key -// material (http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) +// material (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) // is enabled for the specified customer master key (CMK). // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// You cannot enable automatic rotation of asymmetric CMKs, CMKs with imported +// key material, or CMKs in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). +// The key rotation status for these CMKs is always false. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // * Disabled: The key rotation status does not change when you disable a @@ -2888,31 +3494,32 @@ func (c *KMS) GetKeyRotationStatusRequest(input *GetKeyRotationStatusInput) (req // See the AWS API reference guide for AWS Key Management Service's // API operation GetKeyRotationStatus for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // @@ -2982,26 +3589,29 @@ func (c *KMS) GetParametersForImportRequest(input *GetParametersForImportInput) // GetParametersForImport API operation for AWS Key Management Service. // -// Returns the items you need in order to import key material into AWS KMS from -// your existing key management infrastructure. For more information about importing -// key material into AWS KMS, see Importing Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) +// Returns the items you need to import key material into a symmetric, customer +// managed customer master key (CMK). For more information about importing key +// material into AWS KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) // in the AWS Key Management Service Developer Guide. // -// You must specify the key ID of the customer master key (CMK) into which you -// will import key material. This CMK's Origin must be EXTERNAL. You must also -// specify the wrapping algorithm and type of wrapping key (public key) that -// you will use to encrypt the key material. You cannot perform this operation -// on a CMK in a different AWS account. -// // This operation returns a public key and an import token. Use the public key -// to encrypt the key material. Store the import token to send with a subsequent -// ImportKeyMaterial request. The public key and import token from the same -// response must be used together. These items are valid for 24 hours. When -// they expire, they cannot be used for a subsequent ImportKeyMaterial request. -// To get new ones, send another GetParametersForImport request. +// to encrypt the symmetric key material. Store the import token to send with +// a subsequent ImportKeyMaterial request. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// You must specify the key ID of the symmetric CMK into which you will import +// key material. This CMK's Origin must be EXTERNAL. You must also specify the +// wrapping algorithm and type of wrapping key (public key) that you will use +// to encrypt the key material. You cannot perform this operation on an asymmetric +// CMK or on any CMK in a different AWS account. +// +// To import key material, you must use the public key and import token from +// the same response. These items are valid for 24 hours. The expiration date +// and time appear in the GetParametersForImport response. You cannot use an +// expired token in an ImportKeyMaterial request. If your key and token expire, +// send another GetParametersForImport request. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3011,33 +3621,34 @@ func (c *KMS) GetParametersForImportRequest(input *GetParametersForImportInput) // See the AWS API reference guide for AWS Key Management Service's // API operation GetParametersForImport for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// Returned Error Types: +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetParametersForImport func (c *KMS) GetParametersForImport(input *GetParametersForImportInput) (*GetParametersForImportOutput, error) { @@ -3061,6 +3672,175 @@ func (c *KMS) GetParametersForImportWithContext(ctx aws.Context, input *GetParam return out, req.Send() } +const opGetPublicKey = "GetPublicKey" + +// GetPublicKeyRequest generates a "aws/request.Request" representing the +// client's request for the GetPublicKey operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetPublicKey for more information on using the GetPublicKey +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetPublicKeyRequest method. +// req, resp := client.GetPublicKeyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetPublicKey +func (c *KMS) GetPublicKeyRequest(input *GetPublicKeyInput) (req *request.Request, output *GetPublicKeyOutput) { + op := &request.Operation{ + Name: opGetPublicKey, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetPublicKeyInput{} + } + + output = &GetPublicKeyOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetPublicKey API operation for AWS Key Management Service. +// +// Returns the public key of an asymmetric CMK. Unlike the private key of a +// asymmetric CMK, which never leaves AWS KMS unencrypted, callers with kms:GetPublicKey +// permission can download the public key of an asymmetric CMK. You can share +// the public key to allow others to encrypt messages and verify signatures +// outside of AWS KMS. For information about symmetric and asymmetric CMKs, +// see Using Symmetric and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. +// +// You do not need to download the public key. Instead, you can use the public +// key within AWS KMS by calling the Encrypt, ReEncrypt, or Verify operations +// with the identifier of an asymmetric CMK. When you use the public key within +// AWS KMS, you benefit from the authentication, authorization, and logging +// that are part of every AWS KMS operation. You also reduce of risk of encrypting +// data that cannot be decrypted. These features are not effective outside of +// AWS KMS. For details, see Special Considerations for Downloading Public Keys +// (https://docs.aws.amazon.com/kms/latest/developerguide/download-public-key.html#download-public-key-considerations). +// +// To help you use the public key safely outside of AWS KMS, GetPublicKey returns +// important information about the public key in the response, including: +// +// * CustomerMasterKeySpec (https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-CustomerMasterKeySpec): +// The type of key material in the public key, such as RSA_4096 or ECC_NIST_P521. +// +// * KeyUsage (https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeyUsage): +// Whether the key is used for encryption or signing. +// +// * EncryptionAlgorithms (https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-EncryptionAlgorithms) +// or SigningAlgorithms (https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-SigningAlgorithms): +// A list of the encryption algorithms or the signing algorithms for the +// key. +// +// Although AWS KMS cannot enforce these restrictions on external operations, +// it is crucial that you use this information to prevent the public key from +// being used improperly. For example, you can prevent a public signing key +// from being used encrypt data, or prevent a public key from being used with +// an encryption algorithm that is not supported by AWS KMS. You can also avoid +// errors, such as using the wrong signing algorithm in a verification operation. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Key Management Service's +// API operation GetPublicKey for usage and error information. +// +// Returned Error Types: +// * NotFoundException +// The request was rejected because the specified entity or resource could not +// be found. +// +// * DisabledException +// The request was rejected because the specified CMK is not enabled. +// +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * DependencyTimeoutException +// The system timed out while trying to fulfill the request. The request can +// be retried. +// +// * UnsupportedOperationException +// The request was rejected because a specified parameter is not supported or +// a specified resource is not valid for this operation. +// +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. +// +// * InvalidGrantTokenException +// The request was rejected because the specified grant token is not valid. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InternalException +// The request was rejected because an internal exception occurred. The request +// can be retried. +// +// * InvalidStateException +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetPublicKey +func (c *KMS) GetPublicKey(input *GetPublicKeyInput) (*GetPublicKeyOutput, error) { + req, out := c.GetPublicKeyRequest(input) + return out, req.Send() +} + +// GetPublicKeyWithContext is the same as GetPublicKey with the addition of +// the ability to pass a context and additional request options. +// +// See GetPublicKey for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *KMS) GetPublicKeyWithContext(ctx aws.Context, input *GetPublicKeyInput, opts ...request.Option) (*GetPublicKeyOutput, error) { + req, out := c.GetPublicKeyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opImportKeyMaterial = "ImportKeyMaterial" // ImportKeyMaterialRequest generates a "aws/request.Request" representing the @@ -3106,11 +3886,14 @@ func (c *KMS) ImportKeyMaterialRequest(input *ImportKeyMaterialInput) (req *requ // ImportKeyMaterial API operation for AWS Key Management Service. // -// Imports key material into an existing AWS KMS customer master key (CMK) that -// was created without key material. You cannot perform this operation on a -// CMK in a different AWS account. For more information about creating CMKs -// with no key material and then importing key material, see Importing Key Material -// (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) +// Imports key material into an existing symmetric AWS KMS customer master key +// (CMK) that was created without key material. After you successfully import +// key material into a CMK, you can reimport the same key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material) +// into that CMK, but you cannot import different key material. +// +// You cannot perform this operation on an asymmetric CMK or on any CMK in a +// different AWS account. For more information about creating CMKs with no key +// material and then importing key material, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) // in the AWS Key Management Service Developer Guide. // // Before using this operation, call GetParametersForImport. Its response includes @@ -3120,31 +3903,34 @@ func (c *KMS) ImportKeyMaterialRequest(input *ImportKeyMaterialInput) (req *requ // When calling this operation, you must specify the following values: // // * The key ID or key ARN of a CMK with no key material. Its Origin must -// be EXTERNAL. -// -// To create a CMK with no key material, call CreateKey and set the value of -// its Origin parameter to EXTERNAL. To get the Origin of a CMK, call DescribeKey.) +// be EXTERNAL. To create a CMK with no key material, call CreateKey and +// set the value of its Origin parameter to EXTERNAL. To get the Origin of +// a CMK, call DescribeKey.) // // * The encrypted key material. To get the public key to encrypt the key // material, call GetParametersForImport. // -// * The import token that GetParametersForImport returned. This token and -// the public key used to encrypt the key material must have come from the -// same response. +// * The import token that GetParametersForImport returned. You must use +// a public key and token from the same GetParametersForImport response. // // * Whether the key material expires and if so, when. If you set an expiration -// date, you can change it only by reimporting the same key material and -// specifying a new expiration date. If the key material expires, AWS KMS -// deletes the key material and the CMK becomes unusable. To use the CMK -// again, you must reimport the same key material. +// date, AWS KMS deletes the key material from the CMK on the specified date, +// and the CMK becomes unusable. To use the CMK again, you must reimport +// the same key material. The only way to change an expiration date is by +// reimporting the same key material and specifying a new expiration date. // // When this operation is successful, the key state of the CMK changes from -// PendingImport to Enabled, and you can use the CMK. After you successfully -// import key material into a CMK, you can reimport the same key material into -// that CMK, but you cannot import different key material. +// PendingImport to Enabled, and you can use the CMK. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// If this operation fails, use the exception to help determine the problem. +// If the error is related to the key material, the import token, or wrapping +// key, use GetParametersForImport to get a new public key and import token +// for the CMK and repeat the import procedure. For help, see How To Import +// Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#importing-keys-overview) +// in the AWS Key Management Service Developer Guide. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3154,50 +3940,55 @@ func (c *KMS) ImportKeyMaterialRequest(input *ImportKeyMaterialInput) (req *requ // See the AWS API reference guide for AWS Key Management Service's // API operation ImportKeyMaterial for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// Returned Error Types: +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeInvalidCiphertextException "InvalidCiphertextException" -// The request was rejected because the specified ciphertext, or additional -// authenticated data incorporated into the ciphertext, such as the encryption -// context, is corrupted, missing, or otherwise invalid. +// * InvalidCiphertextException +// From the Decrypt or ReEncrypt operation, the request was rejected because +// the specified ciphertext, or additional authenticated data incorporated into +// the ciphertext, such as the encryption context, is corrupted, missing, or +// otherwise invalid. // -// * ErrCodeIncorrectKeyMaterialException "IncorrectKeyMaterialException" -// The request was rejected because the provided key material is invalid or -// is not the same key material that was previously imported into this customer -// master key (CMK). +// From the ImportKeyMaterial operation, the request was rejected because AWS +// KMS could not decrypt the encrypted (wrapped) key material. // -// * ErrCodeExpiredImportTokenException "ExpiredImportTokenException" -// The request was rejected because the provided import token is expired. Use +// * IncorrectKeyMaterialException +// The request was rejected because the key material in the request is, expired, +// invalid, or is not the same key material that was previously imported into +// this customer master key (CMK). +// +// * ExpiredImportTokenException +// The request was rejected because the specified import token is expired. Use // GetParametersForImport to get a new import token and public key, use the // new public key to encrypt the key material, and then try the request again. // -// * ErrCodeInvalidImportTokenException "InvalidImportTokenException" +// * InvalidImportTokenException // The request was rejected because the provided import token is invalid or // is associated with a different customer master key (CMK). // @@ -3273,17 +4064,22 @@ func (c *KMS) ListAliasesRequest(input *ListAliasesInput) (req *request.Request, // ListAliases API operation for AWS Key Management Service. // -// Gets a list of all aliases in the caller's AWS account and region. You cannot +// Gets a list of aliases in the caller's AWS account and region. You cannot // list aliases in other accounts. For more information about aliases, see CreateAlias. // // By default, the ListAliases command returns all aliases in the account and // region. To get only the aliases that point to a particular customer master // key (CMK), use the KeyId parameter. // -// The ListAliases response might include several aliases have no TargetKeyId -// field. These are predefined aliases that AWS has created but has not yet -// associated with a CMK. Aliases that AWS creates in your account, including -// predefined aliases, do not count against your AWS KMS aliases limit (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit). +// The ListAliases response can include aliases that you created and associated +// with your customer managed CMKs, and aliases that AWS created and associated +// with AWS managed CMKs in your account. You can recognize AWS aliases because +// their names have the format aws/, such as aws/dynamodb. +// +// The response might also include aliases that have no TargetKeyId field. These +// are predefined aliases that AWS has created but has not yet associated with +// a CMK. Aliases that AWS creates in your account, including predefined aliases, +// do not count against your AWS KMS aliases limit (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3292,23 +4088,24 @@ func (c *KMS) ListAliasesRequest(input *ListAliasesInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation ListAliases for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidMarkerException "InvalidMarkerException" +// * InvalidMarkerException // The request was rejected because the marker that specifies where pagination // should next begin is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // @@ -3345,7 +4142,7 @@ func (c *KMS) ListAliasesWithContext(ctx aws.Context, input *ListAliasesInput, o // // Example iterating over at most 3 pages of a ListAliases operation. // pageNum := 0 // err := client.ListAliasesPages(params, -// func(page *ListAliasesOutput, lastPage bool) bool { +// func(page *kms.ListAliasesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3377,10 +4174,12 @@ func (c *KMS) ListAliasesPagesWithContext(ctx aws.Context, input *ListAliasesInp }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*ListAliasesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*ListAliasesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3446,33 +4245,34 @@ func (c *KMS) ListGrantsRequest(input *ListGrantsInput) (req *request.Request, o // See the AWS API reference guide for AWS Key Management Service's // API operation ListGrants for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidMarkerException "InvalidMarkerException" +// * InvalidMarkerException // The request was rejected because the marker that specifies where pagination // should next begin is not valid. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListGrants func (c *KMS) ListGrants(input *ListGrantsInput) (*ListGrantsResponse, error) { @@ -3507,7 +4307,7 @@ func (c *KMS) ListGrantsWithContext(ctx aws.Context, input *ListGrantsInput, opt // // Example iterating over at most 3 pages of a ListGrants operation. // pageNum := 0 // err := client.ListGrantsPages(params, -// func(page *ListGrantsResponse, lastPage bool) bool { +// func(page *kms.ListGrantsResponse, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3539,10 +4339,12 @@ func (c *KMS) ListGrantsPagesWithContext(ctx aws.Context, input *ListGrantsInput }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*ListGrantsResponse), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*ListGrantsResponse), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3608,29 +4410,30 @@ func (c *KMS) ListKeyPoliciesRequest(input *ListKeyPoliciesInput) (req *request. // See the AWS API reference guide for AWS Key Management Service's // API operation ListKeyPolicies for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyPolicies func (c *KMS) ListKeyPolicies(input *ListKeyPoliciesInput) (*ListKeyPoliciesOutput, error) { @@ -3665,7 +4468,7 @@ func (c *KMS) ListKeyPoliciesWithContext(ctx aws.Context, input *ListKeyPolicies // // Example iterating over at most 3 pages of a ListKeyPolicies operation. // pageNum := 0 // err := client.ListKeyPoliciesPages(params, -// func(page *ListKeyPoliciesOutput, lastPage bool) bool { +// func(page *kms.ListKeyPoliciesOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3697,10 +4500,12 @@ func (c *KMS) ListKeyPoliciesPagesWithContext(ctx aws.Context, input *ListKeyPol }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*ListKeyPoliciesOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*ListKeyPoliciesOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3755,7 +4560,7 @@ func (c *KMS) ListKeysRequest(input *ListKeysInput) (req *request.Request, outpu // ListKeys API operation for AWS Key Management Service. // // Gets a list of all customer master keys (CMKs) in the caller's AWS account -// and region. +// and Region. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3764,16 +4569,16 @@ func (c *KMS) ListKeysRequest(input *ListKeysInput) (req *request.Request, outpu // See the AWS API reference guide for AWS Key Management Service's // API operation ListKeys for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidMarkerException "InvalidMarkerException" +// * InvalidMarkerException // The request was rejected because the marker that specifies where pagination // should next begin is not valid. // @@ -3810,7 +4615,7 @@ func (c *KMS) ListKeysWithContext(ctx aws.Context, input *ListKeysInput, opts .. // // Example iterating over at most 3 pages of a ListKeys operation. // pageNum := 0 // err := client.ListKeysPages(params, -// func(page *ListKeysOutput, lastPage bool) bool { +// func(page *kms.ListKeysOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 @@ -3842,10 +4647,12 @@ func (c *KMS) ListKeysPagesWithContext(ctx aws.Context, input *ListKeysInput, fn }, } - cont := true - for p.Next() && cont { - cont = fn(p.Page().(*ListKeysOutput), !p.HasNextPage()) + for p.Next() { + if !fn(p.Page().(*ListKeysOutput), !p.HasNextPage()) { + break + } } + return p.Err() } @@ -3904,19 +4711,20 @@ func (c *KMS) ListResourceTagsRequest(input *ListResourceTagsInput) (req *reques // See the AWS API reference guide for AWS Key Management Service's // API operation ListResourceTags for usage and error information. // -// Returned Error Codes: -// * ErrCodeInternalException "KMSInternalException" +// Returned Error Types: +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInvalidMarkerException "InvalidMarkerException" +// * InvalidMarkerException // The request was rejected because the marker that specifies where pagination // should next begin is not valid. // @@ -3999,23 +4807,24 @@ func (c *KMS) ListRetirableGrantsRequest(input *ListRetirableGrantsInput) (req * // See the AWS API reference guide for AWS Key Management Service's // API operation ListRetirableGrants for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidMarkerException "InvalidMarkerException" +// * InvalidMarkerException // The request was rejected because the marker that specifies where pagination // should next begin is not valid. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // @@ -4089,7 +4898,7 @@ func (c *KMS) PutKeyPolicyRequest(input *PutKeyPolicyInput) (req *request.Reques // Attaches a key policy to the specified customer master key (CMK). You cannot // perform this operation on a CMK in a different AWS account. // -// For more information about key policies, see Key Policies (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) +// For more information about key policies, see Key Policies (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4099,42 +4908,43 @@ func (c *KMS) PutKeyPolicyRequest(input *PutKeyPolicyInput) (req *request.Reques // See the AWS API reference guide for AWS Key Management Service's // API operation PutKeyPolicy for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException" +// * MalformedPolicyDocumentException // The request was rejected because the specified policy is not syntactically // or semantically correct. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeUnsupportedOperationException "UnsupportedOperationException" +// * UnsupportedOperationException // The request was rejected because a specified parameter is not supported or // a specified resource is not valid for this operation. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/PutKeyPolicy func (c *KMS) PutKeyPolicy(input *PutKeyPolicyInput) (*PutKeyPolicyOutput, error) { @@ -4202,23 +5012,66 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out // ReEncrypt API operation for AWS Key Management Service. // -// Encrypts data on the server side with a new customer master key (CMK) without -// exposing the plaintext of the data on the client side. The data is first -// decrypted and then reencrypted. You can also use this operation to change -// the encryption context of a ciphertext. +// Decrypts ciphertext and then reencrypts it entirely within AWS KMS. You can +// use this operation to change the customer master key (CMK) under which data +// is encrypted, such as when you manually rotate (https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually) +// a CMK or change the CMK that protects a ciphertext. You can also use it to +// reencrypt ciphertext under the same CMK, such as to change the encryption +// context of a ciphertext. // -// You can reencrypt data using CMKs in different AWS accounts. +// The ReEncrypt operation can decrypt ciphertext that was encrypted by using +// an AWS KMS CMK in an AWS KMS operation, such as Encrypt or GenerateDataKey. +// It can also decrypt ciphertext that was encrypted by using the public key +// of an asymmetric CMK outside of AWS KMS. However, it cannot decrypt ciphertext +// produced by other libraries, such as the AWS Encryption SDK (https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/) +// or Amazon S3 client-side encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html). +// These libraries return a ciphertext format that is incompatible with AWS +// KMS. // -// Unlike other operations, ReEncrypt is authorized twice, once as ReEncryptFrom -// on the source CMK and once as ReEncryptTo on the destination CMK. We recommend -// that you include the "kms:ReEncrypt*" permission in your key policies (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) -// to permit reencryption from or to the CMK. This permission is automatically -// included in the key policy when you create a CMK through the console, but -// you must include it manually when you create a CMK programmatically or when -// you set a key policy with the PutKeyPolicy operation. +// When you use the ReEncrypt operation, you need to provide information for +// the decrypt operation and the subsequent encrypt operation. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// * If your ciphertext was encrypted under an asymmetric CMK, you must identify +// the source CMK, that is, the CMK that encrypted the ciphertext. You must +// also supply the encryption algorithm that was used. This information is +// required to decrypt the data. +// +// * It is optional, but you can specify a source CMK even when the ciphertext +// was encrypted under a symmetric CMK. This ensures that the ciphertext +// is decrypted only by using a particular CMK. If the CMK that you specify +// cannot decrypt the ciphertext, the ReEncrypt operation fails. +// +// * To reencrypt the data, you must specify the destination CMK, that is, +// the CMK that re-encrypts the data after it is decrypted. You can select +// a symmetric or asymmetric CMK. If the destination CMK is an asymmetric +// CMK, you must also provide the encryption algorithm. The algorithm that +// you choose must be compatible with the CMK. When you use an asymmetric +// CMK to encrypt or reencrypt data, be sure to record the CMK and encryption +// algorithm that you choose. You will be required to provide the same CMK +// and encryption algorithm when you decrypt the data. If the CMK and algorithm +// do not match the values used to encrypt the data, the decrypt operation +// fails. You are not required to supply the CMK ID and encryption algorithm +// when you decrypt with symmetric CMKs because AWS KMS stores this information +// in the ciphertext blob. AWS KMS cannot store metadata in ciphertext generated +// with asymmetric keys. The standard format for asymmetric key ciphertext +// does not include configurable fields. +// +// Unlike other AWS KMS API operations, ReEncrypt callers must have two permissions: +// +// * kms:EncryptFrom permission on the source CMK +// +// * kms:EncryptTo permission on the destination CMK +// +// To permit reencryption from +// +// or to a CMK, include the "kms:ReEncrypt*" permission in your key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html). +// This permission is automatically included in the key policy when you use +// the console to create a CMK. But you must include it manually when you create +// a CMK programmatically or when you use the PutKeyPolicy operation set a key +// policy. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4228,44 +5081,65 @@ func (c *KMS) ReEncryptRequest(input *ReEncryptInput) (req *request.Request, out // See the AWS API reference guide for AWS Key Management Service's // API operation ReEncrypt for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDisabledException "DisabledException" +// * DisabledException // The request was rejected because the specified CMK is not enabled. // -// * ErrCodeInvalidCiphertextException "InvalidCiphertextException" -// The request was rejected because the specified ciphertext, or additional -// authenticated data incorporated into the ciphertext, such as the encryption -// context, is corrupted, missing, or otherwise invalid. +// * InvalidCiphertextException +// From the Decrypt or ReEncrypt operation, the request was rejected because +// the specified ciphertext, or additional authenticated data incorporated into +// the ciphertext, such as the encryption context, is corrupted, missing, or +// otherwise invalid. // -// * ErrCodeKeyUnavailableException "KeyUnavailableException" -// The request was rejected because the specified CMK was not available. The -// request can be retried. +// From the ImportKeyMaterial operation, the request was rejected because AWS +// KMS could not decrypt the encrypted (wrapped) key material. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * IncorrectKeyException +// The request was rejected because the specified CMK cannot decrypt the data. +// The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request +// must identify the same CMK that was used to encrypt the ciphertext. +// +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidKeyUsageException "InvalidKeyUsageException" -// The request was rejected because the specified KeySpec value is not valid. +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ReEncrypt func (c *KMS) ReEncrypt(input *ReEncryptInput) (*ReEncryptOutput, error) { @@ -4358,35 +5232,36 @@ func (c *KMS) RetireGrantRequest(input *RetireGrantInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation RetireGrant for usage and error information. // -// Returned Error Codes: -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// Returned Error Types: +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInvalidGrantTokenException "InvalidGrantTokenException" +// * InvalidGrantTokenException // The request was rejected because the specified grant token is not valid. // -// * ErrCodeInvalidGrantIdException "InvalidGrantIdException" +// * InvalidGrantIdException // The request was rejected because the specified GrantId is not valid. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RetireGrant func (c *KMS) RetireGrant(input *RetireGrantInput) (*RetireGrantOutput, error) { @@ -4468,32 +5343,33 @@ func (c *KMS) RevokeGrantRequest(input *RevokeGrantInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation RevokeGrant for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInvalidGrantIdException "InvalidGrantIdException" +// * InvalidGrantIdException // The request was rejected because the specified GrantId is not valid. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RevokeGrant func (c *KMS) RevokeGrant(input *RevokeGrantInput) (*RevokeGrantOutput, error) { @@ -4574,21 +5450,21 @@ func (c *KMS) ScheduleKeyDeletionRequest(input *ScheduleKeyDeletionInput) (req * // a CMK is deleted, all data that was encrypted under the CMK is unrecoverable. // To prevent the use of a CMK without deleting it, use DisableKey. // -// If you schedule deletion of a CMK from a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html), +// If you schedule deletion of a CMK from a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), // when the waiting period expires, ScheduleKeyDeletion deletes the CMK from // AWS KMS. Then AWS KMS makes a best effort to delete the key material from // the associated AWS CloudHSM cluster. However, you might need to manually -// delete the orphaned key material (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) +// delete the orphaned key material (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key) // from the cluster and its backups. // // You cannot perform this operation on a CMK in a different AWS account. // // For more information about scheduling a CMK for deletion, see Deleting Customer -// Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) +// Master Keys (https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) // in the AWS Key Management Service Developer Guide. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4598,29 +5474,30 @@ func (c *KMS) ScheduleKeyDeletionRequest(input *ScheduleKeyDeletionInput) (req * // See the AWS API reference guide for AWS Key Management Service's // API operation ScheduleKeyDeletion for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ScheduleKeyDeletion func (c *KMS) ScheduleKeyDeletion(input *ScheduleKeyDeletionInput) (*ScheduleKeyDeletionOutput, error) { @@ -4644,6 +5521,164 @@ func (c *KMS) ScheduleKeyDeletionWithContext(ctx aws.Context, input *ScheduleKey return out, req.Send() } +const opSign = "Sign" + +// SignRequest generates a "aws/request.Request" representing the +// client's request for the Sign operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See Sign for more information on using the Sign +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SignRequest method. +// req, resp := client.SignRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Sign +func (c *KMS) SignRequest(input *SignInput) (req *request.Request, output *SignOutput) { + op := &request.Operation{ + Name: opSign, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SignInput{} + } + + output = &SignOutput{} + req = c.newRequest(op, input, output) + return +} + +// Sign API operation for AWS Key Management Service. +// +// Creates a digital signature (https://en.wikipedia.org/wiki/Digital_signature) +// for a message or message digest by using the private key in an asymmetric +// CMK. To verify the signature, use the Verify operation, or use the public +// key in the same asymmetric CMK outside of AWS KMS. For information about +// symmetric and asymmetric CMKs, see Using Symmetric and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. +// +// Digital signatures are generated and verified by using asymmetric key pair, +// such as an RSA or ECC pair that is represented by an asymmetric customer +// master key (CMK). The key owner (or an authorized user) uses their private +// key to sign a message. Anyone with the public key can verify that the message +// was signed with that particular private key and that the message hasn't changed +// since it was signed. +// +// To use the Sign operation, provide the following information: +// +// * Use the KeyId parameter to identify an asymmetric CMK with a KeyUsage +// value of SIGN_VERIFY. To get the KeyUsage value of a CMK, use the DescribeKey +// operation. The caller must have kms:Sign permission on the CMK. +// +// * Use the Message parameter to specify the message or message digest to +// sign. You can submit messages of up to 4096 bytes. To sign a larger message, +// generate a hash digest of the message, and then provide the hash digest +// in the Message parameter. To indicate whether the message is a full message +// or a digest, use the MessageType parameter. +// +// * Choose a signing algorithm that is compatible with the CMK. +// +// When signing a message, be sure to record the CMK and the signing algorithm. +// This information is required to verify the signature. +// +// To verify the signature that this operation generates, use the Verify operation. +// Or use the GetPublicKey operation to download the public key and then use +// the public key to verify the signature outside of AWS KMS. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Key Management Service's +// API operation Sign for usage and error information. +// +// Returned Error Types: +// * NotFoundException +// The request was rejected because the specified entity or resource could not +// be found. +// +// * DisabledException +// The request was rejected because the specified CMK is not enabled. +// +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * DependencyTimeoutException +// The system timed out while trying to fulfill the request. The request can +// be retried. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException +// The request was rejected because the specified grant token is not valid. +// +// * InternalException +// The request was rejected because an internal exception occurred. The request +// can be retried. +// +// * InvalidStateException +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Sign +func (c *KMS) Sign(input *SignInput) (*SignOutput, error) { + req, out := c.SignRequest(input) + return out, req.Send() +} + +// SignWithContext is the same as Sign with the addition of +// the ability to pass a context and additional request options. +// +// See Sign for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *KMS) SignWithContext(ctx aws.Context, input *SignInput, opts ...request.Option) (*SignOutput, error) { + req, out := c.SignRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -4699,11 +5734,11 @@ func (c *KMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, // AWS KMS replaces the current tag value with the specified value. // // For information about the rules that apply to tag keys and tag values, see -// User-Defined Tag Restrictions (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) +// User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) // in the AWS Billing and Cost Management User Guide. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4713,32 +5748,33 @@ func (c *KMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation TagResource for usage and error information. // -// Returned Error Codes: -// * ErrCodeInternalException "KMSInternalException" +// Returned Error Types: +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeLimitExceededException "LimitExceededException" +// * LimitExceededException // The request was rejected because a limit was exceeded. For more information, -// see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. // -// * ErrCodeTagException "TagException" +// * TagException // The request was rejected because one or more tags are not valid. // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/TagResource @@ -4814,8 +5850,8 @@ func (c *KMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Requ // To remove a tag, specify the tag key. To change the tag value of an existing // tag key, use TagResource. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4825,27 +5861,28 @@ func (c *KMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Requ // See the AWS API reference guide for AWS Key Management Service's // API operation UntagResource for usage and error information. // -// Returned Error Codes: -// * ErrCodeInternalException "KMSInternalException" +// Returned Error Types: +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // -// * ErrCodeTagException "TagException" +// * TagException // The request was rejected because one or more tags are not valid. // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UntagResource @@ -4915,29 +5952,28 @@ func (c *KMS) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request, // UpdateAlias API operation for AWS Key Management Service. // -// Associates an existing alias with a different customer master key (CMK). -// Each CMK can have multiple aliases, but the aliases must be unique within -// the account and region. You cannot perform this operation on an alias in -// a different AWS account. +// Associates an existing AWS KMS alias with a different customer master key +// (CMK). Each alias is associated with only one CMK at a time, although a CMK +// can have multiple aliases. The alias and the CMK must be in the same AWS +// account and region. You cannot perform this operation on an alias in a different +// AWS account. // -// This operation works only on existing aliases. To change the alias of a CMK -// to a new value, use CreateAlias to create a new alias and DeleteAlias to -// delete the old alias. +// The current and new CMK must be the same type (both symmetric or both asymmetric), +// and they must have the same key usage (ENCRYPT_DECRYPT or SIGN_VERIFY). This +// restriction prevents errors in code that uses aliases. If you must assign +// an alias to a different type of CMK, use DeleteAlias to delete the old alias +// and CreateAlias to create a new alias. +// +// You cannot use UpdateAlias to change an alias name. To change an alias name, +// use DeleteAlias to delete the old alias and CreateAlias to create a new alias. // // Because an alias is not a property of a CMK, you can create, update, and // delete the aliases of a CMK without affecting the CMK. Also, aliases do not // appear in the response from the DescribeKey operation. To get the aliases // of all CMKs in the account, use the ListAliases operation. // -// An alias name can contain only alphanumeric characters, forward slashes (/), -// underscores (_), and dashes (-). An alias must start with the word alias -// followed by a forward slash (alias/). The alias name can contain only alphanumeric -// characters, forward slashes (/), underscores (_), and dashes (-). Alias names -// cannot begin with aws; that alias name prefix is reserved by Amazon Web Services -// (AWS). -// -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4947,26 +5983,26 @@ func (c *KMS) UpdateAliasRequest(input *UpdateAliasInput) (req *request.Request, // See the AWS API reference guide for AWS Key Management Service's // API operation UpdateAlias for usage and error information. // -// Returned Error Codes: -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// Returned Error Types: +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeNotFoundException "NotFoundException" +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateAlias func (c *KMS) UpdateAlias(input *UpdateAliasInput) (*UpdateAliasOutput, error) { @@ -5045,45 +6081,28 @@ func (c *KMS) UpdateCustomKeyStoreRequest(input *UpdateCustomKeyStoreInput) (req // the connection state of a custom key store, use the DescribeCustomKeyStores // operation. // -// Use the NewCustomKeyStoreName parameter to change the friendly name of the -// custom key store to the value that you specify. +// Use the parameters of UpdateCustomKeyStore to edit your keystore settings. // -// Use the KeyStorePassword parameter tell AWS KMS the current password of the -// kmsuser (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) -// crypto user (CU) in the associated AWS CloudHSM cluster. You can use this -// parameter to fix connection failures that occur when AWS KMS cannot log into -// the associated cluster because the kmsuser password has changed. This value -// does not change the password in the AWS CloudHSM cluster. +// * Use the NewCustomKeyStoreName parameter to change the friendly name +// of the custom key store to the value that you specify. // -// Use the CloudHsmClusterId parameter to associate the custom key store with -// a related AWS CloudHSM cluster, that is, a cluster that shares a backup history -// with the original cluster. You can use this parameter to repair a custom -// key store if its AWS CloudHSM cluster becomes corrupted or is deleted, or -// when you need to create or restore a cluster from a backup. +// * Use the KeyStorePassword parameter tell AWS KMS the current password +// of the kmsuser crypto user (CU) (https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) +// in the associated AWS CloudHSM cluster. You can use this parameter to +// fix connection failures (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-password) +// that occur when AWS KMS cannot log into the associated cluster because +// the kmsuser password has changed. This value does not change the password +// in the AWS CloudHSM cluster. // -// The cluster ID must identify a AWS CloudHSM cluster with the following requirements. -// -// * The cluster must be active and be in the same AWS account and Region -// as the custom key store. -// -// * The cluster must have the same cluster certificate as the original cluster. -// You cannot use this parameter to associate the custom key store with an -// unrelated cluster. To view the cluster certificate, use the AWS CloudHSM -// DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) -// operation. Clusters that share a backup history have the same cluster -// certificate. -// -// * The cluster must be configured with subnets in at least two different -// Availability Zones in the Region. Because AWS CloudHSM is not supported -// in all Availability Zones, we recommend that the cluster have subnets -// in all Availability Zones in the Region. -// -// * The cluster must contain at least two active HSMs, each in a different -// Availability Zone. +// * Use the CloudHsmClusterId parameter to associate the custom key store +// with a different, but related, AWS CloudHSM cluster. You can use this +// parameter to repair a custom key store if its AWS CloudHSM cluster becomes +// corrupted or is deleted, or when you need to create or restore a cluster +// from a backup. // // If the operation succeeds, it returns a JSON object with no properties. // -// This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) +// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // feature in AWS KMS, which combines the convenience and extensive integration // of AWS KMS with the isolation and control of a single-tenant key store. // @@ -5094,17 +6113,22 @@ func (c *KMS) UpdateCustomKeyStoreRequest(input *UpdateCustomKeyStoreInput) (req // See the AWS API reference guide for AWS Key Management Service's // API operation UpdateCustomKeyStore for usage and error information. // -// Returned Error Codes: -// * ErrCodeCustomKeyStoreNotFoundException "CustomKeyStoreNotFoundException" +// Returned Error Types: +// * CustomKeyStoreNotFoundException // The request was rejected because AWS KMS cannot find a custom key store with // the specified key store name or ID. // -// * ErrCodeCloudHsmClusterNotFoundException "CloudHsmClusterNotFoundException" +// * CustomKeyStoreNameInUseException +// The request was rejected because the specified custom key store name is already +// assigned to another custom key store in the account. Try again with a custom +// key store name that is unique in the account. +// +// * CloudHsmClusterNotFoundException // The request was rejected because AWS KMS cannot find the AWS CloudHSM cluster // with the specified cluster ID. Retry the request with a different cluster // ID. // -// * ErrCodeCloudHsmClusterNotRelatedException "CloudHsmClusterNotRelatedException" +// * CloudHsmClusterNotRelatedException // The request was rejected because the specified AWS CloudHSM cluster has a // different cluster certificate than the original cluster. You cannot use the // operation to specify an unrelated cluster. @@ -5115,10 +6139,10 @@ func (c *KMS) UpdateCustomKeyStoreRequest(input *UpdateCustomKeyStoreInput) (req // cluster. // // Clusters that share a backup history have the same cluster certificate. To -// view the cluster certificate of a cluster, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) +// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. // -// * ErrCodeCustomKeyStoreInvalidStateException "CustomKeyStoreInvalidStateException" +// * CustomKeyStoreInvalidStateException // The request was rejected because of the ConnectionState of the custom key // store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores // operation. @@ -5137,34 +6161,48 @@ func (c *KMS) UpdateCustomKeyStoreRequest(input *UpdateCustomKeyStoreInput) (req // with a ConnectionState of DISCONNECTING or FAILED. This operation is valid // for all other ConnectionState values. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeCloudHsmClusterNotActiveException "CloudHsmClusterNotActiveException" +// * CloudHsmClusterNotActiveException // The request was rejected because the AWS CloudHSM cluster that is associated // with the custom key store is not active. Initialize and activate the cluster // and try the command again. For detailed instructions, see Getting Started -// (http://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) +// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) // in the AWS CloudHSM User Guide. // -// * ErrCodeCloudHsmClusterInvalidConfigurationException "CloudHsmClusterInvalidConfigurationException" +// * CloudHsmClusterInvalidConfigurationException // The request was rejected because the associated AWS CloudHSM cluster did -// not meet the configuration requirements for a custom key store. The cluster -// must be configured with private subnets in at least two different Availability -// Zones in the Region. Also, it must contain at least as many HSMs as the operation -// requires. +// not meet the configuration requirements for a custom key store. // -// For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, -// the AWS CloudHSM cluster must have at least two active HSMs, each in a different -// Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM -// must contain at least one active HSM. +// * The cluster must be configured with private subnets in at least two +// different Availability Zones in the Region. // -// For information about creating a private subnet for a AWS CloudHSM cluster, -// see Create a Private Subnet (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) -// in the AWS CloudHSM User Guide. To add HSMs, use the AWS CloudHSM CreateHsm -// (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) -// operation. +// * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// (cloudhsm-cluster--sg) must include inbound rules and outbound +// rules that allow TCP traffic on ports 2223-2225. The Source in the inbound +// rules and the Destination in the outbound rules must match the security +// group ID. These rules are set by default when you create the cluster. +// Do not delete or change them. To get information about a particular security +// group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) +// operation. +// +// * The cluster must contain at least as many HSMs as the operation requires. +// To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) +// operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey +// operations, the AWS CloudHSM cluster must have at least two active HSMs, +// each in a different Availability Zone. For the ConnectCustomKeyStore operation, +// the AWS CloudHSM must contain at least one active HSM. +// +// For information about the requirements for an AWS CloudHSM cluster that is +// associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. For information about +// creating a private subnet for an AWS CloudHSM cluster, see Create a Private +// Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) +// in the AWS CloudHSM User Guide. For information about cluster security groups, +// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// in the AWS CloudHSM User Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateCustomKeyStore func (c *KMS) UpdateCustomKeyStore(input *UpdateCustomKeyStoreInput) (*UpdateCustomKeyStoreOutput, error) { @@ -5233,13 +6271,13 @@ func (c *KMS) UpdateKeyDescriptionRequest(input *UpdateKeyDescriptionInput) (req // UpdateKeyDescription API operation for AWS Key Management Service. // -// Updates the description of a customer master key (CMK). To see the decription +// Updates the description of a customer master key (CMK). To see the description // of a CMK, use DescribeKey. // // You cannot perform this operation on a CMK in a different AWS account. // -// The result of this operation varies with the key state of the CMK. For details, -// see How Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5249,29 +6287,30 @@ func (c *KMS) UpdateKeyDescriptionRequest(input *UpdateKeyDescriptionInput) (req // See the AWS API reference guide for AWS Key Management Service's // API operation UpdateKeyDescription for usage and error information. // -// Returned Error Codes: -// * ErrCodeNotFoundException "NotFoundException" +// Returned Error Types: +// * NotFoundException // The request was rejected because the specified entity or resource could not // be found. // -// * ErrCodeInvalidArnException "InvalidArnException" -// The request was rejected because a specified ARN was not valid. +// * InvalidArnException +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. // -// * ErrCodeDependencyTimeoutException "DependencyTimeoutException" +// * DependencyTimeoutException // The system timed out while trying to fulfill the request. The request can // be retried. // -// * ErrCodeInternalException "KMSInternalException" +// * InternalException // The request was rejected because an internal exception occurred. The request // can be retried. // -// * ErrCodeInvalidStateException "KMSInvalidStateException" +// * InvalidStateException // The request was rejected because the state of the specified resource is not // valid for this request. // // For more information about how key state affects the use of a CMK, see How -// Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) -// in the AWS Key Management Service Developer Guide. +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . // // See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateKeyDescription func (c *KMS) UpdateKeyDescription(input *UpdateKeyDescriptionInput) (*UpdateKeyDescriptionOutput, error) { @@ -5295,6 +6334,161 @@ func (c *KMS) UpdateKeyDescriptionWithContext(ctx aws.Context, input *UpdateKeyD return out, req.Send() } +const opVerify = "Verify" + +// VerifyRequest generates a "aws/request.Request" representing the +// client's request for the Verify operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See Verify for more information on using the Verify +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the VerifyRequest method. +// req, resp := client.VerifyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Verify +func (c *KMS) VerifyRequest(input *VerifyInput) (req *request.Request, output *VerifyOutput) { + op := &request.Operation{ + Name: opVerify, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &VerifyInput{} + } + + output = &VerifyOutput{} + req = c.newRequest(op, input, output) + return +} + +// Verify API operation for AWS Key Management Service. +// +// Verifies a digital signature that was generated by the Sign operation. +// +// Verification confirms that an authorized user signed the message with the +// specified CMK and signing algorithm, and the message hasn't changed since +// it was signed. If the signature is verified, the value of the SignatureValid +// field in the response is True. If the signature verification fails, the Verify +// operation fails with an KMSInvalidSignatureException exception. +// +// A digital signature is generated by using the private key in an asymmetric +// CMK. The signature is verified by using the public key in the same asymmetric +// CMK. For information about symmetric and asymmetric CMKs, see Using Symmetric +// and Asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) +// in the AWS Key Management Service Developer Guide. +// +// To verify a digital signature, you can use the Verify operation. Specify +// the same asymmetric CMK, message, and signing algorithm that were used to +// produce the signature. +// +// You can also verify the digital signature by using the public key of the +// CMK outside of AWS KMS. Use the GetPublicKey operation to download the public +// key in the asymmetric CMK and then use the public key to verify the signature +// outside of AWS KMS. The advantage of using the Verify operation is that it +// is performed within AWS KMS. As a result, it's easy to call, the operation +// is performed within the FIPS boundary, it is logged in AWS CloudTrail, and +// you can use key policy and IAM policy to determine who is authorized to use +// the CMK to verify signatures. +// +// The CMK that you use for this operation must be in a compatible key state. +// For details, see How Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Key Management Service's +// API operation Verify for usage and error information. +// +// Returned Error Types: +// * NotFoundException +// The request was rejected because the specified entity or resource could not +// be found. +// +// * DisabledException +// The request was rejected because the specified CMK is not enabled. +// +// * KeyUnavailableException +// The request was rejected because the specified CMK was not available. You +// can retry the request. +// +// * DependencyTimeoutException +// The system timed out while trying to fulfill the request. The request can +// be retried. +// +// * InvalidKeyUsageException +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +// +// * InvalidGrantTokenException +// The request was rejected because the specified grant token is not valid. +// +// * InternalException +// The request was rejected because an internal exception occurred. The request +// can be retried. +// +// * InvalidStateException +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +// +// * KMSInvalidSignatureException +// The request was rejected because the signature verification failed. Signature +// verification fails when it cannot confirm that signature was produced by +// signing the specified message with the specified CMK and signing algorithm. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/Verify +func (c *KMS) Verify(input *VerifyInput) (*VerifyOutput, error) { + req, out := c.VerifyRequest(input) + return out, req.Send() +} + +// VerifyWithContext is the same as Verify with the addition of +// the ability to pass a context and additional request options. +// +// See Verify for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *KMS) VerifyWithContext(ctx aws.Context, input *VerifyInput, opts ...request.Option) (*VerifyOutput, error) { + req, out := c.VerifyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + // Contains information about an alias. type AliasListEntry struct { _ struct{} `type:"structure"` @@ -5302,7 +6496,7 @@ type AliasListEntry struct { // String that contains the key ARN. AliasArn *string `min:"20" type:"string"` - // String that contains the alias. + // String that contains the alias. This value begins with alias/. AliasName *string `min:"1" type:"string"` // String that contains the key identifier referred to by the alias. @@ -5337,6 +6531,63 @@ func (s *AliasListEntry) SetTargetKeyId(v string) *AliasListEntry { return s } +// The request was rejected because it attempted to create a resource that already +// exists. +type AlreadyExistsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s AlreadyExistsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AlreadyExistsException) GoString() string { + return s.String() +} + +func newErrorAlreadyExistsException(v protocol.ResponseMetadata) error { + return &AlreadyExistsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s AlreadyExistsException) Code() string { + return "AlreadyExistsException" +} + +// Message returns the exception's message. +func (s AlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s AlreadyExistsException) OrigErr() error { + return nil +} + +func (s AlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s AlreadyExistsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s AlreadyExistsException) RequestID() string { + return s.respMetadata.RequestID +} + type CancelKeyDeletionInput struct { _ struct{} `type:"structure"` @@ -5412,6 +6663,339 @@ func (s *CancelKeyDeletionOutput) SetKeyId(v string) *CancelKeyDeletionOutput { return s } +// The request was rejected because the specified AWS CloudHSM cluster is already +// associated with a custom key store or it shares a backup history with a cluster +// that is associated with a custom key store. Each custom key store must be +// associated with a different AWS CloudHSM cluster. +// +// Clusters that share a backup history have the same cluster certificate. To +// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) +// operation. +type CloudHsmClusterInUseException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CloudHsmClusterInUseException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudHsmClusterInUseException) GoString() string { + return s.String() +} + +func newErrorCloudHsmClusterInUseException(v protocol.ResponseMetadata) error { + return &CloudHsmClusterInUseException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CloudHsmClusterInUseException) Code() string { + return "CloudHsmClusterInUseException" +} + +// Message returns the exception's message. +func (s CloudHsmClusterInUseException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CloudHsmClusterInUseException) OrigErr() error { + return nil +} + +func (s CloudHsmClusterInUseException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CloudHsmClusterInUseException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CloudHsmClusterInUseException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the associated AWS CloudHSM cluster did +// not meet the configuration requirements for a custom key store. +// +// * The cluster must be configured with private subnets in at least two +// different Availability Zones in the Region. +// +// * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// (cloudhsm-cluster--sg) must include inbound rules and outbound +// rules that allow TCP traffic on ports 2223-2225. The Source in the inbound +// rules and the Destination in the outbound rules must match the security +// group ID. These rules are set by default when you create the cluster. +// Do not delete or change them. To get information about a particular security +// group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) +// operation. +// +// * The cluster must contain at least as many HSMs as the operation requires. +// To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) +// operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey +// operations, the AWS CloudHSM cluster must have at least two active HSMs, +// each in a different Availability Zone. For the ConnectCustomKeyStore operation, +// the AWS CloudHSM must contain at least one active HSM. +// +// For information about the requirements for an AWS CloudHSM cluster that is +// associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) +// in the AWS Key Management Service Developer Guide. For information about +// creating a private subnet for an AWS CloudHSM cluster, see Create a Private +// Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) +// in the AWS CloudHSM User Guide. For information about cluster security groups, +// see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) +// in the AWS CloudHSM User Guide . +type CloudHsmClusterInvalidConfigurationException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CloudHsmClusterInvalidConfigurationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudHsmClusterInvalidConfigurationException) GoString() string { + return s.String() +} + +func newErrorCloudHsmClusterInvalidConfigurationException(v protocol.ResponseMetadata) error { + return &CloudHsmClusterInvalidConfigurationException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CloudHsmClusterInvalidConfigurationException) Code() string { + return "CloudHsmClusterInvalidConfigurationException" +} + +// Message returns the exception's message. +func (s CloudHsmClusterInvalidConfigurationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CloudHsmClusterInvalidConfigurationException) OrigErr() error { + return nil +} + +func (s CloudHsmClusterInvalidConfigurationException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CloudHsmClusterInvalidConfigurationException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CloudHsmClusterInvalidConfigurationException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the AWS CloudHSM cluster that is associated +// with the custom key store is not active. Initialize and activate the cluster +// and try the command again. For detailed instructions, see Getting Started +// (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) +// in the AWS CloudHSM User Guide. +type CloudHsmClusterNotActiveException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CloudHsmClusterNotActiveException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudHsmClusterNotActiveException) GoString() string { + return s.String() +} + +func newErrorCloudHsmClusterNotActiveException(v protocol.ResponseMetadata) error { + return &CloudHsmClusterNotActiveException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CloudHsmClusterNotActiveException) Code() string { + return "CloudHsmClusterNotActiveException" +} + +// Message returns the exception's message. +func (s CloudHsmClusterNotActiveException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CloudHsmClusterNotActiveException) OrigErr() error { + return nil +} + +func (s CloudHsmClusterNotActiveException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CloudHsmClusterNotActiveException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CloudHsmClusterNotActiveException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because AWS KMS cannot find the AWS CloudHSM cluster +// with the specified cluster ID. Retry the request with a different cluster +// ID. +type CloudHsmClusterNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CloudHsmClusterNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudHsmClusterNotFoundException) GoString() string { + return s.String() +} + +func newErrorCloudHsmClusterNotFoundException(v protocol.ResponseMetadata) error { + return &CloudHsmClusterNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CloudHsmClusterNotFoundException) Code() string { + return "CloudHsmClusterNotFoundException" +} + +// Message returns the exception's message. +func (s CloudHsmClusterNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CloudHsmClusterNotFoundException) OrigErr() error { + return nil +} + +func (s CloudHsmClusterNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CloudHsmClusterNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CloudHsmClusterNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified AWS CloudHSM cluster has a +// different cluster certificate than the original cluster. You cannot use the +// operation to specify an unrelated cluster. +// +// Specify a cluster that shares a backup history with the original cluster. +// This includes clusters that were created from a backup of the current cluster, +// and clusters that were created from the same backup that produced the current +// cluster. +// +// Clusters that share a backup history have the same cluster certificate. To +// view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) +// operation. +type CloudHsmClusterNotRelatedException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CloudHsmClusterNotRelatedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CloudHsmClusterNotRelatedException) GoString() string { + return s.String() +} + +func newErrorCloudHsmClusterNotRelatedException(v protocol.ResponseMetadata) error { + return &CloudHsmClusterNotRelatedException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CloudHsmClusterNotRelatedException) Code() string { + return "CloudHsmClusterNotRelatedException" +} + +// Message returns the exception's message. +func (s CloudHsmClusterNotRelatedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CloudHsmClusterNotRelatedException) OrigErr() error { + return nil +} + +func (s CloudHsmClusterNotRelatedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CloudHsmClusterNotRelatedException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CloudHsmClusterNotRelatedException) RequestID() string { + return s.respMetadata.RequestID +} + type ConnectCustomKeyStoreInput struct { _ struct{} `type:"structure"` @@ -5471,25 +7055,17 @@ func (s ConnectCustomKeyStoreOutput) GoString() string { type CreateAliasInput struct { _ struct{} `type:"structure"` - // String that contains the display name. The name must start with the word - // "alias" followed by a forward slash (alias/). Aliases that begin with "alias/AWS" - // are reserved. + // Specifies the alias name. This value must begin with alias/ followed by a + // name, such as alias/ExampleAlias. The alias name cannot begin with alias/aws/. + // The alias/aws/ prefix is reserved for AWS managed CMKs. // // AliasName is a required field AliasName *string `min:"1" type:"string" required:"true"` - // Identifies the CMK for which you are creating the alias. This value cannot - // be an alias. - // - // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. - // - // For example: - // - // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab - // - // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab - // - // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. + // Identifies the CMK to which the alias refers. Specify the key ID or the Amazon + // Resource Name (ARN) of the CMK. You cannot specify another alias. For help + // finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) + // in the AWS Key Management Service Developer Guide. // // TargetKeyId is a required field TargetKeyId *string `min:"1" type:"string" required:"true"` @@ -5558,7 +7134,7 @@ type CreateCustomKeyStoreInput struct { // Identifies the AWS CloudHSM cluster for the custom key store. Enter the cluster // ID of any active AWS CloudHSM cluster that is not already associated with - // a custom key store. To find the cluster ID, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) + // a custom key store. To find the cluster ID, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. // // CloudHsmClusterId is a required field @@ -5570,9 +7146,9 @@ type CreateCustomKeyStoreInput struct { // CustomKeyStoreName is a required field CustomKeyStoreName *string `min:"1" type:"string" required:"true"` - // Enter the password of the kmsuser (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) - // crypto user (CU) account in the specified AWS CloudHSM cluster. AWS KMS logs - // into the cluster as this user to manage key material on your behalf. + // Enter the password of the kmsuser crypto user (CU) account (https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser) + // in the specified AWS CloudHSM cluster. AWS KMS logs into the cluster as this + // user to manage key material on your behalf. // // This parameter tells AWS KMS the kmsuser account password; it does not change // the password in the AWS CloudHSM cluster. @@ -5582,7 +7158,7 @@ type CreateCustomKeyStoreInput struct { // Enter the content of the trust anchor certificate for the cluster. This is // the content of the customerCA.crt file that you created when you initialized - // the cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html). + // the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html). // // TrustAnchorCertificate is a required field TrustAnchorCertificate *string `min:"1" type:"string" required:"true"` @@ -5682,26 +7258,26 @@ func (s *CreateCustomKeyStoreOutput) SetCustomKeyStoreId(v string) *CreateCustom type CreateGrantInput struct { _ struct{} `type:"structure"` - // A structure that you can use to allow certain operations in the grant only - // when the desired encryption context is present. For more information about - // encryption context, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html) - // in the AWS Key Management Service Developer Guide. + // Allows a cryptographic operation only when the encryption context matches + // or includes the encryption context specified in this structure. For more + // information about encryption context, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide . Constraints *GrantConstraints `type:"structure"` // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` // The principal that is given permission to perform the operations that the // grant permits. // - // To specify the principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of an AWS principal. Valid AWS principals include AWS accounts (root), IAM // users, IAM roles, federated users, and assumed role users. For examples of // the ARN syntax to use for specifying a principal, see AWS Identity and Access - // Management (IAM) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) + // Management (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) // in the Example ARNs section of the AWS General Reference. // // GranteePrincipal is a required field @@ -5724,8 +7300,8 @@ type CreateGrantInput struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // A friendly name for identifying the grant. Use this value to prevent unintended - // creation of duplicate grants when retrying this request. + // A friendly name for identifying the grant. Use this value to prevent the + // unintended creation of duplicate grants when retrying this request. // // When this value is absent, all CreateGrant requests result in a new grant // with a unique GrantId even if all the supplied parameters are identical. @@ -5746,11 +7322,11 @@ type CreateGrantInput struct { // The principal that is given permission to retire the grant by using RetireGrant // operation. // - // To specify the principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of an AWS principal. Valid AWS principals include AWS accounts (root), IAM // users, federated users, and assumed role users. For examples of the ARN syntax // to use for specifying a principal, see AWS Identity and Access Management - // (IAM) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) + // (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) // in the Example ARNs section of the AWS General Reference. RetiringPrincipal *string `min:"1" type:"string"` } @@ -5848,7 +7424,7 @@ type CreateGrantOutput struct { // The grant token. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantToken *string `min:"1" type:"string"` } @@ -5883,8 +7459,8 @@ type CreateKeyInput struct { // Setting this value to true increases the risk that the CMK becomes unmanageable. // Do not set this value to true indiscriminately. // - // For more information, refer to the scenario in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section in the AWS Key Management Service Developer Guide. + // For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) + // section in the AWS Key Management Service Developer Guide . // // Use this parameter only when you include a policy in the request and you // intend to prevent the principal that is making the request from making a @@ -5893,50 +7469,89 @@ type CreateKeyInput struct { // The default value is false. BypassPolicyLockoutSafetyCheck *bool `type:"boolean"` - // Creates the CMK in the specified custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) + // Creates the CMK in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // and the key material in its associated AWS CloudHSM cluster. To create a // CMK in a custom key store, you must also specify the Origin parameter with // a value of AWS_CLOUDHSM. The AWS CloudHSM cluster that is associated with // the custom key store must have at least two active HSMs, each in a different // Availability Zone in the Region. // + // This parameter is valid only for symmetric CMKs. You cannot create an asymmetric + // CMK in a custom key store. + // // To find the ID of a custom key store, use the DescribeCustomKeyStores operation. // // The response includes the custom key store ID and the ID of the AWS CloudHSM // cluster. // - // This operation is part of the Custom Key Store feature (http://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) + // This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // feature in AWS KMS, which combines the convenience and extensive integration // of AWS KMS with the isolation and control of a single-tenant key store. CustomKeyStoreId *string `min:"1" type:"string"` + // Specifies the type of CMK to create. The CustomerMasterKeySpec determines + // whether the CMK contains a symmetric key or an asymmetric key pair. It also + // determines the encryption algorithms or signing algorithms that the CMK supports. + // You can't change the CustomerMasterKeySpec after the CMK is created. To further + // restrict the algorithms that can be used with the CMK, use its key policy + // or IAM policy. + // + // For help with choosing a key spec for your CMK, see Selecting a Customer + // Master Key Spec (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html#cmk-key-spec) + // in the AWS Key Management Service Developer Guide. + // + // The default value, SYMMETRIC_DEFAULT, creates a CMK with a 256-bit symmetric + // key. + // + // AWS KMS supports the following key specs for CMKs: + // + // * Symmetric key (default) SYMMETRIC_DEFAULT (AES-256-GCM) + // + // * Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096 + // + // * Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1) + // ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1) + // + // * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1), + // commonly used for cryptocurrencies. + CustomerMasterKeySpec *string `type:"string" enum:"CustomerMasterKeySpec"` + // A description of the CMK. // // Use a description that helps you decide whether the CMK is appropriate for // a task. Description *string `type:"string"` - // The intended use of the CMK. + // Determines the cryptographic operations for which you can use the CMK. The + // default value is ENCRYPT_DECRYPT. This parameter is required only for asymmetric + // CMKs. You can't change the KeyUsage value after the CMK is created. // - // You can use CMKs only for symmetric encryption and decryption. + // Select only one valid value. + // + // * For symmetric CMKs, omit the parameter or specify ENCRYPT_DECRYPT. + // + // * For asymmetric CMKs with RSA key material, specify ENCRYPT_DECRYPT or + // SIGN_VERIFY. + // + // * For asymmetric CMKs with ECC key material, specify SIGN_VERIFY. KeyUsage *string `type:"string" enum:"KeyUsageType"` - // The source of the CMK's key material. You cannot change the origin after - // you create the CMK. - // - // The default is AWS_KMS, which means AWS KMS creates the key material in its - // own key store. + // The source of the key material for the CMK. You cannot change the origin + // after you create the CMK. The default is AWS_KMS, which means AWS KMS creates + // the key material. // // When the parameter value is EXTERNAL, AWS KMS creates a CMK without key material // so that you can import key material from your existing key management infrastructure. // For more information about importing key material into AWS KMS, see Importing - // Key Material (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) - // in the AWS Key Management Service Developer Guide. + // Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) + // in the AWS Key Management Service Developer Guide. This value is valid only + // for symmetric CMKs. // - // When the parameter value is AWS_CLOUDHSM, AWS KMS creates the CMK in a AWS - // KMS custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) + // When the parameter value is AWS_CLOUDHSM, AWS KMS creates the CMK in an AWS + // KMS custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // and creates its key material in the associated AWS CloudHSM cluster. You // must also use the CustomKeyStoreId parameter to identify the custom key store. + // This value is valid only for symmetric CMKs. Origin *string `type:"string" enum:"OriginType"` // The key policy to attach to the CMK. @@ -5947,8 +7562,8 @@ type CreateKeyInput struct { // must allow the principal that is making the CreateKey request to make // a subsequent PutKeyPolicy request on the CMK. This reduces the risk that // the CMK becomes unmanageable. For more information, refer to the scenario - // in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section of the AWS Key Management Service Developer Guide. + // in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) + // section of the AWS Key Management Service Developer Guide . // // * Each statement in the key policy must contain one or more principals. // The principals in the key policy must exist and be visible to AWS KMS. @@ -5956,21 +7571,26 @@ type CreateKeyInput struct { // you might need to enforce a delay before including the new principal in // a key policy because the new principal might not be immediately visible // to AWS KMS. For more information, see Changes that I make are not always - // immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + // immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) // in the AWS Identity and Access Management User Guide. // // If you do not provide a key policy, AWS KMS attaches a default key policy - // to the CMK. For more information, see Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) + // to the CMK. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) // in the AWS Key Management Service Developer Guide. // // The key policy size limit is 32 kilobytes (32768 bytes). Policy *string `min:"1" type:"string"` - // One or more tags. Each tag consists of a tag key and a tag value. Tag keys - // and tag values are both required, but tag values can be empty (null) strings. + // One or more tags. Each tag consists of a tag key and a tag value. Both the + // tag key and the tag value are required, but the tag value can be an empty + // (null) string. // - // Use this parameter to tag the CMK when it is created. Alternately, you can - // omit this parameter and instead tag the CMK after it is created using TagResource. + // When you add tags to an AWS resource, AWS generates a cost allocation report + // with usage and costs aggregated by tags. For information about adding, changing, + // deleting and listing tags for CMKs, see Tagging Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html). + // + // Use this parameter to tag the CMK when it is created. To add tags to an existing + // CMK, use the TagResource operation. Tags []*Tag `type:"list"` } @@ -6022,6 +7642,12 @@ func (s *CreateKeyInput) SetCustomKeyStoreId(v string) *CreateKeyInput { return s } +// SetCustomerMasterKeySpec sets the CustomerMasterKeySpec field's value. +func (s *CreateKeyInput) SetCustomerMasterKeySpec(v string) *CreateKeyInput { + s.CustomerMasterKeySpec = &v + return s +} + // SetDescription sets the Description field's value. func (s *CreateKeyInput) SetDescription(v string) *CreateKeyInput { s.Description = &v @@ -6075,6 +7701,252 @@ func (s *CreateKeyOutput) SetKeyMetadata(v *KeyMetadata) *CreateKeyOutput { return s } +// The request was rejected because the custom key store contains AWS KMS customer +// master keys (CMKs). After verifying that you do not need to use the CMKs, +// use the ScheduleKeyDeletion operation to delete the CMKs. After they are +// deleted, you can delete the custom key store. +type CustomKeyStoreHasCMKsException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CustomKeyStoreHasCMKsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomKeyStoreHasCMKsException) GoString() string { + return s.String() +} + +func newErrorCustomKeyStoreHasCMKsException(v protocol.ResponseMetadata) error { + return &CustomKeyStoreHasCMKsException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CustomKeyStoreHasCMKsException) Code() string { + return "CustomKeyStoreHasCMKsException" +} + +// Message returns the exception's message. +func (s CustomKeyStoreHasCMKsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CustomKeyStoreHasCMKsException) OrigErr() error { + return nil +} + +func (s CustomKeyStoreHasCMKsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CustomKeyStoreHasCMKsException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CustomKeyStoreHasCMKsException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because of the ConnectionState of the custom key +// store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores +// operation. +// +// This exception is thrown under the following conditions: +// +// * You requested the CreateKey or GenerateRandom operation in a custom +// key store that is not connected. These operations are valid only when +// the custom key store ConnectionState is CONNECTED. +// +// * You requested the UpdateCustomKeyStore or DeleteCustomKeyStore operation +// on a custom key store that is not disconnected. This operation is valid +// only when the custom key store ConnectionState is DISCONNECTED. +// +// * You requested the ConnectCustomKeyStore operation on a custom key store +// with a ConnectionState of DISCONNECTING or FAILED. This operation is valid +// for all other ConnectionState values. +type CustomKeyStoreInvalidStateException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CustomKeyStoreInvalidStateException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomKeyStoreInvalidStateException) GoString() string { + return s.String() +} + +func newErrorCustomKeyStoreInvalidStateException(v protocol.ResponseMetadata) error { + return &CustomKeyStoreInvalidStateException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CustomKeyStoreInvalidStateException) Code() string { + return "CustomKeyStoreInvalidStateException" +} + +// Message returns the exception's message. +func (s CustomKeyStoreInvalidStateException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CustomKeyStoreInvalidStateException) OrigErr() error { + return nil +} + +func (s CustomKeyStoreInvalidStateException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CustomKeyStoreInvalidStateException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CustomKeyStoreInvalidStateException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified custom key store name is already +// assigned to another custom key store in the account. Try again with a custom +// key store name that is unique in the account. +type CustomKeyStoreNameInUseException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CustomKeyStoreNameInUseException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomKeyStoreNameInUseException) GoString() string { + return s.String() +} + +func newErrorCustomKeyStoreNameInUseException(v protocol.ResponseMetadata) error { + return &CustomKeyStoreNameInUseException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CustomKeyStoreNameInUseException) Code() string { + return "CustomKeyStoreNameInUseException" +} + +// Message returns the exception's message. +func (s CustomKeyStoreNameInUseException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CustomKeyStoreNameInUseException) OrigErr() error { + return nil +} + +func (s CustomKeyStoreNameInUseException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CustomKeyStoreNameInUseException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CustomKeyStoreNameInUseException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because AWS KMS cannot find a custom key store with +// the specified key store name or ID. +type CustomKeyStoreNotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s CustomKeyStoreNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CustomKeyStoreNotFoundException) GoString() string { + return s.String() +} + +func newErrorCustomKeyStoreNotFoundException(v protocol.ResponseMetadata) error { + return &CustomKeyStoreNotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s CustomKeyStoreNotFoundException) Code() string { + return "CustomKeyStoreNotFoundException" +} + +// Message returns the exception's message. +func (s CustomKeyStoreNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s CustomKeyStoreNotFoundException) OrigErr() error { + return nil +} + +func (s CustomKeyStoreNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s CustomKeyStoreNotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s CustomKeyStoreNotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + // Contains information about each custom key store in the custom key store // list. type CustomKeyStoresListEntry struct { @@ -6093,6 +7965,10 @@ type CustomKeyStoresListEntry struct { // not contain any active HSMs. To connect a custom key store to its AWS // CloudHSM cluster, the cluster must contain at least one active HSM. // + // * INTERNAL_ERROR - AWS KMS could not complete the request due to an internal + // error. Retry the request. For ConnectCustomKeyStore requests, disconnect + // the custom key store before trying to connect again. + // // * INVALID_CREDENTIALS - AWS KMS does not have the correct password for // the kmsuser crypto user in the AWS CloudHSM cluster. // @@ -6106,7 +7982,7 @@ type CustomKeyStoresListEntry struct { // for the custom key store. // // For help with connection failures, see Troubleshooting Custom Key Stores - // (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) + // (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) // in the AWS Key Management Service Developer Guide. ConnectionErrorCode *string `type:"string" enum:"ConnectionErrorCodeType"` @@ -6123,7 +7999,7 @@ type CustomKeyStoresListEntry struct { // // A value of FAILED indicates that an attempt to connect was unsuccessful. // For help resolving a connection failure, see Troubleshooting a Custom Key - // Store (http://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) + // Store (https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html) // in the AWS Key Management Service Developer Guide. ConnectionState *string `type:"string" enum:"ConnectionStateType"` @@ -6137,7 +8013,7 @@ type CustomKeyStoresListEntry struct { CustomKeyStoreName *string `min:"1" type:"string"` // The trust anchor certificate of the associated AWS CloudHSM cluster. When - // you initialize the cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), + // you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), // you create this certificate and save it in the customerCA.crt file. TrustAnchorCertificate *string `min:"1" type:"string"` } @@ -6204,16 +8080,64 @@ type DecryptInput struct { // CiphertextBlob is a required field CiphertextBlob []byte `min:"1" type:"blob" required:"true"` - // The encryption context. If this was specified in the Encrypt function, it - // must be specified here or the decryption operation will fail. For more information, - // see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html). + // Specifies the encryption algorithm that will be used to decrypt the ciphertext. + // Specify the same algorithm that was used to encrypt the data. If you specify + // a different algorithm, the Decrypt operation fails. + // + // This parameter is required only when the ciphertext was encrypted under an + // asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only + // supported algorithm that is valid for symmetric CMKs. + EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + + // Specifies the encryption context to use when decrypting the data. An encryption + // context is valid only for cryptographic operations with a symmetric CMK. + // The standard asymmetric encryption algorithms that AWS KMS uses do not support + // an encryption context. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. EncryptionContext map[string]*string `type:"map"` // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` + + // Specifies the customer master key (CMK) that AWS KMS will use to decrypt + // the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext. + // + // If you specify a KeyId value, the Decrypt operation succeeds only if the + // specified CMK was used to encrypt the ciphertext. + // + // This parameter is required only when the ciphertext was encrypted under an + // asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the + // ciphertext blob to determine which CMK was used to encrypt the ciphertext. + // However, you can use this parameter to ensure that a particular CMK (of any + // kind) is used to decrypt the ciphertext. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + KeyId *string `min:"1" type:"string"` } // String returns the string representation @@ -6235,6 +8159,9 @@ func (s *DecryptInput) Validate() error { if s.CiphertextBlob != nil && len(s.CiphertextBlob) < 1 { invalidParams.Add(request.NewErrParamMinLen("CiphertextBlob", 1)) } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -6248,6 +8175,12 @@ func (s *DecryptInput) SetCiphertextBlob(v []byte) *DecryptInput { return s } +// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value. +func (s *DecryptInput) SetEncryptionAlgorithm(v string) *DecryptInput { + s.EncryptionAlgorithm = &v + return s +} + // SetEncryptionContext sets the EncryptionContext field's value. func (s *DecryptInput) SetEncryptionContext(v map[string]*string) *DecryptInput { s.EncryptionContext = v @@ -6260,15 +8193,23 @@ func (s *DecryptInput) SetGrantTokens(v []*string) *DecryptInput { return s } +// SetKeyId sets the KeyId field's value. +func (s *DecryptInput) SetKeyId(v string) *DecryptInput { + s.KeyId = &v + return s +} + type DecryptOutput struct { _ struct{} `type:"structure"` - // ARN of the key used to perform the decryption. This value is returned if - // no errors are encountered during the operation. + // The encryption algorithm that was used to decrypt the ciphertext. + EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + + // The ARN of the customer master key that was used to perform the decryption. KeyId *string `min:"1" type:"string"` // Decrypted plaintext data. When you use the HTTP API or the AWS CLI, the value - // is Base64-encdoded. Otherwise, it is not encoded. + // is Base64-encoded. Otherwise, it is not Base64-encoded. // // Plaintext is automatically base64 encoded/decoded by the SDK. Plaintext []byte `min:"1" type:"blob" sensitive:"true"` @@ -6284,6 +8225,12 @@ func (s DecryptOutput) GoString() string { return s.String() } +// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value. +func (s *DecryptOutput) SetEncryptionAlgorithm(v string) *DecryptOutput { + s.EncryptionAlgorithm = &v + return s +} + // SetKeyId sets the KeyId field's value. func (s *DecryptOutput) SetKeyId(v string) *DecryptOutput { s.KeyId = &v @@ -6299,8 +8246,8 @@ func (s *DecryptOutput) SetPlaintext(v []byte) *DecryptOutput { type DeleteAliasInput struct { _ struct{} `type:"structure"` - // The alias to be deleted. The name must start with the word "alias" followed - // by a forward slash (alias/). Aliases that begin with "alias/aws" are reserved. + // The alias to be deleted. The alias name must begin with alias/ followed by + // the alias name, such as alias/ExampleAlias. // // AliasName is a required field AliasName *string `min:"1" type:"string" required:"true"` @@ -6411,8 +8358,8 @@ func (s DeleteCustomKeyStoreOutput) GoString() string { type DeleteImportedKeyMaterialInput struct { _ struct{} `type:"structure"` - // The identifier of the CMK whose key material to delete. The CMK's Origin - // must be EXTERNAL. + // Identifies the CMK from which you are deleting imported key material. The + // Origin of the CMK must be EXTERNAL. // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -6474,6 +8421,63 @@ func (s DeleteImportedKeyMaterialOutput) GoString() string { return s.String() } +// The system timed out while trying to fulfill the request. The request can +// be retried. +type DependencyTimeoutException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s DependencyTimeoutException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DependencyTimeoutException) GoString() string { + return s.String() +} + +func newErrorDependencyTimeoutException(v protocol.ResponseMetadata) error { + return &DependencyTimeoutException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s DependencyTimeoutException) Code() string { + return "DependencyTimeoutException" +} + +// Message returns the exception's message. +func (s DependencyTimeoutException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s DependencyTimeoutException) OrigErr() error { + return nil +} + +func (s DependencyTimeoutException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s DependencyTimeoutException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s DependencyTimeoutException) RequestID() string { + return s.respMetadata.RequestID +} + type DescribeCustomKeyStoresInput struct { _ struct{} `type:"structure"` @@ -6574,7 +8578,7 @@ type DescribeCustomKeyStoresOutput struct { // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -6612,14 +8616,14 @@ type DescribeKeyInput struct { // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` // Describes the specified customer master key (CMK). // // If you specify a predefined AWS alias (an AWS alias with no key ID), KMS - // associates the alias with an AWS managed CMK (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) + // associates the alias with an AWS managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) // and returns its KeyId and Arn in the response. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, @@ -6772,7 +8776,10 @@ func (s DisableKeyOutput) GoString() string { type DisableKeyRotationInput struct { _ struct{} `type:"structure"` - // A unique identifier for the customer master key (CMK). + // Identifies a symmetric customer master key (CMK). You cannot enable automatic + // rotation of asymmetric CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html#asymmetric-cmks), + // CMKs with imported key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html), + // or CMKs in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -6834,6 +8841,62 @@ func (s DisableKeyRotationOutput) GoString() string { return s.String() } +// The request was rejected because the specified CMK is not enabled. +type DisabledException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s DisabledException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DisabledException) GoString() string { + return s.String() +} + +func newErrorDisabledException(v protocol.ResponseMetadata) error { + return &DisabledException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s DisabledException) Code() string { + return "DisabledException" +} + +// Message returns the exception's message. +func (s DisabledException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s DisabledException) OrigErr() error { + return nil +} + +func (s DisabledException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s DisabledException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s DisabledException) RequestID() string { + return s.respMetadata.RequestID +} + type DisconnectCustomKeyStoreInput struct { _ struct{} `type:"structure"` @@ -6958,7 +9021,9 @@ func (s EnableKeyOutput) GoString() string { type EnableKeyRotationInput struct { _ struct{} `type:"structure"` - // A unique identifier for the customer master key (CMK). + // Identifies a symmetric customer master key (CMK). You cannot enable automatic + // rotation of asymmetric CMKs, CMKs with imported key material, or CMKs in + // a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -7023,15 +9088,32 @@ func (s EnableKeyRotationOutput) GoString() string { type EncryptInput struct { _ struct{} `type:"structure"` - // Name-value pair that specifies the encryption context to be used for authenticated - // encryption. If used here, the same value must be supplied to the Decrypt - // API or decryption will fail. For more information, see Encryption Context - // (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html). + // Specifies the encryption algorithm that AWS KMS will use to encrypt the plaintext + // message. The algorithm must be compatible with the CMK that you specify. + // + // This parameter is required only for asymmetric CMKs. The default value, SYMMETRIC_DEFAULT, + // is the algorithm used for symmetric CMKs. If you are using an asymmetric + // CMK, we recommend RSAES_OAEP_SHA_256. + EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + + // Specifies the encryption context that will be used to encrypt the data. An + // encryption context is valid only for cryptographic operations with a symmetric + // CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not + // support an encryption context. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. EncryptionContext map[string]*string `type:"map"` // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` @@ -7097,6 +9179,12 @@ func (s *EncryptInput) Validate() error { return nil } +// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value. +func (s *EncryptInput) SetEncryptionAlgorithm(v string) *EncryptInput { + s.EncryptionAlgorithm = &v + return s +} + // SetEncryptionContext sets the EncryptionContext field's value. func (s *EncryptInput) SetEncryptionContext(v map[string]*string) *EncryptInput { s.EncryptionContext = v @@ -7125,11 +9213,14 @@ type EncryptOutput struct { _ struct{} `type:"structure"` // The encrypted plaintext. When you use the HTTP API or the AWS CLI, the value - // is Base64-encdoded. Otherwise, it is not encoded. + // is Base64-encoded. Otherwise, it is not Base64-encoded. // // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` + // The encryption algorithm that was used to encrypt the plaintext. + EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + // The ID of the key used during encryption. KeyId *string `min:"1" type:"string"` } @@ -7150,29 +9241,99 @@ func (s *EncryptOutput) SetCiphertextBlob(v []byte) *EncryptOutput { return s } +// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value. +func (s *EncryptOutput) SetEncryptionAlgorithm(v string) *EncryptOutput { + s.EncryptionAlgorithm = &v + return s +} + // SetKeyId sets the KeyId field's value. func (s *EncryptOutput) SetKeyId(v string) *EncryptOutput { s.KeyId = &v return s } +// The request was rejected because the specified import token is expired. Use +// GetParametersForImport to get a new import token and public key, use the +// new public key to encrypt the key material, and then try the request again. +type ExpiredImportTokenException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s ExpiredImportTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExpiredImportTokenException) GoString() string { + return s.String() +} + +func newErrorExpiredImportTokenException(v protocol.ResponseMetadata) error { + return &ExpiredImportTokenException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s ExpiredImportTokenException) Code() string { + return "ExpiredImportTokenException" +} + +// Message returns the exception's message. +func (s ExpiredImportTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s ExpiredImportTokenException) OrigErr() error { + return nil +} + +func (s ExpiredImportTokenException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s ExpiredImportTokenException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s ExpiredImportTokenException) RequestID() string { + return s.respMetadata.RequestID +} + type GenerateDataKeyInput struct { _ struct{} `type:"structure"` - // A set of key-value pairs that represents additional authenticated data. + // Specifies the encryption context that will be used when encrypting the data + // key. // - // For more information, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html) + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) // in the AWS Key Management Service Developer Guide. EncryptionContext map[string]*string `type:"map"` // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` - // The identifier of the CMK under which to generate and encrypt the data encryption - // key. + // Identifies the symmetric CMK that encrypts the data key. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, // or alias ARN. When using an alias name, prefix it with "alias/". To specify @@ -7194,14 +9355,19 @@ type GenerateDataKeyInput struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // The length of the data encryption key. Use AES_128 to generate a 128-bit - // symmetric key, or AES_256 to generate a 256-bit symmetric key. + // Specifies the length of the data key. Use AES_128 to generate a 128-bit symmetric + // key, or AES_256 to generate a 256-bit symmetric key. + // + // You must specify either the KeySpec or the NumberOfBytes parameter (but not + // both) in every GenerateDataKey request. KeySpec *string `type:"string" enum:"DataKeySpec"` - // The length of the data encryption key in bytes. For example, use the value - // 64 to generate a 512-bit data key (64 bytes is 512 bits). For common key - // lengths (128-bit and 256-bit symmetric keys), we recommend that you use the - // KeySpec field instead of this one. + // Specifies the length of the data key in bytes. For example, use the value + // 64 to generate a 512-bit data key (64 bytes is 512 bits). For 128-bit (16-byte) + // and 256-bit (32-byte) data keys, use the KeySpec parameter. + // + // You must specify either the KeySpec or the NumberOfBytes parameter (but not + // both) in every GenerateDataKey request. NumberOfBytes *int64 `min:"1" type:"integer"` } @@ -7267,19 +9433,19 @@ func (s *GenerateDataKeyInput) SetNumberOfBytes(v int64) *GenerateDataKeyInput { type GenerateDataKeyOutput struct { _ struct{} `type:"structure"` - // The encrypted data encryption key. When you use the HTTP API or the AWS CLI, - // the value is Base64-encdoded. Otherwise, it is not encoded. + // The encrypted copy of the data key. When you use the HTTP API or the AWS + // CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. // // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` - // The identifier of the CMK under which the data encryption key was generated - // and encrypted. + // The identifier of the CMK that encrypted the data key. KeyId *string `min:"1" type:"string"` - // The data encryption key. When you use the HTTP API or the AWS CLI, the value - // is Base64-encdoded. Otherwise, it is not encoded. Use this data key for local - // encryption and decryption, then remove it from memory as soon as possible. + // The plaintext data key. When you use the HTTP API or the AWS CLI, the value + // is Base64-encoded. Otherwise, it is not Base64-encoded. Use this data key + // to encrypt your data outside of KMS. Then, remove it from memory as soon + // as possible. // // Plaintext is automatically base64 encoded/decoded by the SDK. Plaintext []byte `min:"1" type:"blob" sensitive:"true"` @@ -7313,23 +9479,30 @@ func (s *GenerateDataKeyOutput) SetPlaintext(v []byte) *GenerateDataKeyOutput { return s } -type GenerateDataKeyWithoutPlaintextInput struct { +type GenerateDataKeyPairInput struct { _ struct{} `type:"structure"` - // A set of key-value pairs that represents additional authenticated data. + // Specifies the encryption context that will be used when encrypting the private + // key in the data key pair. // - // For more information, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html) + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) // in the AWS Key Management Service Developer Guide. EncryptionContext map[string]*string `type:"map"` // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` - // The identifier of the customer master key (CMK) under which to generate and - // encrypt the data encryption key. + // Specifies the symmetric CMK that encrypts the private key in the data key + // pair. You cannot specify an asymmetric CMKs. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, // or alias ARN. When using an alias name, prefix it with "alias/". To specify @@ -7351,14 +9524,370 @@ type GenerateDataKeyWithoutPlaintextInput struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // The length of the data encryption key. Use AES_128 to generate a 128-bit - // symmetric key, or AES_256 to generate a 256-bit symmetric key. + // Determines the type of data key pair that is generated. + // + // The AWS KMS rule that restricts the use of asymmetric RSA CMKs to encrypt + // and decrypt or to sign and verify (but not both), and the rule that permits + // you to use ECC CMKs only to sign and verify, are not effective outside of + // AWS KMS. + // + // KeyPairSpec is a required field + KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"` +} + +// String returns the string representation +func (s GenerateDataKeyPairInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GenerateDataKeyPairInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GenerateDataKeyPairInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GenerateDataKeyPairInput"} + if s.KeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KeyId")) + } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } + if s.KeyPairSpec == nil { + invalidParams.Add(request.NewErrParamRequired("KeyPairSpec")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEncryptionContext sets the EncryptionContext field's value. +func (s *GenerateDataKeyPairInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyPairInput { + s.EncryptionContext = v + return s +} + +// SetGrantTokens sets the GrantTokens field's value. +func (s *GenerateDataKeyPairInput) SetGrantTokens(v []*string) *GenerateDataKeyPairInput { + s.GrantTokens = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *GenerateDataKeyPairInput) SetKeyId(v string) *GenerateDataKeyPairInput { + s.KeyId = &v + return s +} + +// SetKeyPairSpec sets the KeyPairSpec field's value. +func (s *GenerateDataKeyPairInput) SetKeyPairSpec(v string) *GenerateDataKeyPairInput { + s.KeyPairSpec = &v + return s +} + +type GenerateDataKeyPairOutput struct { + _ struct{} `type:"structure"` + + // The identifier of the CMK that encrypted the private key. + KeyId *string `min:"1" type:"string"` + + // The type of data key pair that was generated. + KeyPairSpec *string `type:"string" enum:"DataKeyPairSpec"` + + // The encrypted copy of the private key. When you use the HTTP API or the AWS + // CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. + // + // PrivateKeyCiphertextBlob is automatically base64 encoded/decoded by the SDK. + PrivateKeyCiphertextBlob []byte `min:"1" type:"blob"` + + // The plaintext copy of the private key. When you use the HTTP API or the AWS + // CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. + // + // PrivateKeyPlaintext is automatically base64 encoded/decoded by the SDK. + PrivateKeyPlaintext []byte `min:"1" type:"blob" sensitive:"true"` + + // The public key (in plaintext). + // + // PublicKey is automatically base64 encoded/decoded by the SDK. + PublicKey []byte `min:"1" type:"blob"` +} + +// String returns the string representation +func (s GenerateDataKeyPairOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GenerateDataKeyPairOutput) GoString() string { + return s.String() +} + +// SetKeyId sets the KeyId field's value. +func (s *GenerateDataKeyPairOutput) SetKeyId(v string) *GenerateDataKeyPairOutput { + s.KeyId = &v + return s +} + +// SetKeyPairSpec sets the KeyPairSpec field's value. +func (s *GenerateDataKeyPairOutput) SetKeyPairSpec(v string) *GenerateDataKeyPairOutput { + s.KeyPairSpec = &v + return s +} + +// SetPrivateKeyCiphertextBlob sets the PrivateKeyCiphertextBlob field's value. +func (s *GenerateDataKeyPairOutput) SetPrivateKeyCiphertextBlob(v []byte) *GenerateDataKeyPairOutput { + s.PrivateKeyCiphertextBlob = v + return s +} + +// SetPrivateKeyPlaintext sets the PrivateKeyPlaintext field's value. +func (s *GenerateDataKeyPairOutput) SetPrivateKeyPlaintext(v []byte) *GenerateDataKeyPairOutput { + s.PrivateKeyPlaintext = v + return s +} + +// SetPublicKey sets the PublicKey field's value. +func (s *GenerateDataKeyPairOutput) SetPublicKey(v []byte) *GenerateDataKeyPairOutput { + s.PublicKey = v + return s +} + +type GenerateDataKeyPairWithoutPlaintextInput struct { + _ struct{} `type:"structure"` + + // Specifies the encryption context that will be used when encrypting the private + // key in the data key pair. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. + EncryptionContext map[string]*string `type:"map"` + + // A list of grant tokens. + // + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // in the AWS Key Management Service Developer Guide. + GrantTokens []*string `type:"list"` + + // Specifies the CMK that encrypts the private key in the data key pair. You + // must specify a symmetric CMK. You cannot use an asymmetric CMK. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + // + // KeyId is a required field + KeyId *string `min:"1" type:"string" required:"true"` + + // Determines the type of data key pair that is generated. + // + // The AWS KMS rule that restricts the use of asymmetric RSA CMKs to encrypt + // and decrypt or to sign and verify (but not both), and the rule that permits + // you to use ECC CMKs only to sign and verify, are not effective outside of + // AWS KMS. + // + // KeyPairSpec is a required field + KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"` +} + +// String returns the string representation +func (s GenerateDataKeyPairWithoutPlaintextInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GenerateDataKeyPairWithoutPlaintextInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GenerateDataKeyPairWithoutPlaintextInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GenerateDataKeyPairWithoutPlaintextInput"} + if s.KeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KeyId")) + } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } + if s.KeyPairSpec == nil { + invalidParams.Add(request.NewErrParamRequired("KeyPairSpec")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEncryptionContext sets the EncryptionContext field's value. +func (s *GenerateDataKeyPairWithoutPlaintextInput) SetEncryptionContext(v map[string]*string) *GenerateDataKeyPairWithoutPlaintextInput { + s.EncryptionContext = v + return s +} + +// SetGrantTokens sets the GrantTokens field's value. +func (s *GenerateDataKeyPairWithoutPlaintextInput) SetGrantTokens(v []*string) *GenerateDataKeyPairWithoutPlaintextInput { + s.GrantTokens = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *GenerateDataKeyPairWithoutPlaintextInput) SetKeyId(v string) *GenerateDataKeyPairWithoutPlaintextInput { + s.KeyId = &v + return s +} + +// SetKeyPairSpec sets the KeyPairSpec field's value. +func (s *GenerateDataKeyPairWithoutPlaintextInput) SetKeyPairSpec(v string) *GenerateDataKeyPairWithoutPlaintextInput { + s.KeyPairSpec = &v + return s +} + +type GenerateDataKeyPairWithoutPlaintextOutput struct { + _ struct{} `type:"structure"` + + // Specifies the CMK that encrypted the private key in the data key pair. You + // must specify a symmetric CMK. You cannot use an asymmetric CMK. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + KeyId *string `min:"1" type:"string"` + + // The type of data key pair that was generated. + KeyPairSpec *string `type:"string" enum:"DataKeyPairSpec"` + + // The encrypted copy of the private key. When you use the HTTP API or the AWS + // CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. + // + // PrivateKeyCiphertextBlob is automatically base64 encoded/decoded by the SDK. + PrivateKeyCiphertextBlob []byte `min:"1" type:"blob"` + + // The public key (in plaintext). + // + // PublicKey is automatically base64 encoded/decoded by the SDK. + PublicKey []byte `min:"1" type:"blob"` +} + +// String returns the string representation +func (s GenerateDataKeyPairWithoutPlaintextOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GenerateDataKeyPairWithoutPlaintextOutput) GoString() string { + return s.String() +} + +// SetKeyId sets the KeyId field's value. +func (s *GenerateDataKeyPairWithoutPlaintextOutput) SetKeyId(v string) *GenerateDataKeyPairWithoutPlaintextOutput { + s.KeyId = &v + return s +} + +// SetKeyPairSpec sets the KeyPairSpec field's value. +func (s *GenerateDataKeyPairWithoutPlaintextOutput) SetKeyPairSpec(v string) *GenerateDataKeyPairWithoutPlaintextOutput { + s.KeyPairSpec = &v + return s +} + +// SetPrivateKeyCiphertextBlob sets the PrivateKeyCiphertextBlob field's value. +func (s *GenerateDataKeyPairWithoutPlaintextOutput) SetPrivateKeyCiphertextBlob(v []byte) *GenerateDataKeyPairWithoutPlaintextOutput { + s.PrivateKeyCiphertextBlob = v + return s +} + +// SetPublicKey sets the PublicKey field's value. +func (s *GenerateDataKeyPairWithoutPlaintextOutput) SetPublicKey(v []byte) *GenerateDataKeyPairWithoutPlaintextOutput { + s.PublicKey = v + return s +} + +type GenerateDataKeyWithoutPlaintextInput struct { + _ struct{} `type:"structure"` + + // Specifies the encryption context that will be used when encrypting the data + // key. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. + EncryptionContext map[string]*string `type:"map"` + + // A list of grant tokens. + // + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // in the AWS Key Management Service Developer Guide. + GrantTokens []*string `type:"list"` + + // The identifier of the symmetric customer master key (CMK) that encrypts the + // data key. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". To specify + // a CMK in a different AWS account, you must use the key ARN or alias ARN. + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + // + // KeyId is a required field + KeyId *string `min:"1" type:"string" required:"true"` + + // The length of the data key. Use AES_128 to generate a 128-bit symmetric key, + // or AES_256 to generate a 256-bit symmetric key. KeySpec *string `type:"string" enum:"DataKeySpec"` - // The length of the data encryption key in bytes. For example, use the value - // 64 to generate a 512-bit data key (64 bytes is 512 bits). For common key - // lengths (128-bit and 256-bit symmetric keys), we recommend that you use the - // KeySpec field instead of this one. + // The length of the data key in bytes. For example, use the value 64 to generate + // a 512-bit data key (64 bytes is 512 bits). For common key lengths (128-bit + // and 256-bit symmetric keys), we recommend that you use the KeySpec field + // instead of this one. NumberOfBytes *int64 `min:"1" type:"integer"` } @@ -7424,14 +9953,13 @@ func (s *GenerateDataKeyWithoutPlaintextInput) SetNumberOfBytes(v int64) *Genera type GenerateDataKeyWithoutPlaintextOutput struct { _ struct{} `type:"structure"` - // The encrypted data encryption key. When you use the HTTP API or the AWS CLI, - // the value is Base64-encdoded. Otherwise, it is not encoded. + // The encrypted data key. When you use the HTTP API or the AWS CLI, the value + // is Base64-encoded. Otherwise, it is not Base64-encoded. // // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` - // The identifier of the CMK under which the data encryption key was generated - // and encrypted. + // The identifier of the CMK that encrypted the data key. KeyId *string `min:"1" type:"string"` } @@ -7461,7 +9989,7 @@ type GenerateRandomInput struct { _ struct{} `type:"structure"` // Generates the random byte string in the AWS CloudHSM cluster that is associated - // with the specified custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html). + // with the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). // To find the ID of a custom key store, use the DescribeCustomKeyStores operation. CustomKeyStoreId *string `min:"1" type:"string"` @@ -7511,7 +10039,7 @@ type GenerateRandomOutput struct { _ struct{} `type:"structure"` // The random byte string. When you use the HTTP API or the AWS CLI, the value - // is Base64-encdoded. Otherwise, it is not encoded. + // is Base64-encoded. Otherwise, it is not Base64-encoded. // // Plaintext is automatically base64 encoded/decoded by the SDK. Plaintext []byte `min:"1" type:"blob" sensitive:"true"` @@ -7703,8 +10231,8 @@ func (s *GetKeyRotationStatusOutput) SetKeyRotationEnabled(v bool) *GetKeyRotati type GetParametersForImportInput struct { _ struct{} `type:"structure"` - // The identifier of the CMK into which you will import key material. The CMK's - // Origin must be EXTERNAL. + // The identifier of the symmetric CMK into which you will import key material. + // The Origin of the CMK must be EXTERNAL. // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -7721,7 +10249,7 @@ type GetParametersForImportInput struct { // The algorithm you will use to encrypt the key material before importing it // with ImportKeyMaterial. For more information, see Encrypt the Key Material - // (http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html) + // (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html) // in the AWS Key Management Service Developer Guide. // // WrappingAlgorithm is a required field @@ -7842,33 +10370,209 @@ func (s *GetParametersForImportOutput) SetPublicKey(v []byte) *GetParametersForI return s } -// A structure that you can use to allow certain operations in the grant only -// when the desired encryption context is present. For more information about -// encryption context, see Encryption Context (http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html) -// in the AWS Key Management Service Developer Guide. +type GetPublicKeyInput struct { + _ struct{} `type:"structure"` + + // A list of grant tokens. + // + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // in the AWS Key Management Service Developer Guide. + GrantTokens []*string `type:"list"` + + // Identifies the asymmetric CMK that includes the public key. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". To specify + // a CMK in a different AWS account, you must use the key ARN or alias ARN. + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + // + // KeyId is a required field + KeyId *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetPublicKeyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetPublicKeyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetPublicKeyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetPublicKeyInput"} + if s.KeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KeyId")) + } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGrantTokens sets the GrantTokens field's value. +func (s *GetPublicKeyInput) SetGrantTokens(v []*string) *GetPublicKeyInput { + s.GrantTokens = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *GetPublicKeyInput) SetKeyId(v string) *GetPublicKeyInput { + s.KeyId = &v + return s +} + +type GetPublicKeyOutput struct { + _ struct{} `type:"structure"` + + // The type of the of the public key that was downloaded. + CustomerMasterKeySpec *string `type:"string" enum:"CustomerMasterKeySpec"` + + // The encryption algorithms that AWS KMS supports for this key. + // + // This information is critical. If a public key encrypts data outside of AWS + // KMS by using an unsupported encryption algorithm, the ciphertext cannot be + // decrypted. + // + // This field appears in the response only when the KeyUsage of the public key + // is ENCRYPT_DECRYPT. + EncryptionAlgorithms []*string `type:"list"` + + // The identifier of the asymmetric CMK from which the public key was downloaded. + KeyId *string `min:"1" type:"string"` + + // The permitted use of the public key. Valid values are ENCRYPT_DECRYPT or + // SIGN_VERIFY. + // + // This information is critical. If a public key with SIGN_VERIFY key usage + // encrypts data outside of AWS KMS, the ciphertext cannot be decrypted. + KeyUsage *string `type:"string" enum:"KeyUsageType"` + + // The exported public key. + // + // This value is returned as a binary Distinguished Encoding Rules (https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf) + // (DER)-encoded object. To decode it, use an ASN.1 parsing tool, such as OpenSSL + // asn1parse (https://www.openssl.org/docs/man1.0.2/man1/asn1parse.html). + // + // PublicKey is automatically base64 encoded/decoded by the SDK. + PublicKey []byte `min:"1" type:"blob"` + + // The signing algorithms that AWS KMS supports for this key. + // + // This field appears in the response only when the KeyUsage of the public key + // is SIGN_VERIFY. + SigningAlgorithms []*string `type:"list"` +} + +// String returns the string representation +func (s GetPublicKeyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetPublicKeyOutput) GoString() string { + return s.String() +} + +// SetCustomerMasterKeySpec sets the CustomerMasterKeySpec field's value. +func (s *GetPublicKeyOutput) SetCustomerMasterKeySpec(v string) *GetPublicKeyOutput { + s.CustomerMasterKeySpec = &v + return s +} + +// SetEncryptionAlgorithms sets the EncryptionAlgorithms field's value. +func (s *GetPublicKeyOutput) SetEncryptionAlgorithms(v []*string) *GetPublicKeyOutput { + s.EncryptionAlgorithms = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *GetPublicKeyOutput) SetKeyId(v string) *GetPublicKeyOutput { + s.KeyId = &v + return s +} + +// SetKeyUsage sets the KeyUsage field's value. +func (s *GetPublicKeyOutput) SetKeyUsage(v string) *GetPublicKeyOutput { + s.KeyUsage = &v + return s +} + +// SetPublicKey sets the PublicKey field's value. +func (s *GetPublicKeyOutput) SetPublicKey(v []byte) *GetPublicKeyOutput { + s.PublicKey = v + return s +} + +// SetSigningAlgorithms sets the SigningAlgorithms field's value. +func (s *GetPublicKeyOutput) SetSigningAlgorithms(v []*string) *GetPublicKeyOutput { + s.SigningAlgorithms = v + return s +} + +// Use this structure to allow cryptographic operations in the grant only when +// the operation request includes the specified encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context). // -// Grant constraints apply only to operations that accept encryption context -// as input. For example, the DescribeKey operation does not accept encryption -// context as input. A grant that allows the DescribeKey operation does so regardless -// of the grant constraints. In constrast, the Encrypt operation accepts encryption -// context as input. A grant that allows the Encrypt operation does so only -// when the encryption context of the Encrypt operation satisfies the grant -// constraints. +// AWS KMS applies the grant constraints only when the grant allows a cryptographic +// operation that accepts an encryption context as input, such as the following. +// +// * Encrypt +// +// * Decrypt +// +// * GenerateDataKey +// +// * GenerateDataKeyWithoutPlaintext +// +// * ReEncrypt +// +// AWS KMS does not apply the grant constraints to other operations, such as +// DescribeKey or ScheduleKeyDeletion. +// +// In a cryptographic operation, the encryption context in the decryption operation +// must be an exact, case-sensitive match for the keys and values in the encryption +// context of the encryption operation. Only the order of the pairs can vary. +// +// However, in a grant constraint, the key in each key-value pair is not case +// sensitive, but the value is case sensitive. +// +// To avoid confusion, do not use multiple encryption context pairs that differ +// only by case. To require a fully case-sensitive encryption context, use the +// kms:EncryptionContext: and kms:EncryptionContextKeys conditions in an IAM +// or key policy. For details, see kms:EncryptionContext: (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-context) +// in the AWS Key Management Service Developer Guide . type GrantConstraints struct { _ struct{} `type:"structure"` - // A list of key-value pairs that must be present in the encryption context - // of certain subsequent operations that the grant allows. When certain subsequent - // operations allowed by the grant include encryption context that matches this - // list, the grant allows the operation. Otherwise, the grant does not allow - // the operation. + // A list of key-value pairs that must match the encryption context in the cryptographic + // operation request. The grant allows the operation only when the encryption + // context in the request is the same as the encryption context specified in + // this constraint. EncryptionContextEquals map[string]*string `type:"map"` - // A list of key-value pairs, all of which must be present in the encryption - // context of certain subsequent operations that the grant allows. When certain - // subsequent operations allowed by the grant include encryption context that - // matches this list or is a superset of this list, the grant allows the operation. - // Otherwise, the grant does not allow the operation. + // A list of key-value pairs that must be included in the encryption context + // of the cryptographic operation request. The grant allows the cryptographic + // operation only when the encryption context in the request includes the key-value + // pairs specified in this constraint, although it can include additional key-value + // pairs. EncryptionContextSubset map[string]*string `type:"map"` } @@ -7996,9 +10700,10 @@ func (s *GrantListEntry) SetRetiringPrincipal(v string) *GrantListEntry { type ImportKeyMaterialInput struct { _ struct{} `type:"structure"` - // The encrypted key material to import. It must be encrypted with the public - // key that you received in the response to a previous GetParametersForImport - // request, using the wrapping algorithm that you specified in that request. + // The encrypted key material to import. The key material must be encrypted + // with the public wrapping key that GetParametersForImport returned, using + // the wrapping algorithm that you specified in the same GetParametersForImport + // request. // // EncryptedKeyMaterial is automatically base64 encoded/decoded by the SDK. // @@ -8019,8 +10724,9 @@ type ImportKeyMaterialInput struct { // ImportToken is a required field ImportToken []byte `min:"1" type:"blob" required:"true"` - // The identifier of the CMK to import the key material into. The CMK's Origin - // must be EXTERNAL. + // The identifier of the symmetric CMK that receives the imported key material. + // The CMK's Origin must be EXTERNAL. This must be the same CMK specified in + // the KeyID parameter of the corresponding GetParametersForImport request. // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -8124,6 +10830,828 @@ func (s ImportKeyMaterialOutput) GoString() string { return s.String() } +// The request was rejected because the specified CMK cannot decrypt the data. +// The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request +// must identify the same CMK that was used to encrypt the ciphertext. +type IncorrectKeyException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s IncorrectKeyException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IncorrectKeyException) GoString() string { + return s.String() +} + +func newErrorIncorrectKeyException(v protocol.ResponseMetadata) error { + return &IncorrectKeyException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s IncorrectKeyException) Code() string { + return "IncorrectKeyException" +} + +// Message returns the exception's message. +func (s IncorrectKeyException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s IncorrectKeyException) OrigErr() error { + return nil +} + +func (s IncorrectKeyException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s IncorrectKeyException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s IncorrectKeyException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the key material in the request is, expired, +// invalid, or is not the same key material that was previously imported into +// this customer master key (CMK). +type IncorrectKeyMaterialException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s IncorrectKeyMaterialException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IncorrectKeyMaterialException) GoString() string { + return s.String() +} + +func newErrorIncorrectKeyMaterialException(v protocol.ResponseMetadata) error { + return &IncorrectKeyMaterialException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s IncorrectKeyMaterialException) Code() string { + return "IncorrectKeyMaterialException" +} + +// Message returns the exception's message. +func (s IncorrectKeyMaterialException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s IncorrectKeyMaterialException) OrigErr() error { + return nil +} + +func (s IncorrectKeyMaterialException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s IncorrectKeyMaterialException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s IncorrectKeyMaterialException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the trust anchor certificate in the request +// is not the trust anchor certificate for the specified AWS CloudHSM cluster. +// +// When you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), +// you create the trust anchor certificate and save it in the customerCA.crt +// file. +type IncorrectTrustAnchorException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s IncorrectTrustAnchorException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IncorrectTrustAnchorException) GoString() string { + return s.String() +} + +func newErrorIncorrectTrustAnchorException(v protocol.ResponseMetadata) error { + return &IncorrectTrustAnchorException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s IncorrectTrustAnchorException) Code() string { + return "IncorrectTrustAnchorException" +} + +// Message returns the exception's message. +func (s IncorrectTrustAnchorException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s IncorrectTrustAnchorException) OrigErr() error { + return nil +} + +func (s IncorrectTrustAnchorException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s IncorrectTrustAnchorException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s IncorrectTrustAnchorException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because an internal exception occurred. The request +// can be retried. +type InternalException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InternalException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InternalException) GoString() string { + return s.String() +} + +func newErrorInternalException(v protocol.ResponseMetadata) error { + return &InternalException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InternalException) Code() string { + return "KMSInternalException" +} + +// Message returns the exception's message. +func (s InternalException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InternalException) OrigErr() error { + return nil +} + +func (s InternalException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InternalException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InternalException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified alias name is not valid. +type InvalidAliasNameException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidAliasNameException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidAliasNameException) GoString() string { + return s.String() +} + +func newErrorInvalidAliasNameException(v protocol.ResponseMetadata) error { + return &InvalidAliasNameException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidAliasNameException) Code() string { + return "InvalidAliasNameException" +} + +// Message returns the exception's message. +func (s InvalidAliasNameException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidAliasNameException) OrigErr() error { + return nil +} + +func (s InvalidAliasNameException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidAliasNameException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidAliasNameException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because a specified ARN, or an ARN in a key policy, +// is not valid. +type InvalidArnException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidArnException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidArnException) GoString() string { + return s.String() +} + +func newErrorInvalidArnException(v protocol.ResponseMetadata) error { + return &InvalidArnException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidArnException) Code() string { + return "InvalidArnException" +} + +// Message returns the exception's message. +func (s InvalidArnException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidArnException) OrigErr() error { + return nil +} + +func (s InvalidArnException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidArnException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidArnException) RequestID() string { + return s.respMetadata.RequestID +} + +// From the Decrypt or ReEncrypt operation, the request was rejected because +// the specified ciphertext, or additional authenticated data incorporated into +// the ciphertext, such as the encryption context, is corrupted, missing, or +// otherwise invalid. +// +// From the ImportKeyMaterial operation, the request was rejected because AWS +// KMS could not decrypt the encrypted (wrapped) key material. +type InvalidCiphertextException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidCiphertextException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidCiphertextException) GoString() string { + return s.String() +} + +func newErrorInvalidCiphertextException(v protocol.ResponseMetadata) error { + return &InvalidCiphertextException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidCiphertextException) Code() string { + return "InvalidCiphertextException" +} + +// Message returns the exception's message. +func (s InvalidCiphertextException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidCiphertextException) OrigErr() error { + return nil +} + +func (s InvalidCiphertextException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidCiphertextException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidCiphertextException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified GrantId is not valid. +type InvalidGrantIdException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidGrantIdException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidGrantIdException) GoString() string { + return s.String() +} + +func newErrorInvalidGrantIdException(v protocol.ResponseMetadata) error { + return &InvalidGrantIdException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidGrantIdException) Code() string { + return "InvalidGrantIdException" +} + +// Message returns the exception's message. +func (s InvalidGrantIdException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidGrantIdException) OrigErr() error { + return nil +} + +func (s InvalidGrantIdException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidGrantIdException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidGrantIdException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified grant token is not valid. +type InvalidGrantTokenException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidGrantTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidGrantTokenException) GoString() string { + return s.String() +} + +func newErrorInvalidGrantTokenException(v protocol.ResponseMetadata) error { + return &InvalidGrantTokenException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidGrantTokenException) Code() string { + return "InvalidGrantTokenException" +} + +// Message returns the exception's message. +func (s InvalidGrantTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidGrantTokenException) OrigErr() error { + return nil +} + +func (s InvalidGrantTokenException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidGrantTokenException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidGrantTokenException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the provided import token is invalid or +// is associated with a different customer master key (CMK). +type InvalidImportTokenException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidImportTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidImportTokenException) GoString() string { + return s.String() +} + +func newErrorInvalidImportTokenException(v protocol.ResponseMetadata) error { + return &InvalidImportTokenException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidImportTokenException) Code() string { + return "InvalidImportTokenException" +} + +// Message returns the exception's message. +func (s InvalidImportTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidImportTokenException) OrigErr() error { + return nil +} + +func (s InvalidImportTokenException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidImportTokenException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidImportTokenException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected for one of the following reasons: +// +// * The KeyUsage value of the CMK is incompatible with the API operation. +// +// * The encryption algorithm or signing algorithm specified for the operation +// is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). +// +// For encrypting, decrypting, re-encrypting, and generating data keys, the +// KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage +// must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. +// +// To find the encryption or signing algorithms supported for a particular CMK, +// use the DescribeKey operation. +type InvalidKeyUsageException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidKeyUsageException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidKeyUsageException) GoString() string { + return s.String() +} + +func newErrorInvalidKeyUsageException(v protocol.ResponseMetadata) error { + return &InvalidKeyUsageException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidKeyUsageException) Code() string { + return "InvalidKeyUsageException" +} + +// Message returns the exception's message. +func (s InvalidKeyUsageException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidKeyUsageException) OrigErr() error { + return nil +} + +func (s InvalidKeyUsageException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidKeyUsageException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidKeyUsageException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the marker that specifies where pagination +// should next begin is not valid. +type InvalidMarkerException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidMarkerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidMarkerException) GoString() string { + return s.String() +} + +func newErrorInvalidMarkerException(v protocol.ResponseMetadata) error { + return &InvalidMarkerException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidMarkerException) Code() string { + return "InvalidMarkerException" +} + +// Message returns the exception's message. +func (s InvalidMarkerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidMarkerException) OrigErr() error { + return nil +} + +func (s InvalidMarkerException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidMarkerException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidMarkerException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the state of the specified resource is not +// valid for this request. +// +// For more information about how key state affects the use of a CMK, see How +// Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) +// in the AWS Key Management Service Developer Guide . +type InvalidStateException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s InvalidStateException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InvalidStateException) GoString() string { + return s.String() +} + +func newErrorInvalidStateException(v protocol.ResponseMetadata) error { + return &InvalidStateException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s InvalidStateException) Code() string { + return "KMSInvalidStateException" +} + +// Message returns the exception's message. +func (s InvalidStateException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s InvalidStateException) OrigErr() error { + return nil +} + +func (s InvalidStateException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s InvalidStateException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s InvalidStateException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the signature verification failed. Signature +// verification fails when it cannot confirm that signature was produced by +// signing the specified message with the specified CMK and signing algorithm. +type KMSInvalidSignatureException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s KMSInvalidSignatureException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s KMSInvalidSignatureException) GoString() string { + return s.String() +} + +func newErrorKMSInvalidSignatureException(v protocol.ResponseMetadata) error { + return &KMSInvalidSignatureException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s KMSInvalidSignatureException) Code() string { + return "KMSInvalidSignatureException" +} + +// Message returns the exception's message. +func (s KMSInvalidSignatureException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s KMSInvalidSignatureException) OrigErr() error { + return nil +} + +func (s KMSInvalidSignatureException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s KMSInvalidSignatureException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s KMSInvalidSignatureException) RequestID() string { + return s.respMetadata.RequestID +} + // Contains information about each entry in the key list. type KeyListEntry struct { _ struct{} `type:"structure"` @@ -8168,12 +11696,12 @@ type KeyMetadata struct { AWSAccountId *string `type:"string"` // The Amazon Resource Name (ARN) of the CMK. For examples, see AWS Key Management - // Service (AWS KMS) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms) + // Service (AWS KMS) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms) // in the Example ARNs section of the AWS General Reference. Arn *string `min:"20" type:"string"` // The cluster ID of the AWS CloudHSM cluster that contains the key material - // for the CMK. When you create a CMK in a custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html), + // for the CMK. When you create a CMK in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html), // AWS KMS creates the key material for the CMK in the associated AWS CloudHSM // cluster. This value is present only when the CMK is created in a custom key // store. @@ -8182,11 +11710,14 @@ type KeyMetadata struct { // The date and time when the CMK was created. CreationDate *time.Time `type:"timestamp"` - // A unique identifier for the custom key store (http://docs.aws.amazon.com/kms/latest/developerguide/key-store-overview.html) + // A unique identifier for the custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html) // that contains the CMK. This value is present only when the CMK is created // in a custom key store. CustomKeyStoreId *string `min:"1" type:"string"` + // Describes the type of key material in the CMK. + CustomerMasterKeySpec *string `type:"string" enum:"CustomerMasterKeySpec"` + // The date and time after which AWS KMS deletes the CMK. This value is present // only when KeyState is PendingDeletion. DeletionDate *time.Time `type:"timestamp"` @@ -8198,6 +11729,12 @@ type KeyMetadata struct { // is true, otherwise it is false. Enabled *bool `type:"boolean"` + // A list of encryption algorithms that the CMK supports. You cannot use the + // CMK with other encryption algorithms within AWS KMS. + // + // This field appears only when the KeyUsage of the CMK is ENCRYPT_DECRYPT. + EncryptionAlgorithms []*string `type:"list"` + // Specifies whether the CMK's key material expires. This value is present only // when Origin is EXTERNAL, otherwise this value is omitted. ExpirationModel *string `type:"string" enum:"ExpirationModelType"` @@ -8207,21 +11744,20 @@ type KeyMetadata struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // The CMK's manager. CMKs are either customer-managed or AWS-managed. For more - // information about the difference, see Customer Master Keys (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) + // The manager of the CMK. CMKs in your AWS account are either customer managed + // or AWS managed. For more information about the difference, see Customer Master + // Keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) // in the AWS Key Management Service Developer Guide. KeyManager *string `type:"string" enum:"KeyManagerType"` // The state of the CMK. // // For more information about how key state affects the use of a CMK, see How - // Key State Affects the Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) + // Key State Affects the Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the AWS Key Management Service Developer Guide. KeyState *string `type:"string" enum:"KeyState"` - // The cryptographic operations for which you can use the CMK. Currently the - // only allowed value is ENCRYPT_DECRYPT, which means you can use the CMK for - // the Encrypt and Decrypt operations. + // The cryptographic operations for which you can use the CMK. KeyUsage *string `type:"string" enum:"KeyUsageType"` // The source of the CMK's key material. When this value is AWS_KMS, AWS KMS @@ -8231,6 +11767,12 @@ type KeyMetadata struct { // in the AWS CloudHSM cluster associated with a custom key store. Origin *string `type:"string" enum:"OriginType"` + // A list of signing algorithms that the CMK supports. You cannot use the CMK + // with other signing algorithms within AWS KMS. + // + // This field appears only when the KeyUsage of the CMK is SIGN_VERIFY. + SigningAlgorithms []*string `type:"list"` + // The time at which the imported key material expires. When the key material // expires, AWS KMS deletes the key material and the CMK becomes unusable. This // value is present only for CMKs whose Origin is EXTERNAL and whose ExpirationModel @@ -8278,6 +11820,12 @@ func (s *KeyMetadata) SetCustomKeyStoreId(v string) *KeyMetadata { return s } +// SetCustomerMasterKeySpec sets the CustomerMasterKeySpec field's value. +func (s *KeyMetadata) SetCustomerMasterKeySpec(v string) *KeyMetadata { + s.CustomerMasterKeySpec = &v + return s +} + // SetDeletionDate sets the DeletionDate field's value. func (s *KeyMetadata) SetDeletionDate(v time.Time) *KeyMetadata { s.DeletionDate = &v @@ -8296,6 +11844,12 @@ func (s *KeyMetadata) SetEnabled(v bool) *KeyMetadata { return s } +// SetEncryptionAlgorithms sets the EncryptionAlgorithms field's value. +func (s *KeyMetadata) SetEncryptionAlgorithms(v []*string) *KeyMetadata { + s.EncryptionAlgorithms = v + return s +} + // SetExpirationModel sets the ExpirationModel field's value. func (s *KeyMetadata) SetExpirationModel(v string) *KeyMetadata { s.ExpirationModel = &v @@ -8332,12 +11886,133 @@ func (s *KeyMetadata) SetOrigin(v string) *KeyMetadata { return s } +// SetSigningAlgorithms sets the SigningAlgorithms field's value. +func (s *KeyMetadata) SetSigningAlgorithms(v []*string) *KeyMetadata { + s.SigningAlgorithms = v + return s +} + // SetValidTo sets the ValidTo field's value. func (s *KeyMetadata) SetValidTo(v time.Time) *KeyMetadata { s.ValidTo = &v return s } +// The request was rejected because the specified CMK was not available. You +// can retry the request. +type KeyUnavailableException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s KeyUnavailableException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s KeyUnavailableException) GoString() string { + return s.String() +} + +func newErrorKeyUnavailableException(v protocol.ResponseMetadata) error { + return &KeyUnavailableException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s KeyUnavailableException) Code() string { + return "KeyUnavailableException" +} + +// Message returns the exception's message. +func (s KeyUnavailableException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s KeyUnavailableException) OrigErr() error { + return nil +} + +func (s KeyUnavailableException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s KeyUnavailableException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s KeyUnavailableException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because a limit was exceeded. For more information, +// see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) +// in the AWS Key Management Service Developer Guide. +type LimitExceededException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s LimitExceededException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s LimitExceededException) GoString() string { + return s.String() +} + +func newErrorLimitExceededException(v protocol.ResponseMetadata) error { + return &LimitExceededException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s LimitExceededException) Code() string { + return "LimitExceededException" +} + +// Message returns the exception's message. +func (s LimitExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s LimitExceededException) OrigErr() error { + return nil +} + +func (s LimitExceededException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s LimitExceededException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s LimitExceededException) RequestID() string { + return s.respMetadata.RequestID +} + type ListAliasesInput struct { _ struct{} `type:"structure"` @@ -8422,7 +12097,7 @@ type ListAliasesOutput struct { // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -8550,7 +12225,7 @@ type ListGrantsResponse struct { // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -8608,7 +12283,7 @@ type ListKeyPoliciesInput struct { // This value is optional. If you include a value, it must be between 1 and // 1000, inclusive. If you do not include a value, it defaults to 100. // - // Currently only 1 policy can be attached to a key. + // Only one policy can be attached to a key. Limit *int64 `min:"1" type:"integer"` // Use this parameter in a subsequent request after you receive a response with @@ -8674,13 +12349,12 @@ type ListKeyPoliciesOutput struct { // use for the Marker parameter in a subsequent request. NextMarker *string `min:"1" type:"string"` - // A list of key policy names. Currently, there is only one key policy per CMK - // and it is always named default. + // A list of key policy names. The only valid value is default. PolicyNames []*string `type:"list"` // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -8780,7 +12454,7 @@ type ListKeysOutput struct { // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -8912,7 +12586,7 @@ type ListResourceTagsOutput struct { // A flag that indicates whether there are more items in the list. When this // value is true, the list in this response is truncated. To get more items, - // pass the value of the NextMarker element in this response to the Marker parameter + // pass the value of the NextMarker element in thisresponse to the Marker parameter // in a subsequent request. Truncated *bool `type:"boolean"` } @@ -8963,11 +12637,11 @@ type ListRetirableGrantsInput struct { // The retiring principal for which to list grants. // - // To specify the retiring principal, use the Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // To specify the retiring principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // of an AWS principal. Valid AWS principals include AWS accounts (root), IAM // users, federated users, and assumed role users. For examples of the ARN syntax // for specifying a principal, see AWS Identity and Access Management (IAM) - // (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) // in the Example ARNs section of the Amazon Web Services General Reference. // // RetiringPrincipal is a required field @@ -9024,6 +12698,120 @@ func (s *ListRetirableGrantsInput) SetRetiringPrincipal(v string) *ListRetirable return s } +// The request was rejected because the specified policy is not syntactically +// or semantically correct. +type MalformedPolicyDocumentException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s MalformedPolicyDocumentException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s MalformedPolicyDocumentException) GoString() string { + return s.String() +} + +func newErrorMalformedPolicyDocumentException(v protocol.ResponseMetadata) error { + return &MalformedPolicyDocumentException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s MalformedPolicyDocumentException) Code() string { + return "MalformedPolicyDocumentException" +} + +// Message returns the exception's message. +func (s MalformedPolicyDocumentException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s MalformedPolicyDocumentException) OrigErr() error { + return nil +} + +func (s MalformedPolicyDocumentException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s MalformedPolicyDocumentException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s MalformedPolicyDocumentException) RequestID() string { + return s.respMetadata.RequestID +} + +// The request was rejected because the specified entity or resource could not +// be found. +type NotFoundException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s NotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s NotFoundException) GoString() string { + return s.String() +} + +func newErrorNotFoundException(v protocol.ResponseMetadata) error { + return &NotFoundException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s NotFoundException) Code() string { + return "NotFoundException" +} + +// Message returns the exception's message. +func (s NotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s NotFoundException) OrigErr() error { + return nil +} + +func (s NotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s NotFoundException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s NotFoundException) RequestID() string { + return s.respMetadata.RequestID +} + type PutKeyPolicyInput struct { _ struct{} `type:"structure"` @@ -9032,7 +12820,7 @@ type PutKeyPolicyInput struct { // Setting this value to true increases the risk that the CMK becomes unmanageable. // Do not set this value to true indiscriminately. // - // For more information, refer to the scenario in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) + // For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) // section in the AWS Key Management Service Developer Guide. // // Use this parameter only when you intend to prevent the principal that is @@ -9064,7 +12852,7 @@ type PutKeyPolicyInput struct { // must allow the principal that is making the PutKeyPolicy request to make // a subsequent PutKeyPolicy request on the CMK. This reduces the risk that // the CMK becomes unmanageable. For more information, refer to the scenario - // in the Default Key Policy (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) + // in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) // section of the AWS Key Management Service Developer Guide. // // * Each statement in the key policy must contain one or more principals. @@ -9073,7 +12861,7 @@ type PutKeyPolicyInput struct { // you might need to enforce a delay before including the new principal in // a key policy because the new principal might not be immediately visible // to AWS KMS. For more information, see Changes that I make are not always - // immediately visible (http://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + // immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) // in the AWS Identity and Access Management User Guide. // // The key policy size limit is 32 kilobytes (32768 bytes). @@ -9173,10 +12961,33 @@ type ReEncryptInput struct { // CiphertextBlob is a required field CiphertextBlob []byte `min:"1" type:"blob" required:"true"` - // Encryption context to use when the data is reencrypted. + // Specifies the encryption algorithm that AWS KMS will use to reecrypt the + // data after it has decrypted it. The default value, SYMMETRIC_DEFAULT, represents + // the encryption algorithm used for symmetric CMKs. + // + // This parameter is required only when the destination CMK is an asymmetric + // CMK. + DestinationEncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + + // Specifies that encryption context to use when the reencrypting the data. + // + // A destination encryption context is valid only when the destination CMK is + // a symmetric CMK. The standard ciphertext format for asymmetric CMKs does + // not include fields for metadata. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. DestinationEncryptionContext map[string]*string `type:"map"` - // A unique identifier for the CMK that is used to reencrypt the data. + // A unique identifier for the CMK that is used to reencrypt the data. Specify + // a symmetric or asymmetric CMK with a KeyUsage value of ENCRYPT_DECRYPT. To + // find the KeyUsage value of a CMK, use the DescribeKey operation. // // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, // or alias ARN. When using an alias name, prefix it with "alias/". To specify @@ -9200,13 +13011,62 @@ type ReEncryptInput struct { // A list of grant tokens. // - // For more information, see Grant Tokens (http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) // in the AWS Key Management Service Developer Guide. GrantTokens []*string `type:"list"` - // Encryption context used to encrypt and decrypt the data specified in the - // CiphertextBlob parameter. + // Specifies the encryption algorithm that AWS KMS will use to decrypt the ciphertext + // before it is reencrypted. The default value, SYMMETRIC_DEFAULT, represents + // the algorithm used for symmetric CMKs. + // + // Specify the same algorithm that was used to encrypt the ciphertext. If you + // specify a different algorithm, the decrypt attempt fails. + // + // This parameter is required only when the ciphertext was encrypted under an + // asymmetric CMK. + SourceEncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + + // Specifies the encryption context to use to decrypt the ciphertext. Enter + // the same encryption context that was used to encrypt the ciphertext. + // + // An encryption context is a collection of non-secret key-value pairs that + // represents additional authenticated data. When you use an encryption context + // to encrypt data, you must specify the same (an exact case-sensitive match) + // encryption context to decrypt the data. An encryption context is optional + // when encrypting with a symmetric CMK, but it is highly recommended. + // + // For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) + // in the AWS Key Management Service Developer Guide. SourceEncryptionContext map[string]*string `type:"map"` + + // A unique identifier for the CMK that is used to decrypt the ciphertext before + // it reencrypts it using the destination CMK. + // + // This parameter is required only when the ciphertext was encrypted under an + // asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the + // ciphertext blob to determine which CMK was used to encrypt the ciphertext. + // However, you can use this parameter to ensure that a particular CMK (of any + // kind) is used to decrypt the ciphertext before it is reencrypted. + // + // If you specify a KeyId value, the decrypt part of the ReEncrypt operation + // succeeds only if the specified CMK was used to encrypt the ciphertext. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + SourceKeyId *string `min:"1" type:"string"` } // String returns the string representation @@ -9234,6 +13094,9 @@ func (s *ReEncryptInput) Validate() error { if s.DestinationKeyId != nil && len(*s.DestinationKeyId) < 1 { invalidParams.Add(request.NewErrParamMinLen("DestinationKeyId", 1)) } + if s.SourceKeyId != nil && len(*s.SourceKeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SourceKeyId", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -9247,6 +13110,12 @@ func (s *ReEncryptInput) SetCiphertextBlob(v []byte) *ReEncryptInput { return s } +// SetDestinationEncryptionAlgorithm sets the DestinationEncryptionAlgorithm field's value. +func (s *ReEncryptInput) SetDestinationEncryptionAlgorithm(v string) *ReEncryptInput { + s.DestinationEncryptionAlgorithm = &v + return s +} + // SetDestinationEncryptionContext sets the DestinationEncryptionContext field's value. func (s *ReEncryptInput) SetDestinationEncryptionContext(v map[string]*string) *ReEncryptInput { s.DestinationEncryptionContext = v @@ -9265,24 +13134,43 @@ func (s *ReEncryptInput) SetGrantTokens(v []*string) *ReEncryptInput { return s } +// SetSourceEncryptionAlgorithm sets the SourceEncryptionAlgorithm field's value. +func (s *ReEncryptInput) SetSourceEncryptionAlgorithm(v string) *ReEncryptInput { + s.SourceEncryptionAlgorithm = &v + return s +} + // SetSourceEncryptionContext sets the SourceEncryptionContext field's value. func (s *ReEncryptInput) SetSourceEncryptionContext(v map[string]*string) *ReEncryptInput { s.SourceEncryptionContext = v return s } +// SetSourceKeyId sets the SourceKeyId field's value. +func (s *ReEncryptInput) SetSourceKeyId(v string) *ReEncryptInput { + s.SourceKeyId = &v + return s +} + type ReEncryptOutput struct { _ struct{} `type:"structure"` // The reencrypted data. When you use the HTTP API or the AWS CLI, the value - // is Base64-encdoded. Otherwise, it is not encoded. + // is Base64-encoded. Otherwise, it is not Base64-encoded. // // CiphertextBlob is automatically base64 encoded/decoded by the SDK. CiphertextBlob []byte `min:"1" type:"blob"` + // The encryption algorithm that was used to reencrypt the data. + DestinationEncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + // Unique identifier of the CMK used to reencrypt the data. KeyId *string `min:"1" type:"string"` + // The encryption algorithm that was used to decrypt the ciphertext before it + // was reencrypted. + SourceEncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"` + // Unique identifier of the CMK used to originally encrypt the data. SourceKeyId *string `min:"1" type:"string"` } @@ -9303,12 +13191,24 @@ func (s *ReEncryptOutput) SetCiphertextBlob(v []byte) *ReEncryptOutput { return s } +// SetDestinationEncryptionAlgorithm sets the DestinationEncryptionAlgorithm field's value. +func (s *ReEncryptOutput) SetDestinationEncryptionAlgorithm(v string) *ReEncryptOutput { + s.DestinationEncryptionAlgorithm = &v + return s +} + // SetKeyId sets the KeyId field's value. func (s *ReEncryptOutput) SetKeyId(v string) *ReEncryptOutput { s.KeyId = &v return s } +// SetSourceEncryptionAlgorithm sets the SourceEncryptionAlgorithm field's value. +func (s *ReEncryptOutput) SetSourceEncryptionAlgorithm(v string) *ReEncryptOutput { + s.SourceEncryptionAlgorithm = &v + return s +} + // SetSourceKeyId sets the SourceKeyId field's value. func (s *ReEncryptOutput) SetSourceKeyId(v string) *ReEncryptOutput { s.SourceKeyId = &v @@ -9577,11 +13477,178 @@ func (s *ScheduleKeyDeletionOutput) SetKeyId(v string) *ScheduleKeyDeletionOutpu return s } +type SignInput struct { + _ struct{} `type:"structure"` + + // A list of grant tokens. + // + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // in the AWS Key Management Service Developer Guide. + GrantTokens []*string `type:"list"` + + // Identifies an asymmetric CMK. AWS KMS uses the private key in the asymmetric + // CMK to sign the message. The KeyUsage type of the CMK must be SIGN_VERIFY. + // To find the KeyUsage of a CMK, use the DescribeKey operation. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". To specify + // a CMK in a different AWS account, you must use the key ARN or alias ARN. + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + // + // KeyId is a required field + KeyId *string `min:"1" type:"string" required:"true"` + + // Specifies the message or message digest to sign. Messages can be 0-4096 bytes. + // To sign a larger message, provide the message digest. + // + // If you provide a message, AWS KMS generates a hash digest of the message + // and then signs it. + // + // Message is automatically base64 encoded/decoded by the SDK. + // + // Message is a required field + Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` + + // Tells AWS KMS whether the value of the Message parameter is a message or + // message digest. To indicate a message, enter RAW. To indicate a message digest, + // enter DIGEST. + MessageType *string `type:"string" enum:"MessageType"` + + // Specifies the signing algorithm to use when signing the message. + // + // Choose an algorithm that is compatible with the type and size of the specified + // asymmetric CMK. + // + // SigningAlgorithm is a required field + SigningAlgorithm *string `type:"string" required:"true" enum:"SigningAlgorithmSpec"` +} + +// String returns the string representation +func (s SignInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SignInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SignInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SignInput"} + if s.KeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KeyId")) + } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } + if s.Message == nil { + invalidParams.Add(request.NewErrParamRequired("Message")) + } + if s.Message != nil && len(s.Message) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Message", 1)) + } + if s.SigningAlgorithm == nil { + invalidParams.Add(request.NewErrParamRequired("SigningAlgorithm")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGrantTokens sets the GrantTokens field's value. +func (s *SignInput) SetGrantTokens(v []*string) *SignInput { + s.GrantTokens = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *SignInput) SetKeyId(v string) *SignInput { + s.KeyId = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *SignInput) SetMessage(v []byte) *SignInput { + s.Message = v + return s +} + +// SetMessageType sets the MessageType field's value. +func (s *SignInput) SetMessageType(v string) *SignInput { + s.MessageType = &v + return s +} + +// SetSigningAlgorithm sets the SigningAlgorithm field's value. +func (s *SignInput) SetSigningAlgorithm(v string) *SignInput { + s.SigningAlgorithm = &v + return s +} + +type SignOutput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the asymmetric CMK that was used to sign + // the message. + KeyId *string `min:"1" type:"string"` + + // The cryptographic signature that was generated for the message. + // + // Signature is automatically base64 encoded/decoded by the SDK. + Signature []byte `min:"1" type:"blob"` + + // The signing algorithm that was used to sign the message. + SigningAlgorithm *string `type:"string" enum:"SigningAlgorithmSpec"` +} + +// String returns the string representation +func (s SignOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SignOutput) GoString() string { + return s.String() +} + +// SetKeyId sets the KeyId field's value. +func (s *SignOutput) SetKeyId(v string) *SignOutput { + s.KeyId = &v + return s +} + +// SetSignature sets the Signature field's value. +func (s *SignOutput) SetSignature(v []byte) *SignOutput { + s.Signature = v + return s +} + +// SetSigningAlgorithm sets the SigningAlgorithm field's value. +func (s *SignOutput) SetSigningAlgorithm(v string) *SignOutput { + s.SigningAlgorithm = &v + return s +} + // A key-value pair. A tag consists of a tag key and a tag value. Tag keys and // tag values are both required, but tag values can be empty (null) strings. // // For information about the rules that apply to tag keys and tag values, see -// User-Defined Tag Restrictions (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) +// User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) // in the AWS Billing and Cost Management User Guide. type Tag struct { _ struct{} `type:"structure"` @@ -9638,6 +13705,62 @@ func (s *Tag) SetTagValue(v string) *Tag { return s } +// The request was rejected because one or more tags are not valid. +type TagException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s TagException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TagException) GoString() string { + return s.String() +} + +func newErrorTagException(v protocol.ResponseMetadata) error { + return &TagException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s TagException) Code() string { + return "TagException" +} + +// Message returns the exception's message. +func (s TagException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s TagException) OrigErr() error { + return nil +} + +func (s TagException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s TagException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s TagException) RequestID() string { + return s.respMetadata.RequestID +} + type TagResourceInput struct { _ struct{} `type:"structure"` @@ -9727,6 +13850,63 @@ func (s TagResourceOutput) GoString() string { return s.String() } +// The request was rejected because a specified parameter is not supported or +// a specified resource is not valid for this operation. +type UnsupportedOperationException struct { + _ struct{} `type:"structure"` + respMetadata protocol.ResponseMetadata + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s UnsupportedOperationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UnsupportedOperationException) GoString() string { + return s.String() +} + +func newErrorUnsupportedOperationException(v protocol.ResponseMetadata) error { + return &UnsupportedOperationException{ + respMetadata: v, + } +} + +// Code returns the exception type name. +func (s UnsupportedOperationException) Code() string { + return "UnsupportedOperationException" +} + +// Message returns the exception's message. +func (s UnsupportedOperationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s UnsupportedOperationException) OrigErr() error { + return nil +} + +func (s UnsupportedOperationException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s UnsupportedOperationException) StatusCode() int { + return s.respMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s UnsupportedOperationException) RequestID() string { + return s.respMetadata.RequestID +} + type UntagResourceInput struct { _ struct{} `type:"structure"` @@ -9809,14 +13989,19 @@ func (s UntagResourceOutput) GoString() string { type UpdateAliasInput struct { _ struct{} `type:"structure"` - // String that contains the name of the alias to be modified. The name must - // start with the word "alias" followed by a forward slash (alias/). Aliases - // that begin with "alias/aws" are reserved. + // Identifies the alias that is changing its CMK. This value must begin with + // alias/ followed by the alias name, such as alias/ExampleAlias. You cannot + // use UpdateAlias to change the alias name. // // AliasName is a required field AliasName *string `min:"1" type:"string" required:"true"` - // Unique identifier of the customer master key to be mapped to the alias. + // Identifies the CMK to associate with the alias. When the update operation + // completes, the alias will point to this CMK. + // + // The CMK must be in the same AWS account and Region as the alias. Also, the + // new target CMK must be the same type as the current target CMK (both symmetric + // or both asymmetric) and they must have the same key usage. // // Specify the key ID or the Amazon Resource Name (ARN) of the CMK. // @@ -9898,12 +14083,12 @@ type UpdateCustomKeyStoreInput struct { // Associates the custom key store with a related AWS CloudHSM cluster. // // Enter the cluster ID of the cluster that you used to create the custom key - // store or a cluster that shares a backup history with the original cluster. - // You cannot use this parameter to associate a custom key store with a different - // cluster. - // - // Clusters that share a backup history have the same cluster certificate. To - // view the cluster certificate of a cluster, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) + // store or a cluster that shares a backup history and has the same cluster + // certificate as the original cluster. You cannot use this parameter to associate + // a custom key store with an unrelated cluster. In addition, the replacement + // cluster must fulfill the requirements (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) + // for a cluster associated with a custom key store. To view the cluster certificate + // of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. CloudHsmClusterId *string `min:"19" type:"string"` @@ -10079,6 +14264,192 @@ func (s UpdateKeyDescriptionOutput) GoString() string { return s.String() } +type VerifyInput struct { + _ struct{} `type:"structure"` + + // A list of grant tokens. + // + // For more information, see Grant Tokens (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) + // in the AWS Key Management Service Developer Guide. + GrantTokens []*string `type:"list"` + + // Identifies the asymmetric CMK that will be used to verify the signature. + // This must be the same CMK that was used to generate the signature. If you + // specify a different CMK, the signature verification fails. + // + // To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, + // or alias ARN. When using an alias name, prefix it with "alias/". To specify + // a CMK in a different AWS account, you must use the key ARN or alias ARN. + // + // For example: + // + // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + // + // * Alias name: alias/ExampleAlias + // + // * Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias + // + // To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To + // get the alias name and alias ARN, use ListAliases. + // + // KeyId is a required field + KeyId *string `min:"1" type:"string" required:"true"` + + // Specifies the message that was signed, or a hash digest of that message. + // Messages can be 0-4096 bytes. To verify a larger message, provide a hash + // digest of the message. + // + // If the digest of the message specified here is different from the message + // digest that was signed, the signature verification fails. + // + // Message is automatically base64 encoded/decoded by the SDK. + // + // Message is a required field + Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` + + // Tells AWS KMS whether the value of the Message parameter is a message or + // message digest. To indicate a message, enter RAW. To indicate a message digest, + // enter DIGEST. + MessageType *string `type:"string" enum:"MessageType"` + + // The signature that the Sign operation generated. + // + // Signature is automatically base64 encoded/decoded by the SDK. + // + // Signature is a required field + Signature []byte `min:"1" type:"blob" required:"true"` + + // The signing algorithm that was used to sign the message. If you submit a + // different algorithm, the signature verification fails. + // + // SigningAlgorithm is a required field + SigningAlgorithm *string `type:"string" required:"true" enum:"SigningAlgorithmSpec"` +} + +// String returns the string representation +func (s VerifyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VerifyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *VerifyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "VerifyInput"} + if s.KeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KeyId")) + } + if s.KeyId != nil && len(*s.KeyId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) + } + if s.Message == nil { + invalidParams.Add(request.NewErrParamRequired("Message")) + } + if s.Message != nil && len(s.Message) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Message", 1)) + } + if s.Signature == nil { + invalidParams.Add(request.NewErrParamRequired("Signature")) + } + if s.Signature != nil && len(s.Signature) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Signature", 1)) + } + if s.SigningAlgorithm == nil { + invalidParams.Add(request.NewErrParamRequired("SigningAlgorithm")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGrantTokens sets the GrantTokens field's value. +func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput { + s.GrantTokens = v + return s +} + +// SetKeyId sets the KeyId field's value. +func (s *VerifyInput) SetKeyId(v string) *VerifyInput { + s.KeyId = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *VerifyInput) SetMessage(v []byte) *VerifyInput { + s.Message = v + return s +} + +// SetMessageType sets the MessageType field's value. +func (s *VerifyInput) SetMessageType(v string) *VerifyInput { + s.MessageType = &v + return s +} + +// SetSignature sets the Signature field's value. +func (s *VerifyInput) SetSignature(v []byte) *VerifyInput { + s.Signature = v + return s +} + +// SetSigningAlgorithm sets the SigningAlgorithm field's value. +func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput { + s.SigningAlgorithm = &v + return s +} + +type VerifyOutput struct { + _ struct{} `type:"structure"` + + // The unique identifier for the asymmetric CMK that was used to verify the + // signature. + KeyId *string `min:"1" type:"string"` + + // A Boolean value that indicates whether the signature was verified. A value + // of True indicates that the Signature was produced by signing the Message + // with the specified KeyID and SigningAlgorithm. If the signature is not verified, + // the Verify operation fails with a KMSInvalidSignatureException exception. + SignatureValid *bool `type:"boolean"` + + // The signing algorithm that was used to verify the signature. + SigningAlgorithm *string `type:"string" enum:"SigningAlgorithmSpec"` +} + +// String returns the string representation +func (s VerifyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s VerifyOutput) GoString() string { + return s.String() +} + +// SetKeyId sets the KeyId field's value. +func (s *VerifyOutput) SetKeyId(v string) *VerifyOutput { + s.KeyId = &v + return s +} + +// SetSignatureValid sets the SignatureValid field's value. +func (s *VerifyOutput) SetSignatureValid(v bool) *VerifyOutput { + s.SignatureValid = &v + return s +} + +// SetSigningAlgorithm sets the SigningAlgorithm field's value. +func (s *VerifyOutput) SetSigningAlgorithm(v string) *VerifyOutput { + s.SigningAlgorithm = &v + return s +} + const ( // AlgorithmSpecRsaesPkcs1V15 is a AlgorithmSpec enum value AlgorithmSpecRsaesPkcs1V15 = "RSAES_PKCS1_V1_5" @@ -10100,6 +14471,9 @@ const ( // ConnectionErrorCodeTypeNetworkErrors is a ConnectionErrorCodeType enum value ConnectionErrorCodeTypeNetworkErrors = "NETWORK_ERRORS" + // ConnectionErrorCodeTypeInternalError is a ConnectionErrorCodeType enum value + ConnectionErrorCodeTypeInternalError = "INTERNAL_ERROR" + // ConnectionErrorCodeTypeInsufficientCloudhsmHsms is a ConnectionErrorCodeType enum value ConnectionErrorCodeTypeInsufficientCloudhsmHsms = "INSUFFICIENT_CLOUDHSM_HSMS" @@ -10124,6 +14498,55 @@ const ( ConnectionStateTypeDisconnecting = "DISCONNECTING" ) +const ( + // CustomerMasterKeySpecRsa2048 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecRsa2048 = "RSA_2048" + + // CustomerMasterKeySpecRsa3072 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecRsa3072 = "RSA_3072" + + // CustomerMasterKeySpecRsa4096 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecRsa4096 = "RSA_4096" + + // CustomerMasterKeySpecEccNistP256 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecEccNistP256 = "ECC_NIST_P256" + + // CustomerMasterKeySpecEccNistP384 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecEccNistP384 = "ECC_NIST_P384" + + // CustomerMasterKeySpecEccNistP521 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecEccNistP521 = "ECC_NIST_P521" + + // CustomerMasterKeySpecEccSecgP256k1 is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecEccSecgP256k1 = "ECC_SECG_P256K1" + + // CustomerMasterKeySpecSymmetricDefault is a CustomerMasterKeySpec enum value + CustomerMasterKeySpecSymmetricDefault = "SYMMETRIC_DEFAULT" +) + +const ( + // DataKeyPairSpecRsa2048 is a DataKeyPairSpec enum value + DataKeyPairSpecRsa2048 = "RSA_2048" + + // DataKeyPairSpecRsa3072 is a DataKeyPairSpec enum value + DataKeyPairSpecRsa3072 = "RSA_3072" + + // DataKeyPairSpecRsa4096 is a DataKeyPairSpec enum value + DataKeyPairSpecRsa4096 = "RSA_4096" + + // DataKeyPairSpecEccNistP256 is a DataKeyPairSpec enum value + DataKeyPairSpecEccNistP256 = "ECC_NIST_P256" + + // DataKeyPairSpecEccNistP384 is a DataKeyPairSpec enum value + DataKeyPairSpecEccNistP384 = "ECC_NIST_P384" + + // DataKeyPairSpecEccNistP521 is a DataKeyPairSpec enum value + DataKeyPairSpecEccNistP521 = "ECC_NIST_P521" + + // DataKeyPairSpecEccSecgP256k1 is a DataKeyPairSpec enum value + DataKeyPairSpecEccSecgP256k1 = "ECC_SECG_P256K1" +) + const ( // DataKeySpecAes256 is a DataKeySpec enum value DataKeySpecAes256 = "AES_256" @@ -10132,6 +14555,17 @@ const ( DataKeySpecAes128 = "AES_128" ) +const ( + // EncryptionAlgorithmSpecSymmetricDefault is a EncryptionAlgorithmSpec enum value + EncryptionAlgorithmSpecSymmetricDefault = "SYMMETRIC_DEFAULT" + + // EncryptionAlgorithmSpecRsaesOaepSha1 is a EncryptionAlgorithmSpec enum value + EncryptionAlgorithmSpecRsaesOaepSha1 = "RSAES_OAEP_SHA_1" + + // EncryptionAlgorithmSpecRsaesOaepSha256 is a EncryptionAlgorithmSpec enum value + EncryptionAlgorithmSpecRsaesOaepSha256 = "RSAES_OAEP_SHA_256" +) + const ( // ExpirationModelTypeKeyMaterialExpires is a ExpirationModelType enum value ExpirationModelTypeKeyMaterialExpires = "KEY_MATERIAL_EXPIRES" @@ -10159,6 +14593,15 @@ const ( // GrantOperationReEncryptTo is a GrantOperation enum value GrantOperationReEncryptTo = "ReEncryptTo" + // GrantOperationSign is a GrantOperation enum value + GrantOperationSign = "Sign" + + // GrantOperationVerify is a GrantOperation enum value + GrantOperationVerify = "Verify" + + // GrantOperationGetPublicKey is a GrantOperation enum value + GrantOperationGetPublicKey = "GetPublicKey" + // GrantOperationCreateGrant is a GrantOperation enum value GrantOperationCreateGrant = "CreateGrant" @@ -10167,6 +14610,12 @@ const ( // GrantOperationDescribeKey is a GrantOperation enum value GrantOperationDescribeKey = "DescribeKey" + + // GrantOperationGenerateDataKeyPair is a GrantOperation enum value + GrantOperationGenerateDataKeyPair = "GenerateDataKeyPair" + + // GrantOperationGenerateDataKeyPairWithoutPlaintext is a GrantOperation enum value + GrantOperationGenerateDataKeyPairWithoutPlaintext = "GenerateDataKeyPairWithoutPlaintext" ) const ( @@ -10195,10 +14644,21 @@ const ( ) const ( + // KeyUsageTypeSignVerify is a KeyUsageType enum value + KeyUsageTypeSignVerify = "SIGN_VERIFY" + // KeyUsageTypeEncryptDecrypt is a KeyUsageType enum value KeyUsageTypeEncryptDecrypt = "ENCRYPT_DECRYPT" ) +const ( + // MessageTypeRaw is a MessageType enum value + MessageTypeRaw = "RAW" + + // MessageTypeDigest is a MessageType enum value + MessageTypeDigest = "DIGEST" +) + const ( // OriginTypeAwsKms is a OriginType enum value OriginTypeAwsKms = "AWS_KMS" @@ -10210,6 +14670,35 @@ const ( OriginTypeAwsCloudhsm = "AWS_CLOUDHSM" ) +const ( + // SigningAlgorithmSpecRsassaPssSha256 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPssSha256 = "RSASSA_PSS_SHA_256" + + // SigningAlgorithmSpecRsassaPssSha384 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPssSha384 = "RSASSA_PSS_SHA_384" + + // SigningAlgorithmSpecRsassaPssSha512 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPssSha512 = "RSASSA_PSS_SHA_512" + + // SigningAlgorithmSpecRsassaPkcs1V15Sha256 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPkcs1V15Sha256 = "RSASSA_PKCS1_V1_5_SHA_256" + + // SigningAlgorithmSpecRsassaPkcs1V15Sha384 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPkcs1V15Sha384 = "RSASSA_PKCS1_V1_5_SHA_384" + + // SigningAlgorithmSpecRsassaPkcs1V15Sha512 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecRsassaPkcs1V15Sha512 = "RSASSA_PKCS1_V1_5_SHA_512" + + // SigningAlgorithmSpecEcdsaSha256 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecEcdsaSha256 = "ECDSA_SHA_256" + + // SigningAlgorithmSpecEcdsaSha384 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecEcdsaSha384 = "ECDSA_SHA_384" + + // SigningAlgorithmSpecEcdsaSha512 is a SigningAlgorithmSpec enum value + SigningAlgorithmSpecEcdsaSha512 = "ECDSA_SHA_512" +) + const ( // WrappingKeySpecRsa2048 is a WrappingKeySpec enum value WrappingKeySpecRsa2048 = "RSA_2048" diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go b/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go index fad9002e185..c4c21250201 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go @@ -6,7 +6,7 @@ // AWS Key Management Service (AWS KMS) is an encryption and key management // web service. This guide describes the AWS KMS operations that you can call // programmatically. For general information about AWS KMS, see the AWS Key -// Management Service Developer Guide (http://docs.aws.amazon.com/kms/latest/developerguide/). +// Management Service Developer Guide (https://docs.aws.amazon.com/kms/latest/developerguide/). // // AWS provides SDKs that consist of libraries and sample code for various programming // languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs @@ -30,11 +30,11 @@ // Requests must be signed by using an access key ID and a secret access key. // We strongly recommend that you do not use your AWS account (root) access // key ID and secret key for everyday work with AWS KMS. Instead, use the access -// key ID and secret access key for an IAM user, or you can use the AWS Security +// key ID and secret access key for an IAM user. You can also use the AWS Security // Token Service to generate temporary security credentials that you can use // to sign requests. // -// All AWS KMS operations require Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). +// All AWS KMS operations require Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // // Logging API Requests // @@ -43,29 +43,29 @@ // you specify. By using the information collected by CloudTrail, you can determine // what requests were made to AWS KMS, who made the request, when it was made, // and so on. To learn more about CloudTrail, including how to turn it on and -// find your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/). +// find your log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/). // // Additional Resources // // For more information about credentials and request signing, see the following: // -// * AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) -// - This topic provides general information about the of credentials used -// for accessing AWS. +// * AWS Security Credentials (https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) +// - This topic provides general information about the types of credentials +// used for accessing AWS. // -// * Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) +// * Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html) // - This section of the IAM User Guide describes how to create and use temporary // security credentials. // -// * Signature Version 4 Signing Process (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) +// * Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) // - This set of topics walks you through the process of signing a request // using an access key ID and a secret access key. // -// Commonly Used APIs +// Commonly Used API Operations // -// Of the APIs discussed in this guide, the following will prove the most useful -// for most applications. You will likely perform actions other than these, -// such as creating keys and assigning policies, by using the console. +// Of the API operations discussed in this guide, the following will prove the +// most useful for most applications. You will likely perform operations other +// than these, such as creating keys and assigning policies, by using the console. // // * Encrypt // diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go b/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go index e41edf66db5..7d2d6cd1349 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/errors.go @@ -2,6 +2,10 @@ package kms +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + const ( // ErrCodeAlreadyExistsException for service response error code @@ -20,7 +24,7 @@ const ( // associated with a different AWS CloudHSM cluster. // // Clusters that share a backup history have the same cluster certificate. To - // view the cluster certificate of a cluster, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) + // view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. ErrCodeCloudHsmClusterInUseException = "CloudHsmClusterInUseException" @@ -28,21 +32,35 @@ const ( // "CloudHsmClusterInvalidConfigurationException". // // The request was rejected because the associated AWS CloudHSM cluster did - // not meet the configuration requirements for a custom key store. The cluster - // must be configured with private subnets in at least two different Availability - // Zones in the Region. Also, it must contain at least as many HSMs as the operation - // requires. + // not meet the configuration requirements for a custom key store. // - // For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey operations, - // the AWS CloudHSM cluster must have at least two active HSMs, each in a different - // Availability Zone. For the ConnectCustomKeyStore operation, the AWS CloudHSM - // must contain at least one active HSM. + // * The cluster must be configured with private subnets in at least two + // different Availability Zones in the Region. // - // For information about creating a private subnet for a AWS CloudHSM cluster, - // see Create a Private Subnet (http://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) - // in the AWS CloudHSM User Guide. To add HSMs, use the AWS CloudHSM CreateHsm - // (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) - // operation. + // * The security group for the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) + // (cloudhsm-cluster--sg) must include inbound rules and outbound + // rules that allow TCP traffic on ports 2223-2225. The Source in the inbound + // rules and the Destination in the outbound rules must match the security + // group ID. These rules are set by default when you create the cluster. + // Do not delete or change them. To get information about a particular security + // group, use the DescribeSecurityGroups (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html) + // operation. + // + // * The cluster must contain at least as many HSMs as the operation requires. + // To add HSMs, use the AWS CloudHSM CreateHsm (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html) + // operation. For the CreateCustomKeyStore, UpdateCustomKeyStore, and CreateKey + // operations, the AWS CloudHSM cluster must have at least two active HSMs, + // each in a different Availability Zone. For the ConnectCustomKeyStore operation, + // the AWS CloudHSM must contain at least one active HSM. + // + // For information about the requirements for an AWS CloudHSM cluster that is + // associated with a custom key store, see Assemble the Prerequisites (https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore) + // in the AWS Key Management Service Developer Guide. For information about + // creating a private subnet for an AWS CloudHSM cluster, see Create a Private + // Subnet (https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html) + // in the AWS CloudHSM User Guide. For information about cluster security groups, + // see Configure a Default Security Group (https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html) + // in the AWS CloudHSM User Guide . ErrCodeCloudHsmClusterInvalidConfigurationException = "CloudHsmClusterInvalidConfigurationException" // ErrCodeCloudHsmClusterNotActiveException for service response error code @@ -51,7 +69,7 @@ const ( // The request was rejected because the AWS CloudHSM cluster that is associated // with the custom key store is not active. Initialize and activate the cluster // and try the command again. For detailed instructions, see Getting Started - // (http://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) + // (https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html) // in the AWS CloudHSM User Guide. ErrCodeCloudHsmClusterNotActiveException = "CloudHsmClusterNotActiveException" @@ -76,7 +94,7 @@ const ( // cluster. // // Clusters that share a backup history have the same cluster certificate. To - // view the cluster certificate of a cluster, use the DescribeClusters (http://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) + // view the cluster certificate of a cluster, use the DescribeClusters (https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html) // operation. ErrCodeCloudHsmClusterNotRelatedException = "CloudHsmClusterNotRelatedException" @@ -142,17 +160,25 @@ const ( // ErrCodeExpiredImportTokenException for service response error code // "ExpiredImportTokenException". // - // The request was rejected because the provided import token is expired. Use + // The request was rejected because the specified import token is expired. Use // GetParametersForImport to get a new import token and public key, use the // new public key to encrypt the key material, and then try the request again. ErrCodeExpiredImportTokenException = "ExpiredImportTokenException" + // ErrCodeIncorrectKeyException for service response error code + // "IncorrectKeyException". + // + // The request was rejected because the specified CMK cannot decrypt the data. + // The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request + // must identify the same CMK that was used to encrypt the ciphertext. + ErrCodeIncorrectKeyException = "IncorrectKeyException" + // ErrCodeIncorrectKeyMaterialException for service response error code // "IncorrectKeyMaterialException". // - // The request was rejected because the provided key material is invalid or - // is not the same key material that was previously imported into this customer - // master key (CMK). + // The request was rejected because the key material in the request is, expired, + // invalid, or is not the same key material that was previously imported into + // this customer master key (CMK). ErrCodeIncorrectKeyMaterialException = "IncorrectKeyMaterialException" // ErrCodeIncorrectTrustAnchorException for service response error code @@ -161,7 +187,7 @@ const ( // The request was rejected because the trust anchor certificate in the request // is not the trust anchor certificate for the specified AWS CloudHSM cluster. // - // When you initialize the cluster (http://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), + // When you initialize the cluster (https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr), // you create the trust anchor certificate and save it in the customerCA.crt // file. ErrCodeIncorrectTrustAnchorException = "IncorrectTrustAnchorException" @@ -182,15 +208,20 @@ const ( // ErrCodeInvalidArnException for service response error code // "InvalidArnException". // - // The request was rejected because a specified ARN was not valid. + // The request was rejected because a specified ARN, or an ARN in a key policy, + // is not valid. ErrCodeInvalidArnException = "InvalidArnException" // ErrCodeInvalidCiphertextException for service response error code // "InvalidCiphertextException". // - // The request was rejected because the specified ciphertext, or additional - // authenticated data incorporated into the ciphertext, such as the encryption - // context, is corrupted, missing, or otherwise invalid. + // From the Decrypt or ReEncrypt operation, the request was rejected because + // the specified ciphertext, or additional authenticated data incorporated into + // the ciphertext, such as the encryption context, is corrupted, missing, or + // otherwise invalid. + // + // From the ImportKeyMaterial operation, the request was rejected because AWS + // KMS could not decrypt the encrypted (wrapped) key material. ErrCodeInvalidCiphertextException = "InvalidCiphertextException" // ErrCodeInvalidGrantIdException for service response error code @@ -215,7 +246,19 @@ const ( // ErrCodeInvalidKeyUsageException for service response error code // "InvalidKeyUsageException". // - // The request was rejected because the specified KeySpec value is not valid. + // The request was rejected for one of the following reasons: + // + // * The KeyUsage value of the CMK is incompatible with the API operation. + // + // * The encryption algorithm or signing algorithm specified for the operation + // is incompatible with the type of key material in the CMK (CustomerMasterKeySpec). + // + // For encrypting, decrypting, re-encrypting, and generating data keys, the + // KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying, the KeyUsage + // must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation. + // + // To find the encryption or signing algorithms supported for a particular CMK, + // use the DescribeKey operation. ErrCodeInvalidKeyUsageException = "InvalidKeyUsageException" // ErrCodeInvalidMarkerException for service response error code @@ -232,22 +275,30 @@ const ( // valid for this request. // // For more information about how key state affects the use of a CMK, see How - // Key State Affects Use of a Customer Master Key (http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) - // in the AWS Key Management Service Developer Guide. + // Key State Affects Use of a Customer Master Key (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) + // in the AWS Key Management Service Developer Guide . ErrCodeInvalidStateException = "KMSInvalidStateException" + // ErrCodeKMSInvalidSignatureException for service response error code + // "KMSInvalidSignatureException". + // + // The request was rejected because the signature verification failed. Signature + // verification fails when it cannot confirm that signature was produced by + // signing the specified message with the specified CMK and signing algorithm. + ErrCodeKMSInvalidSignatureException = "KMSInvalidSignatureException" + // ErrCodeKeyUnavailableException for service response error code // "KeyUnavailableException". // - // The request was rejected because the specified CMK was not available. The - // request can be retried. + // The request was rejected because the specified CMK was not available. You + // can retry the request. ErrCodeKeyUnavailableException = "KeyUnavailableException" // ErrCodeLimitExceededException for service response error code // "LimitExceededException". // // The request was rejected because a limit was exceeded. For more information, - // see Limits (http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) + // see Limits (https://docs.aws.amazon.com/kms/latest/developerguide/limits.html) // in the AWS Key Management Service Developer Guide. ErrCodeLimitExceededException = "LimitExceededException" @@ -278,3 +329,39 @@ const ( // a specified resource is not valid for this operation. ErrCodeUnsupportedOperationException = "UnsupportedOperationException" ) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AlreadyExistsException": newErrorAlreadyExistsException, + "CloudHsmClusterInUseException": newErrorCloudHsmClusterInUseException, + "CloudHsmClusterInvalidConfigurationException": newErrorCloudHsmClusterInvalidConfigurationException, + "CloudHsmClusterNotActiveException": newErrorCloudHsmClusterNotActiveException, + "CloudHsmClusterNotFoundException": newErrorCloudHsmClusterNotFoundException, + "CloudHsmClusterNotRelatedException": newErrorCloudHsmClusterNotRelatedException, + "CustomKeyStoreHasCMKsException": newErrorCustomKeyStoreHasCMKsException, + "CustomKeyStoreInvalidStateException": newErrorCustomKeyStoreInvalidStateException, + "CustomKeyStoreNameInUseException": newErrorCustomKeyStoreNameInUseException, + "CustomKeyStoreNotFoundException": newErrorCustomKeyStoreNotFoundException, + "DependencyTimeoutException": newErrorDependencyTimeoutException, + "DisabledException": newErrorDisabledException, + "ExpiredImportTokenException": newErrorExpiredImportTokenException, + "IncorrectKeyException": newErrorIncorrectKeyException, + "IncorrectKeyMaterialException": newErrorIncorrectKeyMaterialException, + "IncorrectTrustAnchorException": newErrorIncorrectTrustAnchorException, + "KMSInternalException": newErrorInternalException, + "InvalidAliasNameException": newErrorInvalidAliasNameException, + "InvalidArnException": newErrorInvalidArnException, + "InvalidCiphertextException": newErrorInvalidCiphertextException, + "InvalidGrantIdException": newErrorInvalidGrantIdException, + "InvalidGrantTokenException": newErrorInvalidGrantTokenException, + "InvalidImportTokenException": newErrorInvalidImportTokenException, + "InvalidKeyUsageException": newErrorInvalidKeyUsageException, + "InvalidMarkerException": newErrorInvalidMarkerException, + "KMSInvalidStateException": newErrorInvalidStateException, + "KMSInvalidSignatureException": newErrorKMSInvalidSignatureException, + "KeyUnavailableException": newErrorKeyUnavailableException, + "LimitExceededException": newErrorLimitExceededException, + "MalformedPolicyDocumentException": newErrorMalformedPolicyDocumentException, + "NotFoundException": newErrorNotFoundException, + "TagException": newErrorTagException, + "UnsupportedOperationException": newErrorUnsupportedOperationException, +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/service.go b/vendor/github.com/aws/aws-sdk-go/service/kms/service.go index 6d062f32fc8..50ca0c092e1 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/service.go @@ -8,6 +8,7 @@ import ( "github.com/aws/aws-sdk-go/aws/client/metadata" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" ) @@ -31,7 +32,7 @@ var initRequest func(*request.Request) const ( ServiceName = "kms" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "KMS" // ServiceID is a unique identifer of a specific service. + ServiceID = "KMS" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the KMS client with a session. @@ -39,6 +40,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a KMS client from just a session. // svc := kms.New(mySession) // @@ -46,11 +49,11 @@ const ( // svc := kms.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *KMS { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *KMS { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *KMS { svc := &KMS{ Client: client.New( cfg, @@ -59,6 +62,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2014-11-01", JSONVersion: "1.1", @@ -73,7 +77,9 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler) svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler) svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed(jsonrpc.UnmarshalErrorHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) // Run custom client initialization if present if initClient != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/BUILD b/vendor/github.com/aws/aws-sdk-go/service/sts/BUILD index aeecbbf23a0..3f9b213ccdb 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/BUILD +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/BUILD @@ -17,6 +17,7 @@ go_library( "//vendor/github.com/aws/aws-sdk-go/aws/awsutil:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/client:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/client/metadata:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/credentials:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", "//vendor/github.com/aws/aws-sdk-go/aws/signer/v4:go_default_library", "//vendor/github.com/aws/aws-sdk-go/private/protocol/query:go_default_library", @@ -32,7 +33,10 @@ filegroup( filegroup( name = "all-srcs", - srcs = [":package-srcs"], + srcs = [ + ":package-srcs", + "//vendor/github.com/aws/aws-sdk-go/service/sts/stsiface:all-srcs", + ], tags = ["automanaged"], visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index ee908f9167b..7f60d4aa185 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -3,10 +3,12 @@ package sts import ( + "fmt" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/request" ) @@ -54,39 +56,29 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // AssumeRole API operation for AWS Security Token Service. // -// Returns a set of temporary security credentials (consisting of an access -// key ID, a secret access key, and a security token) that you can use to access -// AWS resources that you might not normally have access to. Typically, you -// use AssumeRole for cross-account access or federation. For a comparison of -// AssumeRole with the other APIs that produce temporary credentials, see Requesting -// Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS APIs (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// Returns a set of temporary security credentials that you can use to access +// AWS resources that you might not normally have access to. These temporary +// credentials consist of an access key ID, a secret access key, and a security +// token. Typically, you use AssumeRole within your account or for cross-account +// access. For a comparison of AssumeRole with other API operations that produce +// temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // -// Important: You cannot call AssumeRole by using AWS root account credentials; -// access is denied. You must use credentials for an IAM user or an IAM role -// to call AssumeRole. +// You cannot use AWS account root user credentials to call AssumeRole. You +// must use credentials for an IAM user or an IAM role to call AssumeRole. // // For cross-account access, imagine that you own multiple accounts and need // to access resources in each account. You could create long-term credentials // in each account to access those resources. However, managing all those credentials // and remembering which one can access which account can be time consuming. -// Instead, you can create one set of long-term credentials in one account and -// then use temporary security credentials to access all the other accounts +// Instead, you can create one set of long-term credentials in one account. +// Then use temporary security credentials to access all the other accounts // by assuming roles in those accounts. For more information about roles, see -// IAM Roles (Delegation and Federation) (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) +// IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) // in the IAM User Guide. // -// For federation, you can, for example, grant single sign-on access to the -// AWS Management Console. If you already have an identity and authentication -// system in your corporate network, you don't have to recreate user identities -// in AWS in order to grant those user identities access to AWS. Instead, after -// a user has been authenticated, you call AssumeRole (and specify the role -// with the appropriate permissions) to get temporary security credentials for -// that user. With those temporary security credentials, you construct a sign-in -// URL that users can use to access the console. For more information, see Common -// Scenarios for Temporary Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html#sts-introduction) -// in the IAM User Guide. +// Session Duration // // By default, the temporary security credentials created by AssumeRole last // for one hour. However, you can use the optional DurationSeconds parameter @@ -94,69 +86,93 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // seconds (15 minutes) up to the maximum session duration setting for the role. // This setting can have a value from 1 hour to 12 hours. To learn how to view // the maximum value for your role, see View the Maximum Session Duration Setting -// for a Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) +// for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI operations but -// does not apply when you use those operations to create a console URL. For -// more information, see Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) +// use the AssumeRole* API operations or the assume-role* CLI commands. However +// the limit does not apply when you use those operations to create a console +// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRole can be used to make -// API calls to any AWS service with the following exception: you cannot call -// the STS service's GetFederationToken or GetSessionToken APIs. +// API calls to any AWS service with the following exception: You cannot call +// the AWS STS GetFederationToken or GetSessionToken API operations. // -// Optionally, you can pass an IAM access policy to this operation. If you choose -// not to pass a policy, the temporary security credentials that are returned -// by the operation have the permissions that are defined in the access policy -// of the role that is being assumed. If you pass a policy to this operation, -// the temporary security credentials that are returned by the operation have -// the permissions that are allowed by both the access policy of the role that -// is being assumed, and the policy that you pass. This gives you a way to further -// restrict the permissions for the resulting temporary security credentials. -// You cannot use the passed policy to grant permissions that are in excess -// of those allowed by the access policy of the role that is being assumed. -// For more information, see Permissions for AssumeRole, AssumeRoleWithSAML, -// and AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) +// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// to this operation. You can pass a single JSON policy document to use as an +// inline session policy. You can also specify up to 10 managed policies to +// use as managed session policies. The plain text that you use for both inline +// and managed session policies can't exceed 2,048 characters. Passing policies +// to this operation returns new temporary credentials. The resulting session's +// permissions are the intersection of the role's identity-based policy and +// the session policies. You can use the role's temporary credentials in subsequent +// AWS API calls to access resources in the account that owns the role. You +// cannot use session policies to grant more permissions than those allowed +// by the identity-based policy of the role that is being assumed. For more +// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// To assume a role, your AWS account must be trusted by the role. The trust -// relationship is defined in the role's trust policy when the role is created. -// That trust policy states which accounts are allowed to delegate access to -// this account's role. +// To assume a role from a different account, your AWS account must be trusted +// by the role. The trust relationship is defined in the role's trust policy +// when the role is created. That trust policy states which accounts are allowed +// to delegate that access to users in the account. // -// The user who wants to access the role must also have permissions delegated -// from the role's administrator. If the user is in a different account than -// the role, then the user's administrator must attach a policy that allows -// the user to call AssumeRole on the ARN of the role in the other account. -// If the user is in the same account as the role, then you can either attach -// a policy to the user (identical to the previous different account user), -// or you can add the user as a principal directly in the role's trust policy. -// In this case, the trust policy acts as the only resource-based policy in -// IAM, and users in the same account as the role do not need explicit permission -// to assume the role. For more information about trust policies and resource-based -// policies, see IAM Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) +// A user who wants to access a role in a different account must also have permissions +// that are delegated from the user account administrator. The administrator +// must attach a policy that allows the user to call AssumeRole for the ARN +// of the role in the other account. If the user is in the same account as the +// role, then you can do either of the following: +// +// * Attach a policy to the user (identical to the previous user in a different +// account). +// +// * Add the user as a principal directly in the role's trust policy. +// +// In this case, the trust policy acts as an IAM resource-based policy. Users +// in the same account as the role do not need explicit permission to assume +// the role. For more information about trust policies and resource-based policies, +// see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) +// in the IAM User Guide. +// +// Tags +// +// (Optional) You can pass tag key-value pairs to your session. These tags are +// called session tags. For more information about session tags, see Passing +// Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) // in the IAM User Guide. // // Using MFA with AssumeRole // -// You can optionally include multi-factor authentication (MFA) information -// when you call AssumeRole. This is useful for cross-account scenarios in which -// you want to make sure that the user who is assuming the role has been authenticated -// using an AWS MFA device. In that scenario, the trust policy of the role being -// assumed includes a condition that tests for MFA authentication; if the caller -// does not include valid MFA information, the request to assume the role is -// denied. The condition in a trust policy that tests for MFA authentication -// might look like the following example. +// (Optional) You can include multi-factor authentication (MFA) information +// when you call AssumeRole. This is useful for cross-account scenarios to ensure +// that the user that assumes the role has been authenticated with an AWS MFA +// device. In that scenario, the trust policy of the role being assumed includes +// a condition that tests for MFA authentication. If the caller does not include +// valid MFA information, the request to assume the role is denied. The condition +// in a trust policy that tests for MFA authentication might look like the following +// example. // // "Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}} // -// For more information, see Configuring MFA-Protected API Access (http://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html) +// For more information, see Configuring MFA-Protected API Access (https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html) // in the IAM User Guide guide. // // To use MFA with AssumeRole, you pass values for the SerialNumber and TokenCode // parameters. The SerialNumber value identifies the user's hardware or virtual // MFA device. The TokenCode is the time-based one-time password (TOTP) that -// the MFA devices produces. +// the MFA device produces. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -171,15 +187,24 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeRegionDisabledException "RegionDisabledException" // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole @@ -243,6 +268,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re output = &AssumeRoleWithSAMLOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } @@ -252,15 +278,17 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // via a SAML authentication response. This operation provides a mechanism for // tying an enterprise identity store or directory to role-based AWS access // without user-specific credentials or configuration. For a comparison of AssumeRoleWithSAML -// with the other APIs that produce temporary credentials, see Requesting Temporary -// Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS APIs (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// with the other API operations that produce temporary credentials, see Requesting +// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // // The temporary security credentials returned by this operation consist of // an access key ID, a secret access key, and a security token. Applications // can use these temporary security credentials to sign calls to AWS services. // +// Session Duration +// // By default, the temporary security credentials created by AssumeRoleWithSAML // last for one hour. However, you can use the optional DurationSeconds parameter // to specify the duration of your session. Your role session lasts for the @@ -269,38 +297,33 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // a DurationSeconds value from 900 seconds (15 minutes) up to the maximum session // duration setting for the role. This setting can have a value from 1 hour // to 12 hours. To learn how to view the maximum value for your role, see View -// the Maximum Session Duration Setting for a Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) +// the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI operations but -// does not apply when you use those operations to create a console URL. For -// more information, see Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) +// use the AssumeRole* API operations or the assume-role* CLI commands. However +// the limit does not apply when you use those operations to create a console +// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRoleWithSAML can be used // to make API calls to any AWS service with the following exception: you cannot -// call the STS service's GetFederationToken or GetSessionToken APIs. +// call the STS GetFederationToken or GetSessionToken API operations. // -// Optionally, you can pass an IAM access policy to this operation. If you choose -// not to pass a policy, the temporary security credentials that are returned -// by the operation have the permissions that are defined in the access policy -// of the role that is being assumed. If you pass a policy to this operation, -// the temporary security credentials that are returned by the operation have -// the permissions that are allowed by the intersection of both the access policy -// of the role that is being assumed, and the policy that you pass. This means -// that both policies must grant the permission for the action to be allowed. -// This gives you a way to further restrict the permissions for the resulting -// temporary security credentials. You cannot use the passed policy to grant -// permissions that are in excess of those allowed by the access policy of the -// role that is being assumed. For more information, see Permissions for AssumeRole, -// AssumeRoleWithSAML, and AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) +// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// to this operation. You can pass a single JSON policy document to use as an +// inline session policy. You can also specify up to 10 managed policies to +// use as managed session policies. The plain text that you use for both inline +// and managed session policies can't exceed 2,048 characters. Passing policies +// to this operation returns new temporary credentials. The resulting session's +// permissions are the intersection of the role's identity-based policy and +// the session policies. You can use the role's temporary credentials in subsequent +// AWS API calls to access resources in the account that owns the role. You +// cannot use session policies to grant more permissions than those allowed +// by the identity-based policy of the role that is being assumed. For more +// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// Before your application can call AssumeRoleWithSAML, you must configure your -// SAML identity provider (IdP) to issue the claims required by AWS. Additionally, -// you must use AWS Identity and Access Management (IAM) to create a SAML provider -// entity in your AWS account that represents your identity provider, and create -// an IAM role that specifies this SAML provider in its trust policy. -// // Calling AssumeRoleWithSAML does not require the use of AWS security credentials. // The identity of the caller is validated by using keys in the metadata document // that is uploaded for the SAML provider entity for your identity provider. @@ -308,21 +331,63 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // Calling AssumeRoleWithSAML can result in an entry in your AWS CloudTrail // logs. The entry includes the value in the NameID element of the SAML assertion. // We recommend that you use a NameIDType that is not associated with any personally -// identifiable information (PII). For example, you could instead use the Persistent -// Identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). +// identifiable information (PII). For example, you could instead use the persistent +// identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). +// +// Tags +// +// (Optional) You can configure your IdP to pass attributes into your SAML assertion +// as session tags. Each session tag consists of a key name and an associated +// value. For more information about session tags, see Passing Session Tags +// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You can pass up to 50 session tags. The plain text session tag keys can’t +// exceed 128 characters and the values can’t exceed 256 characters. For these +// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// An AWS conversion compresses the passed session policies and session tags +// into a packed binary format that has a separate limit. Your request can fail +// for this limit even if your plain text meets the other requirements. The +// PackedPolicySize response element indicates by percentage how close the policies +// and tags for your request are to the upper size limit. +// +// You can pass a session tag with the same key as a tag that is attached to +// the role. When you do, session tags override the role's tags with the same +// key. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) +// in the IAM User Guide. +// +// SAML Configuration +// +// Before your application can call AssumeRoleWithSAML, you must configure your +// SAML identity provider (IdP) to issue the claims required by AWS. Additionally, +// you must use AWS Identity and Access Management (IAM) to create a SAML provider +// entity in your AWS account that represents your identity provider. You must +// also create an IAM role that specifies this SAML provider in its trust policy. // // For more information, see the following resources: // -// * About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) +// * About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) // in the IAM User Guide. // -// * Creating SAML Identity Providers (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html) +// * Creating SAML Identity Providers (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html) // in the IAM User Guide. // -// * Configuring a Relying Party and Claims (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html) +// * Configuring a Relying Party and Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html) // in the IAM User Guide. // -// * Creating a Role for SAML 2.0 Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html) +// * Creating a Role for SAML 2.0 Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -338,9 +403,18 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" // The identity provider (IdP) reported that authentication failed. This might @@ -361,7 +435,7 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML @@ -425,41 +499,44 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI output = &AssumeRoleWithWebIdentityOutput{} req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials return } // AssumeRoleWithWebIdentity API operation for AWS Security Token Service. // // Returns a set of temporary security credentials for users who have been authenticated -// in a mobile or web application with a web identity provider, such as Amazon -// Cognito, Login with Amazon, Facebook, Google, or any OpenID Connect-compatible -// identity provider. +// in a mobile or web application with a web identity provider. Example providers +// include Amazon Cognito, Login with Amazon, Facebook, Google, or any OpenID +// Connect-compatible identity provider. // // For mobile applications, we recommend that you use Amazon Cognito. You can -// use Amazon Cognito with the AWS SDK for iOS (http://aws.amazon.com/sdkforios/) -// and the AWS SDK for Android (http://aws.amazon.com/sdkforandroid/) to uniquely -// identify a user and supply the user with a consistent identity throughout -// the lifetime of an application. +// use Amazon Cognito with the AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) +// and the AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/) +// to uniquely identify a user. You can also supply the user with a consistent +// identity throughout the lifetime of an application. // -// To learn more about Amazon Cognito, see Amazon Cognito Overview (http://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840) -// in the AWS SDK for Android Developer Guide guide and Amazon Cognito Overview -// (http://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664) +// To learn more about Amazon Cognito, see Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840) +// in AWS SDK for Android Developer Guide and Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664) // in the AWS SDK for iOS Developer Guide. // // Calling AssumeRoleWithWebIdentity does not require the use of AWS security // credentials. Therefore, you can distribute an application (for example, on // mobile devices) that requests temporary security credentials without including -// long-term AWS credentials in the application, and without deploying server-based -// proxy services that use long-term AWS credentials. Instead, the identity -// of the caller is validated by using a token from the web identity provider. -// For a comparison of AssumeRoleWithWebIdentity with the other APIs that produce -// temporary credentials, see Requesting Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS APIs (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// long-term AWS credentials in the application. You also don't need to deploy +// server-based proxy services that use long-term AWS credentials. Instead, +// the identity of the caller is validated by using a token from the web identity +// provider. For a comparison of AssumeRoleWithWebIdentity with the other API +// operations that produce temporary credentials, see Requesting Temporary Security +// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // // The temporary security credentials returned by this API consist of an access // key ID, a secret access key, and a security token. Applications can use these -// temporary security credentials to sign calls to AWS service APIs. +// temporary security credentials to sign calls to AWS service API operations. +// +// Session Duration // // By default, the temporary security credentials created by AssumeRoleWithWebIdentity // last for one hour. However, you can use the optional DurationSeconds parameter @@ -467,31 +544,69 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // seconds (15 minutes) up to the maximum session duration setting for the role. // This setting can have a value from 1 hour to 12 hours. To learn how to view // the maximum value for your role, see View the Maximum Session Duration Setting -// for a Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) +// for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI operations but -// does not apply when you use those operations to create a console URL. For -// more information, see Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) +// use the AssumeRole* API operations or the assume-role* CLI commands. However +// the limit does not apply when you use those operations to create a console +// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // +// Permissions +// // The temporary security credentials created by AssumeRoleWithWebIdentity can // be used to make API calls to any AWS service with the following exception: -// you cannot call the STS service's GetFederationToken or GetSessionToken APIs. +// you cannot call the STS GetFederationToken or GetSessionToken API operations. // -// Optionally, you can pass an IAM access policy to this operation. If you choose -// not to pass a policy, the temporary security credentials that are returned -// by the operation have the permissions that are defined in the access policy -// of the role that is being assumed. If you pass a policy to this operation, -// the temporary security credentials that are returned by the operation have -// the permissions that are allowed by both the access policy of the role that -// is being assumed, and the policy that you pass. This gives you a way to further -// restrict the permissions for the resulting temporary security credentials. -// You cannot use the passed policy to grant permissions that are in excess -// of those allowed by the access policy of the role that is being assumed. -// For more information, see Permissions for AssumeRole, AssumeRoleWithSAML, -// and AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) +// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// to this operation. You can pass a single JSON policy document to use as an +// inline session policy. You can also specify up to 10 managed policies to +// use as managed session policies. The plain text that you use for both inline +// and managed session policies can't exceed 2,048 characters. Passing policies +// to this operation returns new temporary credentials. The resulting session's +// permissions are the intersection of the role's identity-based policy and +// the session policies. You can use the role's temporary credentials in subsequent +// AWS API calls to access resources in the account that owns the role. You +// cannot use session policies to grant more permissions than those allowed +// by the identity-based policy of the role that is being assumed. For more +// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // +// Tags +// +// (Optional) You can configure your IdP to pass attributes into your web identity +// token as session tags. Each session tag consists of a key name and an associated +// value. For more information about session tags, see Passing Session Tags +// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You can pass up to 50 session tags. The plain text session tag keys can’t +// exceed 128 characters and the values can’t exceed 256 characters. For these +// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// An AWS conversion compresses the passed session policies and session tags +// into a packed binary format that has a separate limit. Your request can fail +// for this limit even if your plain text meets the other requirements. The +// PackedPolicySize response element indicates by percentage how close the policies +// and tags for your request are to the upper size limit. +// +// You can pass a session tag with the same key as a tag that is attached to +// the role. When you do, the session tag overrides the role tag with the same +// key. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// You can set the session tags as transitive. Transitive tags persist during +// role chaining. For more information, see Chaining Roles with Session Tags +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) +// in the IAM User Guide. +// +// Identities +// // Before your application can call AssumeRoleWithWebIdentity, you must have // an identity token from a supported identity provider and create a role that // the application can assume. The role that your application assumes must trust @@ -508,21 +623,19 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // For more information about how to use web identity federation and the AssumeRoleWithWebIdentity // API, see the following resources: // -// * Using Web Identity Federation APIs for Mobile Apps (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) -// and Federation Through a Web-based Identity Provider (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). +// * Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) +// and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). // +// * Web Identity Federation Playground (https://web-identity-federation-playground.s3.amazonaws.com/index.html). +// Walk through the process of authenticating through Login with Amazon, +// Facebook, or Google, getting temporary security credentials, and then +// using those credentials to make a request to AWS. // -// * Web Identity Federation Playground (https://web-identity-federation-playground.s3.amazonaws.com/index.html). -// This interactive website lets you walk through the process of authenticating -// via Login with Amazon, Facebook, or Google, getting temporary security -// credentials, and then using those credentials to make a request to AWS. -// -// -// * AWS SDK for iOS (http://aws.amazon.com/sdkforios/) and AWS SDK for Android -// (http://aws.amazon.com/sdkforandroid/). These toolkits contain sample -// apps that show how to invoke the identity providers, and then how to use -// the information from these providers to get and use temporary security -// credentials. +// * AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) and +// AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/). +// These toolkits contain sample apps that show how to invoke the identity +// providers. The toolkits then show how to use the information from these +// providers to get and use temporary security credentials. // // * Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications). // This article discusses web identity federation and shows an example of @@ -542,9 +655,18 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" // The identity provider (IdP) reported that authentication failed. This might @@ -554,11 +676,11 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // can also mean that the claim has expired or has been explicitly revoked. // // * ErrCodeIDPCommunicationErrorException "IDPCommunicationError" -// The request could not be fulfilled because the non-AWS identity provider -// (IDP) that was asked to verify the incoming identity token could not be reached. -// This is often a transient error caused by network conditions. Retry the request +// The request could not be fulfilled because the identity provider (IDP) that +// was asked to verify the incoming identity token could not be reached. This +// is often a transient error caused by network conditions. Retry the request // a limited number of times so that you don't exceed the request rate. If the -// error persists, the non-AWS identity provider might be down or not responding. +// error persists, the identity provider might be down or not responding. // // * ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" // The web identity token that was passed could not be validated by AWS. Get @@ -572,7 +694,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity @@ -644,17 +766,17 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag // Decodes additional information about the authorization status of a request // from an encoded message returned in response to an AWS request. // -// For example, if a user is not authorized to perform an action that he or -// she has requested, the request returns a Client.UnauthorizedOperation response -// (an HTTP 403 response). Some AWS actions additionally return an encoded message -// that can provide details about this authorization failure. +// For example, if a user is not authorized to perform an operation that he +// or she has requested, the request returns a Client.UnauthorizedOperation +// response (an HTTP 403 response). Some AWS operations additionally return +// an encoded message that can provide details about this authorization failure. // -// Only certain AWS actions return an encoded authorization message. The documentation -// for an individual action indicates whether that action returns an encoded -// message in addition to returning an HTTP code. +// Only certain AWS operations return an encoded authorization message. The +// documentation for an individual operation indicates whether that operation +// returns an encoded message in addition to returning an HTTP code. // // The message is encoded because the details of the authorization status can -// constitute privileged information that the user who requested the action +// constitute privileged information that the user who requested the operation // should not see. To decode an authorization status message, a user must be // granted permissions via an IAM policy to request the DecodeAuthorizationMessage // (sts:DecodeAuthorizationMessage) action. @@ -663,7 +785,7 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag // // * Whether the request was denied due to an explicit deny or due to the // absence of an explicit allow. For more information, see Determining Whether -// a Request is Allowed or Denied (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow) +// a Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow) // in the IAM User Guide. // // * The principal who made the request. @@ -709,6 +831,103 @@ func (c *STS) DecodeAuthorizationMessageWithContext(ctx aws.Context, input *Deco return out, req.Send() } +const opGetAccessKeyInfo = "GetAccessKeyInfo" + +// GetAccessKeyInfoRequest generates a "aws/request.Request" representing the +// client's request for the GetAccessKeyInfo operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetAccessKeyInfo for more information on using the GetAccessKeyInfo +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetAccessKeyInfoRequest method. +// req, resp := client.GetAccessKeyInfoRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo +func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *request.Request, output *GetAccessKeyInfoOutput) { + op := &request.Operation{ + Name: opGetAccessKeyInfo, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetAccessKeyInfoInput{} + } + + output = &GetAccessKeyInfoOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetAccessKeyInfo API operation for AWS Security Token Service. +// +// Returns the account identifier for the specified access key ID. +// +// Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) +// and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). +// For more information about access keys, see Managing Access Keys for IAM +// Users (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) +// in the IAM User Guide. +// +// When you pass an access key ID to this operation, it returns the ID of the +// AWS account to which the keys belong. Access key IDs beginning with AKIA +// are long-term credentials for an IAM user or the AWS account root user. Access +// key IDs beginning with ASIA are temporary credentials that are created using +// STS operations. If the account in the response belongs to you, you can sign +// in as the root user and review your root user access keys. Then, you can +// pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) +// to learn which IAM user owns the keys. To learn who requested the temporary +// credentials for an ASIA access key, view the STS events in your CloudTrail +// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) +// in the IAM User Guide. +// +// This operation does not indicate the state of the access key. The key might +// be active, inactive, or deleted. Active keys might not have permissions to +// perform an operation. Providing a deleted access key might return an error +// that the key doesn't exist. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Security Token Service's +// API operation GetAccessKeyInfo for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo +func (c *STS) GetAccessKeyInfo(input *GetAccessKeyInfoInput) (*GetAccessKeyInfoOutput, error) { + req, out := c.GetAccessKeyInfoRequest(input) + return out, req.Send() +} + +// GetAccessKeyInfoWithContext is the same as GetAccessKeyInfo with the addition of +// the ability to pass a context and additional request options. +// +// See GetAccessKeyInfo for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *STS) GetAccessKeyInfoWithContext(ctx aws.Context, input *GetAccessKeyInfoInput, opts ...request.Option) (*GetAccessKeyInfoOutput, error) { + req, out := c.GetAccessKeyInfoRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetCallerIdentity = "GetCallerIdentity" // GetCallerIdentityRequest generates a "aws/request.Request" representing the @@ -753,8 +972,16 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // GetCallerIdentity API operation for AWS Security Token Service. // -// Returns details about the IAM identity whose credentials are used to call -// the API. +// Returns details about the IAM user or role whose credentials are used to +// call the operation. +// +// No permissions are required to perform this operation. If an administrator +// adds a policy to your IAM user or role that explicitly denies access to the +// sts:GetCallerIdentity action, you can still perform this operation. Permissions +// are not required because the same information is returned when an IAM user +// or role is denied access. To view an example response, see I Am Not Authorized +// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) +// in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -831,81 +1058,92 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // Returns a set of temporary security credentials (consisting of an access // key ID, a secret access key, and a security token) for a federated user. // A typical use is in a proxy application that gets temporary security credentials -// on behalf of distributed applications inside a corporate network. Because -// you must call the GetFederationToken action using the long-term security -// credentials of an IAM user, this call is appropriate in contexts where those +// on behalf of distributed applications inside a corporate network. You must +// call the GetFederationToken operation using the long-term security credentials +// of an IAM user. As a result, this call is appropriate in contexts where those // credentials can be safely stored, usually in a server-based application. -// For a comparison of GetFederationToken with the other APIs that produce temporary -// credentials, see Requesting Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS APIs (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// For a comparison of GetFederationToken with the other API operations that +// produce temporary credentials, see Requesting Temporary Security Credentials +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // -// If you are creating a mobile-based or browser-based app that can authenticate +// You can create a mobile-based or browser-based app that can authenticate // users using a web identity provider like Login with Amazon, Facebook, Google, -// or an OpenID Connect-compatible identity provider, we recommend that you -// use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. +// or an OpenID Connect-compatible identity provider. In this case, we recommend +// that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. // For more information, see Federation Through a Web-based Identity Provider -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). -// -// The GetFederationToken action must be called by using the long-term AWS security -// credentials of an IAM user. You can also call GetFederationToken using the -// security credentials of an AWS root account, but we do not recommended it. -// Instead, we recommend that you create an IAM user for the purpose of the -// proxy application and then attach a policy to the IAM user that limits federated -// users to only the actions and resources that they need access to. For more -// information, see IAM Best Practices (http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) // in the IAM User Guide. // -// The temporary security credentials that are obtained by using the long-term -// credentials of an IAM user are valid for the specified duration, from 900 -// seconds (15 minutes) up to a maximium of 129600 seconds (36 hours). The default -// is 43200 seconds (12 hours). Temporary credentials that are obtained by using -// AWS root account credentials have a maximum duration of 3600 seconds (1 hour). +// You can also call GetFederationToken using the security credentials of an +// AWS account root user, but we do not recommend it. Instead, we recommend +// that you create an IAM user for the purpose of the proxy application. Then +// attach a policy to the IAM user that limits federated users to only the actions +// and resources that they need to access. For more information, see IAM Best +// Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) +// in the IAM User Guide. // -// The temporary security credentials created by GetFederationToken can be used -// to make API calls to any AWS service with the following exceptions: +// Session duration // -// * You cannot use these credentials to call any IAM APIs. -// -// * You cannot call any STS APIs except GetCallerIdentity. +// The temporary credentials are valid for the specified duration, from 900 +// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default +// session duration is 43,200 seconds (12 hours). Temporary credentials that +// are obtained by using AWS account root user credentials have a maximum duration +// of 3,600 seconds (1 hour). // // Permissions // -// The permissions for the temporary security credentials returned by GetFederationToken -// are determined by a combination of the following: +// You can use the temporary credentials created by GetFederationToken in any +// AWS service except the following: // -// * The policy or policies that are attached to the IAM user whose credentials -// are used to call GetFederationToken. +// * You cannot call any IAM operations using the AWS CLI or the AWS API. // -// * The policy that is passed as a parameter in the call. +// * You cannot call any STS operations except GetCallerIdentity. // -// The passed policy is attached to the temporary security credentials that -// result from the GetFederationToken API call--that is, to the federated user. -// When the federated user makes an AWS request, AWS evaluates the policy attached -// to the federated user in combination with the policy or policies attached -// to the IAM user whose credentials were used to call GetFederationToken. AWS -// allows the federated user's request only when both the federated user and -// the IAM user are explicitly allowed to perform the requested action. The -// passed policy cannot grant more permissions than those that are defined in -// the IAM user policy. +// You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// to this operation. You can pass a single JSON policy document to use as an +// inline session policy. You can also specify up to 10 managed policies to +// use as managed session policies. The plain text that you use for both inline +// and managed session policies can't exceed 2,048 characters. // -// A typical use case is that the permissions of the IAM user whose credentials -// are used to call GetFederationToken are designed to allow access to all the -// actions and resources that any federated user will need. Then, for individual -// users, you pass a policy to the operation that scopes down the permissions -// to a level that's appropriate to that individual user, using a policy that -// allows only a subset of permissions that are granted to the IAM user. +// Though the session policy parameters are optional, if you do not pass a policy, +// then the resulting federated user session has no permissions. When you pass +// session policies, the session permissions are the intersection of the IAM +// user policies and the session policies that you pass. This gives you a way +// to further restrict the permissions for a federated user. You cannot use +// session policies to grant more permissions than those that are defined in +// the permissions policy of the IAM user. For more information, see Session +// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// in the IAM User Guide. For information about using GetFederationToken to +// create temporary security credentials, see GetFederationToken—Federation +// Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken). // -// If you do not pass a policy, the resulting temporary security credentials -// have no effective permissions. The only exception is when the temporary security -// credentials are used to access a resource that has a resource-based policy -// that specifically allows the federated user to access the resource. +// You can use the credentials to access a resource that has a resource-based +// policy. If that policy specifically references the federated user session +// in the Principal element of the policy, the session has the permissions allowed +// by the policy. These permissions are granted in addition to the permissions +// granted by the session policies. // -// For more information about how permissions work, see Permissions for GetFederationToken -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getfederationtoken.html). -// For information about using GetFederationToken to create temporary security -// credentials, see GetFederationToken—Federation Through a Custom Identity -// Broker (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken). +// Tags +// +// (Optional) You can pass tag key-value pairs to your session. These are called +// session tags. For more information about session tags, see Passing Session +// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// An administrator must grant you the permissions necessary to pass session +// tags. The administrator can also create granular permissions to allow you +// to pass only specific session tags. For more information, see Tutorial: Using +// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) +// in the IAM User Guide. +// +// Tag key–value pairs are not case sensitive, but case is preserved. This +// means that you cannot have separate Department and department tag keys. Assume +// that the user that you are federating has the Department=Marketing tag and +// you pass the department=engineering session tag. Department and department +// are not saved as separate tags, and the session tag passed in the request +// takes precedence over the user tag. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -920,15 +1158,24 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // message describes the specific error. // // * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the policy document was too large. The error -// message describes how big the policy document is, in packed form, as a percentage -// of what the API allows. +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An AWS conversion compresses the +// session policy document, session policy ARNs, and session tags into a packed +// binary format that has a separate limit. The error message indicates by percentage +// how close the policies and tags are to the upper size limit. For more information, +// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // * ErrCodeRegionDisabledException "RegionDisabledException" // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken @@ -1000,48 +1247,51 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // Returns a set of temporary credentials for an AWS account or IAM user. The // credentials consist of an access key ID, a secret access key, and a security // token. Typically, you use GetSessionToken if you want to use MFA to protect -// programmatic calls to specific AWS APIs like Amazon EC2 StopInstances. MFA-enabled -// IAM users would need to call GetSessionToken and submit an MFA code that -// is associated with their MFA device. Using the temporary security credentials -// that are returned from the call, IAM users can then make programmatic calls -// to APIs that require MFA authentication. If you do not supply a correct MFA -// code, then the API returns an access denied error. For a comparison of GetSessionToken -// with the other APIs that produce temporary credentials, see Requesting Temporary -// Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS APIs (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// programmatic calls to specific AWS API operations like Amazon EC2 StopInstances. +// MFA-enabled IAM users would need to call GetSessionToken and submit an MFA +// code that is associated with their MFA device. Using the temporary security +// credentials that are returned from the call, IAM users can then make programmatic +// calls to API operations that require MFA authentication. If you do not supply +// a correct MFA code, then the API returns an access denied error. For a comparison +// of GetSessionToken with the other API operations that produce temporary credentials, +// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // -// The GetSessionToken action must be called by using the long-term AWS security -// credentials of the AWS account or an IAM user. Credentials that are created -// by IAM users are valid for the duration that you specify, from 900 seconds -// (15 minutes) up to a maximum of 129600 seconds (36 hours), with a default -// of 43200 seconds (12 hours); credentials that are created by using account -// credentials can range from 900 seconds (15 minutes) up to a maximum of 3600 -// seconds (1 hour), with a default of 1 hour. +// Session Duration +// +// The GetSessionToken operation must be called by using the long-term AWS security +// credentials of the AWS account root user or an IAM user. Credentials that +// are created by IAM users are valid for the duration that you specify. This +// duration can range from 900 seconds (15 minutes) up to a maximum of 129,600 +// seconds (36 hours), with a default of 43,200 seconds (12 hours). Credentials +// based on account credentials can range from 900 seconds (15 minutes) up to +// 3,600 seconds (1 hour), with a default of 1 hour. +// +// Permissions // // The temporary security credentials created by GetSessionToken can be used // to make API calls to any AWS service with the following exceptions: // -// * You cannot call any IAM APIs unless MFA authentication information is -// included in the request. +// * You cannot call any IAM API operations unless MFA authentication information +// is included in the request. // -// * You cannot call any STS API exceptAssumeRole or GetCallerIdentity. +// * You cannot call any STS API except AssumeRole or GetCallerIdentity. // -// We recommend that you do not call GetSessionToken with root account credentials. -// Instead, follow our best practices (http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users) +// We recommend that you do not call GetSessionToken with AWS account root user +// credentials. Instead, follow our best practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users) // by creating one or more IAM users, giving them the necessary permissions, // and using IAM users for everyday interaction with AWS. // -// The permissions associated with the temporary security credentials returned -// by GetSessionToken are based on the permissions associated with account or -// IAM user whose credentials are used to call the action. If GetSessionToken -// is called using root account credentials, the temporary credentials have -// root account permissions. Similarly, if GetSessionToken is called using the -// credentials of an IAM user, the temporary credentials have the same permissions -// as the IAM user. +// The credentials that are returned by GetSessionToken are based on permissions +// associated with the user whose credentials were used to call the operation. +// If GetSessionToken is called using AWS account root user credentials, the +// temporary credentials have root user permissions. Similarly, if GetSessionToken +// is called using the credentials of an IAM user, the temporary credentials +// have the same permissions as the IAM user. // // For more information about using GetSessionToken to create temporary credentials, -// go to Temporary Credentials for Users in Untrusted Environments (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) +// go to Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1056,7 +1306,7 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken @@ -1091,7 +1341,7 @@ type AssumeRoleInput struct { // a session duration of 12 hours, but your administrator set the maximum session // duration to 6 hours, your operation fails. To learn how to view the maximum // value for your role, see View the Maximum Session Duration Setting for a - // Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) + // Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. // // By default, the value is set to 3600 seconds. @@ -1101,51 +1351,77 @@ type AssumeRoleInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` - // A unique identifier that is used by third parties when assuming roles in - // their customers' accounts. For each role that the third party can assume, - // they should instruct their customers to ensure the role's trust policy checks - // for the external ID that the third party generated. Each time the third party - // assumes the role, they should pass the customer's external ID. The external - // ID is useful in order to help third parties bind a role to the customer who - // created it. For more information about the external ID, see How to Use an - // External ID When Granting Access to Your AWS Resources to a Third Party (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) + // A unique identifier that might be required when you assume a role in another + // account. If the administrator of the account to which the role belongs provided + // you with an external ID, then provide that value in the ExternalId parameter. + // This value can be any string, such as a passphrase or account number. A cross-account + // role is usually set up to trust everyone in an account. Therefore, the administrator + // of the trusting account might send an external ID to the administrator of + // the trusted account. That way, only someone with the ID can assume the role, + // rather than everyone in the account. For more information about the external + // ID, see How to Use an External ID When Granting Access to Your AWS Resources + // to a Third Party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) // in the IAM User Guide. // - // The regex used to validated this parameter is a string of characters consisting + // The regex used to validate this parameter is a string of characters consisting // of upper- and lower-case alphanumeric characters with no spaces. You can // also include underscores or any of the following characters: =,.@:/- ExternalId *string `min:"2" type:"string"` - // An IAM policy in JSON format. + // An IAM policy in JSON format that you want to use as an inline session policy. // - // This parameter is optional. If you pass a policy, the temporary security - // credentials that are returned by the operation have the permissions that - // are allowed by both (the intersection of) the access policy of the role that - // is being assumed, and the policy that you pass. This gives you a way to further - // restrict the permissions for the resulting temporary security credentials. - // You cannot use the passed policy to grant permissions that are in excess - // of those allowed by the access policy of the role that is being assumed. - // For more information, see Permissions for AssumeRole, AssumeRoleWithSAML, - // and AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) + // This parameter is optional. Passing policies to this operation returns new + // temporary credentials. The resulting session's permissions are the intersection + // of the role's identity-based policy and the session policies. You can use + // the role's temporary credentials in subsequent AWS API calls to access resources + // in the account that owns the role. You cannot use session policies to grant + // more permissions than those allowed by the identity-based policy of the role + // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The format for this parameter, as described by its regex pattern, is a string - // of characters up to 2048 characters in length. The characters can be any - // ASCII character from the space character to the end of the valid character - // list (\u0020-\u00FF). It can also include the tab (\u0009), linefeed (\u000A), + // The plain text that you use for both inline and managed session policies + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII + // character from the space character to the end of the valid character list + // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` + // The Amazon Resource Names (ARNs) of the IAM managed policies that you want + // to use as managed session policies. The policies must exist in the same account + // as the role. + // + // This parameter is optional. You can provide up to 10 managed policy ARNs. + // However, the plain text that you use for both inline and managed session + // policies can't exceed 2,048 characters. For more information about ARNs, + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the AWS General Reference. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // Passing policies to this operation returns new temporary credentials. The + // resulting session's permissions are the intersection of the role's identity-based + // policy and the session policies. You can use the role's temporary credentials + // in subsequent AWS API calls to access resources in the account that owns + // the role. You cannot use session policies to grant more permissions than + // those allowed by the identity-based policy of the role that is being assumed. + // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + PolicyArns []*PolicyDescriptorType `type:"list"` + // The Amazon Resource Name (ARN) of the role to assume. // // RoleArn is a required field @@ -1158,8 +1434,8 @@ type AssumeRoleInput struct { // scenarios, the role session name is visible to, and can be logged by the // account that owns the role. The role session name is also used in the ARN // of the assumed role principal. This means that subsequent cross-account API - // requests using the temporary security credentials will expose the role session - // name to the external account in their CloudTrail logs. + // requests that use the temporary security credentials will expose the role + // session name to the external account in their AWS CloudTrail logs. // // The regex used to validate this parameter is a string of characters consisting // of upper- and lower-case alphanumeric characters with no spaces. You can @@ -1179,6 +1455,41 @@ type AssumeRoleInput struct { // also include underscores or any of the following characters: =,.@- SerialNumber *string `min:"9" type:"string"` + // A list of session tags that you want to pass. Each session tag consists of + // a key name and an associated value. For more information about session tags, + // see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // This parameter is optional. You can pass up to 50 session tags. The plain + // text session tag keys can’t exceed 128 characters, and the values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // You can pass a session tag with the same key as a tag that is already attached + // to the role. When you do, session tags override a role tag with the same + // key. + // + // Tag key–value pairs are not case sensitive, but case is preserved. This + // means that you cannot have separate Department and department tag keys. Assume + // that the role has the Department=Marketing tag and you pass the department=engineering + // session tag. Department and department are not saved as separate tags, and + // the session tag passed in the request takes precedence over the role tag. + // + // Additionally, if you used temporary credentials to perform this operation, + // the new session inherits any transitive session tags from the calling session. + // If you pass a session tag with the same key as an inherited tag, the operation + // fails. To view the inherited tags for a session, see the AWS CloudTrail logs. + // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/session-tags.html#id_session-tags_ctlogs) + // in the IAM User Guide. + Tags []*Tag `type:"list"` + // The value provided by the MFA device, if the trust policy of the role being // assumed requires MFA (that is, if the policy includes a condition that tests // for MFA). If the role being assumed requires MFA and if the TokenCode value @@ -1187,6 +1498,19 @@ type AssumeRoleInput struct { // The format for this parameter, as described by its regex pattern, is a sequence // of six numeric digits. TokenCode *string `min:"6" type:"string"` + + // A list of keys for session tags that you want to set as transitive. If you + // set a tag key as transitive, the corresponding key and value passes to subsequent + // sessions in a role chain. For more information, see Chaining Roles with Session + // Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) + // in the IAM User Guide. + // + // This parameter is optional. When you set session tags as transitive, the + // session policy and session tags packed binary limit is not affected. + // + // If you choose not to specify a transitive tag key, then no tags are passed + // from this session to any subsequent sessions. + TransitiveTagKeys []*string `type:"list"` } // String returns the string representation @@ -1229,6 +1553,26 @@ func (s *AssumeRoleInput) Validate() error { if s.TokenCode != nil && len(*s.TokenCode) < 6 { invalidParams.Add(request.NewErrParamMinLen("TokenCode", 6)) } + if s.PolicyArns != nil { + for i, v := range s.PolicyArns { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -1254,6 +1598,12 @@ func (s *AssumeRoleInput) SetPolicy(v string) *AssumeRoleInput { return s } +// SetPolicyArns sets the PolicyArns field's value. +func (s *AssumeRoleInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleInput { + s.PolicyArns = v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *AssumeRoleInput) SetRoleArn(v string) *AssumeRoleInput { s.RoleArn = &v @@ -1272,12 +1622,24 @@ func (s *AssumeRoleInput) SetSerialNumber(v string) *AssumeRoleInput { return s } +// SetTags sets the Tags field's value. +func (s *AssumeRoleInput) SetTags(v []*Tag) *AssumeRoleInput { + s.Tags = v + return s +} + // SetTokenCode sets the TokenCode field's value. func (s *AssumeRoleInput) SetTokenCode(v string) *AssumeRoleInput { s.TokenCode = &v return s } +// SetTransitiveTagKeys sets the TransitiveTagKeys field's value. +func (s *AssumeRoleInput) SetTransitiveTagKeys(v []*string) *AssumeRoleInput { + s.TransitiveTagKeys = v + return s +} + // Contains the response to a successful AssumeRole request, including temporary // AWS credentials that can be used to make AWS requests. type AssumeRoleOutput struct { @@ -1293,15 +1655,14 @@ type AssumeRoleOutput struct { // The temporary security credentials, which include an access key ID, a secret // access key, and a security (or session) token. // - // Note: The size of the security token that STS APIs return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. As - // of this writing, the typical size is less than 4096 bytes, but that can vary. - // Also, future updates to AWS might require larger sizes. + // The size of the security token that STS API operations return is not fixed. + // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` } @@ -1346,7 +1707,7 @@ type AssumeRoleWithSAMLInput struct { // specify a session duration of 12 hours, but your administrator set the maximum // session duration to 6 hours, your operation fails. To learn how to view the // maximum value for your role, see View the Maximum Session Duration Setting - // for a Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) + // for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. // // By default, the value is set to 3600 seconds. @@ -1356,36 +1717,60 @@ type AssumeRoleWithSAMLInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` - // An IAM policy in JSON format. + // An IAM policy in JSON format that you want to use as an inline session policy. // - // The policy parameter is optional. If you pass a policy, the temporary security - // credentials that are returned by the operation have the permissions that - // are allowed by both the access policy of the role that is being assumed, - // and the policy that you pass. This gives you a way to further restrict the - // permissions for the resulting temporary security credentials. You cannot - // use the passed policy to grant permissions that are in excess of those allowed - // by the access policy of the role that is being assumed. For more information, - // Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) + // This parameter is optional. Passing policies to this operation returns new + // temporary credentials. The resulting session's permissions are the intersection + // of the role's identity-based policy and the session policies. You can use + // the role's temporary credentials in subsequent AWS API calls to access resources + // in the account that owns the role. You cannot use session policies to grant + // more permissions than those allowed by the identity-based policy of the role + // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The format for this parameter, as described by its regex pattern, is a string - // of characters up to 2048 characters in length. The characters can be any - // ASCII character from the space character to the end of the valid character - // list (\u0020-\u00FF). It can also include the tab (\u0009), linefeed (\u000A), + // The plain text that you use for both inline and managed session policies + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII + // character from the space character to the end of the valid character list + // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` + // The Amazon Resource Names (ARNs) of the IAM managed policies that you want + // to use as managed session policies. The policies must exist in the same account + // as the role. + // + // This parameter is optional. You can provide up to 10 managed policy ARNs. + // However, the plain text that you use for both inline and managed session + // policies can't exceed 2,048 characters. For more information about ARNs, + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the AWS General Reference. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // Passing policies to this operation returns new temporary credentials. The + // resulting session's permissions are the intersection of the role's identity-based + // policy and the session policies. You can use the role's temporary credentials + // in subsequent AWS API calls to access resources in the account that owns + // the role. You cannot use session policies to grant more permissions than + // those allowed by the identity-based policy of the role that is being assumed. + // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + PolicyArns []*PolicyDescriptorType `type:"list"` + // The Amazon Resource Name (ARN) of the SAML provider in IAM that describes // the IdP. // @@ -1399,8 +1784,8 @@ type AssumeRoleWithSAMLInput struct { // The base-64 encoded SAML authentication response provided by the IdP. // - // For more information, see Configuring a Relying Party and Adding Claims (http://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) - // in the Using IAM guide. + // For more information, see Configuring a Relying Party and Adding Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) + // in the IAM User Guide. // // SAMLAssertion is a required field SAMLAssertion *string `min:"4" type:"string" required:"true"` @@ -1443,6 +1828,16 @@ func (s *AssumeRoleWithSAMLInput) Validate() error { if s.SAMLAssertion != nil && len(*s.SAMLAssertion) < 4 { invalidParams.Add(request.NewErrParamMinLen("SAMLAssertion", 4)) } + if s.PolicyArns != nil { + for i, v := range s.PolicyArns { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -1462,6 +1857,12 @@ func (s *AssumeRoleWithSAMLInput) SetPolicy(v string) *AssumeRoleWithSAMLInput { return s } +// SetPolicyArns sets the PolicyArns field's value. +func (s *AssumeRoleWithSAMLInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleWithSAMLInput { + s.PolicyArns = v + return s +} + // SetPrincipalArn sets the PrincipalArn field's value. func (s *AssumeRoleWithSAMLInput) SetPrincipalArn(v string) *AssumeRoleWithSAMLInput { s.PrincipalArn = &v @@ -1496,10 +1897,8 @@ type AssumeRoleWithSAMLOutput struct { // The temporary security credentials, which include an access key ID, a secret // access key, and a security (or session) token. // - // Note: The size of the security token that STS APIs return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. As - // of this writing, the typical size is less than 4096 bytes, but that can vary. - // Also, future updates to AWS might require larger sizes. + // The size of the security token that STS API operations return is not fixed. + // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` // The value of the Issuer element of the SAML assertion. @@ -1516,9 +1915,10 @@ type AssumeRoleWithSAMLOutput struct { // ) ) NameQualifier *string `type:"string"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` // The value of the NameID element in the Subject element of the SAML assertion. @@ -1603,7 +2003,7 @@ type AssumeRoleWithWebIdentityInput struct { // a session duration of 12 hours, but your administrator set the maximum session // duration to 6 hours, your operation fails. To learn how to view the maximum // value for your role, see View the Maximum Session Duration Setting for a - // Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) + // Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. // // By default, the value is set to 3600 seconds. @@ -1613,35 +2013,60 @@ type AssumeRoleWithWebIdentityInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` - // An IAM policy in JSON format. + // An IAM policy in JSON format that you want to use as an inline session policy. // - // The policy parameter is optional. If you pass a policy, the temporary security - // credentials that are returned by the operation have the permissions that - // are allowed by both the access policy of the role that is being assumed, - // and the policy that you pass. This gives you a way to further restrict the - // permissions for the resulting temporary security credentials. You cannot - // use the passed policy to grant permissions that are in excess of those allowed - // by the access policy of the role that is being assumed. For more information, - // see Permissions for AssumeRoleWithWebIdentity (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html) + // This parameter is optional. Passing policies to this operation returns new + // temporary credentials. The resulting session's permissions are the intersection + // of the role's identity-based policy and the session policies. You can use + // the role's temporary credentials in subsequent AWS API calls to access resources + // in the account that owns the role. You cannot use session policies to grant + // more permissions than those allowed by the identity-based policy of the role + // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The format for this parameter, as described by its regex pattern, is a string - // of characters up to 2048 characters in length. The characters can be any - // ASCII character from the space character to the end of the valid character - // list (\u0020-\u00FF). It can also include the tab (\u0009), linefeed (\u000A), + // The plain text that you use for both inline and managed session policies + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII + // character from the space character to the end of the valid character list + // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` + // The Amazon Resource Names (ARNs) of the IAM managed policies that you want + // to use as managed session policies. The policies must exist in the same account + // as the role. + // + // This parameter is optional. You can provide up to 10 managed policy ARNs. + // However, the plain text that you use for both inline and managed session + // policies can't exceed 2,048 characters. For more information about ARNs, + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the AWS General Reference. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // Passing policies to this operation returns new temporary credentials. The + // resulting session's permissions are the intersection of the role's identity-based + // policy and the session policies. You can use the role's temporary credentials + // in subsequent AWS API calls to access resources in the account that owns + // the role. You cannot use session policies to grant more permissions than + // those allowed by the identity-based policy of the role that is being assumed. + // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + PolicyArns []*PolicyDescriptorType `type:"list"` + // The fully qualified host component of the domain name of the identity provider. // // Specify this value only for OAuth 2.0 access tokens. Currently www.amazon.com @@ -1718,6 +2143,16 @@ func (s *AssumeRoleWithWebIdentityInput) Validate() error { if s.WebIdentityToken != nil && len(*s.WebIdentityToken) < 4 { invalidParams.Add(request.NewErrParamMinLen("WebIdentityToken", 4)) } + if s.PolicyArns != nil { + for i, v := range s.PolicyArns { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -1737,6 +2172,12 @@ func (s *AssumeRoleWithWebIdentityInput) SetPolicy(v string) *AssumeRoleWithWebI return s } +// SetPolicyArns sets the PolicyArns field's value. +func (s *AssumeRoleWithWebIdentityInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleWithWebIdentityInput { + s.PolicyArns = v + return s +} + // SetProviderId sets the ProviderId field's value. func (s *AssumeRoleWithWebIdentityInput) SetProviderId(v string) *AssumeRoleWithWebIdentityInput { s.ProviderId = &v @@ -1781,19 +2222,18 @@ type AssumeRoleWithWebIdentityOutput struct { // The temporary security credentials, which include an access key ID, a secret // access key, and a security token. // - // Note: The size of the security token that STS APIs return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. As - // of this writing, the typical size is less than 4096 bytes, but that can vary. - // Also, future updates to AWS might require larger sizes. + // The size of the security token that STS API operations return is not fixed. + // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` - // A percentage value that indicates the size of the policy in packed form. - // The service rejects any policy with a packed size greater than 100 percent, - // which means the policy exceeded the allowed space. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` // The issuing authority of the web identity token presented. For OpenID Connect - // ID Tokens this contains the value of the iss field. For OAuth 2.0 access + // ID tokens, this contains the value of the iss field. For OAuth 2.0 access // tokens, this contains the value of the ProviderId parameter that was passed // in the AssumeRoleWithWebIdentity request. Provider *string `type:"string"` @@ -1860,8 +2300,8 @@ type AssumedRoleUser struct { // The ARN of the temporary security credentials that are returned from the // AssumeRole action. For more information about ARNs and how to use them in - // policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in Using IAM. + // policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -2028,8 +2468,8 @@ type FederatedUser struct { // The ARN that specifies the federated user that is associated with the credentials. // For more information about ARNs and how to use them in policies, see IAM - // Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in Using IAM. + // Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) + // in the IAM User Guide. // // Arn is a required field Arn *string `min:"20" type:"string" required:"true"` @@ -2063,6 +2503,73 @@ func (s *FederatedUser) SetFederatedUserId(v string) *FederatedUser { return s } +type GetAccessKeyInfoInput struct { + _ struct{} `type:"structure"` + + // The identifier of an access key. + // + // This parameter allows (through its regex pattern) a string of characters + // that can consist of any upper- or lowercase letter or digit. + // + // AccessKeyId is a required field + AccessKeyId *string `min:"16" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetAccessKeyInfoInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAccessKeyInfoInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetAccessKeyInfoInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyInfoInput"} + if s.AccessKeyId == nil { + invalidParams.Add(request.NewErrParamRequired("AccessKeyId")) + } + if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 { + invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *GetAccessKeyInfoInput) SetAccessKeyId(v string) *GetAccessKeyInfoInput { + s.AccessKeyId = &v + return s +} + +type GetAccessKeyInfoOutput struct { + _ struct{} `type:"structure"` + + // The number used to identify the AWS account. + Account *string `type:"string"` +} + +// String returns the string representation +func (s GetAccessKeyInfoOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAccessKeyInfoOutput) GoString() string { + return s.String() +} + +// SetAccount sets the Account field's value. +func (s *GetAccessKeyInfoOutput) SetAccount(v string) *GetAccessKeyInfoOutput { + s.Account = &v + return s +} + type GetCallerIdentityInput struct { _ struct{} `type:"structure"` } @@ -2090,8 +2597,8 @@ type GetCallerIdentityOutput struct { Arn *string `min:"20" type:"string"` // The unique identifier of the calling entity. The exact value depends on the - // type of entity making the call. The values returned are those listed in the - // aws:userid column in the Principal table (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable) + // type of entity that is making the call. The values returned are those listed + // in the aws:userid column in the Principal table (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable) // found on the Policy Variables reference page in the IAM User Guide. UserId *string `type:"string"` } @@ -2128,12 +2635,11 @@ type GetFederationTokenInput struct { _ struct{} `type:"structure"` // The duration, in seconds, that the session should last. Acceptable durations - // for federation sessions range from 900 seconds (15 minutes) to 129600 seconds - // (36 hours), with 43200 seconds (12 hours) as the default. Sessions obtained - // using AWS account (root) credentials are restricted to a maximum of 3600 + // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds + // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained + // using AWS account root user credentials are restricted to a maximum of 3,600 // seconds (one hour). If the specified duration is longer than one hour, the - // session obtained by using AWS account (root) credentials defaults to one - // hour. + // session obtained by using root user credentials defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The name of the federated user. The name is used as an identifier for the @@ -2148,36 +2654,107 @@ type GetFederationTokenInput struct { // Name is a required field Name *string `min:"2" type:"string" required:"true"` - // An IAM policy in JSON format that is passed with the GetFederationToken call - // and evaluated along with the policy or policies that are attached to the - // IAM user whose credentials are used to call GetFederationToken. The passed - // policy is used to scope down the permissions that are available to the IAM - // user, by allowing only a subset of the permissions that are granted to the - // IAM user. The passed policy cannot grant more permissions than those granted - // to the IAM user. The final permissions for the federated user are the most - // restrictive set based on the intersection of the passed policy and the IAM - // user policy. + // An IAM policy in JSON format that you want to use as an inline session policy. // - // If you do not pass a policy, the resulting temporary security credentials - // have no effective permissions. The only exception is when the temporary security - // credentials are used to access a resource that has a resource-based policy - // that specifically allows the federated user to access the resource. + // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // to this operation. You can pass a single JSON policy document to use as an + // inline session policy. You can also specify up to 10 managed policies to + // use as managed session policies. // - // The format for this parameter, as described by its regex pattern, is a string - // of characters up to 2048 characters in length. The characters can be any - // ASCII character from the space character to the end of the valid character - // list (\u0020-\u00FF). It can also include the tab (\u0009), linefeed (\u000A), + // This parameter is optional. However, if you do not pass any session policies, + // then the resulting federated user session has no permissions. + // + // When you pass session policies, the session permissions are the intersection + // of the IAM user policies and the session policies that you pass. This gives + // you a way to further restrict the permissions for a federated user. You cannot + // use session policies to grant more permissions than those that are defined + // in the permissions policy of the IAM user. For more information, see Session + // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + // + // The resulting credentials can be used to access a resource that has a resource-based + // policy. If that policy specifically references the federated user session + // in the Principal element of the policy, the session has the permissions allowed + // by the policy. These permissions are granted in addition to the permissions + // that are granted by the session policies. + // + // The plain text that you use for both inline and managed session policies + // can't exceed 2,048 characters. The JSON policy characters can be any ASCII + // character from the space character to the end of the valid character list + // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), // and carriage return (\u000D) characters. // - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. - // - // For more information about how permissions work, see Permissions for GetFederationToken - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getfederationtoken.html). + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. Policy *string `min:"1" type:"string"` + + // The Amazon Resource Names (ARNs) of the IAM managed policies that you want + // to use as a managed session policy. The policies must exist in the same account + // as the IAM user that is requesting federated access. + // + // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // to this operation. You can pass a single JSON policy document to use as an + // inline session policy. You can also specify up to 10 managed policies to + // use as managed session policies. The plain text that you use for both inline + // and managed session policies can't exceed 2,048 characters. You can provide + // up to 10 managed policy ARNs. For more information about ARNs, see Amazon + // Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the AWS General Reference. + // + // This parameter is optional. However, if you do not pass any session policies, + // then the resulting federated user session has no permissions. + // + // When you pass session policies, the session permissions are the intersection + // of the IAM user policies and the session policies that you pass. This gives + // you a way to further restrict the permissions for a federated user. You cannot + // use session policies to grant more permissions than those that are defined + // in the permissions policy of the IAM user. For more information, see Session + // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in the IAM User Guide. + // + // The resulting credentials can be used to access a resource that has a resource-based + // policy. If that policy specifically references the federated user session + // in the Principal element of the policy, the session has the permissions allowed + // by the policy. These permissions are granted in addition to the permissions + // that are granted by the session policies. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + PolicyArns []*PolicyDescriptorType `type:"list"` + + // A list of session tags. Each session tag consists of a key name and an associated + // value. For more information about session tags, see Passing Session Tags + // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // This parameter is optional. You can pass up to 50 session tags. The plain + // text session tag keys can’t exceed 128 characters and the values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // An AWS conversion compresses the passed session policies and session tags + // into a packed binary format that has a separate limit. Your request can fail + // for this limit even if your plain text meets the other requirements. The + // PackedPolicySize response element indicates by percentage how close the policies + // and tags for your request are to the upper size limit. + // + // You can pass a session tag with the same key as a tag that is already attached + // to the user you are federating. When you do, session tags override a user + // tag with the same key. + // + // Tag key–value pairs are not case sensitive, but case is preserved. This + // means that you cannot have separate Department and department tag keys. Assume + // that the role has the Department=Marketing tag and you pass the department=engineering + // session tag. Department and department are not saved as separate tags, and + // the session tag passed in the request takes precedence over the role tag. + Tags []*Tag `type:"list"` } // String returns the string representation @@ -2205,6 +2782,26 @@ func (s *GetFederationTokenInput) Validate() error { if s.Policy != nil && len(*s.Policy) < 1 { invalidParams.Add(request.NewErrParamMinLen("Policy", 1)) } + if s.PolicyArns != nil { + for i, v := range s.PolicyArns { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -2230,6 +2827,18 @@ func (s *GetFederationTokenInput) SetPolicy(v string) *GetFederationTokenInput { return s } +// SetPolicyArns sets the PolicyArns field's value. +func (s *GetFederationTokenInput) SetPolicyArns(v []*PolicyDescriptorType) *GetFederationTokenInput { + s.PolicyArns = v + return s +} + +// SetTags sets the Tags field's value. +func (s *GetFederationTokenInput) SetTags(v []*Tag) *GetFederationTokenInput { + s.Tags = v + return s +} + // Contains the response to a successful GetFederationToken request, including // temporary AWS credentials that can be used to make AWS requests. type GetFederationTokenOutput struct { @@ -2238,10 +2847,8 @@ type GetFederationTokenOutput struct { // The temporary security credentials, which include an access key ID, a secret // access key, and a security (or session) token. // - // Note: The size of the security token that STS APIs return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. As - // of this writing, the typical size is less than 4096 bytes, but that can vary. - // Also, future updates to AWS might require larger sizes. + // The size of the security token that STS API operations return is not fixed. + // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` // Identifiers for the federated user associated with the credentials (such @@ -2250,9 +2857,10 @@ type GetFederationTokenOutput struct { // an Amazon S3 bucket policy. FederatedUser *FederatedUser `type:"structure"` - // A percentage value indicating the size of the policy in packed form. The - // service rejects policies for which the packed size is greater than 100 percent - // of the allowed value. + // A percentage value that indicates the packed size of the session policies + // and session tags combined passed in the request. The request fails if the + // packed size is greater than 100 percent, which means the policies and tags + // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` } @@ -2288,11 +2896,11 @@ type GetSessionTokenInput struct { _ struct{} `type:"structure"` // The duration, in seconds, that the credentials should remain valid. Acceptable - // durations for IAM user sessions range from 900 seconds (15 minutes) to 129600 - // seconds (36 hours), with 43200 seconds (12 hours) as the default. Sessions - // for AWS account owners are restricted to a maximum of 3600 seconds (one hour). - // If the duration is longer than one hour, the session for AWS account owners - // defaults to one hour. + // durations for IAM user sessions range from 900 seconds (15 minutes) to 129,600 + // seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions + // for AWS account owners are restricted to a maximum of 3,600 seconds (one + // hour). If the duration is longer than one hour, the session for AWS account + // owners defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The identification number of the MFA device that is associated with the IAM @@ -2303,16 +2911,16 @@ type GetSessionTokenInput struct { // You can find the device for an IAM user by going to the AWS Management Console // and viewing the user's security credentials. // - // The regex used to validated this parameter is a string of characters consisting + // The regex used to validate this parameter is a string of characters consisting // of upper- and lower-case alphanumeric characters with no spaces. You can // also include underscores or any of the following characters: =,.@:/- SerialNumber *string `min:"9" type:"string"` // The value provided by the MFA device, if MFA is required. If any policy requires // the IAM user to submit an MFA code, specify this value. If MFA authentication - // is required, and the user does not provide a code when requesting a set of - // temporary security credentials, the user will receive an "access denied" - // response when requesting resources that require MFA authentication. + // is required, the user must provide a code when requesting a set of temporary + // security credentials. A user who fails to provide the code receives an "access + // denied" response when requesting resources that require MFA authentication. // // The format for this parameter, as described by its regex pattern, is a sequence // of six numeric digits. @@ -2374,10 +2982,8 @@ type GetSessionTokenOutput struct { // The temporary security credentials, which include an access key ID, a secret // access key, and a security (or session) token. // - // Note: The size of the security token that STS APIs return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. As - // of this writing, the typical size is less than 4096 bytes, but that can vary. - // Also, future updates to AWS might require larger sizes. + // The size of the security token that STS API operations return is not fixed. + // We strongly recommend that you make no assumptions about the maximum size. Credentials *Credentials `type:"structure"` } @@ -2396,3 +3002,114 @@ func (s *GetSessionTokenOutput) SetCredentials(v *Credentials) *GetSessionTokenO s.Credentials = v return s } + +// A reference to the IAM managed policy that is passed as a session policy +// for a role session or a federated user session. +type PolicyDescriptorType struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM managed policy to use as a session + // policy for the role. For more information about ARNs, see Amazon Resource + // Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the AWS General Reference. + Arn *string `locationName:"arn" min:"20" type:"string"` +} + +// String returns the string representation +func (s PolicyDescriptorType) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s PolicyDescriptorType) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PolicyDescriptorType) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PolicyDescriptorType"} + if s.Arn != nil && len(*s.Arn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("Arn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetArn sets the Arn field's value. +func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { + s.Arn = &v + return s +} + +// You can pass custom key-value pair attributes when you assume a role or federate +// a user. These are called session tags. You can then use the session tags +// to control access to resources. For more information, see Tagging AWS STS +// Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +type Tag struct { + _ struct{} `type:"structure"` + + // The key for a session tag. + // + // You can pass up to 50 session tags. The plain text session tag keys can’t + // exceed 128 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // Key is a required field + Key *string `min:"1" type:"string" required:"true"` + + // The value for a session tag. + // + // You can pass up to 50 session tags. The plain text session tag values can’t + // exceed 256 characters. For these and additional limits, see IAM and STS Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) + // in the IAM User Guide. + // + // Value is a required field + Value *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s Tag) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Tag) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *Tag) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "Tag"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Key != nil && len(*s.Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Key", 1)) + } + if s.Value == nil { + invalidParams.Add(request.NewErrParamRequired("Value")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *Tag) SetKey(v string) *Tag { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *Tag) SetValue(v string) *Tag { + s.Value = &v + return s +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go index 4010cc7fa14..d5307fcaa0f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go @@ -3,10 +3,9 @@ package sts import "github.com/aws/aws-sdk-go/aws/request" func init() { - initRequest = func(r *request.Request) { - switch r.Operation.Name { - case opAssumeRoleWithSAML, opAssumeRoleWithWebIdentity: - r.Handlers.Sign.Clear() // these operations are unsigned - } - } + initRequest = customizeRequest +} + +func customizeRequest(r *request.Request) { + r.RetryErrorCodes = append(r.RetryErrorCodes, ErrCodeIDPCommunicationErrorException) } diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go index ef681ab0c63..fcb720dcac6 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go @@ -7,22 +7,14 @@ // request temporary, limited-privilege credentials for AWS Identity and Access // Management (IAM) users or for users that you authenticate (federated users). // This guide provides descriptions of the STS API. For more detailed information -// about using this service, go to Temporary Security Credentials (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). -// -// As an alternative to using the API, you can use one of the AWS SDKs, which -// consist of libraries and sample code for various programming languages and -// platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient -// way to create programmatic access to STS. For example, the SDKs take care -// of cryptographically signing requests, managing errors, and retrying requests -// automatically. For information about the AWS SDKs, including how to download -// and install them, see the Tools for Amazon Web Services page (http://aws.amazon.com/tools/). +// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). // // For information about setting up signatures and authorization through the -// API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) +// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) // in the AWS General Reference. For general information about the Query API, -// go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) +// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) // in Using IAM. For information about using security tokens with other AWS -// products, go to AWS Services That Work with IAM (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) +// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) // in the IAM User Guide. // // If you're new to AWS and need additional technical information about a specific @@ -31,14 +23,38 @@ // // Endpoints // -// The AWS Security Token Service (STS) has a default endpoint of https://sts.amazonaws.com -// that maps to the US East (N. Virginia) region. Additional regions are available -// and are activated by default. For more information, see Activating and Deactivating -// AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// By default, AWS Security Token Service (STS) is available as a global service, +// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com. +// Global requests map to the US East (N. Virginia) region. AWS recommends using +// Regional AWS STS endpoints instead of the global endpoint to reduce latency, +// build in redundancy, and increase session token validity. For more information, +// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. // -// For information about STS endpoints, see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region) -// in the AWS General Reference. +// Most AWS Regions are enabled for operations in all AWS services by default. +// Those Regions are automatically activated for use with AWS STS. Some Regions, +// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more +// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) +// in the AWS General Reference. When you enable these AWS Regions, they are +// automatically activated for use with AWS STS. You cannot activate the STS +// endpoint for a Region that is disabled. Tokens that are valid in all AWS +// Regions are longer than tokens that are valid in Regions that are enabled +// by default. Changing this setting might affect existing systems where you +// temporarily store tokens. For more information, see Managing Global Endpoint +// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens) +// in the IAM User Guide. +// +// After you activate a Region for use with AWS STS, you can direct AWS STS +// API calls to that Region. AWS STS recommends that you provide both the Region +// and endpoint when you make calls to a Regional endpoint. You can provide +// the Region alone for manually enabled Regions, such as Asia Pacific (Hong +// Kong). In this case, the calls are directed to the STS Regional endpoint. +// However, if you provide the Region alone for Regions enabled by default, +// the calls are directed to the global endpoint of https://sts.amazonaws.com. +// +// To view the list of AWS STS endpoints and whether they are active by default, +// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code) +// in the IAM User Guide. // // Recording API requests // @@ -46,8 +62,28 @@ // your AWS account and delivers log files to an Amazon S3 bucket. By using // information collected by CloudTrail, you can determine what requests were // successfully made to STS, who made the request, when it was made, and so -// on. To learn more about CloudTrail, including how to turn it on and find -// your log files, see the AWS CloudTrail User Guide (http://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). +// on. +// +// If you activate AWS STS endpoints in Regions other than the default global +// endpoint, then you must also turn on CloudTrail logging in those Regions. +// This is necessary to record any AWS STS API calls that are made in those +// Regions. For more information, see Turning On CloudTrail in Additional Regions +// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html) +// in the AWS CloudTrail User Guide. +// +// AWS Security Token Service (STS) is a global service with a single endpoint +// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls +// to a global service. However, because this endpoint is physically located +// in the US East (N. Virginia) Region, your logs list us-east-1 as the event +// Region. CloudTrail does not write these logs to the US East (Ohio) Region +// unless you choose to include global service logs in that Region. CloudTrail +// writes calls to all Regional endpoints to their respective Regions. For example, +// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio) +// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU +// (Frankfurt) Region. +// +// To learn more about CloudTrail, including how to turn it on and find your +// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html). // // See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go index e24884ef371..a233f542ef2 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go @@ -14,11 +14,11 @@ const ( // ErrCodeIDPCommunicationErrorException for service response error code // "IDPCommunicationError". // - // The request could not be fulfilled because the non-AWS identity provider - // (IDP) that was asked to verify the incoming identity token could not be reached. - // This is often a transient error caused by network conditions. Retry the request + // The request could not be fulfilled because the identity provider (IDP) that + // was asked to verify the incoming identity token could not be reached. This + // is often a transient error caused by network conditions. Retry the request // a limited number of times so that you don't exceed the request rate. If the - // error persists, the non-AWS identity provider might be down or not responding. + // error persists, the identity provider might be down or not responding. ErrCodeIDPCommunicationErrorException = "IDPCommunicationError" // ErrCodeIDPRejectedClaimException for service response error code @@ -56,9 +56,18 @@ const ( // ErrCodePackedPolicyTooLargeException for service response error code // "PackedPolicyTooLarge". // - // The request was rejected because the policy document was too large. The error - // message describes how big the policy document is, in packed form, as a percentage - // of what the API allows. + // The request was rejected because the total packed size of the session policies + // and session tags combined was too large. An AWS conversion compresses the + // session policy document, session policy ARNs, and session tags into a packed + // binary format that has a separate limit. The error message indicates by percentage + // how close the policies and tags are to the upper size limit. For more information, + // see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // in the IAM User Guide. + // + // You could receive this error even though you meet other defined session policy + // and session tag limits. For more information, see IAM and STS Entity Character + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // in the IAM User Guide. ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" // ErrCodeRegionDisabledException for service response error code @@ -67,7 +76,7 @@ const ( // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating - // and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. ErrCodeRegionDisabledException = "RegionDisabledException" ) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go index 185c914d1b3..d34a6855331 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go @@ -31,7 +31,7 @@ var initRequest func(*request.Request) const ( ServiceName = "sts" // Name of service. EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "STS" // ServiceID is a unique identifer of a specific service. + ServiceID = "STS" // ServiceID is a unique identifier of a specific service. ) // New creates a new instance of the STS client with a session. @@ -39,6 +39,8 @@ const ( // aws.Config parameter to add your extra config. // // Example: +// mySession := session.Must(session.NewSession()) +// // // Create a STS client from just a session. // svc := sts.New(mySession) // @@ -46,11 +48,11 @@ const ( // svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion, c.SigningName) + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion, signingName string) *STS { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *STS { svc := &STS{ Client: client.New( cfg, @@ -59,6 +61,7 @@ func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio ServiceID: ServiceID, SigningName: signingName, SigningRegion: signingRegion, + PartitionID: partitionID, Endpoint: endpoint, APIVersion: "2011-06-15", }, diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/BUILD b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/BUILD new file mode 100644 index 00000000000..b343717896c --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/BUILD @@ -0,0 +1,28 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["interface.go"], + importmap = "k8s.io/kubernetes/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface", + importpath = "github.com/aws/aws-sdk-go/service/sts/stsiface", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/aws/request:go_default_library", + "//vendor/github.com/aws/aws-sdk-go/service/sts:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go new file mode 100644 index 00000000000..e2e1d6efe55 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go @@ -0,0 +1,96 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package stsiface provides an interface to enable mocking the AWS Security Token Service service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package stsiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/sts" +) + +// STSAPI provides an interface to enable mocking the +// sts.STS service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // AWS Security Token Service. +// func myFunc(svc stsiface.STSAPI) bool { +// // Make svc.AssumeRole request +// } +// +// func main() { +// sess := session.New() +// svc := sts.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockSTSClient struct { +// stsiface.STSAPI +// } +// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockSTSClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type STSAPI interface { + AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) + AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error) + AssumeRoleRequest(*sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput) + + AssumeRoleWithSAML(*sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error) + AssumeRoleWithSAMLWithContext(aws.Context, *sts.AssumeRoleWithSAMLInput, ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error) + AssumeRoleWithSAMLRequest(*sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput) + + AssumeRoleWithWebIdentity(*sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error) + AssumeRoleWithWebIdentityWithContext(aws.Context, *sts.AssumeRoleWithWebIdentityInput, ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error) + AssumeRoleWithWebIdentityRequest(*sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput) + + DecodeAuthorizationMessage(*sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error) + DecodeAuthorizationMessageWithContext(aws.Context, *sts.DecodeAuthorizationMessageInput, ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error) + DecodeAuthorizationMessageRequest(*sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput) + + GetAccessKeyInfo(*sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error) + GetAccessKeyInfoWithContext(aws.Context, *sts.GetAccessKeyInfoInput, ...request.Option) (*sts.GetAccessKeyInfoOutput, error) + GetAccessKeyInfoRequest(*sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput) + + GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error) + GetCallerIdentityWithContext(aws.Context, *sts.GetCallerIdentityInput, ...request.Option) (*sts.GetCallerIdentityOutput, error) + GetCallerIdentityRequest(*sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput) + + GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error) + GetFederationTokenWithContext(aws.Context, *sts.GetFederationTokenInput, ...request.Option) (*sts.GetFederationTokenOutput, error) + GetFederationTokenRequest(*sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput) + + GetSessionToken(*sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error) + GetSessionTokenWithContext(aws.Context, *sts.GetSessionTokenInput, ...request.Option) (*sts.GetSessionTokenOutput, error) + GetSessionTokenRequest(*sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput) +} + +var _ STSAPI = (*sts.STS)(nil) diff --git a/vendor/modules.txt b/vendor/modules.txt index 3b8f8bc950a..d965fc79634 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -72,7 +72,7 @@ github.com/PuerkitoBio/urlesc github.com/armon/circbuf # github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a => github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a github.com/asaskevich/govalidator -# github.com/aws/aws-sdk-go v1.16.26 => github.com/aws/aws-sdk-go v1.16.26 +# github.com/aws/aws-sdk-go v1.28.2 => github.com/aws/aws-sdk-go v1.28.2 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/aws/awsutil @@ -93,9 +93,11 @@ github.com/aws/aws-sdk-go/aws/session github.com/aws/aws-sdk-go/aws/signer/v4 github.com/aws/aws-sdk-go/internal/ini github.com/aws/aws-sdk-go/internal/sdkio +github.com/aws/aws-sdk-go/internal/sdkmath github.com/aws/aws-sdk-go/internal/sdkrand github.com/aws/aws-sdk-go/internal/sdkuri github.com/aws/aws-sdk-go/internal/shareddefaults +github.com/aws/aws-sdk-go/internal/strings github.com/aws/aws-sdk-go/private/protocol github.com/aws/aws-sdk-go/private/protocol/ec2query github.com/aws/aws-sdk-go/private/protocol/json/jsonutil @@ -111,6 +113,7 @@ github.com/aws/aws-sdk-go/service/elb github.com/aws/aws-sdk-go/service/elbv2 github.com/aws/aws-sdk-go/service/kms github.com/aws/aws-sdk-go/service/sts +github.com/aws/aws-sdk-go/service/sts/stsiface # github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 => github.com/bazelbuild/bazel-gazelle v0.19.1-0.20191105222053-70208cbdc798 github.com/bazelbuild/bazel-gazelle/cmd/gazelle github.com/bazelbuild/bazel-gazelle/config