diff options
| author | Dave Henderson <dhenderson@gmail.com> | 2019-10-04 22:11:14 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-04 22:11:14 -0400 |
| commit | 7724a8d8e6b0437b151cbfc5f4ca2ee5695d0bf8 (patch) | |
| tree | 455dfab012bc2596d5d91e8636f5b039111ba1dd /vendor/github.com/aws | |
| parent | 3ecf5c37428c072b672b825fcc9493de6e1c5df7 (diff) | |
| parent | 3943a8d2c7236f6fa3941f93fe495d1aedb0b12b (diff) | |
Merge pull request #598 from hairyhenderson/go-modules
Moving to go modules
Diffstat (limited to 'vendor/github.com/aws')
58 files changed, 13037 insertions, 1469 deletions
diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go b/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go index a2c5817c..9cf7eaf4 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go @@ -208,7 +208,7 @@ func (e errorList) Error() string { // How do we want to handle the array size being zero if size := len(e); size > 0 { for i := 0; i < size; i++ { - msg += fmt.Sprintf("%s", e[i].Error()) + msg += e[i].Error() // We check the next index to see if it is within the slice. // If it is, then we append a newline. We do this, because unit tests // could be broken with the additional '\n' diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go index 11c52c38..285e54d6 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go @@ -185,13 +185,12 @@ func ValuesAtPath(i interface{}, path string) ([]interface{}, error) { // SetValueAtPath sets a value at the case insensitive lexical path inside // of a structure. func SetValueAtPath(i interface{}, path string, v interface{}) { - if rvals := rValuesAtPath(i, path, true, false, v == nil); rvals != nil { - for _, rval := range rvals { - if rval.Kind() == reflect.Ptr && rval.IsNil() { - continue - } - setValue(rval, v) + rvals := rValuesAtPath(i, path, true, false, v == nil) + for _, rval := range rvals { + if rval.Kind() == reflect.Ptr && rval.IsNil() { + continue } + setValue(rval, v) } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go index 70960538..c022407f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go @@ -64,7 +64,7 @@ func New(cfg aws.Config, info metadata.ClientInfo, handlers request.Handlers, op default: maxRetries := aws.IntValue(cfg.MaxRetries) if cfg.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries { - maxRetries = 3 + maxRetries = DefaultRetryerMaxNumRetries } svc.Retryer = DefaultRetryer{NumMaxRetries: maxRetries} } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go index a397b0d0..0fda4251 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go @@ -1,6 +1,7 @@ package client import ( + "math" "strconv" "time" @@ -9,82 +10,142 @@ import ( ) // DefaultRetryer implements basic retry logic using exponential backoff for -// most services. If you want to implement custom retry logic, implement the -// request.Retryer interface or create a structure type that composes this -// struct and override the specific methods. For example, to override only -// the MaxRetries method: +// most services. If you want to implement custom retry logic, you can implement the +// request.Retryer interface. // -// type retryer struct { -// client.DefaultRetryer -// } -// -// // This implementation always has 100 max retries -// func (d retryer) MaxRetries() int { return 100 } type DefaultRetryer struct { - NumMaxRetries int + // Num max Retries is the number of max retries that will be performed. + // By default, this is zero. + NumMaxRetries int + + // MinRetryDelay is the minimum retry delay after which retry will be performed. + // If not set, the value is 0ns. + MinRetryDelay time.Duration + + // MinThrottleRetryDelay is the minimum retry delay when throttled. + // If not set, the value is 0ns. + MinThrottleDelay time.Duration + + // MaxRetryDelay is the maximum retry delay before which retry must be performed. + // If not set, the value is 0ns. + MaxRetryDelay time.Duration + + // MaxThrottleDelay is the maximum retry delay when throttled. + // If not set, the value is 0ns. + MaxThrottleDelay time.Duration } +const ( + // DefaultRetryerMaxNumRetries sets maximum number of retries + DefaultRetryerMaxNumRetries = 3 + + // DefaultRetryerMinRetryDelay sets minimum retry delay + DefaultRetryerMinRetryDelay = 30 * time.Millisecond + + // DefaultRetryerMinThrottleDelay sets minimum delay when throttled + DefaultRetryerMinThrottleDelay = 500 * time.Millisecond + + // DefaultRetryerMaxRetryDelay sets maximum retry delay + DefaultRetryerMaxRetryDelay = 300 * time.Second + + // DefaultRetryerMaxThrottleDelay sets maximum delay when throttled + DefaultRetryerMaxThrottleDelay = 300 * time.Second +) + // MaxRetries returns the number of maximum returns the service will use to make // an individual API request. func (d DefaultRetryer) MaxRetries() int { return d.NumMaxRetries } +// setRetryerDefaults sets the default values of the retryer if not set +func (d *DefaultRetryer) setRetryerDefaults() { + if d.MinRetryDelay == 0 { + d.MinRetryDelay = DefaultRetryerMinRetryDelay + } + if d.MaxRetryDelay == 0 { + d.MaxRetryDelay = DefaultRetryerMaxRetryDelay + } + if d.MinThrottleDelay == 0 { + d.MinThrottleDelay = DefaultRetryerMinThrottleDelay + } + if d.MaxThrottleDelay == 0 { + d.MaxThrottleDelay = DefaultRetryerMaxThrottleDelay + } +} + // RetryRules returns the delay duration before retrying this request again func (d DefaultRetryer) RetryRules(r *request.Request) time.Duration { - // Set the upper limit of delay in retrying at ~five minutes - minTime := 30 - throttle := d.shouldThrottle(r) - if throttle { - if delay, ok := getRetryDelay(r); ok { - return delay - } - minTime = 500 + // if number of max retries is zero, no retries will be performed. + if d.NumMaxRetries == 0 { + return 0 + } + + // Sets default value for retryer members + d.setRetryerDefaults() + + // minDelay is the minimum retryer delay + minDelay := d.MinRetryDelay + + var initialDelay time.Duration + + isThrottle := r.IsErrorThrottle() + if isThrottle { + if delay, ok := getRetryAfterDelay(r); ok { + initialDelay = delay + } + minDelay = d.MinThrottleDelay } retryCount := r.RetryCount - if throttle && retryCount > 8 { - retryCount = 8 - } else if retryCount > 13 { - retryCount = 13 + + // maxDelay the maximum retryer delay + maxDelay := d.MaxRetryDelay + + if isThrottle { + maxDelay = d.MaxThrottleDelay + } + + var delay time.Duration + + // Logic to cap the retry count based on the minDelay provided + actualRetryCount := int(math.Log2(float64(minDelay))) + 1 + if actualRetryCount < 63-retryCount { + delay = time.Duration(1<<uint64(retryCount)) * getJitterDelay(minDelay) + if delay > maxDelay { + delay = getJitterDelay(maxDelay / 2) + } + } else { + delay = getJitterDelay(maxDelay / 2) } + return delay + initialDelay +} - delay := (1 << uint(retryCount)) * (sdkrand.SeededRand.Intn(minTime) + minTime) - return time.Duration(delay) * time.Millisecond +// getJitterDelay returns a jittered delay for retry +func getJitterDelay(duration time.Duration) time.Duration { + return time.Duration(sdkrand.SeededRand.Int63n(int64(duration)) + int64(duration)) } // ShouldRetry returns true if the request should be retried. func (d DefaultRetryer) ShouldRetry(r *request.Request) bool { + + // ShouldRetry returns false if number of max retries is 0. + if d.NumMaxRetries == 0 { + return false + } + // If one of the other handlers already set the retry state // we don't want to override it based on the service's state if r.Retryable != nil { return *r.Retryable } - - if r.HTTPResponse.StatusCode >= 500 && r.HTTPResponse.StatusCode != 501 { - return true - } - return r.IsErrorRetryable() || d.shouldThrottle(r) -} - -// ShouldThrottle returns true if the request should be throttled. -func (d DefaultRetryer) shouldThrottle(r *request.Request) bool { - switch r.HTTPResponse.StatusCode { - case 429: - case 502: - case 503: - case 504: - default: - return r.IsErrorThrottle() - } - - return true + return r.IsErrorRetryable() || r.IsErrorThrottle() } // This will look in the Retry-After header, RFC 7231, for how long // it will wait before attempting another request -func getRetryDelay(r *request.Request) (time.Duration, bool) { +func getRetryAfterDelay(r *request.Request) (time.Duration, bool) { if !canUseRetryAfterHeader(r) { return 0, false } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go index 7b5e1276..8958c32d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go @@ -67,10 +67,14 @@ func logRequest(r *request.Request) { if !bodySeekable { r.SetReaderBody(aws.ReadSeekCloser(r.HTTPRequest.Body)) } - // Reset the request body because dumpRequest will re-wrap the r.HTTPRequest's - // Body as a NoOpCloser and will not be reset after read by the HTTP - // client reader. - r.ResetBody() + // Reset the request body because dumpRequest will re-wrap the + // r.HTTPRequest's Body as a NoOpCloser and will not be reset after + // read by the HTTP client reader. + if err := r.Error; err != nil { + r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, + r.ClientInfo.ServiceName, r.Operation.Name, err)) + return + } } r.Config.Logger.Log(fmt.Sprintf(logReqMsg, diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go new file mode 100644 index 00000000..881d575f --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go @@ -0,0 +1,28 @@ +package client + +import ( + "time" + + "github.com/aws/aws-sdk-go/aws/request" +) + +// NoOpRetryer provides a retryer that performs no retries. +// It should be used when we do not want retries to be performed. +type NoOpRetryer struct{} + +// MaxRetries returns the number of maximum returns the service will use to make +// an individual API; For NoOpRetryer the MaxRetries will always be zero. +func (d NoOpRetryer) MaxRetries() int { + return 0 +} + +// ShouldRetry will always return false for NoOpRetryer, as it should never retry. +func (d NoOpRetryer) ShouldRetry(_ *request.Request) bool { + return false +} + +// RetryRules returns the delay duration before retrying this request again; +// since NoOpRetryer does not retry, RetryRules always returns 0. +func (d NoOpRetryer) RetryRules(_ *request.Request) time.Duration { + return 0 +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go index 10634d17..fd1e240f 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -20,7 +20,7 @@ type RequestRetryer interface{} // A Config provides service configuration for service clients. By default, // all clients will use the defaults.DefaultConfig structure. // -// // Create Session with MaxRetry configuration to be shared by multiple +// // Create Session with MaxRetries configuration to be shared by multiple // // service clients. // sess := session.Must(session.NewSession(&aws.Config{ // MaxRetries: aws.Int(3), @@ -251,7 +251,7 @@ type Config struct { // NewConfig returns a new Config pointer that can be chained with builder // methods to set multiple configuration values inline without using pointers. // -// // Create Session with MaxRetry configuration to be shared by multiple +// // Create Session with MaxRetries configuration to be shared by multiple // // service clients. // sess := session.Must(session.NewSession(aws.NewConfig(). // WithMaxRetries(3), diff --git a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go b/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go index ff5d58e0..4e076c18 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go @@ -179,6 +179,242 @@ func IntValueMap(src map[string]*int) map[string]int { return dst } +// Uint returns a pointer to the uint value passed in. +func Uint(v uint) *uint { + return &v +} + +// UintValue returns the value of the uint pointer passed in or +// 0 if the pointer is nil. +func UintValue(v *uint) uint { + if v != nil { + return *v + } + return 0 +} + +// UintSlice converts a slice of uint values uinto a slice of +// uint pointers +func UintSlice(src []uint) []*uint { + dst := make([]*uint, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// UintValueSlice converts a slice of uint pointers uinto a slice of +// uint values +func UintValueSlice(src []*uint) []uint { + dst := make([]uint, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// UintMap converts a string map of uint values uinto a string +// map of uint pointers +func UintMap(src map[string]uint) map[string]*uint { + dst := make(map[string]*uint) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// UintValueMap converts a string map of uint pointers uinto a string +// map of uint values +func UintValueMap(src map[string]*uint) map[string]uint { + dst := make(map[string]uint) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int8 returns a pointer to the int8 value passed in. +func Int8(v int8) *int8 { + return &v +} + +// Int8Value returns the value of the int8 pointer passed in or +// 0 if the pointer is nil. +func Int8Value(v *int8) int8 { + if v != nil { + return *v + } + return 0 +} + +// Int8Slice converts a slice of int8 values into a slice of +// int8 pointers +func Int8Slice(src []int8) []*int8 { + dst := make([]*int8, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int8ValueSlice converts a slice of int8 pointers into a slice of +// int8 values +func Int8ValueSlice(src []*int8) []int8 { + dst := make([]int8, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int8Map converts a string map of int8 values into a string +// map of int8 pointers +func Int8Map(src map[string]int8) map[string]*int8 { + dst := make(map[string]*int8) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int8ValueMap converts a string map of int8 pointers into a string +// map of int8 values +func Int8ValueMap(src map[string]*int8) map[string]int8 { + dst := make(map[string]int8) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int16 returns a pointer to the int16 value passed in. +func Int16(v int16) *int16 { + return &v +} + +// Int16Value returns the value of the int16 pointer passed in or +// 0 if the pointer is nil. +func Int16Value(v *int16) int16 { + if v != nil { + return *v + } + return 0 +} + +// Int16Slice converts a slice of int16 values into a slice of +// int16 pointers +func Int16Slice(src []int16) []*int16 { + dst := make([]*int16, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int16ValueSlice converts a slice of int16 pointers into a slice of +// int16 values +func Int16ValueSlice(src []*int16) []int16 { + dst := make([]int16, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int16Map converts a string map of int16 values into a string +// map of int16 pointers +func Int16Map(src map[string]int16) map[string]*int16 { + dst := make(map[string]*int16) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int16ValueMap converts a string map of int16 pointers into a string +// map of int16 values +func Int16ValueMap(src map[string]*int16) map[string]int16 { + dst := make(map[string]int16) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Int32 returns a pointer to the int32 value passed in. +func Int32(v int32) *int32 { + return &v +} + +// Int32Value returns the value of the int32 pointer passed in or +// 0 if the pointer is nil. +func Int32Value(v *int32) int32 { + if v != nil { + return *v + } + return 0 +} + +// Int32Slice converts a slice of int32 values into a slice of +// int32 pointers +func Int32Slice(src []int32) []*int32 { + dst := make([]*int32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Int32ValueSlice converts a slice of int32 pointers into a slice of +// int32 values +func Int32ValueSlice(src []*int32) []int32 { + dst := make([]int32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Int32Map converts a string map of int32 values into a string +// map of int32 pointers +func Int32Map(src map[string]int32) map[string]*int32 { + dst := make(map[string]*int32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Int32ValueMap converts a string map of int32 pointers into a string +// map of int32 values +func Int32ValueMap(src map[string]*int32) map[string]int32 { + dst := make(map[string]int32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + // Int64 returns a pointer to the int64 value passed in. func Int64(v int64) *int64 { return &v @@ -238,6 +474,301 @@ func Int64ValueMap(src map[string]*int64) map[string]int64 { return dst } +// Uint8 returns a pointer to the uint8 value passed in. +func Uint8(v uint8) *uint8 { + return &v +} + +// Uint8Value returns the value of the uint8 pointer passed in or +// 0 if the pointer is nil. +func Uint8Value(v *uint8) uint8 { + if v != nil { + return *v + } + return 0 +} + +// Uint8Slice converts a slice of uint8 values into a slice of +// uint8 pointers +func Uint8Slice(src []uint8) []*uint8 { + dst := make([]*uint8, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint8ValueSlice converts a slice of uint8 pointers into a slice of +// uint8 values +func Uint8ValueSlice(src []*uint8) []uint8 { + dst := make([]uint8, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint8Map converts a string map of uint8 values into a string +// map of uint8 pointers +func Uint8Map(src map[string]uint8) map[string]*uint8 { + dst := make(map[string]*uint8) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint8ValueMap converts a string map of uint8 pointers into a string +// map of uint8 values +func Uint8ValueMap(src map[string]*uint8) map[string]uint8 { + dst := make(map[string]uint8) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint16 returns a pointer to the uint16 value passed in. +func Uint16(v uint16) *uint16 { + return &v +} + +// Uint16Value returns the value of the uint16 pointer passed in or +// 0 if the pointer is nil. +func Uint16Value(v *uint16) uint16 { + if v != nil { + return *v + } + return 0 +} + +// Uint16Slice converts a slice of uint16 values into a slice of +// uint16 pointers +func Uint16Slice(src []uint16) []*uint16 { + dst := make([]*uint16, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint16ValueSlice converts a slice of uint16 pointers into a slice of +// uint16 values +func Uint16ValueSlice(src []*uint16) []uint16 { + dst := make([]uint16, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint16Map converts a string map of uint16 values into a string +// map of uint16 pointers +func Uint16Map(src map[string]uint16) map[string]*uint16 { + dst := make(map[string]*uint16) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint16ValueMap converts a string map of uint16 pointers into a string +// map of uint16 values +func Uint16ValueMap(src map[string]*uint16) map[string]uint16 { + dst := make(map[string]uint16) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint32 returns a pointer to the uint32 value passed in. +func Uint32(v uint32) *uint32 { + return &v +} + +// Uint32Value returns the value of the uint32 pointer passed in or +// 0 if the pointer is nil. +func Uint32Value(v *uint32) uint32 { + if v != nil { + return *v + } + return 0 +} + +// Uint32Slice converts a slice of uint32 values into a slice of +// uint32 pointers +func Uint32Slice(src []uint32) []*uint32 { + dst := make([]*uint32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint32ValueSlice converts a slice of uint32 pointers into a slice of +// uint32 values +func Uint32ValueSlice(src []*uint32) []uint32 { + dst := make([]uint32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint32Map converts a string map of uint32 values into a string +// map of uint32 pointers +func Uint32Map(src map[string]uint32) map[string]*uint32 { + dst := make(map[string]*uint32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint32ValueMap converts a string map of uint32 pointers into a string +// map of uint32 values +func Uint32ValueMap(src map[string]*uint32) map[string]uint32 { + dst := make(map[string]uint32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Uint64 returns a pointer to the uint64 value passed in. +func Uint64(v uint64) *uint64 { + return &v +} + +// Uint64Value returns the value of the uint64 pointer passed in or +// 0 if the pointer is nil. +func Uint64Value(v *uint64) uint64 { + if v != nil { + return *v + } + return 0 +} + +// Uint64Slice converts a slice of uint64 values into a slice of +// uint64 pointers +func Uint64Slice(src []uint64) []*uint64 { + dst := make([]*uint64, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Uint64ValueSlice converts a slice of uint64 pointers into a slice of +// uint64 values +func Uint64ValueSlice(src []*uint64) []uint64 { + dst := make([]uint64, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Uint64Map converts a string map of uint64 values into a string +// map of uint64 pointers +func Uint64Map(src map[string]uint64) map[string]*uint64 { + dst := make(map[string]*uint64) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Uint64ValueMap converts a string map of uint64 pointers into a string +// map of uint64 values +func Uint64ValueMap(src map[string]*uint64) map[string]uint64 { + dst := make(map[string]uint64) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + +// Float32 returns a pointer to the float32 value passed in. +func Float32(v float32) *float32 { + return &v +} + +// Float32Value returns the value of the float32 pointer passed in or +// 0 if the pointer is nil. +func Float32Value(v *float32) float32 { + if v != nil { + return *v + } + return 0 +} + +// Float32Slice converts a slice of float32 values into a slice of +// float32 pointers +func Float32Slice(src []float32) []*float32 { + dst := make([]*float32, len(src)) + for i := 0; i < len(src); i++ { + dst[i] = &(src[i]) + } + return dst +} + +// Float32ValueSlice converts a slice of float32 pointers into a slice of +// float32 values +func Float32ValueSlice(src []*float32) []float32 { + dst := make([]float32, len(src)) + for i := 0; i < len(src); i++ { + if src[i] != nil { + dst[i] = *(src[i]) + } + } + return dst +} + +// Float32Map converts a string map of float32 values into a string +// map of float32 pointers +func Float32Map(src map[string]float32) map[string]*float32 { + dst := make(map[string]*float32) + for k, val := range src { + v := val + dst[k] = &v + } + return dst +} + +// Float32ValueMap converts a string map of float32 pointers into a string +// map of float32 values +func Float32ValueMap(src map[string]*float32) map[string]float32 { + dst := make(map[string]float32) + for k, val := range src { + if val != nil { + dst[k] = *val + } + } + return dst +} + // Float64 returns a pointer to the float64 value passed in. func Float64(v float64) *float64 { return &v diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go index f8853d78..0c60e612 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go @@ -159,9 +159,9 @@ func handleSendError(r *request.Request, err error) { Body: ioutil.NopCloser(bytes.NewReader([]byte{})), } } - // Catch all other request errors. + // Catch all request errors, and let the default retrier determine + // if the error is retryable. r.Error = awserr.New("RequestError", "send request failed", err) - r.Retryable = aws.Bool(true) // network errors are retryable // Override the error with a context canceled error, if that was canceled. ctx := r.Context() @@ -184,37 +184,39 @@ var ValidateResponseHandler = request.NamedHandler{Name: "core.ValidateResponseH // AfterRetryHandler performs final checks to determine if the request should // be retried and how long to delay. -var AfterRetryHandler = request.NamedHandler{Name: "core.AfterRetryHandler", Fn: func(r *request.Request) { - // If one of the other handlers already set the retry state - // we don't want to override it based on the service's state - if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) { - r.Retryable = aws.Bool(r.ShouldRetry(r)) - } +var AfterRetryHandler = request.NamedHandler{ + Name: "core.AfterRetryHandler", + Fn: func(r *request.Request) { + // If one of the other handlers already set the retry state + // we don't want to override it based on the service's state + if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) { + r.Retryable = aws.Bool(r.ShouldRetry(r)) + } - if r.WillRetry() { - r.RetryDelay = r.RetryRules(r) + if r.WillRetry() { + r.RetryDelay = r.RetryRules(r) - if sleepFn := r.Config.SleepDelay; sleepFn != nil { - // Support SleepDelay for backwards compatibility and testing - sleepFn(r.RetryDelay) - } else if err := aws.SleepWithContext(r.Context(), r.RetryDelay); err != nil { - r.Error = awserr.New(request.CanceledErrorCode, - "request context canceled", err) - r.Retryable = aws.Bool(false) - return - } + if sleepFn := r.Config.SleepDelay; sleepFn != nil { + // Support SleepDelay for backwards compatibility and testing + sleepFn(r.RetryDelay) + } else if err := aws.SleepWithContext(r.Context(), r.RetryDelay); err != nil { + r.Error = awserr.New(request.CanceledErrorCode, + "request context canceled", err) + r.Retryable = aws.Bool(false) + return + } - // when the expired token exception occurs the credentials - // need to be expired locally so that the next request to - // get credentials will trigger a credentials refresh. - if r.IsErrorExpired() { - r.Config.Credentials.Expire() - } + // when the expired token exception occurs the credentials + // need to be expired locally so that the next request to + // get credentials will trigger a credentials refresh. + if r.IsErrorExpired() { + r.Config.Credentials.Expire() + } - r.RetryCount++ - r.Error = nil - } -}} + r.RetryCount++ + r.Error = nil + } + }} // ValidateEndpointHandler is a request handler to validate a request had the // appropriate Region and Endpoint set. Will set r.Error if the endpoint or diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go index 894bbc7f..4af59215 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go @@ -50,9 +50,10 @@ package credentials import ( "fmt" - "github.com/aws/aws-sdk-go/aws/awserr" "sync" "time" + + "github.com/aws/aws-sdk-go/aws/awserr" ) // AnonymousCredentials is an empty Credential object that can be used as @@ -83,6 +84,12 @@ type Value struct { ProviderName string } +// HasKeys returns if the credentials Value has both AccessKeyID and +// SecretAccessKey value set. +func (v Value) HasKeys() bool { + return len(v.AccessKeyID) != 0 && len(v.SecretAccessKey) != 0 +} + // A Provider is the interface for any component which will provide credentials // Value. A provider is required to manage its own Expired state, and what to // be expired means. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index c2b2c5d6..1a7af53a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -98,8 +98,8 @@ func NewProviderClient(cfg aws.Config, handlers request.Handlers, endpoint strin return p } -// NewCredentialsClient returns a Credentials wrapper for retrieving credentials -// from an arbitrary endpoint concurrently. The client will request the +// NewCredentialsClient returns a pointer to a new Credentials object +// wrapping the endpoint credentials Provider. func NewCredentialsClient(cfg aws.Config, handlers request.Handlers, endpoint string, options ...func(*Provider)) *credentials.Credentials { return credentials.NewCredentials(NewProviderClient(cfg, handlers, endpoint, options...)) } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini b/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini new file mode 100644 index 00000000..7fc91d9d --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini @@ -0,0 +1,12 @@ +[default] +aws_access_key_id = accessKey +aws_secret_access_key = secret +aws_session_token = token + +[no_token] +aws_access_key_id = accessKey +aws_secret_access_key = secret + +[with_colon] +aws_access_key_id: accessKey +aws_secret_access_key: secret diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index b6dbfd24..2e528d13 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -200,7 +200,7 @@ type AssumeRoleProvider struct { // by a random percentage between 0 and MaxJitterFraction. MaxJitterFrac must // have a value between 0 and 1. Any other value may lead to expected behavior. // With a MaxJitterFrac value of 0, default) will no jitter will be used. - // + // // For example, with a Duration of 30m and a MaxJitterFrac of 0.1, the // AssumeRole call will be made with an arbitrary Duration between 27m and // 30m. @@ -258,7 +258,6 @@ func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(* // Retrieve generates a new set of temporary credentials using STS. func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { - // Apply defaults where parameters are not set. if p.RoleSessionName == "" { // Try to work out a role name that will hopefully end up unique. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go new file mode 100644 index 00000000..b20b6339 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go @@ -0,0 +1,100 @@ +package stscreds + +import ( + "fmt" + "io/ioutil" + "strconv" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/service/sts" + "github.com/aws/aws-sdk-go/service/sts/stsiface" +) + +const ( + // ErrCodeWebIdentity will be used as an error code when constructing + // a new error to be returned during session creation or retrieval. + ErrCodeWebIdentity = "WebIdentityErr" + + // WebIdentityProviderName is the web identity provider name + WebIdentityProviderName = "WebIdentityCredentials" +) + +// now is used to return a time.Time object representing +// the current time. This can be used to easily test and +// compare test values. +var now = time.Now + +// WebIdentityRoleProvider is used to retrieve credentials using +// an OIDC token. +type WebIdentityRoleProvider struct { + credentials.Expiry + + client stsiface.STSAPI + ExpiryWindow time.Duration + + tokenFilePath string + roleARN string + roleSessionName string +} + +// NewWebIdentityCredentials will return a new set of credentials with a given +// configuration, role arn, and token file path. +func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials { + svc := sts.New(c) + p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path) + return credentials.NewCredentials(p) +} + +// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the +// provided stsiface.STSAPI +func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider { + return &WebIdentityRoleProvider{ + client: svc, + tokenFilePath: path, + roleARN: roleARN, + roleSessionName: roleSessionName, + } +} + +// Retrieve will attempt to assume a role from a token which is located at +// 'WebIdentityTokenFilePath' specified destination and if that is empty an +// error will be returned. +func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { + b, err := ioutil.ReadFile(p.tokenFilePath) + if err != nil { + errMsg := fmt.Sprintf("unable to read file at %s", p.tokenFilePath) + return credentials.Value{}, awserr.New(ErrCodeWebIdentity, errMsg, err) + } + + sessionName := p.roleSessionName + if len(sessionName) == 0 { + // session name is used to uniquely identify a session. This simply + // uses unix time in nanoseconds to uniquely identify sessions. + sessionName = strconv.FormatInt(now().UnixNano(), 10) + } + req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{ + RoleArn: &p.roleARN, + RoleSessionName: &sessionName, + WebIdentityToken: aws.String(string(b)), + }) + // InvalidIdentityToken error is a temporary error that can occur + // when assuming an Role with a JWT web identity token. + req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException) + if err := req.Send(); err != nil { + return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed to retrieve credentials", err) + } + + p.SetExpiration(aws.TimeValue(resp.Credentials.Expiration), p.ExpiryWindow) + + value := credentials.Value{ + AccessKeyID: aws.StringValue(resp.Credentials.AccessKeyId), + SecretAccessKey: aws.StringValue(resp.Credentials.SecretAccessKey), + SessionToken: aws.StringValue(resp.Credentials.SessionToken), + ProviderName: WebIdentityProviderName, + } + return value, nil +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go index 152d785b..25a66d1d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go @@ -1,30 +1,61 @@ -// Package csm provides Client Side Monitoring (CSM) which enables sending metrics -// via UDP connection. Using the Start function will enable the reporting of -// metrics on a given port. If Start is called, with different parameters, again, -// a panic will occur. +// Package csm provides the Client Side Monitoring (CSM) client which enables +// sending metrics via UDP connection to the CSM agent. This package provides +// control options, and configuration for the CSM client. The client can be +// controlled manually, or automatically via the SDK's Session configuration. // -// Pause can be called to pause any metrics publishing on a given port. Sessions -// that have had their handlers modified via InjectHandlers may still be used. -// However, the handlers will act as a no-op meaning no metrics will be published. +// Enabling CSM client via SDK's Session configuration +// +// The CSM client can be enabled automatically via SDK's Session configuration. +// The SDK's session configuration enables the CSM client if the AWS_CSM_PORT +// environment variable is set to a non-empty value. +// +// The configuration options for the CSM client via the SDK's session +// configuration are: +// +// * AWS_CSM_PORT=<port number> +// The port number the CSM agent will receive metrics on. +// +// * AWS_CSM_HOST=<hostname or ip> +// The hostname, or IP address the CSM agent will receive metrics on. +// Without port number. +// +// Manually enabling the CSM client +// +// The CSM client can be started, paused, and resumed manually. The Start +// function will enable the CSM client to publish metrics to the CSM agent. It +// is safe to call Start concurrently, but if Start is called additional times +// with different ClientID or address it will panic. // -// Example: // r, err := csm.Start("clientID", ":31000") // if err != nil { // panic(fmt.Errorf("failed starting CSM: %v", err)) // } // +// When controlling the CSM client manually, you must also inject its request +// handlers into the SDK's Session configuration for the SDK's API clients to +// publish metrics. +// // sess, err := session.NewSession(&aws.Config{}) // if err != nil { // panic(fmt.Errorf("failed loading session: %v", err)) // } // +// // Add CSM client's metric publishing request handlers to the SDK's +// // Session Configuration. // r.InjectHandlers(&sess.Handlers) // -// client := s3.New(sess) -// resp, err := client.GetObject(&s3.GetObjectInput{ -// Bucket: aws.String("bucket"), -// Key: aws.String("key"), -// }) +// Controlling CSM client +// +// Once the CSM client has been enabled the Get function will return a Reporter +// value that you can use to pause and resume the metrics published to the CSM +// agent. If Get function is called before the reporter is enabled with the +// Start function or via SDK's Session configuration nil will be returned. +// +// The Pause method can be called to stop the CSM client publishing metrics to +// the CSM agent. The Continue method will resume metric publishing. +// +// // Get the CSM client Reporter. +// r := csm.Get() // // // Will pause monitoring // r.Pause() @@ -35,12 +66,4 @@ // // // Resume monitoring // r.Continue() -// -// Start returns a Reporter that is used to enable or disable monitoring. If -// access to the Reporter is required later, calling Get will return the Reporter -// singleton. -// -// Example: -// r := csm.Get() -// r.Continue() package csm diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go index 2f0c6eac..4b19e280 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go @@ -2,6 +2,7 @@ package csm import ( "fmt" + "strings" "sync" ) @@ -9,19 +10,40 @@ var ( lock sync.Mutex ) -// Client side metric handler names const ( - APICallMetricHandlerName = "awscsm.SendAPICallMetric" - APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric" + // DefaultPort is used when no port is specified. + DefaultPort = "31000" + + // DefaultHost is the host that will be used when none is specified. + DefaultHost = "127.0.0.1" ) -// Start will start the a long running go routine to capture +// AddressWithDefaults returns a CSM address built from the host and port +// values. If the host or port is not set, default values will be used +// instead. If host is "localhost" it will be replaced with "127.0.0.1". +func AddressWithDefaults(host, port string) string { + if len(host) == 0 || strings.EqualFold(host, "localhost") { + host = DefaultHost + } + + if len(port) == 0 { + port = DefaultPort + } + + // Only IP6 host can contain a colon + if strings.Contains(host, ":") { + return "[" + host + "]:" + port + } + + return host + ":" + port +} + +// Start will start a long running go routine to capture // client side metrics. Calling start multiple time will only // start the metric listener once and will panic if a different // client ID or port is passed in. // -// Example: -// r, err := csm.Start("clientID", "127.0.0.1:8094") +// r, err := csm.Start("clientID", "127.0.0.1:31000") // if err != nil { // panic(fmt.Errorf("expected no error, but received %v", err)) // } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go index 514fc373..82a3e345 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go @@ -16,25 +16,26 @@ var ( type metricChan struct { ch chan metric - paused int64 + paused *int64 } func newMetricChan(size int) metricChan { return metricChan{ - ch: make(chan metric, size), + ch: make(chan metric, size), + paused: new(int64), } } func (ch *metricChan) Pause() { - atomic.StoreInt64(&ch.paused, pausedEnum) + atomic.StoreInt64(ch.paused, pausedEnum) } func (ch *metricChan) Continue() { - atomic.StoreInt64(&ch.paused, runningEnum) + atomic.StoreInt64(ch.paused, runningEnum) } func (ch *metricChan) IsPaused() bool { - v := atomic.LoadInt64(&ch.paused) + v := atomic.LoadInt64(ch.paused) return v == pausedEnum } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go index d9aa5b06..c7008d8c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go @@ -10,11 +10,6 @@ import ( "github.com/aws/aws-sdk-go/aws/request" ) -const ( - // DefaultPort is used when no port is specified - DefaultPort = "31000" -) - // Reporter will gather metrics of API requests made and // send those metrics to the CSM endpoint. type Reporter struct { @@ -123,7 +118,7 @@ func (rep *Reporter) sendAPICallMetric(r *request.Request) { Type: aws.String("ApiCall"), AttemptCount: aws.Int(r.RetryCount + 1), Region: r.Config.Region, - Latency: aws.Int(int(time.Now().Sub(r.Time) / time.Millisecond)), + Latency: aws.Int(int(time.Since(r.Time) / time.Millisecond)), XAmzRequestID: aws.String(r.RequestID), MaxRetriesExceeded: aws.Int(boolIntValue(r.RetryCount >= r.MaxRetries())), } @@ -190,8 +185,9 @@ func (rep *Reporter) start() { } } -// Pause will pause the metric channel preventing any new metrics from -// being added. +// Pause will pause the metric channel preventing any new metrics from being +// added. It is safe to call concurrently with other calls to Pause, but if +// called concurently with Continue can lead to unexpected state. func (rep *Reporter) Pause() { lock.Lock() defer lock.Unlock() @@ -203,8 +199,9 @@ func (rep *Reporter) Pause() { rep.close() } -// Continue will reopen the metric channel and allow for monitoring -// to be resumed. +// Continue will reopen the metric channel and allow for monitoring to be +// resumed. It is safe to call concurrently with other calls to Continue, but +// if called concurently with Pause can lead to unexpected state. func (rep *Reporter) Continue() { lock.Lock() defer lock.Unlock() @@ -219,10 +216,18 @@ func (rep *Reporter) Continue() { rep.metricsCh.Continue() } +// Client side metric handler names +const ( + APICallMetricHandlerName = "awscsm.SendAPICallMetric" + APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric" +) + // InjectHandlers will will enable client side metrics and inject the proper // handlers to handle how metrics are sent. // -// Example: +// InjectHandlers is NOT safe to call concurrently. Calling InjectHandlers +// multiple times may lead to unexpected behavior, (e.g. duplicate metrics). +// // // Start must be called in order to inject the correct handlers // r, err := csm.Start("clientID", "127.0.0.1:8094") // if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go index 2c8d5f56..d126764c 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go @@ -152,18 +152,19 @@ type EC2IAMInfo struct { // An EC2InstanceIdentityDocument provides the shape for unmarshaling // an instance identity document type EC2InstanceIdentityDocument struct { - DevpayProductCodes []string `json:"devpayProductCodes"` - AvailabilityZone string `json:"availabilityZone"` - PrivateIP string `json:"privateIp"` - Version string `json:"version"` - Region string `json:"region"` - InstanceID string `json:"instanceId"` - BillingProducts []string `json:"billingProducts"` - InstanceType string `json:"instanceType"` - AccountID string `json:"accountId"` - PendingTime time.Time `json:"pendingTime"` - ImageID string `json:"imageId"` - KernelID string `json:"kernelId"` - RamdiskID string `json:"ramdiskId"` - Architecture string `json:"architecture"` + DevpayProductCodes []string `json:"devpayProductCodes"` + MarketplaceProductCodes []string `json:"marketplaceProductCodes"` + AvailabilityZone string `json:"availabilityZone"` + PrivateIP string `json:"privateIp"` + Version string `json:"version"` + Region string `json:"region"` + InstanceID string `json:"instanceId"` + BillingProducts []string `json:"billingProducts"` + InstanceType string `json:"instanceType"` + AccountID string `json:"accountId"` + PendingTime time.Time `json:"pendingTime"` + ImageID string `json:"imageId"` + KernelID string `json:"kernelId"` + RamdiskID string `json:"ramdiskId"` + Architecture string `json:"architecture"` } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index f0c1d31e..4c5636e3 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -123,7 +123,7 @@ func unmarshalHandler(r *request.Request) { defer r.HTTPResponse.Body.Close() b := &bytes.Buffer{} if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata respose", err) + r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata response", err) return } @@ -136,7 +136,7 @@ func unmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() b := &bytes.Buffer{} if _, err := io.Copy(b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error respose", err) + r.Error = awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err) return } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index e315e7bd..452cefda 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -11,6 +11,8 @@ const ( AwsPartitionID = "aws" // AWS Standard partition. AwsCnPartitionID = "aws-cn" // AWS China partition. AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. + AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. + AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. ) // AWS Standard partition's regions. @@ -27,6 +29,7 @@ const ( EuWest1RegionID = "eu-west-1" // EU (Ireland). EuWest2RegionID = "eu-west-2" // EU (London). EuWest3RegionID = "eu-west-3" // EU (Paris). + MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). UsEast1RegionID = "us-east-1" // US East (N. Virginia). UsEast2RegionID = "us-east-2" // US East (Ohio). @@ -46,8 +49,18 @@ const ( UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US). ) +// AWS ISO (US) partition's regions. +const ( + UsIsoEast1RegionID = "us-iso-east-1" // US ISO East. +) + +// AWS ISOB (US) partition's regions. +const ( + UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). +) + // DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, and AWS GovCloud (US). +// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). // // Use DefaultPartitions() to get the list of the default partitions. func DefaultResolver() Resolver { @@ -55,7 +68,7 @@ func DefaultResolver() Resolver { } // DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, and AWS GovCloud (US). +// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). // // partitions := endpoints.DefaultPartitions // for _, p := range partitions { @@ -69,6 +82,8 @@ var defaultPartitions = partitions{ awsPartition, awscnPartition, awsusgovPartition, + awsisoPartition, + awsisobPartition, } // AwsPartition returns the Resolver for AWS Standard. @@ -82,7 +97,7 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me)\\-\\w+\\-\\d+$") return reg }(), }, @@ -128,6 +143,9 @@ var awsPartition = partition{ "eu-west-3": region{ Description: "EU (Paris)", }, + "me-south-1": region{ + Description: "Middle East (Bahrain)", + }, "sa-east-1": region{ Description: "South America (Sao Paulo)", }, @@ -166,6 +184,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -178,6 +197,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -270,6 +290,12 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + "me-south-1": endpoint{ + Hostname: "api.ecr.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, "sa-east-1": endpoint{ Hostname: "api.ecr.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -308,6 +334,7 @@ var awsPartition = partition{ "ap-northeast-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, "us-west-2": endpoint{}, @@ -327,6 +354,7 @@ var awsPartition = partition{ "api.sagemaker": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -334,8 +362,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", @@ -381,6 +412,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -409,6 +441,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -471,6 +504,7 @@ var awsPartition = partition{ "athena": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -478,6 +512,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "us-east-1": endpoint{}, @@ -502,6 +537,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -533,9 +569,27 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "backup": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-southeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "batch": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -547,6 +601,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -638,6 +693,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -693,6 +749,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -729,6 +786,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -739,6 +797,7 @@ var awsPartition = partition{ "codebuild": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -750,6 +809,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -791,6 +851,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -822,6 +883,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ @@ -863,6 +925,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -983,6 +1046,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -990,6 +1054,16 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "connect": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "us-east-1": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "cur": service{ Endpoints: endpoints{ @@ -1028,10 +1102,35 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "datasync-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "datasync-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "datasync-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "datasync-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "dax": service{ @@ -1059,6 +1158,7 @@ var awsPartition = partition{ "directconnect": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1070,6 +1170,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1098,6 +1199,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1120,6 +1222,12 @@ var awsPartition = partition{ Region: "ap-northeast-2", }, }, + "ap-southeast-2": endpoint{ + Hostname: "rds.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, "eu-central-1": endpoint{ Hostname: "rds.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1132,6 +1240,12 @@ var awsPartition = partition{ Region: "eu-west-1", }, }, + "eu-west-2": endpoint{ + Hostname: "rds.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, "us-east-1": endpoint{ Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -1162,6 +1276,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "sa-east-1": endpoint{}, @@ -1183,11 +1298,17 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "local": endpoint{ Hostname: "localhost:8000", Protocols: []string{"http"}, @@ -1195,11 +1316,36 @@ var awsPartition = partition{ Region: "us-east-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "ec2": service{ @@ -1219,6 +1365,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1252,6 +1399,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1280,11 +1428,12 @@ var awsPartition = partition{ Region: "us-west-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "elasticbeanstalk": service{ @@ -1302,6 +1451,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1314,12 +1464,14 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1343,6 +1495,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1370,6 +1523,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "{service}.{region}.{dnsSuffix}", @@ -1434,11 +1588,12 @@ var awsPartition = partition{ Region: "us-west-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "events": service{ @@ -1456,6 +1611,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1466,6 +1622,7 @@ var awsPartition = partition{ "firehose": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1506,10 +1663,15 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1549,6 +1711,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1559,6 +1722,7 @@ var awsPartition = partition{ "glue": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1566,9 +1730,12 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1582,10 +1749,15 @@ var awsPartition = partition{ }, Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1602,6 +1774,7 @@ var awsPartition = partition{ Protocols: []string{"https"}, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1613,11 +1786,36 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "guardduty-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "guardduty-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "guardduty-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "guardduty-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "health": service{ @@ -1662,7 +1860,9 @@ var awsPartition = partition{ "ap-south-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -1676,16 +1876,23 @@ var awsPartition = partition{ }, }, Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -1700,6 +1907,65 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "iotevents": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, + "ioteventsdata": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{ + Hostname: "data.iotevents.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + "ap-southeast-2": endpoint{ + Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + "eu-central-1": endpoint{ + Hostname: "data.iotevents.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + "eu-west-1": endpoint{ + Hostname: "data.iotevents.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + "us-east-1": endpoint{ + Hostname: "data.iotevents.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{ + Hostname: "data.iotevents.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-2": endpoint{ + Hostname: "data.iotevents.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "iotthingsgraph": service{ Defaults: endpoint{ CredentialScope: credentialScope{ @@ -1718,9 +1984,15 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -1741,6 +2013,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1753,11 +2026,14 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-2": endpoint{}, @@ -1777,12 +2053,6 @@ var awsPartition = partition{ "kms": service{ Endpoints: endpoints{ - "ProdFips": endpoint{ - Hostname: "kms-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, @@ -1795,6 +2065,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1802,6 +2073,16 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "lakeformation": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "lambda": service{ Endpoints: endpoints{ @@ -1817,6 +2098,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1827,6 +2109,7 @@ var awsPartition = partition{ "license-manager": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -1838,6 +2121,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1878,6 +2162,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -1907,6 +2192,7 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -1946,6 +2232,7 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, @@ -1962,6 +2249,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, @@ -2001,6 +2289,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2049,6 +2338,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2061,11 +2351,14 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -2121,6 +2414,12 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + "eu-north-1": endpoint{ + Hostname: "rds.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, "eu-west-1": endpoint{ Hostname: "rds.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ @@ -2248,6 +2547,16 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "qldb": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "ram": service{ Endpoints: endpoints{ @@ -2258,6 +2567,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2282,6 +2592,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "{service}.{dnsSuffix}", @@ -2306,6 +2617,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2319,10 +2631,14 @@ var awsPartition = partition{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, + "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, + "us-west-1": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2341,19 +2657,47 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "fips-us-east-1": endpoint{ + Hostname: "resource-groups-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "fips-us-east-2": endpoint{ + Hostname: "resource-groups-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "fips-us-west-1": endpoint{ + Hostname: "resource-groups-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "fips-us-west-2": endpoint{ + Hostname: "resource-groups-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-1": endpoint{}, + "us-west-2": endpoint{}, }, }, "robomaker": service{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-southeast-1": endpoint{}, + "eu-central-1": endpoint{}, "eu-west-1": endpoint{}, "us-east-1": endpoint{}, + "us-east-2": endpoint{}, "us-west-2": endpoint{}, }, }, @@ -2412,6 +2756,7 @@ var awsPartition = partition{ "runtime.sagemaker": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2419,12 +2764,39 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "s3": service{ @@ -2460,8 +2832,9 @@ var awsPartition = partition{ Hostname: "s3.eu-west-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, }, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "s3-external-1": endpoint{ Hostname: "s3-external-1.amazonaws.com", SignatureVersions: []string{"s3", "s3v4"}, @@ -2705,6 +3078,7 @@ var awsPartition = partition{ "securityhub": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2712,6 +3086,7 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, @@ -2825,6 +3200,7 @@ var awsPartition = partition{ "servicediscovery": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2832,9 +3208,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2842,6 +3220,16 @@ var awsPartition = partition{ "us-west-2": endpoint{}, }, }, + "session.qldb": service{ + + Endpoints: endpoints{ + "ap-northeast-1": endpoint{}, + "eu-west-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-2": endpoint{}, + "us-west-2": endpoint{}, + }, + }, "shield": service{ IsRegionalized: boxedFalse, Defaults: endpoint{ @@ -2855,6 +3243,7 @@ var awsPartition = partition{ "sms": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -2866,6 +3255,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2877,6 +3267,7 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, + "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, @@ -2909,6 +3300,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -2958,7 +3350,8 @@ var awsPartition = partition{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{ SSLCommonName: "queue.{dnsSuffix}", }, @@ -2982,6 +3375,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3004,6 +3398,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3014,6 +3409,7 @@ var awsPartition = partition{ "storagegateway": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3025,6 +3421,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3046,11 +3443,17 @@ var awsPartition = partition{ "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, + "ca-central-1-fips": endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, + "eu-west-1": endpoint{}, + "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, "local": endpoint{ Hostname: "localhost:8000", Protocols: []string{"http"}, @@ -3058,11 +3461,36 @@ var awsPartition = partition{ Region: "us-east-1", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "me-south-1": endpoint{}, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, + "us-east-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, "us-east-2": endpoint{}, + "us-east-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, "us-west-1": endpoint{}, + "us-west-1-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, "us-west-2": endpoint{}, + "us-west-2-fips": endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "sts": service{ @@ -3097,8 +3525,14 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, + "me-south-1": endpoint{ + Hostname: "sts.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + "sa-east-1": endpoint{}, + "us-east-1": endpoint{}, "us-east-1-fips": endpoint{ Hostname: "sts-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ @@ -3129,9 +3563,15 @@ var awsPartition = partition{ }, }, "support": service{ + PartitionEndpoint: "aws-global", Endpoints: endpoints{ - "us-east-1": endpoint{}, + "aws-global": endpoint{ + Hostname: "support.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, }, }, "swf": service{ @@ -3149,6 +3589,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3171,6 +3612,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3188,9 +3630,11 @@ var awsPartition = partition{ "ap-southeast-2": endpoint{}, "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, + "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -3250,12 +3694,16 @@ var awsPartition = partition{ Endpoints: endpoints{ "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, + "ap-south-1": endpoint{}, "ap-southeast-1": endpoint{}, "ap-southeast-2": endpoint{}, + "ca-central-1": endpoint{}, "eu-central-1": endpoint{}, "eu-north-1": endpoint{}, "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, + "eu-west-3": endpoint{}, + "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, "us-west-1": endpoint{}, @@ -3302,6 +3750,7 @@ var awsPartition = partition{ "xray": service{ Endpoints: endpoints{ + "ap-east-1": endpoint{}, "ap-northeast-1": endpoint{}, "ap-northeast-2": endpoint{}, "ap-south-1": endpoint{}, @@ -3313,6 +3762,7 @@ var awsPartition = partition{ "eu-west-1": endpoint{}, "eu-west-2": endpoint{}, "eu-west-3": endpoint{}, + "me-south-1": endpoint{}, "sa-east-1": endpoint{}, "us-east-1": endpoint{}, "us-east-2": endpoint{}, @@ -3578,6 +4028,15 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + }, + }, "iam": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -3598,7 +4057,8 @@ var awscnPartition = partition{ }, }, Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, }, }, "kinesis": service{ @@ -3608,6 +4068,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "kms": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "lambda": service{ Endpoints: endpoints{ @@ -3615,6 +4082,13 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "license-manager": service{ + + Endpoints: endpoints{ + "cn-north-1": endpoint{}, + "cn-northwest-1": endpoint{}, + }, + }, "logs": service{ Endpoints: endpoints{ @@ -3765,6 +4239,18 @@ var awscnPartition = partition{ "cn-northwest-1": endpoint{}, }, }, + "support": service{ + PartitionEndpoint: "aws-cn-global", + + Endpoints: endpoints{ + "aws-cn-global": endpoint{ + Hostname: "support.cn-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, "swf": service{ Endpoints: endpoints{ @@ -3922,9 +4408,17 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "codebuild": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "codecommit": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -3962,6 +4456,18 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "datasync": service{ + + Endpoints: endpoints{ + "fips-us-gov-west-1": endpoint{ + Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + "us-gov-west-1": endpoint{}, + }, + }, "directconnect": service{ Endpoints: endpoints{ @@ -3987,6 +4493,12 @@ var awsusgovPartition = partition{ Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "dynamodb.us-gov-west-1.amazonaws.com", @@ -4088,6 +4600,7 @@ var awsusgovPartition = partition{ "firehose": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -4103,6 +4616,16 @@ var awsusgovPartition = partition{ "glue": service{ Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ "us-gov-west-1": endpoint{}, }, }, @@ -4115,6 +4638,12 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "health": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + }, + }, "iam": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, @@ -4199,6 +4728,7 @@ var awsusgovPartition = partition{ }, }, Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, "us-gov-west-1": endpoint{}, }, }, @@ -4209,6 +4739,23 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "neptune": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + "us-gov-west-1": endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "organizations": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, @@ -4228,6 +4775,13 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "ram": service{ + + Endpoints: endpoints{ + "us-gov-east-1": endpoint{}, + "us-gov-west-1": endpoint{}, + }, + }, "rds": service{ Endpoints: endpoints{ @@ -4248,6 +4802,19 @@ var awsusgovPartition = partition{ "us-gov-west-1": endpoint{}, }, }, + "route53": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-us-gov-global": endpoint{ + Hostname: "route53.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "runtime.sagemaker": service{ Endpoints: endpoints{ @@ -4311,6 +4878,43 @@ var awsusgovPartition = partition{ }, }, }, + "secretsmanager": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "serverlessrepo": service{ + Defaults: endpoint{ + Protocols: []string{"https"}, + }, + Endpoints: endpoints{ + "us-gov-east-1": endpoint{ + Protocols: []string{"https"}, + }, + "us-gov-west-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "servicecatalog": service{ + + Endpoints: endpoints{ + "us-gov-west-1": endpoint{}, + "us-gov-west-1-fips": endpoint{ + Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "sms": service{ Endpoints: endpoints{ @@ -4372,6 +4976,12 @@ var awsusgovPartition = partition{ }, Endpoints: endpoints{ "us-gov-east-1": endpoint{}, + "us-gov-east-1-fips": endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, "us-gov-west-1": endpoint{}, "us-gov-west-1-fips": endpoint{ Hostname: "dynamodb.us-gov-west-1.amazonaws.com", @@ -4430,3 +5040,612 @@ var awsusgovPartition = partition{ }, }, } + +// AwsIsoPartition returns the Resolver for AWS ISO (US). +func AwsIsoPartition() Partition { + return awsisoPartition.Partition() +} + +var awsisoPartition = partition{ + ID: "aws-iso", + Name: "AWS ISO (US)", + DNSSuffix: "c2s.ic.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-iso\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + Regions: regions{ + "us-iso-east-1": region{ + Description: "US ISO East", + }, + }, + Services: services{ + "api.ecr": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Hostname: "api.ecr.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "application-autoscaling": service{ + Defaults: endpoint{ + Hostname: "autoscaling.{region}.amazonaws.com", + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "application-autoscaling", + }, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "autoscaling": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "cloudformation": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "cloudtrail": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "codedeploy": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "config": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "datapipeline": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "directconnect": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "dms": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "ds": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "dynamodb": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "ec2": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "ec2metadata": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "169.254.169.254/latest", + Protocols: []string{"http"}, + }, + }, + }, + "ecs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "elasticache": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "elasticloadbalancing": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "elasticmapreduce": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "events": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "glacier": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "health": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-iso-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "iam.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "kinesis": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "kms": service{ + + Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + "us-iso-east-1": endpoint{}, + }, + }, + "lambda": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "logs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "monitoring": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "rds": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "redshift": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-iso-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "route53.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "s3": service{ + Defaults: endpoint{ + SignatureVersions: []string{"s3v4"}, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + }, + "snowball": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "sns": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "sqs": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "states": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "streams.dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + Endpoints: endpoints{ + "us-iso-east-1": endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + }, + "sts": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "support": service{ + PartitionEndpoint: "aws-iso-global", + + Endpoints: endpoints{ + "aws-iso-global": endpoint{ + Hostname: "support.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + }, + }, + }, + "swf": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + "workspaces": service{ + + Endpoints: endpoints{ + "us-iso-east-1": endpoint{}, + }, + }, + }, +} + +// AwsIsoBPartition returns the Resolver for AWS ISOB (US). +func AwsIsoBPartition() Partition { + return awsisobPartition.Partition() +} + +var awsisobPartition = partition{ + ID: "aws-iso-b", + Name: "AWS ISOB (US)", + DNSSuffix: "sc2s.sgov.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-isob\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + Regions: regions{ + "us-isob-east-1": region{ + Description: "US ISOB East (Ohio)", + }, + }, + Services: services{ + "application-autoscaling": service{ + Defaults: endpoint{ + Hostname: "autoscaling.{region}.amazonaws.com", + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "application-autoscaling", + }, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "autoscaling": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "cloudformation": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "cloudtrail": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "config": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "directconnect": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "dms": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "ec2": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "ec2metadata": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-global": endpoint{ + Hostname: "169.254.169.254/latest", + Protocols: []string{"http"}, + }, + }, + }, + "elasticache": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "elasticloadbalancing": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "elasticmapreduce": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "events": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "glacier": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "health": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-iso-b-global", + IsRegionalized: boxedFalse, + + Endpoints: endpoints{ + "aws-iso-b-global": endpoint{ + Hostname: "iam.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, + "kinesis": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "kms": service{ + + Endpoints: endpoints{ + "ProdFips": endpoint{ + Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + "us-isob-east-1": endpoint{}, + }, + }, + "logs": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "monitoring": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "rds": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "redshift": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "s3": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "snowball": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sns": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sqs": service{ + Defaults: endpoint{ + SSLCommonName: "{region}.queue.{dnsSuffix}", + Protocols: []string{"http", "https"}, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "states": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "streams.dynamodb": service{ + Defaults: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "sts": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + "support": service{ + PartitionEndpoint: "aws-iso-b-global", + + Endpoints: endpoints{ + "aws-iso-b-global": endpoint{ + Hostname: "support.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, + "swf": service{ + + Endpoints: endpoints{ + "us-isob-east-1": endpoint{}, + }, + }, + }, +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go index f82babf6..9c936be6 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go @@ -170,10 +170,13 @@ func PartitionForRegion(ps []Partition, regionID string) (Partition, bool) { // A Partition provides the ability to enumerate the partition's regions // and services. type Partition struct { - id string - p *partition + id, dnsSuffix string + p *partition } +// DNSSuffix returns the base domain name of the partition. +func (p Partition) DNSSuffix() string { return p.dnsSuffix } + // ID returns the identifier of the partition. func (p Partition) ID() string { return p.id } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go index ff6f76db..523ad79a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go @@ -54,8 +54,9 @@ type partition struct { func (p partition) Partition() Partition { return Partition{ - id: p.ID, - p: &p, + dnsSuffix: p.DNSSuffix, + id: p.ID, + p: &p, } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go index 271da432..d9b37f4d 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go @@ -1,18 +1,17 @@ -// +build !appengine,!plan9 - package request import ( - "net" - "os" - "syscall" + "strings" ) func isErrConnectionReset(err error) bool { - if opErr, ok := err.(*net.OpError); ok { - if sysErr, ok := opErr.Err.(*os.SyscallError); ok { - return sysErr.Err == syscall.ECONNRESET - } + if strings.Contains(err.Error(), "read: connection reset") { + return false + } + + if strings.Contains(err.Error(), "connection reset") || + strings.Contains(err.Error(), "broken pipe") { + return true } return false diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go deleted file mode 100644 index daf9eca4..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error_other.go +++ /dev/null @@ -1,11 +0,0 @@ -// +build appengine plan9 - -package request - -import ( - "strings" -) - -func isErrConnectionReset(err error) bool { - return strings.Contains(err.Error(), "connection reset") -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go index 8ef8548a..185b0731 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go @@ -23,7 +23,7 @@ type Handlers struct { Complete HandlerList } -// Copy returns of this handler's lists. +// Copy returns a copy of this handler's lists. func (h *Handlers) Copy() Handlers { return Handlers{ Validate: h.Validate.copy(), @@ -42,7 +42,7 @@ func (h *Handlers) Copy() Handlers { } } -// Clear removes callback functions for all handlers +// Clear removes callback functions for all handlers. func (h *Handlers) Clear() { h.Validate.Clear() h.Build.Clear() @@ -59,6 +59,51 @@ func (h *Handlers) Clear() { h.Complete.Clear() } +// IsEmpty returns if there are no handlers in any of the handlerlists. +func (h *Handlers) IsEmpty() bool { + if h.Validate.Len() != 0 { + return false + } + if h.Build.Len() != 0 { + return false + } + if h.Send.Len() != 0 { + return false + } + if h.Sign.Len() != 0 { + return false + } + if h.Unmarshal.Len() != 0 { + return false + } + if h.UnmarshalStream.Len() != 0 { + return false + } + if h.UnmarshalMeta.Len() != 0 { + return false + } + if h.UnmarshalError.Len() != 0 { + return false + } + if h.ValidateResponse.Len() != 0 { + return false + } + if h.Retry.Len() != 0 { + return false + } + if h.AfterRetry.Len() != 0 { + return false + } + if h.CompleteAttempt.Len() != 0 { + return false + } + if h.Complete.Len() != 0 { + return false + } + + return true +} + // A HandlerListRunItem represents an entry in the HandlerList which // is being run. type HandlerListRunItem struct { diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go b/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go index b0c2ef4f..9370fa50 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go @@ -15,12 +15,15 @@ type offsetReader struct { closed bool } -func newOffsetReader(buf io.ReadSeeker, offset int64) *offsetReader { +func newOffsetReader(buf io.ReadSeeker, offset int64) (*offsetReader, error) { reader := &offsetReader{} - buf.Seek(offset, sdkio.SeekStart) + _, err := buf.Seek(offset, sdkio.SeekStart) + if err != nil { + return nil, err + } reader.buf = buf - return reader + return reader, nil } // Close will close the instance of the offset reader's access to @@ -54,7 +57,9 @@ func (o *offsetReader) Seek(offset int64, whence int) (int64, error) { // CloseAndCopy will return a new offsetReader with a copy of the old buffer // and close the old buffer. -func (o *offsetReader) CloseAndCopy(offset int64) *offsetReader { - o.Close() +func (o *offsetReader) CloseAndCopy(offset int64) (*offsetReader, error) { + if err := o.Close(); err != nil { + return nil, err + } return newOffsetReader(o.buf, offset) } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go index 19da3fcd..8e332cce 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go @@ -64,6 +64,15 @@ type Request struct { LastSignedAt time.Time DisableFollowRedirects bool + // Additional API error codes that should be retried. IsErrorRetryable + // will consider these codes in addition to its built in cases. + RetryErrorCodes []string + + // Additional API error codes that should be retried with throttle backoff + // delay. IsErrorThrottle will consider these codes in addition to its + // built in cases. + ThrottleErrorCodes []string + // A value greater than 0 instructs the request to be signed as Presigned URL // You should not set this field directly. Instead use Request's // Presign or PresignRequest methods. @@ -231,6 +240,10 @@ func (r *Request) WillRetry() bool { return r.Error != nil && aws.BoolValue(r.Retryable) && r.RetryCount < r.MaxRetries() } +func fmtAttemptCount(retryCount, maxRetries int) string { + return fmt.Sprintf("attempt %v/%v", retryCount, maxRetries) +} + // ParamsFilled returns if the request's parameters have been populated // and the parameters are valid. False is returned if no parameters are // provided or invalid. @@ -259,7 +272,18 @@ func (r *Request) SetStringBody(s string) { // SetReaderBody will set the request's body reader. func (r *Request) SetReaderBody(reader io.ReadSeeker) { r.Body = reader - r.BodyStart, _ = reader.Seek(0, sdkio.SeekCurrent) // Get the Bodies current offset. + + if aws.IsReaderSeekable(reader) { + var err error + // Get the Bodies current offset so retries will start from the same + // initial position. + r.BodyStart, err = reader.Seek(0, sdkio.SeekCurrent) + if err != nil { + r.Error = awserr.New(ErrCodeSerialization, + "failed to determine start of request body", err) + return + } + } r.ResetBody() } @@ -330,16 +354,15 @@ func getPresignedURL(r *Request, expire time.Duration) (string, http.Header, err return r.HTTPRequest.URL.String(), r.SignedHeaderVals, nil } -func debugLogReqError(r *Request, stage string, retrying bool, err error) { +const ( + notRetrying = "not retrying" +) + +func debugLogReqError(r *Request, stage, retryStr string, err error) { if !r.Config.LogLevel.Matches(aws.LogDebugWithRequestErrors) { return } - retryStr := "not retrying" - if retrying { - retryStr = "will retry" - } - r.Config.Logger.Log(fmt.Sprintf("DEBUG: %s %s/%s failed, %s, error %v", stage, r.ClientInfo.ServiceName, r.Operation.Name, retryStr, err)) } @@ -358,12 +381,12 @@ func (r *Request) Build() error { if !r.built { r.Handlers.Validate.Run(r) if r.Error != nil { - debugLogReqError(r, "Validate Request", false, r.Error) + debugLogReqError(r, "Validate Request", notRetrying, r.Error) return r.Error } r.Handlers.Build.Run(r) if r.Error != nil { - debugLogReqError(r, "Build Request", false, r.Error) + debugLogReqError(r, "Build Request", notRetrying, r.Error) return r.Error } r.built = true @@ -379,7 +402,7 @@ func (r *Request) Build() error { func (r *Request) Sign() error { r.Build() if r.Error != nil { - debugLogReqError(r, "Build Request", false, r.Error) + debugLogReqError(r, "Build Request", notRetrying, r.Error) return r.Error } @@ -387,12 +410,16 @@ func (r *Request) Sign() error { return r.Error } -func (r *Request) getNextRequestBody() (io.ReadCloser, error) { +func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) { if r.safeBody != nil { r.safeBody.Close() } - r.safeBody = newOffsetReader(r.Body, r.BodyStart) + r.safeBody, err = newOffsetReader(r.Body, r.BodyStart) + if err != nil { + return nil, awserr.New(ErrCodeSerialization, + "failed to get next request body reader", err) + } // Go 1.8 tightened and clarified the rules code needs to use when building // requests with the http package. Go 1.8 removed the automatic detection @@ -409,10 +436,10 @@ func (r *Request) getNextRequestBody() (io.ReadCloser, error) { // Related golang/go#18257 l, err := aws.SeekerLen(r.Body) if err != nil { - return nil, awserr.New(ErrCodeSerialization, "failed to compute request body size", err) + return nil, awserr.New(ErrCodeSerialization, + "failed to compute request body size", err) } - var body io.ReadCloser if l == 0 { body = NoBody } else if l > 0 { @@ -473,29 +500,28 @@ func (r *Request) Send() error { r.AttemptTime = time.Now() if err := r.Sign(); err != nil { - debugLogReqError(r, "Sign Request", false, err) + debugLogReqError(r, "Sign Request", notRetrying, err) return err } if err := r.sendRequest(); err == nil { return nil - } else if !shouldRetryCancel(r.Error) { - return err - } else { - r.Handlers.Retry.Run(r) - r.Handlers.AfterRetry.Run(r) + } + r.Handlers.Retry.Run(r) + r.Handlers.AfterRetry.Run(r) - if r.Error != nil || !aws.BoolValue(r.Retryable) { - return r.Error - } + if r.Error != nil || !aws.BoolValue(r.Retryable) { + return r.Error + } - r.prepareRetry() - continue + if err := r.prepareRetry(); err != nil { + r.Error = err + return err } } } -func (r *Request) prepareRetry() { +func (r *Request) prepareRetry() error { if r.Config.LogLevel.Matches(aws.LogDebugWithRequestRetries) { r.Config.Logger.Log(fmt.Sprintf("DEBUG: Retrying Request %s/%s, attempt %d", r.ClientInfo.ServiceName, r.Operation.Name, r.RetryCount)) @@ -506,12 +532,19 @@ func (r *Request) prepareRetry() { // the request's body even though the Client's Do returned. r.HTTPRequest = copyHTTPRequest(r.HTTPRequest, nil) r.ResetBody() + if err := r.Error; err != nil { + return awserr.New(ErrCodeSerialization, + "failed to prepare body for retry", err) + + } // Closing response body to ensure that no response body is leaked // between retry attempts. if r.HTTPResponse != nil && r.HTTPResponse.Body != nil { r.HTTPResponse.Body.Close() } + + return nil } func (r *Request) sendRequest() (sendErr error) { @@ -520,7 +553,9 @@ func (r *Request) sendRequest() (sendErr error) { r.Retryable = nil r.Handlers.Send.Run(r) if r.Error != nil { - debugLogReqError(r, "Send Request", r.WillRetry(), r.Error) + debugLogReqError(r, "Send Request", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } @@ -528,13 +563,17 @@ func (r *Request) sendRequest() (sendErr error) { r.Handlers.ValidateResponse.Run(r) if r.Error != nil { r.Handlers.UnmarshalError.Run(r) - debugLogReqError(r, "Validate Response", r.WillRetry(), r.Error) + debugLogReqError(r, "Validate Response", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } r.Handlers.Unmarshal.Run(r) if r.Error != nil { - debugLogReqError(r, "Unmarshal Response", r.WillRetry(), r.Error) + debugLogReqError(r, "Unmarshal Response", + fmtAttemptCount(r.RetryCount, r.MaxRetries()), + r.Error) return r.Error } @@ -561,48 +600,6 @@ func AddToUserAgent(r *Request, s string) { r.HTTPRequest.Header.Set("User-Agent", s) } -type temporary interface { - Temporary() bool -} - -func shouldRetryCancel(err error) bool { - switch err := err.(type) { - case awserr.Error: - if err.Code() == CanceledErrorCode { - return false - } - return shouldRetryCancel(err.OrigErr()) - case *url.Error: - if strings.Contains(err.Error(), "connection refused") { - // Refused connections should be retried as the service may not yet - // be running on the port. Go TCP dial considers refused - // connections as not temporary. - return true - } - // *url.Error only implements Temporary after golang 1.6 but since - // url.Error only wraps the error: - return shouldRetryCancel(err.Err) - case temporary: - // If the error is temporary, we want to allow continuation of the - // retry process - return err.Temporary() - case nil: - // `awserr.Error.OrigErr()` can be nil, meaning there was an error but - // because we don't know the cause, it is marked as retryable. See - // TestRequest4xxUnretryable for an example. - return true - default: - switch err.Error() { - case "net/http: request canceled", - "net/http: request canceled while waiting for connection": - // known 1.5 error case when an http request is cancelled - return false - } - // here we don't know the error; so we allow a retry. - return true - } -} - // SanitizeHostForHeader removes default port from host and updates request.Host func SanitizeHostForHeader(r *http.Request) { host := getHost(r) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go index 7c6a8000..de1292f4 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go @@ -4,6 +4,8 @@ package request import ( "net/http" + + "github.com/aws/aws-sdk-go/aws/awserr" ) // NoBody is a http.NoBody reader instructing Go HTTP client to not include @@ -24,7 +26,8 @@ var NoBody = http.NoBody func (r *Request) ResetBody() { body, err := r.getNextRequestBody() if err != nil { - r.Error = err + r.Error = awserr.New(ErrCodeSerialization, + "failed to reset request body", err) return } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go index a633ed5a..f093fc54 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go @@ -146,7 +146,7 @@ func (r *Request) nextPageTokens() []interface{} { return nil } case bool: - if v == false { + if !v { return nil } } diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go index d0aa54c6..e84084da 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go @@ -1,23 +1,41 @@ package request import ( + "net" + "net/url" + "strings" "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" ) -// Retryer is an interface to control retry logic for a given service. -// The default implementation used by most services is the client.DefaultRetryer -// structure, which contains basic retry logic using exponential backoff. +// Retryer provides the interface drive the SDK's request retry behavior. The +// Retryer implementation is responsible for implementing exponential backoff, +// and determine if a request API error should be retried. +// +// client.DefaultRetryer is the SDK's default implementation of the Retryer. It +// uses the which uses the Request.IsErrorRetryable and Request.IsErrorThrottle +// methods to determine if the request is retried. type Retryer interface { + // RetryRules return the retry delay that should be used by the SDK before + // making another request attempt for the failed request. RetryRules(*Request) time.Duration + + // ShouldRetry returns if the failed request is retryable. + // + // Implementations may consider request attempt count when determining if a + // request is retryable, but the SDK will use MaxRetries to limit the + // number of attempts a request are made. ShouldRetry(*Request) bool + + // MaxRetries is the number of times a request may be retried before + // failing. MaxRetries() int } -// WithRetryer sets a config Retryer value to the given Config returning it -// for chaining. +// WithRetryer sets a Retryer value to the given Config returning the Config +// value for chaining. func WithRetryer(cfg *aws.Config, retryer Retryer) *aws.Config { cfg.Retryer = retryer return cfg @@ -76,10 +94,6 @@ var validParentCodes = map[string]struct{}{ ErrCodeRead: {}, } -type temporaryError interface { - Temporary() bool -} - func isNestedErrorRetryable(parentErr awserr.Error) bool { if parentErr == nil { return false @@ -98,7 +112,7 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool { return isCodeRetryable(aerr.Code()) } - if t, ok := err.(temporaryError); ok { + if t, ok := err.(temporary); ok { return t.Temporary() || isErrConnectionReset(err) } @@ -108,32 +122,90 @@ func isNestedErrorRetryable(parentErr awserr.Error) bool { // IsErrorRetryable returns whether the error is retryable, based on its Code. // Returns false if error is nil. func IsErrorRetryable(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeRetryable(aerr.Code()) || isNestedErrorRetryable(aerr) + if err == nil { + return false + } + return shouldRetryError(err) +} + +type temporary interface { + Temporary() bool +} + +func shouldRetryError(origErr error) bool { + switch err := origErr.(type) { + case awserr.Error: + if err.Code() == CanceledErrorCode { + return false + } + if isNestedErrorRetryable(err) { + return true + } + + origErr := err.OrigErr() + var shouldRetry bool + if origErr != nil { + shouldRetry := shouldRetryError(origErr) + if err.Code() == "RequestError" && !shouldRetry { + return false + } + } + if isCodeRetryable(err.Code()) { + return true + } + return shouldRetry + + case *url.Error: + if strings.Contains(err.Error(), "connection refused") { + // Refused connections should be retried as the service may not yet + // be running on the port. Go TCP dial considers refused + // connections as not temporary. + return true + } + // *url.Error only implements Temporary after golang 1.6 but since + // url.Error only wraps the error: + return shouldRetryError(err.Err) + + case temporary: + if netErr, ok := err.(*net.OpError); ok && netErr.Op == "dial" { + return true } + // If the error is temporary, we want to allow continuation of the + // retry process + return err.Temporary() || isErrConnectionReset(origErr) + + case nil: + // `awserr.Error.OrigErr()` can be nil, meaning there was an error but + // because we don't know the cause, it is marked as retryable. See + // TestRequest4xxUnretryable for an example. + return true + + default: + switch err.Error() { + case "net/http: request canceled", + "net/http: request canceled while waiting for connection": + // known 1.5 error case when an http request is cancelled + return false + } + // here we don't know the error; so we allow a retry. + return true } - return false } // IsErrorThrottle returns whether the error is to be throttled based on its code. // Returns false if error is nil. func IsErrorThrottle(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeThrottle(aerr.Code()) - } + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + return isCodeThrottle(aerr.Code()) } return false } -// IsErrorExpiredCreds returns whether the error code is a credential expiry error. -// Returns false if error is nil. +// IsErrorExpiredCreds returns whether the error code is a credential expiry +// error. Returns false if error is nil. func IsErrorExpiredCreds(err error) bool { - if err != nil { - if aerr, ok := err.(awserr.Error); ok { - return isCodeExpiredCreds(aerr.Code()) - } + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + return isCodeExpiredCreds(aerr.Code()) } return false } @@ -143,17 +215,58 @@ func IsErrorExpiredCreds(err error) bool { // // Alias for the utility function IsErrorRetryable func (r *Request) IsErrorRetryable() bool { + if isErrCode(r.Error, r.RetryErrorCodes) { + return true + } + + // HTTP response status code 501 should not be retried. + // 501 represents Not Implemented which means the request method is not + // supported by the server and cannot be handled. + if r.HTTPResponse != nil { + // HTTP response status code 500 represents internal server error and + // should be retried without any throttle. + if r.HTTPResponse.StatusCode == 500 { + return true + } + } return IsErrorRetryable(r.Error) } -// IsErrorThrottle returns whether the error is to be throttled based on its code. -// Returns false if the request has no Error set +// IsErrorThrottle returns whether the error is to be throttled based on its +// code. Returns false if the request has no Error set. // // Alias for the utility function IsErrorThrottle func (r *Request) IsErrorThrottle() bool { + if isErrCode(r.Error, r.ThrottleErrorCodes) { + return true + } + + if r.HTTPResponse != nil { + switch r.HTTPResponse.StatusCode { + case + 429, // error caused due to too many requests + 502, // Bad Gateway error should be throttled + 503, // caused when service is unavailable + 504: // error occurred due to gateway timeout + return true + } + } + return IsErrorThrottle(r.Error) } +func isErrCode(err error, codes []string) bool { + if aerr, ok := err.(awserr.Error); ok && aerr != nil { + for _, code := range codes { + if code == aerr.Code() { + return true + } + } + } + + return false +} + // IsErrorExpired returns whether the error code is a credential expiry error. // Returns false if the request has no Error set. // diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go new file mode 100644 index 00000000..7713ccfc --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -0,0 +1,259 @@ +package session + +import ( + "fmt" + "os" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/credentials/processcreds" + "github.com/aws/aws-sdk-go/aws/credentials/stscreds" + "github.com/aws/aws-sdk-go/aws/defaults" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/internal/shareddefaults" +) + +func resolveCredentials(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (*credentials.Credentials, error) { + + switch { + case len(sessOpts.Profile) != 0: + // User explicitly provided an Profile in the session's configuration + // so load that profile from shared config first. + // Github(aws/aws-sdk-go#2727) + return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) + + case envCfg.Creds.HasKeys(): + // Environment credentials + return credentials.NewStaticCredentialsFromCreds(envCfg.Creds), nil + + case len(envCfg.WebIdentityTokenFilePath) != 0: + // Web identity token from environment, RoleARN required to also be + // set. + return assumeWebIdentity(cfg, handlers, + envCfg.WebIdentityTokenFilePath, + envCfg.RoleARN, + envCfg.RoleSessionName, + ) + + default: + // Fallback to the "default" credential resolution chain. + return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) + } +} + +// WebIdentityEmptyRoleARNErr will occur if 'AWS_WEB_IDENTITY_TOKEN_FILE' was set but +// 'AWS_IAM_ROLE_ARN' was not set. +var WebIdentityEmptyRoleARNErr = awserr.New(stscreds.ErrCodeWebIdentity, "role ARN is not set", nil) + +// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_IAM_ROLE_ARN' was set but +// 'AWS_WEB_IDENTITY_TOKEN_FILE' was not set. +var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "token file path is not set", nil) + +func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers, + filepath string, + roleARN, sessionName string, +) (*credentials.Credentials, error) { + + if len(filepath) == 0 { + return nil, WebIdentityEmptyTokenFilePathErr + } + + if len(roleARN) == 0 { + return nil, WebIdentityEmptyRoleARNErr + } + + creds := stscreds.NewWebIdentityCredentials( + &Session{ + Config: cfg, + Handlers: handlers.Copy(), + }, + roleARN, + sessionName, + filepath, + ) + + return creds, nil +} + +func resolveCredsFromProfile(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (creds *credentials.Credentials, err error) { + + switch { + case sharedCfg.SourceProfile != nil: + // Assume IAM role with credentials source from a different profile. + creds, err = resolveCredsFromProfile(cfg, envCfg, + *sharedCfg.SourceProfile, handlers, sessOpts, + ) + + case sharedCfg.Creds.HasKeys(): + // Static Credentials from Shared Config/Credentials file. + creds = credentials.NewStaticCredentialsFromCreds( + sharedCfg.Creds, + ) + + case len(sharedCfg.CredentialProcess) != 0: + // Get credentials from CredentialProcess + creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) + + case len(sharedCfg.CredentialSource) != 0: + creds, err = resolveCredsFromSource(cfg, envCfg, + sharedCfg, handlers, sessOpts, + ) + + case len(sharedCfg.WebIdentityTokenFile) != 0: + // Credentials from Assume Web Identity token require an IAM Role, and + // that roll will be assumed. May be wrapped with another assume role + // via SourceProfile. + return assumeWebIdentity(cfg, handlers, + sharedCfg.WebIdentityTokenFile, + sharedCfg.RoleARN, + sharedCfg.RoleSessionName, + ) + + default: + // Fallback to default credentials provider, include mock errors for + // the credential chain so user can identify why credentials failed to + // be retrieved. + creds = credentials.NewCredentials(&credentials.ChainProvider{ + VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), + Providers: []credentials.Provider{ + &credProviderError{ + Err: awserr.New("EnvAccessKeyNotFound", + "failed to find credentials in the environment.", nil), + }, + &credProviderError{ + Err: awserr.New("SharedCredsLoad", + fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil), + }, + defaults.RemoteCredProvider(*cfg, handlers), + }, + }) + } + if err != nil { + return nil, err + } + + if len(sharedCfg.RoleARN) > 0 { + cfgCp := *cfg + cfgCp.Credentials = creds + return credsFromAssumeRole(cfgCp, handlers, sharedCfg, sessOpts) + } + + return creds, nil +} + +// valid credential source values +const ( + credSourceEc2Metadata = "Ec2InstanceMetadata" + credSourceEnvironment = "Environment" + credSourceECSContainer = "EcsContainer" +) + +func resolveCredsFromSource(cfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) (creds *credentials.Credentials, err error) { + + switch sharedCfg.CredentialSource { + case credSourceEc2Metadata: + p := defaults.RemoteCredProvider(*cfg, handlers) + creds = credentials.NewCredentials(p) + + case credSourceEnvironment: + creds = credentials.NewStaticCredentialsFromCreds(envCfg.Creds) + + case credSourceECSContainer: + if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 { + return nil, ErrSharedConfigECSContainerEnvVarEmpty + } + + p := defaults.RemoteCredProvider(*cfg, handlers) + creds = credentials.NewCredentials(p) + + default: + return nil, ErrSharedConfigInvalidCredSource + } + + return creds, nil +} + +func credsFromAssumeRole(cfg aws.Config, + handlers request.Handlers, + sharedCfg sharedConfig, + sessOpts Options, +) (*credentials.Credentials, error) { + + if len(sharedCfg.MFASerial) != 0 && sessOpts.AssumeRoleTokenProvider == nil { + // AssumeRole Token provider is required if doing Assume Role + // with MFA. + return nil, AssumeRoleTokenProviderNotSetError{} + } + + return stscreds.NewCredentials( + &Session{ + Config: &cfg, + Handlers: handlers.Copy(), + }, + sharedCfg.RoleARN, + func(opt *stscreds.AssumeRoleProvider) { + opt.RoleSessionName = sharedCfg.RoleSessionName + opt.Duration = sessOpts.AssumeRoleDuration + + // Assume role with external ID + if len(sharedCfg.ExternalID) > 0 { + opt.ExternalID = aws.String(sharedCfg.ExternalID) + } + + // Assume role with MFA + if len(sharedCfg.MFASerial) > 0 { + opt.SerialNumber = aws.String(sharedCfg.MFASerial) + opt.TokenProvider = sessOpts.AssumeRoleTokenProvider + } + }, + ), nil +} + +// AssumeRoleTokenProviderNotSetError is an error returned when creating a +// session when the MFAToken option is not set when shared config is configured +// load assume a role with an MFA token. +type AssumeRoleTokenProviderNotSetError struct{} + +// Code is the short id of the error. +func (e AssumeRoleTokenProviderNotSetError) Code() string { + return "AssumeRoleTokenProviderNotSetError" +} + +// Message is the description of the error +func (e AssumeRoleTokenProviderNotSetError) Message() string { + return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") +} + +// OrigErr is the underlying error that caused the failure. +func (e AssumeRoleTokenProviderNotSetError) OrigErr() error { + return nil +} + +// Error satisfies the error interface. +func (e AssumeRoleTokenProviderNotSetError) Error() string { + return awserr.SprintError(e.Code(), e.Message(), "", nil) +} + +type credProviderError struct { + Err error +} + +func (c credProviderError) Retrieve() (credentials.Value, error) { + return credentials.Value{}, c.Err +} +func (c credProviderError) IsExpired() bool { + return true +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go index 38a7b05a..7ec66e7e 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go @@ -1,97 +1,93 @@ /* -Package session provides configuration for the SDK's service clients. - -Sessions can be shared across all service clients that share the same base -configuration. The Session is built from the SDK's default configuration and -request handlers. - -Sessions should be cached when possible, because creating a new Session will -load all configuration values from the environment, and config files each time -the Session is created. Sharing the Session value across all of your service -clients will ensure the configuration is loaded the fewest number of times possible. - -Concurrency +Package session provides configuration for the SDK's service clients. Sessions +can be shared across service clients that share the same base configuration. Sessions are safe to use concurrently as long as the Session is not being -modified. The SDK will not modify the Session once the Session has been created. -Creating service clients concurrently from a shared Session is safe. - -Sessions from Shared Config - -Sessions can be created using the method above that will only load the -additional config if the AWS_SDK_LOAD_CONFIG environment variable is set. -Alternatively you can explicitly create a Session with shared config enabled. -To do this you can use NewSessionWithOptions to configure how the Session will -be created. Using the NewSessionWithOptions with SharedConfigState set to -SharedConfigEnable will create the session as if the AWS_SDK_LOAD_CONFIG -environment variable was set. +modified. Sessions should be cached when possible, because creating a new +Session will load all configuration values from the environment, and config +files each time the Session is created. Sharing the Session value across all of +your service clients will ensure the configuration is loaded the fewest number +of times possible. -Creating Sessions - -When creating Sessions optional aws.Config values can be passed in that will -override the default, or loaded config values the Session is being created -with. This allows you to provide additional, or case based, configuration -as needed. +Sessions options from Shared Config By default NewSession will only load credentials from the shared credentials file (~/.aws/credentials). If the AWS_SDK_LOAD_CONFIG environment variable is set to a truthy value the Session will be created from the configuration values from the shared config (~/.aws/config) and shared credentials -(~/.aws/credentials) files. See the section Sessions from Shared Config for -more information. +(~/.aws/credentials) files. Using the NewSessionWithOptions with +SharedConfigState set to SharedConfigEnable will create the session as if the +AWS_SDK_LOAD_CONFIG environment variable was set. -Create a Session with the default config and request handlers. With credentials -region, and profile loaded from the environment and shared config automatically. -Requires the AWS_PROFILE to be set, or "default" is used. +Credential and config loading order - // Create Session - sess := session.Must(session.NewSession()) +The Session will attempt to load configuration and credentials from the +environment, configuration files, and other credential sources. The order +configuration is loaded in is: - // Create a Session with a custom region - sess := session.Must(session.NewSession(&aws.Config{ - Region: aws.String("us-east-1"), - })) + * Environment Variables + * Shared Credentials file + * Shared Configuration file (if SharedConfig is enabled) + * EC2 Instance Metadata (credentials only) - // Create a S3 client instance from a session - sess := session.Must(session.NewSession()) +The Environment variables for credentials will have precedence over shared +config even if SharedConfig is enabled. To override this behavior, and use +shared config credentials instead specify the session.Options.Profile, (e.g. +when using credential_source=Environment to assume a role). + + sess, err := session.NewSessionWithOptions(session.Options{ + Profile: "myProfile", + }) - svc := s3.New(sess) +Creating Sessions -Create Session With Option Overrides +Creating a Session without additional options will load credentials region, and +profile loaded from the environment and shared config automatically. See, +"Environment Variables" section for information on environment variables used +by Session. -In addition to NewSession, Sessions can be created using NewSessionWithOptions. -This func allows you to control and override how the Session will be created -through code instead of being driven by environment variables only. + // Create Session + sess, err := session.NewSession() -Use NewSessionWithOptions when you want to provide the config profile, or -override the shared config state (AWS_SDK_LOAD_CONFIG). + +When creating Sessions optional aws.Config values can be passed in that will +override the default, or loaded, config values the Session is being created +with. This allows you to provide additional, or case based, configuration +as needed. + + // Create a Session with a custom region + sess, err := session.NewSession(&aws.Config{ + Region: aws.String("us-west-2"), + }) + +Use NewSessionWithOptions to provide additional configuration driving how the +Session's configuration will be loaded. Such as, specifying shared config +profile, or override the shared config state, (AWS_SDK_LOAD_CONFIG). // Equivalent to session.NewSession() - sess := session.Must(session.NewSessionWithOptions(session.Options{ + sess, err := session.NewSessionWithOptions(session.Options{ // Options - })) + }) - // Specify profile to load for the session's config - sess := session.Must(session.NewSessionWithOptions(session.Options{ - Profile: "profile_name", - })) + sess, err := session.NewSessionWithOptions(session.Options{ + // Specify profile to load for the session's config + Profile: "profile_name", - // Specify profile for config and region for requests - sess := session.Must(session.NewSessionWithOptions(session.Options{ - Config: aws.Config{Region: aws.String("us-east-1")}, - Profile: "profile_name", - })) + // Provide SDK Config options, such as Region. + Config: aws.Config{ + Region: aws.String("us-west-2"), + }, - // Force enable Shared Config support - sess := session.Must(session.NewSessionWithOptions(session.Options{ + // Force enable Shared Config support SharedConfigState: session.SharedConfigEnable, - })) + }) Adding Handlers -You can add handlers to a session for processing HTTP requests. All service -clients that use the session inherit the handlers. For example, the following -handler logs every request and its payload made by a service client: +You can add handlers to a session to decorate API operation, (e.g. adding HTTP +headers). All clients that use the Session receive a copy of the Session's +handlers. For example, the following request handler added to the Session logs +every requests made. // Create a session, and add additional handlers for all service // clients created with the Session to inherit. Adds logging handler. @@ -99,22 +95,15 @@ handler logs every request and its payload made by a service client: sess.Handlers.Send.PushFront(func(r *request.Request) { // Log every request made and its payload - logger.Printf("Request: %s/%s, Payload: %s", + logger.Printf("Request: %s/%s, Params: %s", r.ClientInfo.ServiceName, r.Operation, r.Params) }) -Deprecated "New" function - -The New session function has been deprecated because it does not provide good -way to return errors that occur when loading the configuration files and values. -Because of this, NewSession was created so errors can be retrieved when -creating a session fails. - Shared Config Fields -By default the SDK will only load the shared credentials file's (~/.aws/credentials) -credentials values, and all other config is provided by the environment variables, -SDK defaults, and user provided aws.Config values. +By default the SDK will only load the shared credentials file's +(~/.aws/credentials) credentials values, and all other config is provided by +the environment variables, SDK defaults, and user provided aws.Config values. If the AWS_SDK_LOAD_CONFIG environment variable is set, or SharedConfigEnable option is used to create the Session the full shared config values will be @@ -125,24 +114,31 @@ files have the same format. If both config files are present the configuration from both files will be read. The Session will be created from configuration values from the shared -credentials file (~/.aws/credentials) over those in the shared config file (~/.aws/config). +credentials file (~/.aws/credentials) over those in the shared config file +(~/.aws/config). -Credentials are the values the SDK should use for authenticating requests with -AWS Services. They are from a configuration file will need to include both -aws_access_key_id and aws_secret_access_key must be provided together in the -same file to be considered valid. The values will be ignored if not a complete -group. aws_session_token is an optional field that can be provided if both of -the other two fields are also provided. +Credentials are the values the SDK uses to authenticating requests with AWS +Services. When specified in a file, both aws_access_key_id and +aws_secret_access_key must be provided together in the same file to be +considered valid. They will be ignored if both are not present. +aws_session_token is an optional field that can be provided in addition to the +other two fields. aws_access_key_id = AKID aws_secret_access_key = SECRET aws_session_token = TOKEN -Assume Role values allow you to configure the SDK to assume an IAM role using -a set of credentials provided in a config file via the source_profile field. -Both "role_arn" and "source_profile" are required. The SDK supports assuming -a role with MFA token if the session option AssumeRoleTokenProvider -is set. + ; region only supported if SharedConfigEnabled. + region = us-east-1 + +Assume Role configuration + +The role_arn field allows you to configure the SDK to assume an IAM role using +a set of credentials from another source. Such as when paired with static +credentials, "profile_source", "credential_process", or "credential_source" +fields. If "role_arn" is provided, a source of credentials must also be +specified, such as "source_profile", "credential_source", or +"credential_process". role_arn = arn:aws:iam::<account_number>:role/<role_name> source_profile = profile_with_creds @@ -150,40 +146,16 @@ is set. mfa_serial = <serial or mfa arn> role_session_name = session_name -Region is the region the SDK should use for looking up AWS service endpoints -and signing requests. - - region = us-east-1 - -Assume Role with MFA token -To create a session with support for assuming an IAM role with MFA set the -session option AssumeRoleTokenProvider to a function that will prompt for the -MFA token code when the SDK assumes the role and refreshes the role's credentials. -This allows you to configure the SDK via the shared config to assumea role -with MFA tokens. - -In order for the SDK to assume a role with MFA the SharedConfigState -session option must be set to SharedConfigEnable, or AWS_SDK_LOAD_CONFIG -environment variable set. - -The shared configuration instructs the SDK to assume an IAM role with MFA -when the mfa_serial configuration field is set in the shared config -(~/.aws/config) or shared credentials (~/.aws/credentials) file. - -If mfa_serial is set in the configuration, the SDK will assume the role, and -the AssumeRoleTokenProvider session option is not set an an error will -be returned when creating the session. +The SDK supports assuming a role with MFA token. If "mfa_serial" is set, you +must also set the Session Option.AssumeRoleTokenProvider. The Session will fail +to load if the AssumeRoleTokenProvider is not specified. sess := session.Must(session.NewSessionWithOptions(session.Options{ AssumeRoleTokenProvider: stscreds.StdinTokenProvider, })) - // Create service client value configured for credentials - // from assumed role. - svc := s3.New(sess) - -To setup assume role outside of a session see the stscreds.AssumeRoleProvider +To setup Assume Role outside of a session see the stscreds.AssumeRoleProvider documentation. Environment Variables diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index e3959b95..60a6f9ce 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -99,21 +99,41 @@ type envConfig struct { CustomCABundle string csmEnabled string - CSMEnabled bool + CSMEnabled *bool CSMPort string + CSMHost string CSMClientID string - enableEndpointDiscovery string // Enables endpoint discovery via environment variables. // // AWS_ENABLE_ENDPOINT_DISCOVERY=true EnableEndpointDiscovery *bool + enableEndpointDiscovery string + + // Specifies the WebIdentity token the SDK should use to assume a role + // with. + // + // AWS_WEB_IDENTITY_TOKEN_FILE=file_path + WebIdentityTokenFilePath string + + // Specifies the IAM role arn to use when assuming an role. + // + // AWS_ROLE_ARN=role_arn + RoleARN string + + // Specifies the IAM role session name to use when assuming a role. + // + // AWS_ROLE_SESSION_NAME=session_name + RoleSessionName string } var ( csmEnabledEnvKey = []string{ "AWS_CSM_ENABLED", } + csmHostEnvKey = []string{ + "AWS_CSM_HOST", + } csmPortEnvKey = []string{ "AWS_CSM_PORT", } @@ -150,6 +170,15 @@ var ( sharedConfigFileEnvKey = []string{ "AWS_CONFIG_FILE", } + webIdentityTokenFilePathEnvKey = []string{ + "AWS_WEB_IDENTITY_TOKEN_FILE", + } + roleARNEnvKey = []string{ + "AWS_ROLE_ARN", + } + roleSessionNameEnvKey = []string{ + "AWS_ROLE_SESSION_NAME", + } ) // loadEnvConfig retrieves the SDK's environment configuration. @@ -178,21 +207,33 @@ func envConfigLoad(enableSharedConfig bool) envConfig { cfg.EnableSharedConfig = enableSharedConfig - setFromEnvVal(&cfg.Creds.AccessKeyID, credAccessEnvKey) - setFromEnvVal(&cfg.Creds.SecretAccessKey, credSecretEnvKey) - setFromEnvVal(&cfg.Creds.SessionToken, credSessionEnvKey) + // Static environment credentials + var creds credentials.Value + setFromEnvVal(&creds.AccessKeyID, credAccessEnvKey) + setFromEnvVal(&creds.SecretAccessKey, credSecretEnvKey) + setFromEnvVal(&creds.SessionToken, credSessionEnvKey) + if creds.HasKeys() { + // Require logical grouping of credentials + creds.ProviderName = EnvProviderName + cfg.Creds = creds + } + + // Role Metadata + setFromEnvVal(&cfg.RoleARN, roleARNEnvKey) + setFromEnvVal(&cfg.RoleSessionName, roleSessionNameEnvKey) + + // Web identity environment variables + setFromEnvVal(&cfg.WebIdentityTokenFilePath, webIdentityTokenFilePathEnvKey) // CSM environment variables setFromEnvVal(&cfg.csmEnabled, csmEnabledEnvKey) + setFromEnvVal(&cfg.CSMHost, csmHostEnvKey) setFromEnvVal(&cfg.CSMPort, csmPortEnvKey) setFromEnvVal(&cfg.CSMClientID, csmClientIDEnvKey) - cfg.CSMEnabled = len(cfg.csmEnabled) > 0 - // Require logical grouping of credentials - if len(cfg.Creds.AccessKeyID) == 0 || len(cfg.Creds.SecretAccessKey) == 0 { - cfg.Creds = credentials.Value{} - } else { - cfg.Creds.ProviderName = EnvProviderName + if len(cfg.csmEnabled) != 0 { + v, _ := strconv.ParseBool(cfg.csmEnabled) + cfg.CSMEnabled = &v } regionKeys := regionEnvKeys diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index be4b5f07..7b0a942e 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -8,19 +8,17 @@ import ( "io/ioutil" "net/http" "os" + "time" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/corehandlers" "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/credentials/processcreds" - "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/csm" "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/shareddefaults" ) const ( @@ -106,8 +104,20 @@ func New(cfgs ...*aws.Config) *Session { } s := deprecatedNewSession(cfgs...) - if envCfg.CSMEnabled { - enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger) + + if csmCfg, err := loadCSMConfig(envCfg, []string{}); err != nil { + if l := s.Config.Logger; l != nil { + l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) + } + } else if csmCfg.Enabled { + err := enableCSM(&s.Handlers, csmCfg, s.Config.Logger) + if err != nil { + err = fmt.Errorf("failed to enable CSM, %v", err) + s.Config.Logger.Log("ERROR:", err.Error()) + s.Handlers.Validate.PushBack(func(r *request.Request) { + r.Error = err + }) + } } return s @@ -126,7 +136,7 @@ func New(cfgs ...*aws.Config) *Session { // to be built with retrieving credentials with AssumeRole set in the config. // // See the NewSessionWithOptions func for information on how to override or -// control through code how the Session will be created. Such as specifying the +// control through code how the Session will be created, such as specifying the // config profile, and controlling if shared config is enabled or not. func NewSession(cfgs ...*aws.Config) (*Session, error) { opts := Options{} @@ -210,6 +220,12 @@ type Options struct { // the config enables assume role wit MFA via the mfa_serial field. AssumeRoleTokenProvider func() (string, error) + // When the SDK's shared config is configured to assume a role this option + // may be provided to set the expiry duration of the STS credentials. + // Defaults to 15 minutes if not set as documented in the + // stscreds.AssumeRoleProvider. + AssumeRoleDuration time.Duration + // Reader for a custom Credentials Authority (CA) bundle in PEM format that // the SDK will use instead of the default system's root CA bundle. Use this // only if you want to replace the CA bundle the SDK uses for TLS requests. @@ -224,6 +240,12 @@ type Options struct { // to also enable this feature. CustomCABundle session option field has priority // over the AWS_CA_BUNDLE environment variable, and will be used if both are set. CustomCABundle io.Reader + + // The handlers that the session and all API clients will be created with. + // This must be a complete set of handlers. Use the defaults.Handlers() + // function to initialize this value before changing the handlers to be + // used by the SDK. + Handlers request.Handlers } // NewSessionWithOptions returns a new Session created from SDK defaults, config files, @@ -263,7 +285,7 @@ func NewSessionWithOptions(opts Options) (*Session, error) { envCfg = loadEnvConfig() } - if len(opts.Profile) > 0 { + if len(opts.Profile) != 0 { envCfg.Profile = opts.Profile } @@ -329,27 +351,33 @@ func deprecatedNewSession(cfgs ...*aws.Config) *Session { return s } -func enableCSM(handlers *request.Handlers, clientID string, port string, logger aws.Logger) { - logger.Log("Enabling CSM") - if len(port) == 0 { - port = csm.DefaultPort +func enableCSM(handlers *request.Handlers, cfg csmConfig, logger aws.Logger) error { + if logger != nil { + logger.Log("Enabling CSM") } - r, err := csm.Start(clientID, "127.0.0.1:"+port) + r, err := csm.Start(cfg.ClientID, csm.AddressWithDefaults(cfg.Host, cfg.Port)) if err != nil { - return + return err } r.InjectHandlers(handlers) + + return nil } func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, error) { cfg := defaults.Config() - handlers := defaults.Handlers() + + handlers := opts.Handlers + if handlers.IsEmpty() { + handlers = defaults.Handlers() + } // Get a merged version of the user provided config to determine if // credentials were. userCfg := &aws.Config{} userCfg.MergeIn(cfgs...) + cfg.MergeIn(userCfg) // Ordered config files will be loaded in with later files overwriting // previous config file values. @@ -366,9 +394,17 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, } // Load additional config from file(s) - sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles) + sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles, envCfg.EnableSharedConfig) if err != nil { - return nil, err + if len(envCfg.Profile) == 0 && !envCfg.EnableSharedConfig && (envCfg.Creds.HasKeys() || userCfg.Credentials != nil) { + // Special case where the user has not explicitly specified an AWS_PROFILE, + // or session.Options.profile, shared config is not enabled, and the + // environment has credentials, allow the shared config file to fail to + // load since the user has already provided credentials, and nothing else + // is required to be read file. Github(aws/aws-sdk-go#2455) + } else if _, ok := err.(SharedConfigProfileNotExistsError); !ok { + return nil, err + } } if err := mergeConfigSrcs(cfg, userCfg, envCfg, sharedCfg, handlers, opts); err != nil { @@ -381,8 +417,16 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, } initHandlers(s) - if envCfg.CSMEnabled { - enableCSM(&s.Handlers, envCfg.CSMClientID, envCfg.CSMPort, s.Config.Logger) + + if csmCfg, err := loadCSMConfig(envCfg, cfgFiles); err != nil { + if l := s.Config.Logger; l != nil { + l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) + } + } else if csmCfg.Enabled { + err = enableCSM(&s.Handlers, csmCfg, s.Config.Logger) + if err != nil { + return nil, err + } } // Setup HTTP client with custom cert bundle if enabled @@ -395,6 +439,46 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, return s, nil } +type csmConfig struct { + Enabled bool + Host string + Port string + ClientID string +} + +var csmProfileName = "aws_csm" + +func loadCSMConfig(envCfg envConfig, cfgFiles []string) (csmConfig, error) { + if envCfg.CSMEnabled != nil { + if *envCfg.CSMEnabled { + return csmConfig{ + Enabled: true, + ClientID: envCfg.CSMClientID, + Host: envCfg.CSMHost, + Port: envCfg.CSMPort, + }, nil + } + return csmConfig{}, nil + } + + sharedCfg, err := loadSharedConfig(csmProfileName, cfgFiles, false) + if err != nil { + if _, ok := err.(SharedConfigProfileNotExistsError); !ok { + return csmConfig{}, err + } + } + if sharedCfg.CSMEnabled != nil && *sharedCfg.CSMEnabled == true { + return csmConfig{ + Enabled: true, + ClientID: sharedCfg.CSMClientID, + Host: sharedCfg.CSMHost, + Port: sharedCfg.CSMPort, + }, nil + } + + return csmConfig{}, nil +} + func loadCustomCABundle(s *Session, bundle io.Reader) error { var t *http.Transport switch v := s.Config.HTTPClient.Transport.(type) { @@ -443,9 +527,11 @@ func loadCertPool(r io.Reader) (*x509.CertPool, error) { return p, nil } -func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig, handlers request.Handlers, sessOpts Options) error { - // Merge in user provided configuration - cfg.MergeIn(userCfg) +func mergeConfigSrcs(cfg, userCfg *aws.Config, + envCfg envConfig, sharedCfg sharedConfig, + handlers request.Handlers, + sessOpts Options, +) error { // Region if not already set by user if len(aws.StringValue(cfg.Region)) == 0 { @@ -464,164 +550,19 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg share } } - // Configure credentials if not already set + // Configure credentials if not already set by the user when creating the + // Session. if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - - // inspect the profile to see if a credential source has been specified. - if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.CredentialSource) > 0 { - - // if both credential_source and source_profile have been set, return an error - // as this is undefined behavior. - if len(sharedCfg.AssumeRole.SourceProfile) > 0 { - return ErrSharedConfigSourceCollision - } - - // valid credential source values - const ( - credSourceEc2Metadata = "Ec2InstanceMetadata" - credSourceEnvironment = "Environment" - credSourceECSContainer = "EcsContainer" - ) - - switch sharedCfg.AssumeRole.CredentialSource { - case credSourceEc2Metadata: - cfgCp := *cfg - p := defaults.RemoteCredProvider(cfgCp, handlers) - cfgCp.Credentials = credentials.NewCredentials(p) - - if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil { - // AssumeRole Token provider is required if doing Assume Role - // with MFA. - return AssumeRoleTokenProviderNotSetError{} - } - - cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts) - case credSourceEnvironment: - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - envCfg.Creds, - ) - case credSourceECSContainer: - if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 { - return ErrSharedConfigECSContainerEnvVarEmpty - } - - cfgCp := *cfg - p := defaults.RemoteCredProvider(cfgCp, handlers) - creds := credentials.NewCredentials(p) - - cfg.Credentials = creds - default: - return ErrSharedConfigInvalidCredSource - } - - return nil - } - - if len(envCfg.Creds.AccessKeyID) > 0 { - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - envCfg.Creds, - ) - } else if envCfg.EnableSharedConfig && len(sharedCfg.AssumeRole.RoleARN) > 0 && sharedCfg.AssumeRoleSource != nil { - cfgCp := *cfg - cfgCp.Credentials = credentials.NewStaticCredentialsFromCreds( - sharedCfg.AssumeRoleSource.Creds, - ) - - if len(sharedCfg.AssumeRole.MFASerial) > 0 && sessOpts.AssumeRoleTokenProvider == nil { - // AssumeRole Token provider is required if doing Assume Role - // with MFA. - return AssumeRoleTokenProviderNotSetError{} - } - - cfg.Credentials = assumeRoleCredentials(cfgCp, handlers, sharedCfg, sessOpts) - } else if len(sharedCfg.Creds.AccessKeyID) > 0 { - cfg.Credentials = credentials.NewStaticCredentialsFromCreds( - sharedCfg.Creds, - ) - } else if len(sharedCfg.CredentialProcess) > 0 { - cfg.Credentials = processcreds.NewCredentials( - sharedCfg.CredentialProcess, - ) - } else { - // Fallback to default credentials provider, include mock errors - // for the credential chain so user can identify why credentials - // failed to be retrieved. - cfg.Credentials = credentials.NewCredentials(&credentials.ChainProvider{ - VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), - Providers: []credentials.Provider{ - &credProviderError{Err: awserr.New("EnvAccessKeyNotFound", "failed to find credentials in the environment.", nil)}, - &credProviderError{Err: awserr.New("SharedCredsLoad", fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil)}, - defaults.RemoteCredProvider(*cfg, handlers), - }, - }) + creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) + if err != nil { + return err } + cfg.Credentials = creds } return nil } -func assumeRoleCredentials(cfg aws.Config, handlers request.Handlers, sharedCfg sharedConfig, sessOpts Options) *credentials.Credentials { - return stscreds.NewCredentials( - &Session{ - Config: &cfg, - Handlers: handlers.Copy(), - }, - sharedCfg.AssumeRole.RoleARN, - func(opt *stscreds.AssumeRoleProvider) { - opt.RoleSessionName = sharedCfg.AssumeRole.RoleSessionName - - // Assume role with external ID - if len(sharedCfg.AssumeRole.ExternalID) > 0 { - opt.ExternalID = aws.String(sharedCfg.AssumeRole.ExternalID) - } - - // Assume role with MFA - if len(sharedCfg.AssumeRole.MFASerial) > 0 { - opt.SerialNumber = aws.String(sharedCfg.AssumeRole.MFASerial) - opt.TokenProvider = sessOpts.AssumeRoleTokenProvider - } - }, - ) -} - -// AssumeRoleTokenProviderNotSetError is an error returned when creating a session when the -// MFAToken option is not set when shared config is configured load assume a -// role with an MFA token. -type AssumeRoleTokenProviderNotSetError struct{} - -// Code is the short id of the error. -func (e AssumeRoleTokenProviderNotSetError) Code() string { - return "AssumeRoleTokenProviderNotSetError" -} - -// Message is the description of the error -func (e AssumeRoleTokenProviderNotSetError) Message() string { - return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") -} - -// OrigErr is the underlying error that caused the failure. -func (e AssumeRoleTokenProviderNotSetError) OrigErr() error { - return nil -} - -// Error satisfies the error interface. -func (e AssumeRoleTokenProviderNotSetError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", nil) -} - -type credProviderError struct { - Err error -} - -var emptyCreds = credentials.Value{} - -func (c credProviderError) Retrieve() (credentials.Value, error) { - return credentials.Value{}, c.Err -} -func (c credProviderError) IsExpired() bool { - return true -} - func initHandlers(s *Session) { // Add the Validate parameter handler if it is not disabled. s.Handlers.Validate.Remove(corehandlers.ValidateParametersHandler) @@ -630,7 +571,7 @@ func initHandlers(s *Session) { } } -// Copy creates and returns a copy of the current Session, coping the config +// Copy creates and returns a copy of the current Session, copying the config // and handlers. If any additional configs are provided they will be merged // on top of the Session's copied config. // diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index 7cb44021..d91ac93a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -5,7 +5,6 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/internal/ini" ) @@ -23,13 +22,23 @@ const ( mfaSerialKey = `mfa_serial` // optional roleSessionNameKey = `role_session_name` // optional + // CSM options + csmEnabledKey = `csm_enabled` + csmHostKey = `csm_host` + csmPortKey = `csm_port` + csmClientIDKey = `csm_client_id` + // Additional Config fields regionKey = `region` // endpoint discovery group enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional + // External Credential Process - credentialProcessKey = `credential_process` + credentialProcessKey = `credential_process` // optional + + // Web Identity Token File + webIdentityTokenFileKey = `web_identity_token_file` // optional // DefaultSharedConfigProfile is the default profile to be used when // loading configuration from the config files if another profile name @@ -37,36 +46,33 @@ const ( DefaultSharedConfigProfile = `default` ) -type assumeRoleConfig struct { - RoleARN string - SourceProfile string - CredentialSource string - ExternalID string - MFASerial string - RoleSessionName string -} - // sharedConfig represents the configuration fields of the SDK config files. type sharedConfig struct { - // Credentials values from the config file. Both aws_access_key_id - // and aws_secret_access_key must be provided together in the same file - // to be considered valid. The values will be ignored if not a complete group. - // aws_session_token is an optional field that can be provided if both of the - // other two fields are also provided. + // Credentials values from the config file. Both aws_access_key_id and + // aws_secret_access_key must be provided together in the same file to be + // considered valid. The values will be ignored if not a complete group. + // aws_session_token is an optional field that can be provided if both of + // the other two fields are also provided. // // aws_access_key_id // aws_secret_access_key // aws_session_token Creds credentials.Value - AssumeRole assumeRoleConfig - AssumeRoleSource *sharedConfig + CredentialSource string + CredentialProcess string + WebIdentityTokenFile string - // An external process to request credentials - CredentialProcess string + RoleARN string + RoleSessionName string + ExternalID string + MFASerial string - // Region is the region the SDK should use for looking up AWS service endpoints - // and signing requests. + SourceProfileName string + SourceProfile *sharedConfig + + // Region is the region the SDK should use for looking up AWS service + // endpoints and signing requests. // // region Region string @@ -76,6 +82,12 @@ type sharedConfig struct { // // endpoint_discovery_enabled = true EnableEndpointDiscovery *bool + + // CSM Options + CSMEnabled *bool + CSMHost string + CSMPort string + CSMClientID string } type sharedConfigFile struct { @@ -83,17 +95,18 @@ type sharedConfigFile struct { IniData ini.Sections } -// loadSharedConfig retrieves the configuration from the list of files -// using the profile provided. The order the files are listed will determine +// loadSharedConfig retrieves the configuration from the list of files using +// the profile provided. The order the files are listed will determine // precedence. Values in subsequent files will overwrite values defined in // earlier files. // // For example, given two files A and B. Both define credentials. If the order -// of the files are A then B, B's credential values will be used instead of A's. +// of the files are A then B, B's credential values will be used instead of +// A's. // // See sharedConfig.setFromFile for information how the config files // will be loaded. -func loadSharedConfig(profile string, filenames []string) (sharedConfig, error) { +func loadSharedConfig(profile string, filenames []string, exOpts bool) (sharedConfig, error) { if len(profile) == 0 { profile = DefaultSharedConfigProfile } @@ -104,16 +117,11 @@ func loadSharedConfig(profile string, filenames []string) (sharedConfig, error) } cfg := sharedConfig{} - if err = cfg.setFromIniFiles(profile, files); err != nil { + profiles := map[string]struct{}{} + if err = cfg.setFromIniFiles(profiles, profile, files, exOpts); err != nil { return sharedConfig{}, err } - if len(cfg.AssumeRole.SourceProfile) > 0 { - if err := cfg.setAssumeRoleSource(profile, files); err != nil { - return sharedConfig{}, err - } - } - return cfg, nil } @@ -137,60 +145,88 @@ func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) { return files, nil } -func (cfg *sharedConfig) setAssumeRoleSource(origProfile string, files []sharedConfigFile) error { - var assumeRoleSrc sharedConfig - - if len(cfg.AssumeRole.CredentialSource) > 0 { - // setAssumeRoleSource is only called when source_profile is found. - // If both source_profile and credential_source are set, then - // ErrSharedConfigSourceCollision will be returned - return ErrSharedConfigSourceCollision +func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error { + // Trim files from the list that don't exist. + var skippedFiles int + var profileNotFoundErr error + for _, f := range files { + if err := cfg.setFromIniFile(profile, f, exOpts); err != nil { + if _, ok := err.(SharedConfigProfileNotExistsError); ok { + // Ignore profiles not defined in individual files. + profileNotFoundErr = err + skippedFiles++ + continue + } + return err + } + } + if skippedFiles == len(files) { + // If all files were skipped because the profile is not found, return + // the original profile not found error. + return profileNotFoundErr } - // Multiple level assume role chains are not support - if cfg.AssumeRole.SourceProfile == origProfile { - assumeRoleSrc = *cfg - assumeRoleSrc.AssumeRole = assumeRoleConfig{} + if _, ok := profiles[profile]; ok { + // if this is the second instance of the profile the Assume Role + // options must be cleared because they are only valid for the + // first reference of a profile. The self linked instance of the + // profile only have credential provider options. + cfg.clearAssumeRoleOptions() } else { - err := assumeRoleSrc.setFromIniFiles(cfg.AssumeRole.SourceProfile, files) - if err != nil { + // First time a profile has been seen, It must either be a assume role + // or credentials. Assert if the credential type requires a role ARN, + // the ARN is also set. + if err := cfg.validateCredentialsRequireARN(profile); err != nil { return err } } + profiles[profile] = struct{}{} - if len(assumeRoleSrc.Creds.AccessKeyID) == 0 { - return SharedConfigAssumeRoleError{RoleARN: cfg.AssumeRole.RoleARN} + if err := cfg.validateCredentialType(); err != nil { + return err } - cfg.AssumeRoleSource = &assumeRoleSrc + // Link source profiles for assume roles + if len(cfg.SourceProfileName) != 0 { + // Linked profile via source_profile ignore credential provider + // options, the source profile must provide the credentials. + cfg.clearCredentialOptions() - return nil -} - -func (cfg *sharedConfig) setFromIniFiles(profile string, files []sharedConfigFile) error { - // Trim files from the list that don't exist. - for _, f := range files { - if err := cfg.setFromIniFile(profile, f); err != nil { + srcCfg := &sharedConfig{} + err := srcCfg.setFromIniFiles(profiles, cfg.SourceProfileName, files, exOpts) + if err != nil { + // SourceProfile that doesn't exist is an error in configuration. if _, ok := err.(SharedConfigProfileNotExistsError); ok { - // Ignore proviles missings - continue + err = SharedConfigAssumeRoleError{ + RoleARN: cfg.RoleARN, + SourceProfile: cfg.SourceProfileName, + } } return err } + + if !srcCfg.hasCredentials() { + return SharedConfigAssumeRoleError{ + RoleARN: cfg.RoleARN, + SourceProfile: cfg.SourceProfileName, + } + } + + cfg.SourceProfile = srcCfg } return nil } -// setFromFile loads the configuration from the file using -// the profile provided. A sharedConfig pointer type value is used so that -// multiple config file loadings can be chained. +// setFromFile loads the configuration from the file using the profile +// provided. A sharedConfig pointer type value is used so that multiple config +// file loadings can be chained. // // Only loads complete logically grouped values, and will not set fields in cfg -// for incomplete grouped values in the config. Such as credentials. For example -// if a config file only includes aws_access_key_id but no aws_secret_access_key -// the aws_access_key_id will be ignored. -func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) error { +// for incomplete grouped values in the config. Such as credentials. For +// example if a config file only includes aws_access_key_id but no +// aws_secret_access_key the aws_access_key_id will be ignored. +func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, exOpts bool) error { section, ok := file.IniData.GetSection(profile) if !ok { // Fallback to to alternate profile name: profile <name> @@ -200,51 +236,141 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile) e } } + if exOpts { + // Assume Role Parameters + updateString(&cfg.RoleARN, section, roleArnKey) + updateString(&cfg.ExternalID, section, externalIDKey) + updateString(&cfg.MFASerial, section, mfaSerialKey) + updateString(&cfg.RoleSessionName, section, roleSessionNameKey) + updateString(&cfg.SourceProfileName, section, sourceProfileKey) + updateString(&cfg.CredentialSource, section, credentialSourceKey) + + updateString(&cfg.Region, section, regionKey) + } + + updateString(&cfg.CredentialProcess, section, credentialProcessKey) + updateString(&cfg.WebIdentityTokenFile, section, webIdentityTokenFileKey) + // Shared Credentials - akid := section.String(accessKeyIDKey) - secret := section.String(secretAccessKey) - if len(akid) > 0 && len(secret) > 0 { - cfg.Creds = credentials.Value{ - AccessKeyID: akid, - SecretAccessKey: secret, - SessionToken: section.String(sessionTokenKey), - ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename), - } + creds := credentials.Value{ + AccessKeyID: section.String(accessKeyIDKey), + SecretAccessKey: section.String(secretAccessKey), + SessionToken: section.String(sessionTokenKey), + ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename), + } + if creds.HasKeys() { + cfg.Creds = creds + } + + // Endpoint discovery + updateBoolPtr(&cfg.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey) + + // CSM options + updateBoolPtr(&cfg.CSMEnabled, section, csmEnabledKey) + updateString(&cfg.CSMHost, section, csmHostKey) + updateString(&cfg.CSMPort, section, csmPortKey) + updateString(&cfg.CSMClientID, section, csmClientIDKey) + + return nil +} + +func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error { + var credSource string + + switch { + case len(cfg.SourceProfileName) != 0: + credSource = sourceProfileKey + case len(cfg.CredentialSource) != 0: + credSource = credentialSourceKey + case len(cfg.WebIdentityTokenFile) != 0: + credSource = webIdentityTokenFileKey } - // Assume Role - roleArn := section.String(roleArnKey) - srcProfile := section.String(sourceProfileKey) - credentialSource := section.String(credentialSourceKey) - hasSource := len(srcProfile) > 0 || len(credentialSource) > 0 - if len(roleArn) > 0 && hasSource { - cfg.AssumeRole = assumeRoleConfig{ - RoleARN: roleArn, - SourceProfile: srcProfile, - CredentialSource: credentialSource, - ExternalID: section.String(externalIDKey), - MFASerial: section.String(mfaSerialKey), - RoleSessionName: section.String(roleSessionNameKey), + if len(credSource) != 0 && len(cfg.RoleARN) == 0 { + return CredentialRequiresARNError{ + Type: credSource, + Profile: profile, } } - // `credential_process` - if credProc := section.String(credentialProcessKey); len(credProc) > 0 { - cfg.CredentialProcess = credProc + return nil +} + +func (cfg *sharedConfig) validateCredentialType() error { + // Only one or no credential type can be defined. + if !oneOrNone( + len(cfg.SourceProfileName) != 0, + len(cfg.CredentialSource) != 0, + len(cfg.CredentialProcess) != 0, + len(cfg.WebIdentityTokenFile) != 0, + ) { + return ErrSharedConfigSourceCollision } - // Region - if v := section.String(regionKey); len(v) > 0 { - cfg.Region = v + return nil +} + +func (cfg *sharedConfig) hasCredentials() bool { + switch { + case len(cfg.SourceProfileName) != 0: + case len(cfg.CredentialSource) != 0: + case len(cfg.CredentialProcess) != 0: + case len(cfg.WebIdentityTokenFile) != 0: + case cfg.Creds.HasKeys(): + default: + return false } - // Endpoint discovery - if section.Has(enableEndpointDiscoveryKey) { - v := section.Bool(enableEndpointDiscoveryKey) - cfg.EnableEndpointDiscovery = &v + return true +} + +func (cfg *sharedConfig) clearCredentialOptions() { + cfg.CredentialSource = "" + cfg.CredentialProcess = "" + cfg.WebIdentityTokenFile = "" + cfg.Creds = credentials.Value{} +} + +func (cfg *sharedConfig) clearAssumeRoleOptions() { + cfg.RoleARN = "" + cfg.ExternalID = "" + cfg.MFASerial = "" + cfg.RoleSessionName = "" + cfg.SourceProfileName = "" +} + +func oneOrNone(bs ...bool) bool { + var count int + + for _, b := range bs { + if b { + count++ + if count > 1 { + return false + } + } } - return nil + return true +} + +// updateString will only update the dst with the value in the section key, key +// is present in the section. +func updateString(dst *string, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = section.String(key) +} + +// updateBoolPtr will only update the dst with the value in the section key, +// key is present in the section. +func updateBoolPtr(dst **bool, section ini.Section, key string) { + if !section.Has(key) { + return + } + *dst = new(bool) + **dst = section.Bool(key) } // SharedConfigLoadError is an error for the shared config file failed to load. @@ -304,7 +430,8 @@ func (e SharedConfigProfileNotExistsError) Error() string { // profile contains assume role information, but that information is invalid // or not complete. type SharedConfigAssumeRoleError struct { - RoleARN string + RoleARN string + SourceProfile string } // Code is the short id of the error. @@ -314,8 +441,10 @@ func (e SharedConfigAssumeRoleError) Code() string { // Message is the description of the error func (e SharedConfigAssumeRoleError) Message() string { - return fmt.Sprintf("failed to load assume role for %s, source profile has no shared credentials", - e.RoleARN) + return fmt.Sprintf( + "failed to load assume role for %s, source profile %s has no shared credentials", + e.RoleARN, e.SourceProfile, + ) } // OrigErr is the underlying error that caused the failure. @@ -327,3 +456,36 @@ func (e SharedConfigAssumeRoleError) OrigErr() error { func (e SharedConfigAssumeRoleError) Error() string { return awserr.SprintError(e.Code(), e.Message(), "", nil) } + +// CredentialRequiresARNError provides the error for shared config credentials +// that are incorrectly configured in the shared config or credentials file. +type CredentialRequiresARNError struct { + // type of credentials that were configured. + Type string + + // Profile name the credentials were in. + Profile string +} + +// Code is the short id of the error. +func (e CredentialRequiresARNError) Code() string { + return "CredentialRequiresARNError" +} + +// Message is the description of the error +func (e CredentialRequiresARNError) Message() string { + return fmt.Sprintf( + "credential type %s requires role_arn, profile %s", + e.Type, e.Profile, + ) +} + +// OrigErr is the underlying error that caused the failure. +func (e CredentialRequiresARNError) OrigErr() error { + return nil +} + +// Error satisfies the error interface. +func (e CredentialRequiresARNError) Error() string { + return awserr.SprintError(e.Code(), e.Message(), "", nil) +} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 523db79f..8104793a 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -687,7 +687,11 @@ func (ctx *signingCtx) buildBodyDigest() error { if !aws.IsReaderSeekable(ctx.Body) { return fmt.Errorf("cannot use unseekable request body %T, for signed request with body", ctx.Body) } - hash = hex.EncodeToString(makeSha256Reader(ctx.Body)) + hashBytes, err := makeSha256Reader(ctx.Body) + if err != nil { + return err + } + hash = hex.EncodeToString(hashBytes) } if includeSHA256Header { @@ -734,10 +738,16 @@ func makeSha256(data []byte) []byte { return hash.Sum(nil) } -func makeSha256Reader(reader io.ReadSeeker) []byte { +func makeSha256Reader(reader io.ReadSeeker) (hashBytes []byte, err error) { hash := sha256.New() - start, _ := reader.Seek(0, sdkio.SeekCurrent) - defer reader.Seek(start, sdkio.SeekStart) + start, err := reader.Seek(0, sdkio.SeekCurrent) + if err != nil { + return nil, err + } + defer func() { + // ensure error is return if unable to seek back to start of payload. + _, err = reader.Seek(start, sdkio.SeekStart) + }() // Use CopyN to avoid allocating the 32KB buffer in io.Copy for bodies // smaller than 32KB. Fall back to io.Copy if we fail to determine the size. @@ -748,7 +758,7 @@ func makeSha256Reader(reader io.ReadSeeker) []byte { io.CopyN(hash, reader, size) } - return hash.Sum(nil) + return hash.Sum(nil), nil } const doubleSpace = " " diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index 9ed1367d..448ff119 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.19.41" +const SDKVersion = "1.25.5" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go index e56dcee2..cf9fad81 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go +++ b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go @@ -162,7 +162,7 @@ loop: if len(tokens) == 0 { break loop } - + // if should skip is true, we skip the tokens until should skip is set to false. step = SkipTokenState } @@ -218,7 +218,7 @@ loop: // S -> equal_expr' expr_stmt' switch k.Kind { case ASTKindEqualExpr: - // assiging a value to some key + // assigning a value to some key k.AppendChild(newExpression(tok)) stack.Push(newExprStatement(k)) case ASTKindExpr: @@ -250,6 +250,13 @@ loop: if !runeCompare(tok.Raw(), openBrace) { return nil, NewParseError("expected '['") } + // If OpenScopeState is not at the start, we must mark the previous ast as complete + // + // for example: if previous ast was a skip statement; + // we should mark it as complete before we create a new statement + if k.Kind != ASTKindStart { + stack.MarkComplete(k) + } stmt := newStatement() stack.Push(stmt) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go index 6bb69644..da7a4049 100644 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go +++ b/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go @@ -22,24 +22,24 @@ func newSkipper() skipper { } func (s *skipper) ShouldSkip(tok Token) bool { + // should skip state will be modified only if previous token was new line (NL); + // and the current token is not WhiteSpace (WS). if s.shouldSkip && s.prevTok.Type() == TokenNL && tok.Type() != TokenWS { - s.Continue() return false } s.prevTok = tok - return s.shouldSkip } func (s *skipper) Skip() { s.shouldSkip = true - s.prevTok = emptyToken } func (s *skipper) Continue() { s.shouldSkip = false + // empty token is assigned as we return to default state, when should skip is false s.prevTok = emptyToken } diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go new file mode 100644 index 00000000..6c443988 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go @@ -0,0 +1,12 @@ +package sdkio + +const ( + // Byte is 8 bits + Byte int64 = 1 + // KibiByte (KiB) is 1024 Bytes + KibiByte = Byte * 1024 + // MebiByte (MiB) is 1024 KiB + MebiByte = KibiByte * 1024 + // GibiByte (GiB) is 1024 MiB + GibiByte = MebiByte * 1024 +) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go new file mode 100644 index 00000000..44898eed --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go @@ -0,0 +1,15 @@ +// +build go1.10 + +package sdkmath + +import "math" + +// Round returns the nearest integer, rounding half away from zero. +// +// Special cases are: +// Round(±0) = ±0 +// Round(±Inf) = ±Inf +// Round(NaN) = NaN +func Round(x float64) float64 { + return math.Round(x) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go new file mode 100644 index 00000000..810ec7f0 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go @@ -0,0 +1,56 @@ +// +build !go1.10 + +package sdkmath + +import "math" + +// Copied from the Go standard library's (Go 1.12) math/floor.go for use in +// Go version prior to Go 1.10. +const ( + uvone = 0x3FF0000000000000 + mask = 0x7FF + shift = 64 - 11 - 1 + bias = 1023 + signMask = 1 << 63 + fracMask = 1<<shift - 1 +) + +// Round returns the nearest integer, rounding half away from zero. +// +// Special cases are: +// Round(±0) = ±0 +// Round(±Inf) = ±Inf +// Round(NaN) = NaN +// +// Copied from the Go standard library's (Go 1.12) math/floor.go for use in +// Go version prior to Go 1.10. +func Round(x float64) float64 { + // Round is a faster implementation of: + // + // func Round(x float64) float64 { + // t := Trunc(x) + // if Abs(x-t) >= 0.5 { + // return t + Copysign(1, x) + // } + // return t + // } + bits := math.Float64bits(x) + e := uint(bits>>shift) & mask + if e < bias { + // Round abs(x) < 1 including denormals. + bits &= signMask // +-0 + if e == bias-1 { + bits |= uvone // +-1 + } + } else if e < bias+shift { + // Round any abs(x) >= 1 containing a fractional component [0,1). + // + // Numbers with larger exponents are returned unchanged since they + // must be either an integer, infinity, or NaN. + const half = 1 << (shift - 1) + e -= bias + bits += half >> e + bits &^= fracMask >> e + } + return math.Float64frombits(bits) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go new file mode 100644 index 00000000..f4651da2 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go @@ -0,0 +1,11 @@ +// +build go1.6 + +package sdkrand + +import "math/rand" + +// Read provides the stub for math.Rand.Read method support for go version's +// 1.6 and greater. +func Read(r *rand.Rand, p []byte) (int, error) { + return r.Read(p) +} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go new file mode 100644 index 00000000..b1d93a33 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go @@ -0,0 +1,24 @@ +// +build !go1.6 + +package sdkrand + +import "math/rand" + +// Read backfills Go 1.6's math.Rand.Reader for Go 1.5 +func Read(r *rand.Rand, p []byte) (n int, err error) { + // Copy of Go standard libraries math package's read function not added to + // standard library until Go 1.6. + var pos int8 + var val int64 + for n = 0; n < len(p); n++ { + if pos == 0 { + val = r.Int63() + pos = 7 + } + p[n] = byte(val) + val >>= 8 + pos-- + } + + return n, err +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go index de021367..74e361e0 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go @@ -146,6 +146,9 @@ func unmarshalStatusCode(v reflect.Value, statusCode int) { } func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) error { + if len(headers) == 0 { + return nil + } switch r.Interface().(type) { case map[string]*string: // we only support string map value types out := map[string]*string{} @@ -155,19 +158,28 @@ func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string) err out[k[len(prefix):]] = &v[0] } } - r.Set(reflect.ValueOf(out)) + if len(out) != 0 { + r.Set(reflect.ValueOf(out)) + } + } return nil } func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) error { - isJSONValue := tag.Get("type") == "jsonvalue" - if isJSONValue { + switch tag.Get("type") { + case "jsonvalue": if len(header) == 0 { return nil } - } else if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) { - return nil + case "blob": + if len(header) == 0 { + return nil + } + default: + if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) { + return nil + } } switch v.Interface().(type) { @@ -178,7 +190,7 @@ func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) erro if err != nil { return err } - v.Set(reflect.ValueOf(&b)) + v.Set(reflect.ValueOf(b)) case *bool: b, err := strconv.ParseBool(header) if err != nil { diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go index b7ed6c6f..05d4ff51 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go @@ -1,8 +1,11 @@ package protocol import ( + "math" "strconv" "time" + + "github.com/aws/aws-sdk-go/internal/sdkmath" ) // Names of time formats supported by the SDK @@ -13,12 +16,19 @@ const ( ) // Time formats supported by the SDK +// Output time is intended to not contain decimals const ( // RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT" + // This format is used for output time without seconds precision + RFC822OutputTimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT" + // RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z - ISO8601TimeFormat = "2006-01-02T15:04:05Z" + ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" + + // This format is used for output time without seconds precision + ISO8601OutputTimeFormat = "2006-01-02T15:04:05Z" ) // IsKnownTimestampFormat returns if the timestamp format name @@ -42,9 +52,9 @@ func FormatTime(name string, t time.Time) string { switch name { case RFC822TimeFormatName: - return t.Format(RFC822TimeFormat) + return t.Format(RFC822OutputTimeFormat) case ISO8601TimeFormatName: - return t.Format(ISO8601TimeFormat) + return t.Format(ISO8601OutputTimeFormat) case UnixTimeFormatName: return strconv.FormatInt(t.Unix(), 10) default: @@ -62,10 +72,12 @@ func ParseTime(formatName, value string) (time.Time, error) { return time.Parse(ISO8601TimeFormat, value) case UnixTimeFormatName: v, err := strconv.ParseFloat(value, 64) + _, dec := math.Modf(v) + dec = sdkmath.Round(dec*1e3) / 1e3 //Rounds 0.1229999 to 0.123 if err != nil { return time.Time{}, err } - return time.Unix(int64(v), 0), nil + return time.Unix(int64(v), int64(dec*(1e9))), nil default: panic("unknown timestamp format name, " + formatName) } diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go new file mode 100644 index 00000000..c1a51185 --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go @@ -0,0 +1,32 @@ +package xmlutil + +import ( + "encoding/xml" + "strings" +) + +type xmlAttrSlice []xml.Attr + +func (x xmlAttrSlice) Len() int { + return len(x) +} + +func (x xmlAttrSlice) Less(i, j int) bool { + spaceI, spaceJ := x[i].Name.Space, x[j].Name.Space + localI, localJ := x[i].Name.Local, x[j].Name.Local + valueI, valueJ := x[i].Value, x[j].Value + + spaceCmp := strings.Compare(spaceI, spaceJ) + localCmp := strings.Compare(localI, localJ) + valueCmp := strings.Compare(valueI, valueJ) + + if spaceCmp == -1 || (spaceCmp == 0 && (localCmp == -1 || (localCmp == 0 && valueCmp == -1))) { + return true + } + + return false +} + +func (x xmlAttrSlice) Swap(i, j int) { + x[i], x[j] = x[j], x[i] +} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go index 515ce152..42f71648 100644 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go +++ b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go @@ -119,7 +119,18 @@ func (n *XMLNode) findElem(name string) (string, bool) { // StructToXML writes an XMLNode to a xml.Encoder as tokens. func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error { - e.EncodeToken(xml.StartElement{Name: node.Name, Attr: node.Attr}) + // Sort Attributes + attrs := node.Attr + if sorted { + sortedAttrs := make([]xml.Attr, len(attrs)) + for _, k := range node.Attr { + sortedAttrs = append(sortedAttrs, k) + } + sort.Sort(xmlAttrSlice(sortedAttrs)) + attrs = sortedAttrs + } + + e.EncodeToken(xml.StartElement{Name: node.Name, Attr: attrs}) if node.Text != "" { e.EncodeToken(xml.CharData([]byte(node.Text))) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 7ab3c049..1e9a303f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -778,7 +778,6 @@ func (c *EC2) AssignPrivateIpAddressesRequest(input *AssignPrivateIpAddressesInp output = &AssignPrivateIpAddressesOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -1062,7 +1061,7 @@ func (c *EC2) AssociateDhcpOptionsRequest(input *AssociateDhcpOptionsInput) (req // its DHCP lease. You can explicitly renew the lease using the operating system // on the instance. // -// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1218,7 +1217,7 @@ func (c *EC2) AssociateRouteTableRequest(input *AssociateRouteTableInput) (req * // an association ID, which you need in order to disassociate the route table // from the subnet later. A route table can be associated with multiple subnets. // -// For more information, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1449,7 +1448,7 @@ func (c *EC2) AssociateVpcCidrBlockRequest(input *AssociateVpcCidrBlockInput) (r // IPv6 CIDR block size is fixed at /56. // // For more information about associating CIDR blocks with your VPC and applicable -// restrictions, see VPC and Subnet Sizing (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html#VPC_Sizing) +// restrictions, see VPC and Subnet Sizing (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1612,7 +1611,7 @@ func (c *EC2) AttachInternetGatewayRequest(input *AttachInternetGatewayInput) (r // // Attaches an internet gateway to a VPC, enabling connectivity between the // internet and the VPC. For more information about your VPC and internet gateway, -// see the Amazon Virtual Private Cloud User Guide (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). +// see the Amazon Virtual Private Cloud User Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1763,15 +1762,12 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // Attaches an EBS volume to a running or stopped instance and exposes it to // the instance with the specified device name. // -// Encrypted EBS volumes may only be attached to instances that support Amazon -// EBS encryption. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// Encrypted EBS volumes must be attached to instances that support Amazon EBS +// encryption. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For a list of supported device names, see Attaching an EBS Volume to an Instance -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html). -// Any device names that aren't reserved for instance store volumes can be used -// for EBS volumes. For more information, see Amazon EC2 Instance Store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) -// in the Amazon Elastic Compute Cloud User Guide. +// After you attach an EBS volume, you must make it available. For more information, +// see Making an EBS Volume Available For Use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). // // If a volume has an AWS Marketplace product code: // @@ -1785,8 +1781,7 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the product. For example, you can't detach a volume from a Windows instance // and attach it to a Linux instance. // -// For more information about EBS volumes, see Attaching Amazon EBS Volumes -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) +// For more information, see Attaching Amazon EBS Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) // in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3140,14 +3135,13 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // Copies a point-in-time snapshot of an EBS volume and stores it in Amazon // S3. You can copy the snapshot within the same Region or from one Region to // another. You can use the snapshot to create EBS volumes or Amazon Machine -// Images (AMIs). The snapshot is copied to the regional endpoint that you send -// the HTTP request to. +// Images (AMIs). // // Copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted -// snapshots remain unencrypted, unless the Encrypted flag is specified during -// the snapshot copy operation. By default, encrypted snapshot copies use the -// default AWS Key Management Service (AWS KMS) customer master key (CMK); however, -// you can specify a non-default CMK with the KmsKeyId parameter. +// snapshots remain unencrypted, unless you enable encryption for the snapshot +// copy operation. By default, encrypted snapshot copies use the default AWS +// Key Management Service (AWS KMS) customer master key (CMK); however, you +// can specify a different CMK. // // To copy an encrypted snapshot that has been shared from another account, // you must have permissions for the CMK used to encrypt the snapshot. @@ -3484,7 +3478,7 @@ func (c *EC2) CreateCustomerGatewayRequest(input *CreateCustomerGatewayInput) (r // gateway is the appliance at your end of the VPN connection. (The device on // the AWS side of the VPN connection is the virtual private gateway.) You must // provide the Internet-routable IP address of the customer gateway's external -// interface. The IP address must be static and may be behind a device performing +// interface. The IP address must be static and can be behind a device performing // network address translation (NAT). // // For devices that use Border Gateway Protocol (BGP), you can also provide @@ -3580,7 +3574,7 @@ func (c *EC2) CreateDefaultSubnetRequest(input *CreateDefaultSubnetInput) (req * // Creates a default subnet with a size /20 IPv4 CIDR block in the specified // Availability Zone in your default VPC. You can have only one default subnet // per Availability Zone. For more information, see Creating a Default Subnet -// (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html#create-default-subnet) +// (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-subnet) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3657,7 +3651,7 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques // // Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet // in each Availability Zone. For more information about the components of a -// default VPC, see Default VPC and Default Subnets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html) +// default VPC, see Default VPC and Default Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) // in the Amazon Virtual Private Cloud User Guide. You cannot specify the components // of the default VPC yourself. // @@ -3750,9 +3744,9 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // * domain-name-servers - The IP addresses of up to four domain name servers, // or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. // If specifying more than one domain name server, specify the IP addresses -// in a single parameter, separated by commas. ITo have your instance to -// receive a custom DNS hostname as specified in domain-name, you must set -// domain-name-servers to a custom DNS server. +// in a single parameter, separated by commas. To have your instance receive +// a custom DNS hostname as specified in domain-name, you must set domain-name-servers +// to a custom DNS server. // // * domain-name - If you're using AmazonProvidedDNS in us-east-1, specify // ec2.internal. If you're using AmazonProvidedDNS in another Region, specify @@ -3778,7 +3772,7 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // only a DNS server that we provide (AmazonProvidedDNS). If you create a set // of options, and if your VPC has an internet gateway, make sure to set the // domain-name-servers option either to AmazonProvidedDNS or to a domain name -// server of your choice. For more information, see DHCP Options Sets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// server of your choice. For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4015,7 +4009,7 @@ func (c *EC2) CreateFlowLogsRequest(input *CreateFlowLogsInput) (req *request.Re // // Flow log data for a monitored network interface is recorded as flow log records, // which are log events consisting of fields that describe the traffic flow. -// For more information, see Flow Log Records (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records) +// For more information, see Flow Log Records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) // in the Amazon Virtual Private Cloud User Guide. // // When publishing to CloudWatch Logs, flow log records are published to a log @@ -4024,7 +4018,7 @@ func (c *EC2) CreateFlowLogsRequest(input *CreateFlowLogsInput) (req *request.Re // interfaces are published to a single log file object that is stored in the // specified bucket. // -// For more information, see VPC Flow Logs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html) +// For more information, see VPC Flow Logs (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4346,7 +4340,7 @@ func (c *EC2) CreateInternetGatewayRequest(input *CreateInternetGatewayInput) (r // gateway, you attach it to a VPC using AttachInternetGateway. // // For more information about your VPC and internet gateway, see the Amazon -// Virtual Private Cloud User Guide (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/). +// Virtual Private Cloud User Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4665,7 +4659,7 @@ func (c *EC2) CreateNatGatewayRequest(input *CreateNatGatewayInput) (req *reques // the IP address range of the subnet. Internet-bound traffic from a private // subnet can be routed to the NAT gateway, therefore enabling instances in // the private subnet to connect to the internet. For more information, see -// NAT Gateways (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html) +// NAT Gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4743,7 +4737,7 @@ func (c *EC2) CreateNetworkAclRequest(input *CreateNetworkAclInput) (req *reques // Creates a network ACL in a VPC. Network ACLs provide an optional layer of // security (in addition to security groups) for the instances in your VPC. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -4834,7 +4828,7 @@ func (c *EC2) CreateNetworkAclEntryRequest(input *CreateNetworkAclEntryInput) (r // After you add an entry, you can't modify it; you must either replace it, // or create an entry and delete the old one. // -// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5265,7 +5259,7 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // route in the list covers a smaller number of IP addresses and is therefore // more specific, so we use that route to determine where to target the traffic. // -// For more information about route tables, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information about route tables, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5343,7 +5337,7 @@ func (c *EC2) CreateRouteTableRequest(input *CreateRouteTableInput) (req *reques // Creates a route table for the specified VPC. After you create a route table, // you can add routes and associate the table with a subnet. // -// For more information, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5801,7 +5795,7 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // It's therefore possible to have a subnet with no running instances (they're // all stopped), but no remaining IP addresses available. // -// For more information about subnets, see Your VPC and Subnets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// For more information about subnets, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -5915,6 +5909,333 @@ func (c *EC2) CreateTagsWithContext(ctx aws.Context, input *CreateTagsInput, opt return out, req.Send() } +const opCreateTrafficMirrorFilter = "CreateTrafficMirrorFilter" + +// CreateTrafficMirrorFilterRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorFilter for more information on using the CreateTrafficMirrorFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorFilterRequest method. +// req, resp := client.CreateTrafficMirrorFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilter +func (c *EC2) CreateTrafficMirrorFilterRequest(input *CreateTrafficMirrorFilterInput) (req *request.Request, output *CreateTrafficMirrorFilterOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorFilterInput{} + } + + output = &CreateTrafficMirrorFilterOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorFilter API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror filter. +// +// A Traffic Mirror filter is a set of rules that defines the traffic to mirror. +// +// By default, no traffic is mirrored. To mirror traffic, use CreateTrafficMirrorFilterRule +// to add Traffic Mirror rules to the filter. The rules you add define what +// traffic gets mirrored. You can also use ModifyTrafficMirrorFilterNetworkServices +// to mirror supported network services. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorFilter for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilter +func (c *EC2) CreateTrafficMirrorFilter(input *CreateTrafficMirrorFilterInput) (*CreateTrafficMirrorFilterOutput, error) { + req, out := c.CreateTrafficMirrorFilterRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorFilterWithContext is the same as CreateTrafficMirrorFilter with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorFilterWithContext(ctx aws.Context, input *CreateTrafficMirrorFilterInput, opts ...request.Option) (*CreateTrafficMirrorFilterOutput, error) { + req, out := c.CreateTrafficMirrorFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorFilterRule = "CreateTrafficMirrorFilterRule" + +// CreateTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorFilterRule for more information on using the CreateTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorFilterRuleRequest method. +// req, resp := client.CreateTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilterRule +func (c *EC2) CreateTrafficMirrorFilterRuleRequest(input *CreateTrafficMirrorFilterRuleInput) (req *request.Request, output *CreateTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorFilterRuleInput{} + } + + output = &CreateTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror rule. +// +// A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror. +// +// You need the Traffic Mirror filter ID when you create the rule. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorFilterRule +func (c *EC2) CreateTrafficMirrorFilterRule(input *CreateTrafficMirrorFilterRuleInput) (*CreateTrafficMirrorFilterRuleOutput, error) { + req, out := c.CreateTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorFilterRuleWithContext is the same as CreateTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *CreateTrafficMirrorFilterRuleInput, opts ...request.Option) (*CreateTrafficMirrorFilterRuleOutput, error) { + req, out := c.CreateTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorSession = "CreateTrafficMirrorSession" + +// CreateTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorSession for more information on using the CreateTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorSessionRequest method. +// req, resp := client.CreateTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorSession +func (c *EC2) CreateTrafficMirrorSessionRequest(input *CreateTrafficMirrorSessionInput) (req *request.Request, output *CreateTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorSessionInput{} + } + + output = &CreateTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Creates a Traffic Mirror session. +// +// A Traffic Mirror session actively copies packets from a Traffic Mirror source +// to a Traffic Mirror target. Create a filter, and then assign it to the session +// to define a subset of the traffic to mirror, for example all TCP traffic. +// +// The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) +// can be in the same VPC, or in a different VPC connected via VPC peering or +// a transit gateway. +// +// By default, no traffic is mirrored. Use CreateTrafficMirrorFilter to create +// filter rules that specify the traffic to mirror. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorSession +func (c *EC2) CreateTrafficMirrorSession(input *CreateTrafficMirrorSessionInput) (*CreateTrafficMirrorSessionOutput, error) { + req, out := c.CreateTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorSessionWithContext is the same as CreateTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorSessionWithContext(ctx aws.Context, input *CreateTrafficMirrorSessionInput, opts ...request.Option) (*CreateTrafficMirrorSessionOutput, error) { + req, out := c.CreateTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTrafficMirrorTarget = "CreateTrafficMirrorTarget" + +// CreateTrafficMirrorTargetRequest generates a "aws/request.Request" representing the +// client's request for the CreateTrafficMirrorTarget operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTrafficMirrorTarget for more information on using the CreateTrafficMirrorTarget +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateTrafficMirrorTargetRequest method. +// req, resp := client.CreateTrafficMirrorTargetRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorTarget +func (c *EC2) CreateTrafficMirrorTargetRequest(input *CreateTrafficMirrorTargetInput) (req *request.Request, output *CreateTrafficMirrorTargetOutput) { + op := &request.Operation{ + Name: opCreateTrafficMirrorTarget, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateTrafficMirrorTargetInput{} + } + + output = &CreateTrafficMirrorTargetOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTrafficMirrorTarget API operation for Amazon Elastic Compute Cloud. +// +// Creates a target for your Traffic Mirror session. +// +// A Traffic Mirror target is the destination for mirrored traffic. The Traffic +// Mirror source and the Traffic Mirror target (monitoring appliances) can be +// in the same VPC, or in different VPCs connected via VPC peering or a transit +// gateway. +// +// A Traffic Mirror target can be a network interface, or a Network Load Balancer. +// +// To use the target in a Traffic Mirror session, use CreateTrafficMirrorSession. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateTrafficMirrorTarget for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateTrafficMirrorTarget +func (c *EC2) CreateTrafficMirrorTarget(input *CreateTrafficMirrorTargetInput) (*CreateTrafficMirrorTargetOutput, error) { + req, out := c.CreateTrafficMirrorTargetRequest(input) + return out, req.Send() +} + +// CreateTrafficMirrorTargetWithContext is the same as CreateTrafficMirrorTarget with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTrafficMirrorTarget for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateTrafficMirrorTargetWithContext(ctx aws.Context, input *CreateTrafficMirrorTargetInput, opts ...request.Option) (*CreateTrafficMirrorTargetOutput, error) { + req, out := c.CreateTrafficMirrorTargetRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateTransitGateway = "CreateTransitGateway" // CreateTransitGatewayRequest generates a "aws/request.Request" representing the @@ -6289,10 +6610,10 @@ func (c *EC2) CreateVolumeRequest(input *CreateVolumeInput) (req *request.Reques // Any AWS Marketplace product codes from the snapshot are propagated to the // volume. // -// You can create encrypted volumes with the Encrypted parameter. Encrypted -// volumes may only be attached to instances that support Amazon EBS encryption. -// Volumes that are created from encrypted snapshots are also automatically -// encrypted. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// You can create encrypted volumes. Encrypted volumes must be attached to instances +// that support Amazon EBS encryption. Volumes that are created from encrypted +// snapshots are also automatically encrypted. For more information, see Amazon +// EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. // // You can tag your volumes during creation. For more information, see Tagging @@ -6377,7 +6698,7 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can // create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 // netmask (65,536 IPv4 addresses). For more information about how large to -// make your VPC, see Your VPC and Subnets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// make your VPC, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. @@ -6386,7 +6707,7 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // // By default, each instance you launch in the VPC has the default DHCP options, // which include only a default DNS server that we provide (AmazonProvidedDNS). -// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // You can specify the instance tenancy value for the VPC when you create it. @@ -6469,7 +6790,7 @@ func (c *EC2) CreateVpcEndpointRequest(input *CreateVpcEndpointInput) (req *requ // Creates a VPC endpoint for a specified service. An endpoint enables you to // create a private connection between your VPC and the service. The service // may be provided by AWS, an AWS Marketplace partner, or another AWS account. -// For more information, see VPC Endpoints (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) +// For more information, see VPC Endpoints (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html) // in the Amazon Virtual Private Cloud User Guide. // // A gateway endpoint serves as a target for a route in your route table for @@ -6642,7 +6963,7 @@ func (c *EC2) CreateVpcEndpointServiceConfigurationRequest(input *CreateVpcEndpo // // To create an endpoint service configuration, you must first create a Network // Load Balancer for your service. For more information, see VPC Endpoint Services -// (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/endpoint-service.html) +// (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6724,7 +7045,7 @@ func (c *EC2) CreateVpcPeeringConnectionRequest(input *CreateVpcPeeringConnectio // CIDR blocks. // // Limitations and rules apply to a VPC peering connection. For more information, -// see the limitations (https://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/vpc-peering-basics.html#vpc-peering-limitations) +// see the limitations (https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html#vpc-peering-limitations) // section in the VPC Peering Guide. // // The owner of the accepter VPC must accept the peering request to activate @@ -6807,7 +7128,7 @@ func (c *EC2) CreateVpnConnectionRequest(input *CreateVpnConnectionInput) (req * // CreateVpnConnection API operation for Amazon Elastic Compute Cloud. // // Creates a VPN connection between an existing virtual private gateway and -// a VPN customer gateway. The supported connection types are ipsec.1 and ipsec.2. +// a VPN customer gateway. The supported connection type is ipsec.1. // // The response includes information that you need to give to your network administrator // to configure your customer gateway. @@ -8385,6 +8706,80 @@ func (c *EC2) DeletePlacementGroupWithContext(ctx aws.Context, input *DeletePlac return out, req.Send() } +const opDeleteQueuedReservedInstances = "DeleteQueuedReservedInstances" + +// DeleteQueuedReservedInstancesRequest generates a "aws/request.Request" representing the +// client's request for the DeleteQueuedReservedInstances operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteQueuedReservedInstances for more information on using the DeleteQueuedReservedInstances +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteQueuedReservedInstancesRequest method. +// req, resp := client.DeleteQueuedReservedInstancesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteQueuedReservedInstances +func (c *EC2) DeleteQueuedReservedInstancesRequest(input *DeleteQueuedReservedInstancesInput) (req *request.Request, output *DeleteQueuedReservedInstancesOutput) { + op := &request.Operation{ + Name: opDeleteQueuedReservedInstances, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteQueuedReservedInstancesInput{} + } + + output = &DeleteQueuedReservedInstancesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteQueuedReservedInstances API operation for Amazon Elastic Compute Cloud. +// +// Deletes the queued purchases for the specified Reserved Instances. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteQueuedReservedInstances for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteQueuedReservedInstances +func (c *EC2) DeleteQueuedReservedInstances(input *DeleteQueuedReservedInstancesInput) (*DeleteQueuedReservedInstancesOutput, error) { + req, out := c.DeleteQueuedReservedInstancesRequest(input) + return out, req.Send() +} + +// DeleteQueuedReservedInstancesWithContext is the same as DeleteQueuedReservedInstances with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteQueuedReservedInstances for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteQueuedReservedInstancesWithContext(ctx aws.Context, input *DeleteQueuedReservedInstancesInput, opts ...request.Option) (*DeleteQueuedReservedInstancesOutput, error) { + req, out := c.DeleteQueuedReservedInstancesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteRoute = "DeleteRoute" // DeleteRouteRequest generates a "aws/request.Request" representing the @@ -8935,6 +9330,308 @@ func (c *EC2) DeleteTagsWithContext(ctx aws.Context, input *DeleteTagsInput, opt return out, req.Send() } +const opDeleteTrafficMirrorFilter = "DeleteTrafficMirrorFilter" + +// DeleteTrafficMirrorFilterRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorFilter for more information on using the DeleteTrafficMirrorFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorFilterRequest method. +// req, resp := client.DeleteTrafficMirrorFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilter +func (c *EC2) DeleteTrafficMirrorFilterRequest(input *DeleteTrafficMirrorFilterInput) (req *request.Request, output *DeleteTrafficMirrorFilterOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorFilterInput{} + } + + output = &DeleteTrafficMirrorFilterOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorFilter API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror filter. +// +// You cannot delete a Traffic Mirror filter that is in use by a Traffic Mirror +// session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorFilter for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilter +func (c *EC2) DeleteTrafficMirrorFilter(input *DeleteTrafficMirrorFilterInput) (*DeleteTrafficMirrorFilterOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorFilterWithContext is the same as DeleteTrafficMirrorFilter with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorFilterWithContext(ctx aws.Context, input *DeleteTrafficMirrorFilterInput, opts ...request.Option) (*DeleteTrafficMirrorFilterOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorFilterRule = "DeleteTrafficMirrorFilterRule" + +// DeleteTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorFilterRule for more information on using the DeleteTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorFilterRuleRequest method. +// req, resp := client.DeleteTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilterRule +func (c *EC2) DeleteTrafficMirrorFilterRuleRequest(input *DeleteTrafficMirrorFilterRuleInput) (req *request.Request, output *DeleteTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorFilterRuleInput{} + } + + output = &DeleteTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror rule. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorFilterRule +func (c *EC2) DeleteTrafficMirrorFilterRule(input *DeleteTrafficMirrorFilterRuleInput) (*DeleteTrafficMirrorFilterRuleOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorFilterRuleWithContext is the same as DeleteTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *DeleteTrafficMirrorFilterRuleInput, opts ...request.Option) (*DeleteTrafficMirrorFilterRuleOutput, error) { + req, out := c.DeleteTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorSession = "DeleteTrafficMirrorSession" + +// DeleteTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorSession for more information on using the DeleteTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorSessionRequest method. +// req, resp := client.DeleteTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorSession +func (c *EC2) DeleteTrafficMirrorSessionRequest(input *DeleteTrafficMirrorSessionInput) (req *request.Request, output *DeleteTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorSessionInput{} + } + + output = &DeleteTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorSession +func (c *EC2) DeleteTrafficMirrorSession(input *DeleteTrafficMirrorSessionInput) (*DeleteTrafficMirrorSessionOutput, error) { + req, out := c.DeleteTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorSessionWithContext is the same as DeleteTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorSessionWithContext(ctx aws.Context, input *DeleteTrafficMirrorSessionInput, opts ...request.Option) (*DeleteTrafficMirrorSessionOutput, error) { + req, out := c.DeleteTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDeleteTrafficMirrorTarget = "DeleteTrafficMirrorTarget" + +// DeleteTrafficMirrorTargetRequest generates a "aws/request.Request" representing the +// client's request for the DeleteTrafficMirrorTarget operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteTrafficMirrorTarget for more information on using the DeleteTrafficMirrorTarget +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DeleteTrafficMirrorTargetRequest method. +// req, resp := client.DeleteTrafficMirrorTargetRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorTarget +func (c *EC2) DeleteTrafficMirrorTargetRequest(input *DeleteTrafficMirrorTargetInput) (req *request.Request, output *DeleteTrafficMirrorTargetOutput) { + op := &request.Operation{ + Name: opDeleteTrafficMirrorTarget, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteTrafficMirrorTargetInput{} + } + + output = &DeleteTrafficMirrorTargetOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteTrafficMirrorTarget API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified Traffic Mirror target. +// +// You cannot delete a Traffic Mirror target that is in use by a Traffic Mirror +// session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteTrafficMirrorTarget for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteTrafficMirrorTarget +func (c *EC2) DeleteTrafficMirrorTarget(input *DeleteTrafficMirrorTargetInput) (*DeleteTrafficMirrorTargetOutput, error) { + req, out := c.DeleteTrafficMirrorTargetRequest(input) + return out, req.Send() +} + +// DeleteTrafficMirrorTargetWithContext is the same as DeleteTrafficMirrorTarget with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteTrafficMirrorTarget for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteTrafficMirrorTargetWithContext(ctx aws.Context, input *DeleteTrafficMirrorTargetInput, opts ...request.Option) (*DeleteTrafficMirrorTargetOutput, error) { + req, out := c.DeleteTrafficMirrorTargetRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteTransitGateway = "DeleteTransitGateway" // DeleteTransitGatewayRequest generates a "aws/request.Request" representing the @@ -11775,7 +12472,7 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * // // Describes one or more of your DHCP options sets. // -// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html) +// For more information, see DHCP Options Sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -12062,6 +12759,80 @@ func (c *EC2) DescribeElasticGpusWithContext(ctx aws.Context, input *DescribeEla return out, req.Send() } +const opDescribeExportImageTasks = "DescribeExportImageTasks" + +// DescribeExportImageTasksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeExportImageTasks operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeExportImageTasks for more information on using the DescribeExportImageTasks +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeExportImageTasksRequest method. +// req, resp := client.DescribeExportImageTasksRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeExportImageTasks +func (c *EC2) DescribeExportImageTasksRequest(input *DescribeExportImageTasksInput) (req *request.Request, output *DescribeExportImageTasksOutput) { + op := &request.Operation{ + Name: opDescribeExportImageTasks, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeExportImageTasksInput{} + } + + output = &DescribeExportImageTasksOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeExportImageTasks API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified export image tasks or all your export image tasks. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeExportImageTasks for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeExportImageTasks +func (c *EC2) DescribeExportImageTasks(input *DescribeExportImageTasksInput) (*DescribeExportImageTasksOutput, error) { + req, out := c.DescribeExportImageTasksRequest(input) + return out, req.Send() +} + +// DescribeExportImageTasksWithContext is the same as DescribeExportImageTasks with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeExportImageTasks for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeExportImageTasksWithContext(ctx aws.Context, input *DescribeExportImageTasksInput, opts ...request.Option) (*DescribeExportImageTasksOutput, error) { + req, out := c.DescribeExportImageTasksRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeExportTasks = "DescribeExportTasks" // DescribeExportTasksRequest generates a "aws/request.Request" representing the @@ -12106,7 +12877,8 @@ func (c *EC2) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req * // DescribeExportTasks API operation for Amazon Elastic Compute Cloud. // -// Describes the specified export tasks or all your export tasks. +// Describes the specified export instance tasks or all your export instance +// tasks. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -14318,7 +15090,7 @@ func (c *EC2) DescribeInstancesRequest(input *DescribeInstancesInput) (req *requ // DescribeInstances API operation for Amazon Elastic Compute Cloud. // -// Describes the specified instances or all of your instances. +// Describes the specified instances or all of AWS account's instances. // // If you specify one or more instance IDs, Amazon EC2 returns information for // those instances. If you do not specify instance IDs, Amazon EC2 returns information @@ -15195,7 +15967,7 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * // // Describes one or more of your network ACLs. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -16140,15 +16912,15 @@ func (c *EC2) DescribeRegionsRequest(input *DescribeRegionsInput) (req *request. // DescribeRegions API operation for Amazon Elastic Compute Cloud. // -// Describes the Regions that are currently available to you. The API returns -// a list of all the Regions, including Regions that are disabled for your account. -// For information about enabling Regions for your account, see Enabling and -// Disabling Regions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/manage-account-payment.html#manage-account-payment-enable-disable-regions) -// in the AWS Billing and Cost Management User Guide. +// Describes the Regions that are enabled for your account, or all Regions. // // For a list of the Regions supported by Amazon EC2, see Regions and Endpoints // (https://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region). // +// For information about enabling and disabling Regions for your account, see +// Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) +// in the AWS General Reference. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -16683,7 +17455,7 @@ func (c *EC2) DescribeRouteTablesRequest(input *DescribeRouteTablesInput) (req * // with the main route table. This command does not return the subnet ID for // implicit associations. // -// For more information, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -18329,7 +19101,7 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. // // Describes one or more of your subnets. // -// For more information, see Your VPC and Subnets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) +// For more information, see Your VPC and Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -18543,6 +19315,397 @@ func (c *EC2) DescribeTagsPagesWithContext(ctx aws.Context, input *DescribeTagsI return p.Err() } +const opDescribeTrafficMirrorFilters = "DescribeTrafficMirrorFilters" + +// DescribeTrafficMirrorFiltersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorFilters operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorFilters for more information on using the DescribeTrafficMirrorFilters +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorFiltersRequest method. +// req, resp := client.DescribeTrafficMirrorFiltersRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorFilters +func (c *EC2) DescribeTrafficMirrorFiltersRequest(input *DescribeTrafficMirrorFiltersInput) (req *request.Request, output *DescribeTrafficMirrorFiltersOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorFilters, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorFiltersInput{} + } + + output = &DescribeTrafficMirrorFiltersOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorFilters API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Traffic Mirror filters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorFilters for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorFilters +func (c *EC2) DescribeTrafficMirrorFilters(input *DescribeTrafficMirrorFiltersInput) (*DescribeTrafficMirrorFiltersOutput, error) { + req, out := c.DescribeTrafficMirrorFiltersRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorFiltersWithContext is the same as DescribeTrafficMirrorFilters with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorFilters for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorFiltersWithContext(ctx aws.Context, input *DescribeTrafficMirrorFiltersInput, opts ...request.Option) (*DescribeTrafficMirrorFiltersOutput, error) { + req, out := c.DescribeTrafficMirrorFiltersRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorFiltersPages iterates over the pages of a DescribeTrafficMirrorFilters operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorFilters method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorFilters operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorFiltersPages(params, +// func(page *ec2.DescribeTrafficMirrorFiltersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorFiltersPages(input *DescribeTrafficMirrorFiltersInput, fn func(*DescribeTrafficMirrorFiltersOutput, bool) bool) error { + return c.DescribeTrafficMirrorFiltersPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorFiltersPagesWithContext same as DescribeTrafficMirrorFiltersPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorFiltersPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorFiltersInput, fn func(*DescribeTrafficMirrorFiltersOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorFiltersInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorFiltersRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + cont := true + for p.Next() && cont { + cont = fn(p.Page().(*DescribeTrafficMirrorFiltersOutput), !p.HasNextPage()) + } + return p.Err() +} + +const opDescribeTrafficMirrorSessions = "DescribeTrafficMirrorSessions" + +// DescribeTrafficMirrorSessionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorSessions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorSessions for more information on using the DescribeTrafficMirrorSessions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorSessionsRequest method. +// req, resp := client.DescribeTrafficMirrorSessionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorSessions +func (c *EC2) DescribeTrafficMirrorSessionsRequest(input *DescribeTrafficMirrorSessionsInput) (req *request.Request, output *DescribeTrafficMirrorSessionsOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorSessions, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorSessionsInput{} + } + + output = &DescribeTrafficMirrorSessionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorSessions API operation for Amazon Elastic Compute Cloud. +// +// Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror +// sessions are described. Alternatively, you can filter the results. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorSessions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorSessions +func (c *EC2) DescribeTrafficMirrorSessions(input *DescribeTrafficMirrorSessionsInput) (*DescribeTrafficMirrorSessionsOutput, error) { + req, out := c.DescribeTrafficMirrorSessionsRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorSessionsWithContext is the same as DescribeTrafficMirrorSessions with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorSessions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorSessionsWithContext(ctx aws.Context, input *DescribeTrafficMirrorSessionsInput, opts ...request.Option) (*DescribeTrafficMirrorSessionsOutput, error) { + req, out := c.DescribeTrafficMirrorSessionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorSessionsPages iterates over the pages of a DescribeTrafficMirrorSessions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorSessions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorSessions operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorSessionsPages(params, +// func(page *ec2.DescribeTrafficMirrorSessionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorSessionsPages(input *DescribeTrafficMirrorSessionsInput, fn func(*DescribeTrafficMirrorSessionsOutput, bool) bool) error { + return c.DescribeTrafficMirrorSessionsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorSessionsPagesWithContext same as DescribeTrafficMirrorSessionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorSessionsPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorSessionsInput, fn func(*DescribeTrafficMirrorSessionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorSessionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorSessionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + cont := true + for p.Next() && cont { + cont = fn(p.Page().(*DescribeTrafficMirrorSessionsOutput), !p.HasNextPage()) + } + return p.Err() +} + +const opDescribeTrafficMirrorTargets = "DescribeTrafficMirrorTargets" + +// DescribeTrafficMirrorTargetsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeTrafficMirrorTargets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeTrafficMirrorTargets for more information on using the DescribeTrafficMirrorTargets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeTrafficMirrorTargetsRequest method. +// req, resp := client.DescribeTrafficMirrorTargetsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorTargets +func (c *EC2) DescribeTrafficMirrorTargetsRequest(input *DescribeTrafficMirrorTargetsInput) (req *request.Request, output *DescribeTrafficMirrorTargetsOutput) { + op := &request.Operation{ + Name: opDescribeTrafficMirrorTargets, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeTrafficMirrorTargetsInput{} + } + + output = &DescribeTrafficMirrorTargetsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeTrafficMirrorTargets API operation for Amazon Elastic Compute Cloud. +// +// Information about one or more Traffic Mirror targets. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeTrafficMirrorTargets for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeTrafficMirrorTargets +func (c *EC2) DescribeTrafficMirrorTargets(input *DescribeTrafficMirrorTargetsInput) (*DescribeTrafficMirrorTargetsOutput, error) { + req, out := c.DescribeTrafficMirrorTargetsRequest(input) + return out, req.Send() +} + +// DescribeTrafficMirrorTargetsWithContext is the same as DescribeTrafficMirrorTargets with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeTrafficMirrorTargets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorTargetsWithContext(ctx aws.Context, input *DescribeTrafficMirrorTargetsInput, opts ...request.Option) (*DescribeTrafficMirrorTargetsOutput, error) { + req, out := c.DescribeTrafficMirrorTargetsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeTrafficMirrorTargetsPages iterates over the pages of a DescribeTrafficMirrorTargets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeTrafficMirrorTargets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeTrafficMirrorTargets operation. +// pageNum := 0 +// err := client.DescribeTrafficMirrorTargetsPages(params, +// func(page *ec2.DescribeTrafficMirrorTargetsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +// +func (c *EC2) DescribeTrafficMirrorTargetsPages(input *DescribeTrafficMirrorTargetsInput, fn func(*DescribeTrafficMirrorTargetsOutput, bool) bool) error { + return c.DescribeTrafficMirrorTargetsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeTrafficMirrorTargetsPagesWithContext same as DescribeTrafficMirrorTargetsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeTrafficMirrorTargetsPagesWithContext(ctx aws.Context, input *DescribeTrafficMirrorTargetsInput, fn func(*DescribeTrafficMirrorTargetsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeTrafficMirrorTargetsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeTrafficMirrorTargetsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + cont := true + for p.Next() && cont { + cont = fn(p.Page().(*DescribeTrafficMirrorTargetsOutput), !p.HasNextPage()) + } + return p.Err() +} + const opDescribeTransitGatewayAttachments = "DescribeTransitGatewayAttachments" // DescribeTransitGatewayAttachmentsRequest generates a "aws/request.Request" representing the @@ -21462,16 +22625,16 @@ func (c *EC2) DisableEbsEncryptionByDefaultRequest(input *DisableEbsEncryptionBy // DisableEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. // -// Disables default encryption for EBS volumes that are created in your account -// in the current region. +// Disables EBS encryption by default for your account in the current Region. // -// Call this API if you have enabled default encryption using EnableEbsEncryptionByDefault -// and want to disable default EBS encryption. Once default EBS encryption is -// disabled, you can still create an encrypted volume by setting encrypted to -// true in the API call that creates the volume. +// After you disable encryption by default, you can still create encrypted volumes +// by enabling encryption when you create each volume. // -// Disabling default EBS encryption will not change the encryption status of -// any of your existing volumes. +// Disabling encryption by default does not change the encryption status of +// your existing volumes. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -22097,7 +23260,7 @@ func (c *EC2) DisassociateRouteTableRequest(input *DisassociateRouteTableInput) // // After you perform this action, the subnet no longer uses the routes in the // route table. Instead, it uses the routes in the VPC's main route table. For -// more information about route tables, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// more information about route tables, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -22402,32 +23565,23 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // EnableEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. // -// Enables default encryption for EBS volumes that are created in your account -// in the current region. +// Enables EBS encryption by default for your account in the current Region. // -// Once encryption is enabled with this action, EBS volumes that are created -// in your account will always be encrypted even if encryption is not specified -// at launch. This setting overrides the encrypted setting to true in all API -// calls that create EBS volumes in your account. A volume will be encrypted -// even if you specify encryption to be false in the API call that creates the -// volume. -// -// If you do not specify a customer master key (CMK) in the API call that creates -// the EBS volume, then the volume is encrypted to your AWS account's default -// CMK. +// After you enable encryption by default, the EBS volumes that you create are +// are always encrypted, either using the default CMK or the CMK that you specified +// when you created each volume. For more information, see Amazon EBS Encryption +// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // -// You can specify a default CMK of your choice using ModifyEbsDefaultKmsKeyId. +// You can specify the default CMK for encryption by default using ModifyEbsDefaultKmsKeyId +// or ResetEbsDefaultKmsKeyId. // -// Enabling default encryption for EBS volumes has no effect on existing unencrypted -// volumes in your account. Encrypting the data in these requires manual action. -// You can either create an encrypted snapshot of an unencrypted volume, or -// encrypt a copy of an unencrypted snapshot. Any volume restored from an encrypted -// snapshot is also encrypted. For more information, see Amazon EBS Snapshots -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html). +// Enabling encryption by default has no effect on the encryption status of +// your existing volumes. // -// After EBS encryption by default is enabled, you can no longer launch older-generation -// instance types that do not support encryption. For more information, see -// Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). +// After you enable encryption by default, you can no longer launch instances +// using instance types that do not support encryption. For more information, +// see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -22996,6 +24150,82 @@ func (c *EC2) ExportClientVpnClientConfigurationWithContext(ctx aws.Context, inp return out, req.Send() } +const opExportImage = "ExportImage" + +// ExportImageRequest generates a "aws/request.Request" representing the +// client's request for the ExportImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ExportImage for more information on using the ExportImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ExportImageRequest method. +// req, resp := client.ExportImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportImage +func (c *EC2) ExportImageRequest(input *ExportImageInput) (req *request.Request, output *ExportImageOutput) { + op := &request.Operation{ + Name: opExportImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ExportImageInput{} + } + + output = &ExportImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// ExportImage API operation for Amazon Elastic Compute Cloud. +// +// Exports an Amazon Machine Image (AMI) to a VM file. For more information, +// see Exporting a VM Directory from an Amazon Machine Image (AMI) (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport_image.html) +// in the VM Import/Export User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ExportImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportImage +func (c *EC2) ExportImage(input *ExportImageInput) (*ExportImageOutput, error) { + req, out := c.ExportImageRequest(input) + return out, req.Send() +} + +// ExportImageWithContext is the same as ExportImage with the addition of +// the ability to pass a context and additional request options. +// +// See ExportImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ExportImageWithContext(ctx aws.Context, input *ExportImageInput, opts ...request.Option) (*ExportImageOutput, error) { + req, out := c.ExportImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opExportTransitGatewayRoutes = "ExportTransitGatewayRoutes" // ExportTransitGatewayRoutesRequest generates a "aws/request.Request" representing the @@ -23072,6 +24302,84 @@ func (c *EC2) ExportTransitGatewayRoutesWithContext(ctx aws.Context, input *Expo return out, req.Send() } +const opGetCapacityReservationUsage = "GetCapacityReservationUsage" + +// GetCapacityReservationUsageRequest generates a "aws/request.Request" representing the +// client's request for the GetCapacityReservationUsage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetCapacityReservationUsage for more information on using the GetCapacityReservationUsage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetCapacityReservationUsageRequest method. +// req, resp := client.GetCapacityReservationUsageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCapacityReservationUsage +func (c *EC2) GetCapacityReservationUsageRequest(input *GetCapacityReservationUsageInput) (req *request.Request, output *GetCapacityReservationUsageOutput) { + op := &request.Operation{ + Name: opGetCapacityReservationUsage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetCapacityReservationUsageInput{} + } + + output = &GetCapacityReservationUsageOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetCapacityReservationUsage API operation for Amazon Elastic Compute Cloud. +// +// Gets usage information about a Capacity Reservation. If the Capacity Reservation +// is shared, it shows usage information for the Capacity Reservation owner +// and each AWS account that is currently using the shared capacity. If the +// Capacity Reservation is not shared, it shows only the Capacity Reservation +// owner's usage. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetCapacityReservationUsage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetCapacityReservationUsage +func (c *EC2) GetCapacityReservationUsage(input *GetCapacityReservationUsageInput) (*GetCapacityReservationUsageOutput, error) { + req, out := c.GetCapacityReservationUsageRequest(input) + return out, req.Send() +} + +// GetCapacityReservationUsageWithContext is the same as GetCapacityReservationUsage with the addition of +// the ability to pass a context and additional request options. +// +// See GetCapacityReservationUsage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetCapacityReservationUsageWithContext(ctx aws.Context, input *GetCapacityReservationUsageInput, opts ...request.Option) (*GetCapacityReservationUsageOutput, error) { + req, out := c.GetCapacityReservationUsageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetConsoleOutput = "GetConsoleOutput" // GetConsoleOutputRequest generates a "aws/request.Request" representing the @@ -23282,9 +24590,12 @@ func (c *EC2) GetEbsDefaultKmsKeyIdRequest(input *GetEbsDefaultKmsKeyIdInput) (r // GetEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. // -// Describes the default customer master key (CMK) that your account uses to -// encrypt EBS volumes if you don’t specify a CMK in the API call. You can -// change this default using ModifyEbsDefaultKmsKeyId. +// Describes the default customer master key (CMK) for EBS encryption by default +// for your account in this Region. You can change the default CMK for encryption +// by default using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -23358,8 +24669,11 @@ func (c *EC2) GetEbsEncryptionByDefaultRequest(input *GetEbsEncryptionByDefaultI // GetEbsEncryptionByDefault API operation for Amazon Elastic Compute Cloud. // -// Describes whether default EBS encryption is enabled for your account in the -// current region. +// Describes whether EBS encryption by default is enabled for your account in +// the current Region. +// +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -24772,16 +26086,19 @@ func (c *EC2) ModifyEbsDefaultKmsKeyIdRequest(input *ModifyEbsDefaultKmsKeyIdInp // ModifyEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. // -// Changes the default customer master key (CMK) that your account uses to encrypt -// EBS volumes if you don't specify a CMK in the API call. +// Changes the default customer master key (CMK) for EBS encryption by default +// for your account in this Region. +// +// AWS creates a unique AWS managed CMK in each Region for use with encryption +// by default. If you change the default CMK to a customer managed CMK, it is +// used instead of the AWS managed CMK. To reset the default CMK to the AWS +// managed CMK for EBS, use ResetEbsDefaultKmsKeyId. // -// Your account has an AWS-managed default CMK that is used for encrypting an -// EBS volume when no CMK is specified in the API call that creates the volume. -// By calling this API, you can specify a customer-managed CMK to use in place -// of the AWS-managed default CMK. +// If you delete or disable the customer managed CMK that you specified for +// use with encryption by default, your instances will fail to launch. // -// Note: Deleting or disabling the custom CMK that you have specified to act -// as your default CMK will result in instance-launch failures. +// For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -24857,8 +26174,35 @@ func (c *EC2) ModifyFleetRequest(input *ModifyFleetInput) (req *request.Request, // // Modifies the specified EC2 Fleet. // +// You can only modify an EC2 Fleet request of type maintain. +// // While the EC2 Fleet is being modified, it is in the modifying state. // +// To scale up your EC2 Fleet, increase its target capacity. The EC2 Fleet launches +// the additional Spot Instances according to the allocation strategy for the +// EC2 Fleet request. If the allocation strategy is lowestPrice, the EC2 Fleet +// launches instances using the Spot Instance pool with the lowest price. If +// the allocation strategy is diversified, the EC2 Fleet distributes the instances +// across the Spot Instance pools. If the allocation strategy is capacityOptimized, +// EC2 Fleet launches instances from Spot Instance pools with optimal capacity +// for the number of instances that are launching. +// +// To scale down your EC2 Fleet, decrease its target capacity. First, the EC2 +// Fleet cancels any open requests that exceed the new target capacity. You +// can request that the EC2 Fleet terminate Spot Instances until the size of +// the fleet no longer exceeds the new target capacity. If the allocation strategy +// is lowestPrice, the EC2 Fleet terminates the instances with the highest price +// per unit. If the allocation strategy is capacityOptimized, the EC2 Fleet +// terminates the instances in the Spot Instance pools that have the least available +// Spot Instance capacity. If the allocation strategy is diversified, the EC2 +// Fleet terminates instances across the Spot Instance pools. Alternatively, +// you can request that the EC2 Fleet keep the fleet at its current size, but +// not replace any Spot Instances that are interrupted or that you terminate +// manually. +// +// If you are finished with your EC2 Fleet for now, but will use it again later, +// you can set the target capacity to 0. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26009,9 +27353,9 @@ func (c *EC2) ModifySnapshotAttributeRequest(input *ModifySnapshotAttributeInput // // Adds or removes permission settings for the specified snapshot. You may add // or remove specified AWS account IDs from a snapshot's list of create volume -// permissions, but you cannot do both in a single API call. If you need to -// both add and remove account IDs for a snapshot, you must use multiple API -// calls. +// permissions, but you cannot do both in a single operation. If you need to +// both add and remove account IDs for a snapshot, you must use multiple operations. +// You can make up to 500 modifications to a snapshot in a single operation. // // Encrypted snapshots and snapshots with AWS Marketplace product codes cannot // be made public. Snapshots encrypted with your default CMK cannot be shared @@ -26102,19 +27446,24 @@ func (c *EC2) ModifySpotFleetRequestRequest(input *ModifySpotFleetRequestInput) // To scale up your Spot Fleet, increase its target capacity. The Spot Fleet // launches the additional Spot Instances according to the allocation strategy // for the Spot Fleet request. If the allocation strategy is lowestPrice, the -// Spot Fleet launches instances using the Spot pool with the lowest price. -// If the allocation strategy is diversified, the Spot Fleet distributes the -// instances across the Spot pools. +// Spot Fleet launches instances using the Spot Instance pool with the lowest +// price. If the allocation strategy is diversified, the Spot Fleet distributes +// the instances across the Spot Instance pools. If the allocation strategy +// is capacityOptimized, Spot Fleet launches instances from Spot Instance pools +// with optimal capacity for the number of instances that are launching. // // To scale down your Spot Fleet, decrease its target capacity. First, the Spot // Fleet cancels any open requests that exceed the new target capacity. You // can request that the Spot Fleet terminate Spot Instances until the size of // the fleet no longer exceeds the new target capacity. If the allocation strategy // is lowestPrice, the Spot Fleet terminates the instances with the highest -// price per unit. If the allocation strategy is diversified, the Spot Fleet -// terminates instances across the Spot pools. Alternatively, you can request -// that the Spot Fleet keep the fleet at its current size, but not replace any -// Spot Instances that are interrupted or that you terminate manually. +// price per unit. If the allocation strategy is capacityOptimized, the Spot +// Fleet terminates the instances in the Spot Instance pools that have the least +// available Spot Instance capacity. If the allocation strategy is diversified, +// the Spot Fleet terminates instances across the Spot Instance pools. Alternatively, +// you can request that the Spot Fleet keep the fleet at its current size, but +// not replace any Spot Instances that are interrupted or that you terminate +// manually. // // If you are finished with your Spot Fleet for now, but will use it again later, // you can set the target capacity to 0. @@ -26222,6 +27571,241 @@ func (c *EC2) ModifySubnetAttributeWithContext(ctx aws.Context, input *ModifySub return out, req.Send() } +const opModifyTrafficMirrorFilterNetworkServices = "ModifyTrafficMirrorFilterNetworkServices" + +// ModifyTrafficMirrorFilterNetworkServicesRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorFilterNetworkServices operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorFilterNetworkServices for more information on using the ModifyTrafficMirrorFilterNetworkServices +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorFilterNetworkServicesRequest method. +// req, resp := client.ModifyTrafficMirrorFilterNetworkServicesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterNetworkServices +func (c *EC2) ModifyTrafficMirrorFilterNetworkServicesRequest(input *ModifyTrafficMirrorFilterNetworkServicesInput) (req *request.Request, output *ModifyTrafficMirrorFilterNetworkServicesOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorFilterNetworkServices, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorFilterNetworkServicesInput{} + } + + output = &ModifyTrafficMirrorFilterNetworkServicesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorFilterNetworkServices API operation for Amazon Elastic Compute Cloud. +// +// Allows or restricts mirroring network services. +// +// By default, Amazon DNS network services are not eligible for Traffic Mirror. +// Use AddNetworkServices to add network services to a Traffic Mirror filter. +// When a network service is added to the Traffic Mirror filter, all traffic +// related to that network service will be mirrored. When you no longer want +// to mirror network services, use RemoveNetworkServices to remove the network +// services from the Traffic Mirror filter. +// +// FFor information about filter rule properties, see Network Services (https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html#traffic-mirroring-network-services) +// in the Traffic Mirroring User Guide . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorFilterNetworkServices for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterNetworkServices +func (c *EC2) ModifyTrafficMirrorFilterNetworkServices(input *ModifyTrafficMirrorFilterNetworkServicesInput) (*ModifyTrafficMirrorFilterNetworkServicesOutput, error) { + req, out := c.ModifyTrafficMirrorFilterNetworkServicesRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorFilterNetworkServicesWithContext is the same as ModifyTrafficMirrorFilterNetworkServices with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorFilterNetworkServices for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorFilterNetworkServicesWithContext(ctx aws.Context, input *ModifyTrafficMirrorFilterNetworkServicesInput, opts ...request.Option) (*ModifyTrafficMirrorFilterNetworkServicesOutput, error) { + req, out := c.ModifyTrafficMirrorFilterNetworkServicesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyTrafficMirrorFilterRule = "ModifyTrafficMirrorFilterRule" + +// ModifyTrafficMirrorFilterRuleRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorFilterRule operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorFilterRule for more information on using the ModifyTrafficMirrorFilterRule +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorFilterRuleRequest method. +// req, resp := client.ModifyTrafficMirrorFilterRuleRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterRule +func (c *EC2) ModifyTrafficMirrorFilterRuleRequest(input *ModifyTrafficMirrorFilterRuleInput) (req *request.Request, output *ModifyTrafficMirrorFilterRuleOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorFilterRule, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorFilterRuleInput{} + } + + output = &ModifyTrafficMirrorFilterRuleOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorFilterRule API operation for Amazon Elastic Compute Cloud. +// +// Modifies the specified Traffic Mirror rule. +// +// DestinationCidrBlock and SourceCidrBlock must both be an IPv4 range or an +// IPv6 range. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorFilterRule for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorFilterRule +func (c *EC2) ModifyTrafficMirrorFilterRule(input *ModifyTrafficMirrorFilterRuleInput) (*ModifyTrafficMirrorFilterRuleOutput, error) { + req, out := c.ModifyTrafficMirrorFilterRuleRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorFilterRuleWithContext is the same as ModifyTrafficMirrorFilterRule with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorFilterRule for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorFilterRuleWithContext(ctx aws.Context, input *ModifyTrafficMirrorFilterRuleInput, opts ...request.Option) (*ModifyTrafficMirrorFilterRuleOutput, error) { + req, out := c.ModifyTrafficMirrorFilterRuleRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyTrafficMirrorSession = "ModifyTrafficMirrorSession" + +// ModifyTrafficMirrorSessionRequest generates a "aws/request.Request" representing the +// client's request for the ModifyTrafficMirrorSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyTrafficMirrorSession for more information on using the ModifyTrafficMirrorSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyTrafficMirrorSessionRequest method. +// req, resp := client.ModifyTrafficMirrorSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorSession +func (c *EC2) ModifyTrafficMirrorSessionRequest(input *ModifyTrafficMirrorSessionInput) (req *request.Request, output *ModifyTrafficMirrorSessionOutput) { + op := &request.Operation{ + Name: opModifyTrafficMirrorSession, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyTrafficMirrorSessionInput{} + } + + output = &ModifyTrafficMirrorSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyTrafficMirrorSession API operation for Amazon Elastic Compute Cloud. +// +// Modifies a Traffic Mirror session. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyTrafficMirrorSession for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTrafficMirrorSession +func (c *EC2) ModifyTrafficMirrorSession(input *ModifyTrafficMirrorSessionInput) (*ModifyTrafficMirrorSessionOutput, error) { + req, out := c.ModifyTrafficMirrorSessionRequest(input) + return out, req.Send() +} + +// ModifyTrafficMirrorSessionWithContext is the same as ModifyTrafficMirrorSession with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyTrafficMirrorSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyTrafficMirrorSessionWithContext(ctx aws.Context, input *ModifyTrafficMirrorSessionInput, opts ...request.Option) (*ModifyTrafficMirrorSessionOutput, error) { + req, out := c.ModifyTrafficMirrorSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyTransitGatewayVpcAttachment = "ModifyTransitGatewayVpcAttachment" // ModifyTransitGatewayVpcAttachmentRequest generates a "aws/request.Request" representing the @@ -26359,9 +27943,9 @@ func (c *EC2) ModifyVolumeRequest(input *ModifyVolumeInput) (req *request.Reques // You can use CloudWatch Events to check the status of a modification to an // EBS volume. For information about CloudWatch Events, see the Amazon CloudWatch // Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// You can also track the status of a modification using the DescribeVolumesModifications -// API. For information about tracking status changes using either method, see -// Monitoring Volume Modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). +// You can also track the status of a modification using DescribeVolumesModifications. +// For information about tracking status changes using either method, see Monitoring +// Volume Modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods). // // With previous-generation instance types, resizing an EBS volume may require // detaching and reattaching the volume or stopping and restarting the instance. @@ -26606,7 +28190,7 @@ func (c *EC2) ModifyVpcEndpointRequest(input *ModifyVpcEndpointInput) (req *requ // // Modifies attributes of a specified VPC endpoint. The attributes that you // can modify depend on the type of VPC endpoint (interface or gateway). For -// more information, see VPC Endpoints (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) +// more information, see VPC Endpoints (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -26834,7 +28418,7 @@ func (c *EC2) ModifyVpcEndpointServicePermissionsRequest(input *ModifyVpcEndpoin // ModifyVpcEndpointServicePermissions API operation for Amazon Elastic Compute Cloud. // -// Modifies the permissions for your VPC endpoint service (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/endpoint-service.html). +// Modifies the permissions for your VPC endpoint service (https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html). // You can add or remove permissions for service consumers (IAM users, IAM roles, // and AWS accounts) to connect to your endpoint service. // @@ -27095,7 +28679,7 @@ func (c *EC2) ModifyVpnConnectionRequest(input *ModifyVpnConnectionInput) (req * // ModifyVpnConnection API operation for Amazon Elastic Compute Cloud. // -// Modifies the target gateway of a AWS Site-to-Site VPN connection. The following +// Modifies the target gateway of an AWS Site-to-Site VPN connection. The following // migration options are available: // // * An existing virtual private gateway to a new virtual private gateway @@ -27164,6 +28748,158 @@ func (c *EC2) ModifyVpnConnectionWithContext(ctx aws.Context, input *ModifyVpnCo return out, req.Send() } +const opModifyVpnTunnelCertificate = "ModifyVpnTunnelCertificate" + +// ModifyVpnTunnelCertificateRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnTunnelCertificate operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnTunnelCertificate for more information on using the ModifyVpnTunnelCertificate +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnTunnelCertificateRequest method. +// req, resp := client.ModifyVpnTunnelCertificateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelCertificate +func (c *EC2) ModifyVpnTunnelCertificateRequest(input *ModifyVpnTunnelCertificateInput) (req *request.Request, output *ModifyVpnTunnelCertificateOutput) { + op := &request.Operation{ + Name: opModifyVpnTunnelCertificate, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnTunnelCertificateInput{} + } + + output = &ModifyVpnTunnelCertificateOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnTunnelCertificate API operation for Amazon Elastic Compute Cloud. +// +// Modifies the VPN tunnel endpoint certificate. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnTunnelCertificate for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelCertificate +func (c *EC2) ModifyVpnTunnelCertificate(input *ModifyVpnTunnelCertificateInput) (*ModifyVpnTunnelCertificateOutput, error) { + req, out := c.ModifyVpnTunnelCertificateRequest(input) + return out, req.Send() +} + +// ModifyVpnTunnelCertificateWithContext is the same as ModifyVpnTunnelCertificate with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnTunnelCertificate for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnTunnelCertificateWithContext(ctx aws.Context, input *ModifyVpnTunnelCertificateInput, opts ...request.Option) (*ModifyVpnTunnelCertificateOutput, error) { + req, out := c.ModifyVpnTunnelCertificateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opModifyVpnTunnelOptions = "ModifyVpnTunnelOptions" + +// ModifyVpnTunnelOptionsRequest generates a "aws/request.Request" representing the +// client's request for the ModifyVpnTunnelOptions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyVpnTunnelOptions for more information on using the ModifyVpnTunnelOptions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the ModifyVpnTunnelOptionsRequest method. +// req, resp := client.ModifyVpnTunnelOptionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelOptions +func (c *EC2) ModifyVpnTunnelOptionsRequest(input *ModifyVpnTunnelOptionsInput) (req *request.Request, output *ModifyVpnTunnelOptionsOutput) { + op := &request.Operation{ + Name: opModifyVpnTunnelOptions, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyVpnTunnelOptionsInput{} + } + + output = &ModifyVpnTunnelOptionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyVpnTunnelOptions API operation for Amazon Elastic Compute Cloud. +// +// Modifies the options for a VPN tunnel in an AWS Site-to-Site VPN connection. +// You can modify multiple options for a tunnel in a single request, but you +// can only modify one tunnel at a time. For more information, see Site-to-Site +// VPN Tunnel Options for Your Site-to-Site VPN Connection (https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNTunnels.html) +// in the AWS Site-to-Site VPN User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyVpnTunnelOptions for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelOptions +func (c *EC2) ModifyVpnTunnelOptions(input *ModifyVpnTunnelOptionsInput) (*ModifyVpnTunnelOptionsOutput, error) { + req, out := c.ModifyVpnTunnelOptionsRequest(input) + return out, req.Send() +} + +// ModifyVpnTunnelOptionsWithContext is the same as ModifyVpnTunnelOptions with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyVpnTunnelOptions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyVpnTunnelOptionsWithContext(ctx aws.Context, input *ModifyVpnTunnelOptionsInput, opts ...request.Option) (*ModifyVpnTunnelOptionsOutput, error) { + req, out := c.ModifyVpnTunnelOptionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opMonitorInstances = "MonitorInstances" // MonitorInstancesRequest generates a "aws/request.Request" representing the @@ -27541,6 +29277,9 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn // offerings that match your specifications. After you've purchased a Reserved // Instance, you can check for your new Reserved Instance with DescribeReservedInstances. // +// To queue a purchase for a future date and time, specify a purchase time. +// If you do not specify a purchase time, the default is the current time. +// // For more information, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) // and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -28378,7 +30117,7 @@ func (c *EC2) ReplaceNetworkAclAssociationRequest(input *ReplaceNetworkAclAssoci // // Changes which network ACL a subnet is associated with. By default when you // create a subnet, it's automatically associated with the default network ACL. -// For more information, see Network ACLs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) // in the Amazon Virtual Private Cloud User Guide. // // This is an idempotent operation. @@ -28457,8 +30196,8 @@ func (c *EC2) ReplaceNetworkAclEntryRequest(input *ReplaceNetworkAclEntryInput) // ReplaceNetworkAclEntry API operation for Amazon Elastic Compute Cloud. // // Replaces an entry (rule) in a network ACL. For more information, see Network -// ACLs (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) in +// the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28538,7 +30277,7 @@ func (c *EC2) ReplaceRouteRequest(input *ReplaceRouteInput) (req *request.Reques // instance, NAT gateway, VPC peering connection, network interface, or egress-only // internet gateway. // -// For more information, see Route Tables (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// For more information, see Route Tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -28616,7 +30355,7 @@ func (c *EC2) ReplaceRouteTableAssociationRequest(input *ReplaceRouteTableAssoci // Changes the route table associated with a given subnet in a VPC. After the // operation completes, the subnet uses the routes in the new route table it's // associated with. For more information about route tables, see Route Tables -// (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Route_Tables.html) +// (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) // in the Amazon Virtual Private Cloud User Guide. // // You can also use ReplaceRouteTableAssociation to change which table is the @@ -28859,10 +30598,10 @@ func (c *EC2) RequestSpotFleetRequest(input *RequestSpotFleetInput) (req *reques // You can submit a single request that includes multiple launch specifications // that vary by instance type, AMI, Availability Zone, or subnet. // -// By default, the Spot Fleet requests Spot Instances in the Spot pool where -// the price per unit is the lowest. Each launch specification can include its -// own instance weighting that reflects the value of the instance type to your -// application workload. +// By default, the Spot Fleet requests Spot Instances in the Spot Instance pool +// where the price per unit is the lowest. Each launch specification can include +// its own instance weighting that reflects the value of the instance type to +// your application workload. // // Alternatively, you can specify that the Spot Fleet distribute the target // capacity across the Spot pools included in its launch specifications. By @@ -29025,19 +30764,13 @@ func (c *EC2) ResetEbsDefaultKmsKeyIdRequest(input *ResetEbsDefaultKmsKeyIdInput // ResetEbsDefaultKmsKeyId API operation for Amazon Elastic Compute Cloud. // -// Resets the account's default customer master key (CMK) to the account's AWS-managed -// default CMK. This default CMK is used to encrypt EBS volumes when you have -// enabled EBS encryption by default without specifying a CMK in the API call. -// If you have not enabled encryption by default, then this CMK is used when -// you set the Encrypted parameter to true without specifying a custom CMK in -// the API call. +// Resets the default customer master key (CMK) for EBS encryption for your +// account in this Region to the AWS managed CMK for EBS. // -// Call this API if you have modified the default CMK that is used for encrypting -// your EBS volume using ModifyEbsDefaultKmsKeyId and you want to reset it to -// the AWS-managed default CMK. After resetting, you can continue to provide -// a CMK of your choice in the API call that creates the volume. However, if -// no CMK is specified, your account will encrypt the volume to the AWS-managed -// default CMK. +// After resetting the default CMK to the AWS managed CMK, you can continue +// to encrypt by a customer managed CMK by specifying it when you create the +// volume. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -30070,6 +31803,98 @@ func (c *EC2) SearchTransitGatewayRoutesWithContext(ctx aws.Context, input *Sear return out, req.Send() } +const opSendDiagnosticInterrupt = "SendDiagnosticInterrupt" + +// SendDiagnosticInterruptRequest generates a "aws/request.Request" representing the +// client's request for the SendDiagnosticInterrupt operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See SendDiagnosticInterrupt for more information on using the SendDiagnosticInterrupt +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the SendDiagnosticInterruptRequest method. +// req, resp := client.SendDiagnosticInterruptRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SendDiagnosticInterrupt +func (c *EC2) SendDiagnosticInterruptRequest(input *SendDiagnosticInterruptInput) (req *request.Request, output *SendDiagnosticInterruptOutput) { + op := &request.Operation{ + Name: opSendDiagnosticInterrupt, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &SendDiagnosticInterruptInput{} + } + + output = &SendDiagnosticInterruptOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// SendDiagnosticInterrupt API operation for Amazon Elastic Compute Cloud. +// +// Sends a diagnostic interrupt to the specified Amazon EC2 instance to trigger +// a kernel panic (on Linux instances), or a blue screen/stop error (on Windows +// instances). For instances based on Intel and AMD processors, the interrupt +// is received as a non-maskable interrupt (NMI). +// +// In general, the operating system crashes and reboots when a kernel panic +// or stop error is triggered. The operating system can also be configured to +// perform diagnostic tasks, such as generating a memory dump file, loading +// a secondary kernel, or obtaining a call trace. +// +// Before sending a diagnostic interrupt to your instance, ensure that its operating +// system is configured to perform the required diagnostic tasks. +// +// For more information about configuring your operating system to generate +// a crash dump when a kernel panic or stop error occurs, see Send a Diagnostic +// Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html) +// (Linux instances) or Send a Diagnostic Interrupt (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/diagnostic-interrupt.html) +// (Windows instances). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation SendDiagnosticInterrupt for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SendDiagnosticInterrupt +func (c *EC2) SendDiagnosticInterrupt(input *SendDiagnosticInterruptInput) (*SendDiagnosticInterruptOutput, error) { + req, out := c.SendDiagnosticInterruptRequest(input) + return out, req.Send() +} + +// SendDiagnosticInterruptWithContext is the same as SendDiagnosticInterrupt with the addition of +// the ability to pass a context and additional request options. +// +// See SendDiagnosticInterrupt for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) SendDiagnosticInterruptWithContext(ctx aws.Context, input *SendDiagnosticInterruptInput, opts ...request.Option) (*SendDiagnosticInterruptOutput, error) { + req, out := c.SendDiagnosticInterruptRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opStartInstances = "StartInstances" // StartInstancesRequest generates a "aws/request.Request" representing the @@ -31657,10 +33482,17 @@ type AllocateHostsInput struct { AvailabilityZone *string `locationName:"availabilityZone" type:"string" required:"true"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` + // Indicates whether to enable or disable host recovery for the Dedicated Host. + // Host recovery is disabled by default. For more information, see Host Recovery + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Default: off + HostRecovery *string `type:"string" enum:"HostRecovery"` + // Specifies the instance type for which to configure your Dedicated Hosts. // When you specify the instance type, that is the only instance type that you // can launch onto that host. @@ -31724,6 +33556,12 @@ func (s *AllocateHostsInput) SetClientToken(v string) *AllocateHostsInput { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *AllocateHostsInput) SetHostRecovery(v string) *AllocateHostsInput { + s.HostRecovery = &v + return s +} + // SetInstanceType sets the InstanceType field's value. func (s *AllocateHostsInput) SetInstanceType(v string) *AllocateHostsInput { s.InstanceType = &v @@ -32068,6 +33906,12 @@ func (s *AssignPrivateIpAddressesInput) SetSecondaryPrivateIpAddressCount(v int6 type AssignPrivateIpAddressesOutput struct { _ struct{} `type:"structure"` + + // The private IP addresses assigned to the network interface. + AssignedPrivateIpAddresses []*AssignedPrivateIpAddress `locationName:"assignedPrivateIpAddressesSet" locationNameList:"item" type:"list"` + + // The ID of the network interface. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` } // String returns the string representation @@ -32080,6 +33924,42 @@ func (s AssignPrivateIpAddressesOutput) GoString() string { return s.String() } +// SetAssignedPrivateIpAddresses sets the AssignedPrivateIpAddresses field's value. +func (s *AssignPrivateIpAddressesOutput) SetAssignedPrivateIpAddresses(v []*AssignedPrivateIpAddress) *AssignPrivateIpAddressesOutput { + s.AssignedPrivateIpAddresses = v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *AssignPrivateIpAddressesOutput) SetNetworkInterfaceId(v string) *AssignPrivateIpAddressesOutput { + s.NetworkInterfaceId = &v + return s +} + +// Describes the private IP addresses assigned to a network interface. +type AssignedPrivateIpAddress struct { + _ struct{} `type:"structure"` + + // The private IP address assigned to the network interface. + PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` +} + +// String returns the string representation +func (s AssignedPrivateIpAddress) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s AssignedPrivateIpAddress) GoString() string { + return s.String() +} + +// SetPrivateIpAddress sets the PrivateIpAddress field's value. +func (s *AssignedPrivateIpAddress) SetPrivateIpAddress(v string) *AssignedPrivateIpAddress { + s.PrivateIpAddress = &v + return s +} + type AssociateAddressInput struct { _ struct{} `type:"structure"` @@ -34493,7 +36373,6 @@ func (s *CancelCapacityReservationOutput) SetReturn(v bool) *CancelCapacityReser return s } -// Contains the parameters for CancelConversionTask. type CancelConversionTaskInput struct { _ struct{} `type:"structure"` @@ -34567,7 +36446,6 @@ func (s CancelConversionTaskOutput) GoString() string { return s.String() } -// Contains the parameters for CancelExportTask. type CancelExportTaskInput struct { _ struct{} `type:"structure"` @@ -34620,7 +36498,6 @@ func (s CancelExportTaskOutput) GoString() string { return s.String() } -// Contains the parameters for CancelImportTask. type CancelImportTaskInput struct { _ struct{} `type:"structure"` @@ -34665,7 +36542,6 @@ func (s *CancelImportTaskInput) SetImportTaskId(v string) *CancelImportTaskInput return s } -// Contains the output for CancelImportTask. type CancelImportTaskOutput struct { _ struct{} `type:"structure"` @@ -35092,10 +36968,16 @@ type CapacityReservation struct { // The Availability Zone in which the capacity is reserved. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + // The Availability Zone ID of the Capacity Reservation. + AvailabilityZoneId *string `locationName:"availabilityZoneId" type:"string"` + // The remaining capacity. Indicates the number of instances that can be launched // in the Capacity Reservation. AvailableInstanceCount *int64 `locationName:"availableInstanceCount" type:"integer"` + // The Amazon Resource Name (ARN) of the Capacity Reservation. + CapacityReservationArn *string `locationName:"capacityReservationArn" type:"string"` + // The ID of the Capacity Reservation. CapacityReservationId *string `locationName:"capacityReservationId" type:"string"` @@ -35150,17 +37032,20 @@ type CapacityReservation struct { // The type of instance for which the Capacity Reservation reserves capacity. InstanceType *string `locationName:"instanceType" type:"string"` + // The ID of the AWS account that owns the Capacity Reservation. + OwnerId *string `locationName:"ownerId" type:"string"` + // The current state of the Capacity Reservation. A Capacity Reservation can // be in one of the following states: // // * active - The Capacity Reservation is active and the capacity is available // for your use. // - // * cancelled - The Capacity Reservation expired automatically at the date + // * expired - The Capacity Reservation expired automatically at the date // and time specified in your request. The reserved capacity is no longer // available for your use. // - // * expired - The Capacity Reservation was manually cancelled. The reserved + // * cancelled - The Capacity Reservation was manually cancelled. The reserved // capacity is no longer available for your use. // // * pending - The Capacity Reservation request was successful but the capacity @@ -35184,7 +37069,8 @@ type CapacityReservation struct { // that is dedicated to a single AWS account. Tenancy *string `locationName:"tenancy" type:"string" enum:"CapacityReservationTenancy"` - // The number of instances for which the Capacity Reservation reserves capacity. + // The total number of instances for which the Capacity Reservation reserves + // capacity. TotalInstanceCount *int64 `locationName:"totalInstanceCount" type:"integer"` } @@ -35204,12 +37090,24 @@ func (s *CapacityReservation) SetAvailabilityZone(v string) *CapacityReservation return s } +// SetAvailabilityZoneId sets the AvailabilityZoneId field's value. +func (s *CapacityReservation) SetAvailabilityZoneId(v string) *CapacityReservation { + s.AvailabilityZoneId = &v + return s +} + // SetAvailableInstanceCount sets the AvailableInstanceCount field's value. func (s *CapacityReservation) SetAvailableInstanceCount(v int64) *CapacityReservation { s.AvailableInstanceCount = &v return s } +// SetCapacityReservationArn sets the CapacityReservationArn field's value. +func (s *CapacityReservation) SetCapacityReservationArn(v string) *CapacityReservation { + s.CapacityReservationArn = &v + return s +} + // SetCapacityReservationId sets the CapacityReservationId field's value. func (s *CapacityReservation) SetCapacityReservationId(v string) *CapacityReservation { s.CapacityReservationId = &v @@ -35264,6 +37162,12 @@ func (s *CapacityReservation) SetInstanceType(v string) *CapacityReservation { return s } +// SetOwnerId sets the OwnerId field's value. +func (s *CapacityReservation) SetOwnerId(v string) *CapacityReservation { + s.OwnerId = &v + return s +} + // SetState sets the State field's value. func (s *CapacityReservation) SetState(v string) *CapacityReservation { s.State = &v @@ -36126,7 +38030,11 @@ type ClientVpnEndpoint struct { // The ARN of the server certificate. ServerCertificateArn *string `locationName:"serverCertificateArn" type:"string"` - // Indicates whether VPN split tunneling is supported. + // Indicates whether split-tunnel is enabled in the AWS Client VPN endpoint. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. SplitTunnel *bool `locationName:"splitTunnel" type:"boolean"` // The current state of the Client VPN endpoint. @@ -37062,39 +38970,32 @@ type CopySnapshotInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Specifies whether the destination snapshot should be encrypted. You can encrypt - // a copy of an unencrypted snapshot, but you cannot use it to create an unencrypted - // copy of an encrypted snapshot. Your default CMK for EBS is used unless you - // specify a non-default AWS Key Management Service (AWS KMS) CMK using KmsKeyId. - // For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) + // To encrypt a copy of an unencrypted snapshot if encryption by default is + // not enabled, enable encryption using this parameter. Otherwise, omit this + // parameter. Encrypted snapshots are encrypted, even if you omit this parameter + // and encryption by default is not enabled. You cannot set this parameter to + // false. For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) // in the Amazon Elastic Compute Cloud User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use when creating the encrypted volume. This parameter is only - // required if you want to use a non-default CMK; if this parameter is not specified, - // the default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted - // flag must also be set. + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. // - // The CMK identifier may be provided in any of the following formats: + // You can specify the CMK using any of the following: // - // * Key ID + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the CMK, the AWS account ID of the CMK owner, the alias - // namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias. For example, alias/ExampleAlias. // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the Region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the Region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // AWS parses KmsKeyId asynchronously, meaning that the action you call may - // appear to complete even though you provided an invalid identifier. The action - // will eventually fail. + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // When you copy an encrypted source snapshot using the Amazon EC2 Query API, @@ -37262,9 +39163,8 @@ type CpuOptionsRequest struct { // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` - // The number of threads per CPU core. To disable Intel Hyper-Threading Technology - // for the instance, specify a value of 1. Otherwise, specify the default value - // of 2. + // The number of threads per CPU core. To disable multithreading for the instance, + // specify a value of 1. Otherwise, specify the default value of 2. ThreadsPerCore *int64 `type:"integer"` } @@ -37294,9 +39194,10 @@ type CreateCapacityReservationInput struct { _ struct{} `type:"structure"` // The Availability Zone in which to create the Capacity Reservation. - // - // AvailabilityZone is a required field - AvailabilityZone *string `type:"string" required:"true"` + AvailabilityZone *string `type:"string"` + + // The ID of the Availability Zone in which to create the Capacity Reservation. + AvailabilityZoneId *string `type:"string"` // Unique, case-sensitive identifier that you provide to ensure the idempotency // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). @@ -37406,9 +39307,6 @@ func (s CreateCapacityReservationInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateCapacityReservationInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateCapacityReservationInput"} - if s.AvailabilityZone == nil { - invalidParams.Add(request.NewErrParamRequired("AvailabilityZone")) - } if s.InstanceCount == nil { invalidParams.Add(request.NewErrParamRequired("InstanceCount")) } @@ -37431,6 +39329,12 @@ func (s *CreateCapacityReservationInput) SetAvailabilityZone(v string) *CreateCa return s } +// SetAvailabilityZoneId sets the AvailabilityZoneId field's value. +func (s *CreateCapacityReservationInput) SetAvailabilityZoneId(v string) *CreateCapacityReservationInput { + s.AvailabilityZoneId = &v + return s +} + // SetClientToken sets the ClientToken field's value. func (s *CreateCapacityReservationInput) SetClientToken(v string) *CreateCapacityReservationInput { s.ClientToken = &v @@ -37568,8 +39472,7 @@ type CreateClientVpnEndpointInput struct { // Information about the DNS servers to be used for DNS resolution. A Client // VPN endpoint can have up to two DNS servers. If no DNS server is specified, - // the DNS address of the VPC that is to be associated with Client VPN endpoint - // is used as the DNS server. + // the DNS address configured on the device is used for the DNS server. DnsServers []*string `locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -37584,6 +39487,15 @@ type CreateClientVpnEndpointInput struct { // ServerCertificateArn is a required field ServerCertificateArn *string `type:"string" required:"true"` + // Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint. + // + // By default, split-tunnel on a VPN endpoint is disabled. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. + SplitTunnel *bool `type:"boolean"` + // The tags to apply to the Client VPN endpoint during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` @@ -37673,6 +39585,12 @@ func (s *CreateClientVpnEndpointInput) SetServerCertificateArn(v string) *Create return s } +// SetSplitTunnel sets the SplitTunnel field's value. +func (s *CreateClientVpnEndpointInput) SetSplitTunnel(v bool) *CreateClientVpnEndpointInput { + s.SplitTunnel = &v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateClientVpnEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateClientVpnEndpointInput { s.TagSpecifications = v @@ -37868,6 +39786,9 @@ type CreateCustomerGatewayInput struct { // BgpAsn is a required field BgpAsn *int64 `type:"integer" required:"true"` + // The Amazon Resource Name (ARN) for the customer gateway certificate. + CertificateArn *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -37876,9 +39797,7 @@ type CreateCustomerGatewayInput struct { // The Internet-routable IP address for the customer gateway's outside interface. // The address must be static. - // - // PublicIp is a required field - PublicIp *string `locationName:"IpAddress" type:"string" required:"true"` + PublicIp *string `locationName:"IpAddress" type:"string"` // The type of VPN connection that this customer gateway supports (ipsec.1). // @@ -37902,9 +39821,6 @@ func (s *CreateCustomerGatewayInput) Validate() error { if s.BgpAsn == nil { invalidParams.Add(request.NewErrParamRequired("BgpAsn")) } - if s.PublicIp == nil { - invalidParams.Add(request.NewErrParamRequired("PublicIp")) - } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -37921,6 +39837,12 @@ func (s *CreateCustomerGatewayInput) SetBgpAsn(v int64) *CreateCustomerGatewayIn return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *CreateCustomerGatewayInput) SetCertificateArn(v string) *CreateCustomerGatewayInput { + s.CertificateArn = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateCustomerGatewayInput) SetDryRun(v bool) *CreateCustomerGatewayInput { s.DryRun = &v @@ -38330,7 +40252,7 @@ type CreateFleetInput struct { // LaunchTemplateConfigs is a required field LaunchTemplateConfigs []*FleetLaunchTemplateConfigRequest `locationNameList:"item" type:"list" required:"true"` - // The allocation strategy of On-Demand Instances in an EC2 Fleet. + // Describes the configuration of On-Demand Instances in an EC2 Fleet. OnDemandOptions *OnDemandOptionsRequest `type:"structure"` // Indicates whether EC2 Fleet should replace unhealthy instances. @@ -38345,8 +40267,7 @@ type CreateFleetInput struct { // For information about tagging after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The TotalTargetCapacity, OnDemandTargetCapacity, SpotTargetCapacity, and - // DefaultCapacityType structure. + // The number of units to request. // // TargetCapacitySpecification is a required field TargetCapacitySpecification *TargetCapacitySpecificationRequest `type:"structure" required:"true"` @@ -38647,6 +40568,17 @@ type CreateFlowLogsInput struct { // Default: cloud-watch-logs LogDestinationType *string `type:"string" enum:"LogDestinationType"` + // The fields to include in the flow log record, in the order in which they + // should appear. For a list of available fields, see Flow Log Records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records). + // If you omit this parameter, the flow log is created using the default format. + // If you specify this parameter, you must specify at least one field. + // + // Specify the fields using the ${field-id} format, separated by spaces. For + // the AWS CLI, use single quotation marks (' ') to surround the parameter value. + // + // Only applicable to flow logs that are published to an Amazon S3 bucket. + LogFormat *string `type:"string"` + // The name of a new or existing CloudWatch Logs log group where Amazon EC2 // publishes your flow logs. // @@ -38734,6 +40666,12 @@ func (s *CreateFlowLogsInput) SetLogDestinationType(v string) *CreateFlowLogsInp return s } +// SetLogFormat sets the LogFormat field's value. +func (s *CreateFlowLogsInput) SetLogFormat(v string) *CreateFlowLogsInput { + s.LogFormat = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *CreateFlowLogsInput) SetLogGroupName(v string) *CreateFlowLogsInput { s.LogGroupName = &v @@ -38923,7 +40861,7 @@ func (s *CreateFpgaImageOutput) SetFpgaImageId(v string) *CreateFpgaImageOutput type CreateImageInput struct { _ struct{} `type:"structure"` - // Tthe block device mappings. This parameter cannot be used to modify the encryption + // The block device mappings. This parameter cannot be used to modify the encryption // status of existing volumes or snapshots. To create an AMI with encrypted // snapshots, use the CopyImage action. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` @@ -39043,7 +40981,6 @@ func (s *CreateImageOutput) SetImageId(v string) *CreateImageOutput { return s } -// Contains the parameters for CreateInstanceExportTask. type CreateInstanceExportTaskInput struct { _ struct{} `type:"structure"` @@ -39110,7 +41047,6 @@ func (s *CreateInstanceExportTaskInput) SetTargetEnvironment(v string) *CreateIn return s } -// Contains the output for CreateInstanceExportTask. type CreateInstanceExportTaskOutput struct { _ struct{} `type:"structure"` @@ -39302,6 +41238,9 @@ type CreateLaunchTemplateInput struct { // LaunchTemplateName is a required field LaunchTemplateName *string `min:"3" type:"string" required:"true"` + // The tags to apply to the launch template during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // A description for the first version of the launch template. VersionDescription *string `type:"string"` } @@ -39364,6 +41303,12 @@ func (s *CreateLaunchTemplateInput) SetLaunchTemplateName(v string) *CreateLaunc return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateLaunchTemplateInput) SetTagSpecifications(v []*TagSpecification) *CreateLaunchTemplateInput { + s.TagSpecifications = v + return s +} + // SetVersionDescription sets the VersionDescription field's value. func (s *CreateLaunchTemplateInput) SetVersionDescription(v string) *CreateLaunchTemplateInput { s.VersionDescription = &v @@ -39423,7 +41368,9 @@ type CreateLaunchTemplateVersionInput struct { // The version number of the launch template version on which to base the new // version. The new version inherits the same launch parameters as the source - // version, except for parameters that you specify in LaunchTemplateData. + // version, except for parameters that you specify in LaunchTemplateData. Snapshots + // applied to the block device mapping are ignored when creating a new version + // unless they are explicitly included. SourceVersion *string `type:"string"` // A description for the version of the launch template. @@ -39886,8 +41833,6 @@ type CreateNetworkInterfaceInput struct { // Indicates the type of network interface. To create an Elastic Fabric Adapter // (EFA), specify efa. For more information, see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) // in the Amazon Elastic Compute Cloud User Guide. - // - // If you are not creating an EFA, specify interface or omit this parameter. InterfaceType *string `type:"string" enum:"NetworkInterfaceCreationType"` // The number of IPv6 addresses to assign to a network interface. Amazon EC2 @@ -40734,7 +42679,7 @@ func (s *CreateSnapshotInput) SetVolumeId(v string) *CreateSnapshotInput { type CreateSnapshotsInput struct { _ struct{} `type:"structure"` - // Copies the tags from the specified instance to all snapshots. + // Copies the tags from the specified volume to corresponding snapshot. CopyTagsFromSource *string `type:"string" enum:"CopyTagsFromSource"` // A description propagated to every snapshot specified by the instance. @@ -41115,6 +43060,589 @@ func (s CreateTagsOutput) GoString() string { return s.String() } +type CreateTrafficMirrorFilterInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror filter. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tags to assign to a Traffic Mirror filter. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterInput) SetClientToken(v string) *CreateTrafficMirrorFilterInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorFilterInput) SetDescription(v string) *CreateTrafficMirrorFilterInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorFilterInput) SetDryRun(v bool) *CreateTrafficMirrorFilterInput { + s.DryRun = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorFilterInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorFilterInput { + s.TagSpecifications = v + return s +} + +type CreateTrafficMirrorFilterOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror filter. + TrafficMirrorFilter *TrafficMirrorFilter `locationName:"trafficMirrorFilter" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterOutput) SetClientToken(v string) *CreateTrafficMirrorFilterOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorFilter sets the TrafficMirrorFilter field's value. +func (s *CreateTrafficMirrorFilterOutput) SetTrafficMirrorFilter(v *TrafficMirrorFilter) *CreateTrafficMirrorFilterOutput { + s.TrafficMirrorFilter = v + return s +} + +type CreateTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror rule. + Description *string `type:"string"` + + // The destination CIDR block to assign to the Traffic Mirror rule. + // + // DestinationCidrBlock is a required field + DestinationCidrBlock *string `type:"string" required:"true"` + + // The destination port range. + DestinationPortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The protocol, for example UDP, to assign to the Traffic Mirror rule. + // + // For information about the protocol value, see Protocol Numbers (https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) + // on the Internet Assigned Numbers Authority (IANA) website. + Protocol *int64 `type:"integer"` + + // The action to take (accept | reject) on the filtered traffic. + // + // RuleAction is a required field + RuleAction *string `type:"string" required:"true" enum:"TrafficMirrorRuleAction"` + + // The number of the Traffic Mirror rule. This number must be unique for each + // Traffic Mirror rule in a given direction. The rules are processed in ascending + // order by rule number. + // + // RuleNumber is a required field + RuleNumber *int64 `type:"integer" required:"true"` + + // The source CIDR block to assign to the Traffic Mirror rule. + // + // SourceCidrBlock is a required field + SourceCidrBlock *string `type:"string" required:"true"` + + // The source port range. + SourcePortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // The type of traffic (ingress | egress). + // + // TrafficDirection is a required field + TrafficDirection *string `type:"string" required:"true" enum:"TrafficDirection"` + + // The ID of the filter that this rule is associated with. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTrafficMirrorFilterRuleInput"} + if s.DestinationCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) + } + if s.RuleAction == nil { + invalidParams.Add(request.NewErrParamRequired("RuleAction")) + } + if s.RuleNumber == nil { + invalidParams.Add(request.NewErrParamRequired("RuleNumber")) + } + if s.SourceCidrBlock == nil { + invalidParams.Add(request.NewErrParamRequired("SourceCidrBlock")) + } + if s.TrafficDirection == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficDirection")) + } + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetClientToken(v string) *CreateTrafficMirrorFilterRuleInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDescription(v string) *CreateTrafficMirrorFilterRuleInput { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDestinationCidrBlock(v string) *CreateTrafficMirrorFilterRuleInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDestinationPortRange(v *TrafficMirrorPortRangeRequest) *CreateTrafficMirrorFilterRuleInput { + s.DestinationPortRange = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetDryRun(v bool) *CreateTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetProtocol(v int64) *CreateTrafficMirrorFilterRuleInput { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetRuleAction(v string) *CreateTrafficMirrorFilterRuleInput { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetRuleNumber(v int64) *CreateTrafficMirrorFilterRuleInput { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetSourceCidrBlock(v string) *CreateTrafficMirrorFilterRuleInput { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetSourcePortRange(v *TrafficMirrorPortRangeRequest) *CreateTrafficMirrorFilterRuleInput { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetTrafficDirection(v string) *CreateTrafficMirrorFilterRuleInput { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *CreateTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterId(v string) *CreateTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterId = &v + return s +} + +type CreateTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // The Traffic Mirror rule. + TrafficMirrorFilterRule *TrafficMirrorFilterRule `locationName:"trafficMirrorFilterRule" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorFilterRuleOutput) SetClientToken(v string) *CreateTrafficMirrorFilterRuleOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorFilterRule sets the TrafficMirrorFilterRule field's value. +func (s *CreateTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRule(v *TrafficMirrorFilterRule) *CreateTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRule = v + return s +} + +type CreateTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror session. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the source network interface. + // + // NetworkInterfaceId is a required field + NetworkInterfaceId *string `type:"string" required:"true"` + + // The number of bytes in each packet to mirror. These are bytes after the VXLAN + // header. Do not specify this parameter when you want to mirror the entire + // packet. To mirror a subset of the packet, set this to the length (in bytes) + // that you want to mirror. For example, if you set this value to 1network0, + // then the first 100 bytes that meet the filter criteria are copied to the + // target. + // + // If you do not want to mirror the entire packet, use the PacketLength parameter + // to specify the number of bytes in each packet to mirror. + PacketLength *int64 `type:"integer"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + // + // SessionNumber is a required field + SessionNumber *int64 `type:"integer" required:"true"` + + // The tags to assign to a Traffic Mirror session. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` + + // The ID of the Traffic Mirror target. + // + // TrafficMirrorTargetId is a required field + TrafficMirrorTargetId *string `type:"string" required:"true"` + + // The VXLAN ID for the Traffic Mirror session. For more information about the + // VXLAN protocol, see RFC 7348 (https://tools.ietf.org/html/rfc7348). If you + // do not specify a VirtualNetworkId, an account-wide unique id is chosen at + // random. + VirtualNetworkId *int64 `type:"integer"` +} + +// String returns the string representation +func (s CreateTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTrafficMirrorSessionInput"} + if s.NetworkInterfaceId == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceId")) + } + if s.SessionNumber == nil { + invalidParams.Add(request.NewErrParamRequired("SessionNumber")) + } + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + if s.TrafficMirrorTargetId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorTargetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorSessionInput) SetClientToken(v string) *CreateTrafficMirrorSessionInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorSessionInput) SetDescription(v string) *CreateTrafficMirrorSessionInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorSessionInput) SetDryRun(v bool) *CreateTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *CreateTrafficMirrorSessionInput) SetNetworkInterfaceId(v string) *CreateTrafficMirrorSessionInput { + s.NetworkInterfaceId = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *CreateTrafficMirrorSessionInput) SetPacketLength(v int64) *CreateTrafficMirrorSessionInput { + s.PacketLength = &v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *CreateTrafficMirrorSessionInput) SetSessionNumber(v int64) *CreateTrafficMirrorSessionInput { + s.SessionNumber = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorSessionInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorSessionInput { + s.TagSpecifications = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *CreateTrafficMirrorSessionInput) SetTrafficMirrorFilterId(v string) *CreateTrafficMirrorSessionInput { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *CreateTrafficMirrorSessionInput) SetTrafficMirrorTargetId(v string) *CreateTrafficMirrorSessionInput { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *CreateTrafficMirrorSessionInput) SetVirtualNetworkId(v int64) *CreateTrafficMirrorSessionInput { + s.VirtualNetworkId = &v + return s +} + +type CreateTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror session. + TrafficMirrorSession *TrafficMirrorSession `locationName:"trafficMirrorSession" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorSessionOutput) SetClientToken(v string) *CreateTrafficMirrorSessionOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorSession sets the TrafficMirrorSession field's value. +func (s *CreateTrafficMirrorSessionOutput) SetTrafficMirrorSession(v *TrafficMirrorSession) *CreateTrafficMirrorSessionOutput { + s.TrafficMirrorSession = v + return s +} + +type CreateTrafficMirrorTargetInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + + // The description of the Traffic Mirror target. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The network interface ID that is associated with the target. + NetworkInterfaceId *string `type:"string"` + + // The Amazon Resource Name (ARN) of the Network Load Balancer that is associated + // with the target. + NetworkLoadBalancerArn *string `type:"string"` + + // The tags to assign to the Traffic Mirror target. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s CreateTrafficMirrorTargetInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorTargetInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorTargetInput) SetClientToken(v string) *CreateTrafficMirrorTargetInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateTrafficMirrorTargetInput) SetDescription(v string) *CreateTrafficMirrorTargetInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateTrafficMirrorTargetInput) SetDryRun(v bool) *CreateTrafficMirrorTargetInput { + s.DryRun = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *CreateTrafficMirrorTargetInput) SetNetworkInterfaceId(v string) *CreateTrafficMirrorTargetInput { + s.NetworkInterfaceId = &v + return s +} + +// SetNetworkLoadBalancerArn sets the NetworkLoadBalancerArn field's value. +func (s *CreateTrafficMirrorTargetInput) SetNetworkLoadBalancerArn(v string) *CreateTrafficMirrorTargetInput { + s.NetworkLoadBalancerArn = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateTrafficMirrorTargetInput) SetTagSpecifications(v []*TagSpecification) *CreateTrafficMirrorTargetInput { + s.TagSpecifications = v + return s +} + +type CreateTrafficMirrorTargetOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the Traffic Mirror target. + TrafficMirrorTarget *TrafficMirrorTarget `locationName:"trafficMirrorTarget" type:"structure"` +} + +// String returns the string representation +func (s CreateTrafficMirrorTargetOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateTrafficMirrorTargetOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateTrafficMirrorTargetOutput) SetClientToken(v string) *CreateTrafficMirrorTargetOutput { + s.ClientToken = &v + return s +} + +// SetTrafficMirrorTarget sets the TrafficMirrorTarget field's value. +func (s *CreateTrafficMirrorTargetOutput) SetTrafficMirrorTarget(v *TrafficMirrorTarget) *CreateTrafficMirrorTargetOutput { + s.TrafficMirrorTarget = v + return s +} + type CreateTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -41549,18 +44077,14 @@ type CreateVolumeInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Specifies the encryption state of the volume. The default effect of setting - // the Encrypted parameter to true depends on the volume origin (new or from - // a snapshot), starting encryption state, ownership, and whether account-level - // encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/account-level-encryption.html) - // is enabled. Each default case can be overridden by specifying a customer - // master key (CMK) using the KmsKeyId parameter, in addition to setting Encrypted - // to true. For a complete list of possible encryption cases, see Amazon EBS - // Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html). - // - // Encrypted Amazon EBS volumes may only be attached to instances that support - // Amazon EBS encryption. For more information, see Supported Instance Types - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // Specifies whether the volume should be encrypted. The effect of setting the + // encryption state to true depends on the volume origin (new or from a snapshot), + // starting encryption state, ownership, and whether encryption by default is + // enabled. For more information, see Encryption by Default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Encrypted Amazon EBS volumes must be attached to instances that support Amazon + // EBS encryption. For more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) to provision for the volume, @@ -41574,31 +44098,24 @@ type CreateVolumeInput struct { // This parameter is valid only for Provisioned IOPS SSD (io1) volumes. Iops *int64 `type:"integer"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use to encrypt the volume. This parameter is only required if - // you want to use a non-default CMK; if this parameter is not specified, the - // default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted flag - // must also be set. + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. // - // The CMK identifier may be provided in any of the following formats: + // You can specify the CMK using any of the following: // - // * Key ID + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the CMK, the AWS account ID of the CMK owner, the alias - // namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias. For example, alias/ExampleAlias. // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the Region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the Region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. // - // AWS parses KmsKeyId asynchronously, meaning that the action you call may - // appear to complete even though you provided an invalid identifier. The action - // will eventually fail. + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. KmsKeyId *string `type:"string"` // The size of the volume, in GiBs. @@ -41625,10 +44142,7 @@ type CreateVolumeInput struct { // IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard // for Magnetic volumes. // - // Defaults: If no volume type is specified, the default is standard in us-east-1, - // eu-west-1, eu-central-1, us-west-2, us-west-1, sa-east-1, ap-northeast-1, - // ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, us-gov-west-1, - // and cn-north-1. In all other Regions, EBS defaults to gp2. + // Default: gp2 VolumeType *string `type:"string" enum:"VolumeType"` } @@ -42403,7 +44917,7 @@ type CreateVpnConnectionInput struct { // specify a virtual private gateway. TransitGatewayId *string `type:"string"` - // The type of VPN connection (ipsec.1 | ipsec.2). + // The type of VPN connection (ipsec.1). // // Type is a required field Type *string `type:"string" required:"true"` @@ -42736,6 +45250,9 @@ type CustomerGateway struct { // (ASN). BgpAsn *string `locationName:"bgpAsn" type:"string"` + // The Amazon Resource Name (ARN) for the customer gateway certificate. + CertificateArn *string `locationName:"certificateArn" type:"string"` + // The ID of the customer gateway. CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` @@ -42769,6 +45286,12 @@ func (s *CustomerGateway) SetBgpAsn(v string) *CustomerGateway { return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *CustomerGateway) SetCertificateArn(v string) *CustomerGateway { + s.CertificateArn = &v + return s +} + // SetCustomerGatewayId sets the CustomerGatewayId field's value. func (s *CustomerGateway) SetCustomerGatewayId(v string) *CustomerGateway { s.CustomerGatewayId = &v @@ -44362,6 +46885,125 @@ func (s DeletePlacementGroupOutput) GoString() string { return s.String() } +// Describes the error for a Reserved Instance whose queued purchase could not +// be deleted. +type DeleteQueuedReservedInstancesError struct { + _ struct{} `type:"structure"` + + // The error code. + Code *string `locationName:"code" type:"string" enum:"DeleteQueuedReservedInstancesErrorCode"` + + // The error message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesError) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesError) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *DeleteQueuedReservedInstancesError) SetCode(v string) *DeleteQueuedReservedInstancesError { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *DeleteQueuedReservedInstancesError) SetMessage(v string) *DeleteQueuedReservedInstancesError { + s.Message = &v + return s +} + +type DeleteQueuedReservedInstancesInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the Reserved Instances. + // + // ReservedInstancesIds is a required field + ReservedInstancesIds []*string `locationName:"ReservedInstancesId" locationNameList:"item" min:"1" type:"list" required:"true"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteQueuedReservedInstancesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteQueuedReservedInstancesInput"} + if s.ReservedInstancesIds == nil { + invalidParams.Add(request.NewErrParamRequired("ReservedInstancesIds")) + } + if s.ReservedInstancesIds != nil && len(s.ReservedInstancesIds) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ReservedInstancesIds", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteQueuedReservedInstancesInput) SetDryRun(v bool) *DeleteQueuedReservedInstancesInput { + s.DryRun = &v + return s +} + +// SetReservedInstancesIds sets the ReservedInstancesIds field's value. +func (s *DeleteQueuedReservedInstancesInput) SetReservedInstancesIds(v []*string) *DeleteQueuedReservedInstancesInput { + s.ReservedInstancesIds = v + return s +} + +type DeleteQueuedReservedInstancesOutput struct { + _ struct{} `type:"structure"` + + // Information about the queued purchases that could not be deleted. + FailedQueuedPurchaseDeletions []*FailedQueuedPurchaseDeletion `locationName:"failedQueuedPurchaseDeletionSet" locationNameList:"item" type:"list"` + + // Information about the queued purchases that were successfully deleted. + SuccessfulQueuedPurchaseDeletions []*SuccessfulQueuedPurchaseDeletion `locationName:"successfulQueuedPurchaseDeletionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DeleteQueuedReservedInstancesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteQueuedReservedInstancesOutput) GoString() string { + return s.String() +} + +// SetFailedQueuedPurchaseDeletions sets the FailedQueuedPurchaseDeletions field's value. +func (s *DeleteQueuedReservedInstancesOutput) SetFailedQueuedPurchaseDeletions(v []*FailedQueuedPurchaseDeletion) *DeleteQueuedReservedInstancesOutput { + s.FailedQueuedPurchaseDeletions = v + return s +} + +// SetSuccessfulQueuedPurchaseDeletions sets the SuccessfulQueuedPurchaseDeletions field's value. +func (s *DeleteQueuedReservedInstancesOutput) SetSuccessfulQueuedPurchaseDeletions(v []*SuccessfulQueuedPurchaseDeletion) *DeleteQueuedReservedInstancesOutput { + s.SuccessfulQueuedPurchaseDeletions = v + return s +} + type DeleteRouteInput struct { _ struct{} `type:"structure"` @@ -44822,6 +47464,298 @@ func (s DeleteTagsOutput) GoString() string { return s.String() } +type DeleteTrafficMirrorFilterInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorFilterInput"} + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorFilterInput) SetDryRun(v bool) *DeleteTrafficMirrorFilterInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *DeleteTrafficMirrorFilterInput) SetTrafficMirrorFilterId(v string) *DeleteTrafficMirrorFilterInput { + s.TrafficMirrorFilterId = &v + return s +} + +type DeleteTrafficMirrorFilterOutput struct { + _ struct{} `type:"structure"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *DeleteTrafficMirrorFilterOutput) SetTrafficMirrorFilterId(v string) *DeleteTrafficMirrorFilterOutput { + s.TrafficMirrorFilterId = &v + return s +} + +type DeleteTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror rule. + // + // TrafficMirrorFilterRuleId is a required field + TrafficMirrorFilterRuleId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorFilterRuleInput"} + if s.TrafficMirrorFilterRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorFilterRuleInput) SetDryRun(v bool) *DeleteTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *DeleteTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterRuleId(v string) *DeleteTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type DeleteTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror rule. + TrafficMirrorFilterRuleId *string `locationName:"trafficMirrorFilterRuleId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *DeleteTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRuleId(v string) *DeleteTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type DeleteTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror session. + // + // TrafficMirrorSessionId is a required field + TrafficMirrorSessionId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorSessionInput"} + if s.TrafficMirrorSessionId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorSessionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorSessionInput) SetDryRun(v bool) *DeleteTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *DeleteTrafficMirrorSessionInput) SetTrafficMirrorSessionId(v string) *DeleteTrafficMirrorSessionInput { + s.TrafficMirrorSessionId = &v + return s +} + +type DeleteTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror session. + TrafficMirrorSessionId *string `locationName:"trafficMirrorSessionId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *DeleteTrafficMirrorSessionOutput) SetTrafficMirrorSessionId(v string) *DeleteTrafficMirrorSessionOutput { + s.TrafficMirrorSessionId = &v + return s +} + +type DeleteTrafficMirrorTargetInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Traffic Mirror target. + // + // TrafficMirrorTargetId is a required field + TrafficMirrorTargetId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorTargetInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorTargetInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteTrafficMirrorTargetInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficMirrorTargetInput"} + if s.TrafficMirrorTargetId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorTargetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteTrafficMirrorTargetInput) SetDryRun(v bool) *DeleteTrafficMirrorTargetInput { + s.DryRun = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *DeleteTrafficMirrorTargetInput) SetTrafficMirrorTargetId(v string) *DeleteTrafficMirrorTargetInput { + s.TrafficMirrorTargetId = &v + return s +} + +type DeleteTrafficMirrorTargetOutput struct { + _ struct{} `type:"structure"` + + // The ID of the deleted Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` +} + +// String returns the string representation +func (s DeleteTrafficMirrorTargetOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DeleteTrafficMirrorTargetOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *DeleteTrafficMirrorTargetOutput) SetTrafficMirrorTargetId(v string) *DeleteTrafficMirrorTargetOutput { + s.TrafficMirrorTargetId = &v + return s +} + type DeleteTransitGatewayInput struct { _ struct{} `type:"structure"` @@ -46305,10 +49239,10 @@ type DescribeByoipCidrsInput struct { // remaining results, make another call with the returned nextToken value. // // MaxResults is a required field - MaxResults *int64 `min:"5" type:"integer" required:"true"` + MaxResults *int64 `min:"1" type:"integer" required:"true"` // The token for the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -46327,11 +49261,8 @@ func (s *DescribeByoipCidrsInput) Validate() error { if s.MaxResults == nil { invalidParams.Add(request.NewErrParamRequired("MaxResults")) } - if s.MaxResults != nil && *s.MaxResults < 5 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } if invalidParams.Len() > 0 { @@ -46538,7 +49469,7 @@ type DescribeClassicLinkInstancesInput struct { // remaining results, make another call with the returned nextToken value. // // Constraint: If the value is greater than 1000, we return only 1000 items. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` // The token for the next page of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -46554,6 +49485,19 @@ func (s DescribeClassicLinkInstancesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeClassicLinkInstancesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeClassicLinkInstancesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeClassicLinkInstancesInput) SetDryRun(v bool) *DescribeClassicLinkInstancesInput { s.DryRun = &v @@ -46640,7 +49584,7 @@ type DescribeClientVpnAuthorizationRulesInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -46662,9 +49606,6 @@ func (s *DescribeClientVpnAuthorizationRulesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -46710,7 +49651,7 @@ type DescribeClientVpnAuthorizationRulesOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -46758,7 +49699,7 @@ type DescribeClientVpnConnectionsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -46780,9 +49721,6 @@ func (s *DescribeClientVpnConnectionsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -46828,7 +49766,7 @@ type DescribeClientVpnConnectionsOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -46874,7 +49812,7 @@ type DescribeClientVpnEndpointsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -46893,9 +49831,6 @@ func (s *DescribeClientVpnEndpointsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -46941,7 +49876,7 @@ type DescribeClientVpnEndpointsOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -46989,7 +49924,7 @@ type DescribeClientVpnRoutesInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -47011,9 +49946,6 @@ func (s *DescribeClientVpnRoutesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -47056,7 +49988,7 @@ type DescribeClientVpnRoutesOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` // Information about the Client VPN endpoint routes. Routes []*ClientVpnRoute `locationName:"routes" locationNameList:"item" type:"list"` @@ -47110,7 +50042,7 @@ type DescribeClientVpnTargetNetworksInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -47132,9 +50064,6 @@ func (s *DescribeClientVpnTargetNetworksInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -47186,7 +50115,7 @@ type DescribeClientVpnTargetNetworksOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -47211,7 +50140,6 @@ func (s *DescribeClientVpnTargetNetworksOutput) SetNextToken(v string) *Describe return s } -// Contains the parameters for DescribeConversionTasks. type DescribeConversionTasksInput struct { _ struct{} `type:"structure"` @@ -47247,7 +50175,6 @@ func (s *DescribeConversionTasksInput) SetDryRun(v bool) *DescribeConversionTask return s } -// Contains the output for DescribeConversionTasks. type DescribeConversionTasksOutput struct { _ struct{} `type:"structure"` @@ -47509,7 +50436,7 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // The maximum number of results to return with a single call. To retrieve the // remaining results, make another call with the returned nextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The token for the next page of results. NextToken *string `type:"string"` @@ -47525,6 +50452,19 @@ func (s DescribeEgressOnlyInternetGatewaysInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeEgressOnlyInternetGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeEgressOnlyInternetGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeEgressOnlyInternetGatewaysInput) SetDryRun(v bool) *DescribeEgressOnlyInternetGatewaysInput { s.DryRun = &v @@ -47717,7 +50657,115 @@ func (s *DescribeElasticGpusOutput) SetNextToken(v string) *DescribeElasticGpusO return s } -// Contains the parameters for DescribeExportTasks. +type DescribeExportImageTasksInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IDs of the export image tasks. + ExportImageTaskIds []*string `locationName:"ExportImageTaskId" locationNameList:"ExportImageTaskId" type:"list"` + + // Filter tasks using the task-state filter and one of the following values: + // active, completed, deleting, or deleted. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return in a single call. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s DescribeExportImageTasksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportImageTasksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeExportImageTasksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeExportImageTasksInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeExportImageTasksInput) SetDryRun(v bool) *DescribeExportImageTasksInput { + s.DryRun = &v + return s +} + +// SetExportImageTaskIds sets the ExportImageTaskIds field's value. +func (s *DescribeExportImageTasksInput) SetExportImageTaskIds(v []*string) *DescribeExportImageTasksInput { + s.ExportImageTaskIds = v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeExportImageTasksInput) SetFilters(v []*Filter) *DescribeExportImageTasksInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeExportImageTasksInput) SetMaxResults(v int64) *DescribeExportImageTasksInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportImageTasksInput) SetNextToken(v string) *DescribeExportImageTasksInput { + s.NextToken = &v + return s +} + +type DescribeExportImageTasksOutput struct { + _ struct{} `type:"structure"` + + // Information about the export image tasks. + ExportImageTasks []*ExportImageTask `locationName:"exportImageTaskSet" locationNameList:"item" type:"list"` + + // The token to use to get the next page of results. This value is null when + // there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation +func (s DescribeExportImageTasksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeExportImageTasksOutput) GoString() string { + return s.String() +} + +// SetExportImageTasks sets the ExportImageTasks field's value. +func (s *DescribeExportImageTasksOutput) SetExportImageTasks(v []*ExportImageTask) *DescribeExportImageTasksOutput { + s.ExportImageTasks = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportImageTasksOutput) SetNextToken(v string) *DescribeExportImageTasksOutput { + s.NextToken = &v + return s +} + type DescribeExportTasksInput struct { _ struct{} `type:"structure"` @@ -47741,7 +50789,6 @@ func (s *DescribeExportTasksInput) SetExportTaskIds(v []*string) *DescribeExport return s } -// Contains the output for DescribeExportTasks. type DescribeExportTasksOutput struct { _ struct{} `type:"structure"` @@ -48520,7 +51567,7 @@ type DescribeFpgaImagesInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to retrieve the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` // Filters the AFI by owner. Specify an AWS account ID, self (owner is the sender // of the request), or an AWS owner alias (valid values are amazon | aws-marketplace). @@ -48543,9 +51590,6 @@ func (s *DescribeFpgaImagesInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -48597,7 +51641,7 @@ type DescribeFpgaImagesOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -48887,11 +51931,13 @@ type DescribeHostsInput struct { // The maximum number of results to return for the request in a single page. // The remaining results can be seen by sending another request with the returned // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. You cannot specify this parameter - // and the host IDs parameter in the same request. + // a larger value than 500, you receive an error. + // + // You cannot specify this parameter and the host IDs parameter in the same + // request. MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to retrieve the next page of results. + // The token to use to retrieve the next page of results. NextToken *string `locationName:"nextToken" type:"string"` } @@ -48981,7 +52027,7 @@ type DescribeIamInstanceProfileAssociationsInput struct { MaxResults *int64 `min:"5" type:"integer"` // The token to request the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` } // String returns the string representation @@ -49000,9 +52046,6 @@ func (s *DescribeIamInstanceProfileAssociationsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -49042,7 +52085,7 @@ type DescribeIamInstanceProfileAssociationsOutput struct { // The token to use to retrieve the next page of results. This value is null // when there are no more results to return. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation @@ -49368,7 +52411,7 @@ type DescribeImagesInput struct { // The filters. // - // * architecture - The image architecture (i386 | x86_64). + // * architecture - The image architecture (i386 | x86_64 | arm64). // // * block-device-mapping.delete-on-termination - A Boolean value that indicates // whether the Amazon EBS volume is deleted on instance termination. @@ -49523,7 +52566,6 @@ func (s *DescribeImagesOutput) SetImages(v []*Image) *DescribeImagesOutput { return s } -// Contains the parameters for DescribeImportImageTasks. type DescribeImportImageTasksInput struct { _ struct{} `type:"structure"` @@ -49534,14 +52576,13 @@ type DescribeImportImageTasksInput struct { DryRun *bool `type:"boolean"` // Filter tasks using the task-state filter and one of the following values: - // active, completed, deleting, deleted. + // active, completed, deleting, or deleted. Filters []*Filter `locationNameList:"Filter" type:"list"` - // A list of import image task IDs. + // The IDs of the import image tasks. ImportTaskIds []*string `locationName:"ImportTaskId" locationNameList:"ImportTaskId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. + // The maximum number of results to return in a single call. MaxResults *int64 `type:"integer"` // A token that indicates the next page of results. @@ -49588,7 +52629,6 @@ func (s *DescribeImportImageTasksInput) SetNextToken(v string) *DescribeImportIm return s } -// Contains the output for DescribeImportImageTasks. type DescribeImportImageTasksOutput struct { _ struct{} `type:"structure"` @@ -49623,7 +52663,6 @@ func (s *DescribeImportImageTasksOutput) SetNextToken(v string) *DescribeImportI return s } -// Contains the parameters for DescribeImportSnapshotTasks. type DescribeImportSnapshotTasksInput struct { _ struct{} `type:"structure"` @@ -49687,7 +52726,6 @@ func (s *DescribeImportSnapshotTasksInput) SetNextToken(v string) *DescribeImpor return s } -// Contains the output for DescribeImportSnapshotTasks. type DescribeImportSnapshotTasksOutput struct { _ struct{} `type:"structure"` @@ -50228,7 +53266,7 @@ type DescribeInstancesInput struct { // * affinity - The affinity setting for an instance running on a Dedicated // Host (default | host). // - // * architecture - The instance architecture (i386 | x86_64). + // * architecture - The instance architecture (i386 | x86_64 | arm64). // // * availability-zone - The Availability Zone of the instance. // @@ -51073,7 +54111,7 @@ type DescribeMovingAddressesInput struct { // 1000; if MaxResults is given a value outside of this range, an error is returned. // // Default: If no value is provided, the default is 1000. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` // The token for the next page of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -51092,6 +54130,19 @@ func (s DescribeMovingAddressesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeMovingAddressesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeMovingAddressesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribeMovingAddressesInput) SetDryRun(v bool) *DescribeMovingAddressesInput { s.DryRun = &v @@ -51182,7 +54233,7 @@ type DescribeNatGatewaysInput struct { // The maximum number of results to return with a single call. To retrieve the // remaining results, make another call with the returned nextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // One or more NAT gateway IDs. NatGatewayIds []*string `locationName:"NatGatewayId" locationNameList:"item" type:"list"` @@ -51201,6 +54252,19 @@ func (s DescribeNatGatewaysInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeNatGatewaysInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeNatGatewaysInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetFilter sets the Filter field's value. func (s *DescribeNatGatewaysInput) SetFilter(v []*Filter) *DescribeNatGatewaysInput { s.Filter = v @@ -51689,7 +54753,7 @@ type DescribeNetworkInterfacesInput struct { // // * attachment.attachment-id - The ID of the interface attachment. // - // * attachment.attach.time - The time that the network interface was attached + // * attachment.attach-time - The time that the network interface was attached // to an instance. // // * attachment.delete-on-termination - Indicates whether the attachment @@ -52053,7 +55117,7 @@ type DescribePrincipalIdFormatInput struct { // The maximum number of results to return in a single call. To retrieve the // remaining results, make another call with the returned NextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"1" type:"integer"` // The token to request the next page of results. NextToken *string `type:"string"` @@ -52078,6 +55142,19 @@ func (s DescribePrincipalIdFormatInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribePrincipalIdFormatInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribePrincipalIdFormatInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DescribePrincipalIdFormatInput) SetDryRun(v bool) *DescribePrincipalIdFormatInput { s.DryRun = &v @@ -52143,7 +55220,7 @@ type DescribePublicIpv4PoolsInput struct { MaxResults *int64 `min:"1" type:"integer"` // The token for the next page of results. - NextToken *string `min:"1" type:"string"` + NextToken *string `type:"string"` // The IDs of the address pools. PoolIds []*string `locationName:"PoolId" locationNameList:"item" type:"list"` @@ -52165,9 +55242,6 @@ func (s *DescribePublicIpv4PoolsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -52229,6 +55303,10 @@ func (s *DescribePublicIpv4PoolsOutput) SetPublicIpv4Pools(v []*PublicIpv4Pool) type DescribeRegionsInput struct { _ struct{} `type:"structure"` + // Indicates whether to display all Regions, including Regions that are disabled + // for your account. + AllRegions *bool `type:"boolean"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -52239,10 +55317,14 @@ type DescribeRegionsInput struct { // // * endpoint - The endpoint of the Region (for example, ec2.us-east-1.amazonaws.com). // + // * opt-in-status - The opt-in status of the Region (opt-in-not-required + // | opted-in | not-opted-in). + // // * region-name - The name of the Region (for example, us-east-1). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The names of the Regions. + // The names of the Regions. You can specify any Regions, whether they are enabled + // and disabled for your account. RegionNames []*string `locationName:"RegionName" locationNameList:"RegionName" type:"list"` } @@ -52256,6 +55338,12 @@ func (s DescribeRegionsInput) GoString() string { return s.String() } +// SetAllRegions sets the AllRegions field's value. +func (s *DescribeRegionsInput) SetAllRegions(v bool) *DescribeRegionsInput { + s.AllRegions = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DescribeRegionsInput) SetDryRun(v bool) *DescribeRegionsInput { s.DryRun = &v @@ -53067,7 +56155,7 @@ type DescribeScheduledInstanceAvailabilityInput struct { // The maximum number of results to return in a single call. This value can // be between 5 and 300. The default value is 300. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `type:"integer"` + MaxResults *int64 `min:"5" type:"integer"` // The maximum available duration, in hours. This value must be greater than // MinSlotDurationInHours and less than 1,720. @@ -53104,6 +56192,9 @@ func (s *DescribeScheduledInstanceAvailabilityInput) Validate() error { if s.FirstSlotStartTimeRange == nil { invalidParams.Add(request.NewErrParamRequired("FirstSlotStartTimeRange")) } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } if s.Recurrence == nil { invalidParams.Add(request.NewErrParamRequired("Recurrence")) } @@ -53929,7 +57020,7 @@ type DescribeSpotFleetInstancesInput struct { // The maximum number of results to return in a single call. Specify a value // between 1 and 1000. The default value is 1000. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // The token for the next set of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -53953,6 +57044,9 @@ func (s DescribeSpotFleetInstancesInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeSpotFleetInstancesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeSpotFleetInstancesInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } if s.SpotFleetRequestId == nil { invalidParams.Add(request.NewErrParamRequired("SpotFleetRequestId")) } @@ -54047,7 +57141,7 @@ type DescribeSpotFleetRequestHistoryInput struct { // The maximum number of results to return in a single call. Specify a value // between 1 and 1000. The default value is 1000. To retrieve the remaining // results, make another call with the returned NextToken value. - MaxResults *int64 `locationName:"maxResults" type:"integer"` + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` // The token for the next set of results. NextToken *string `locationName:"nextToken" type:"string"` @@ -54076,6 +57170,9 @@ func (s DescribeSpotFleetRequestHistoryInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DescribeSpotFleetRequestHistoryInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DescribeSpotFleetRequestHistoryInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } if s.SpotFleetRequestId == nil { invalidParams.Add(request.NewErrParamRequired("SpotFleetRequestId")) } @@ -55008,6 +58105,367 @@ func (s *DescribeTagsOutput) SetTags(v []*TagDescription) *DescribeTagsOutput { return s } +type DescribeTrafficMirrorFiltersInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror filter description. + // + // * traffic-mirror-filter-id: The ID of the Traffic Mirror filter. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterIds []*string `locationName:"TrafficMirrorFilterId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorFiltersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorFiltersInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorFiltersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorFiltersInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetDryRun(v bool) *DescribeTrafficMirrorFiltersInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetFilters(v []*Filter) *DescribeTrafficMirrorFiltersInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetMaxResults(v int64) *DescribeTrafficMirrorFiltersInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetNextToken(v string) *DescribeTrafficMirrorFiltersInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorFilterIds sets the TrafficMirrorFilterIds field's value. +func (s *DescribeTrafficMirrorFiltersInput) SetTrafficMirrorFilterIds(v []*string) *DescribeTrafficMirrorFiltersInput { + s.TrafficMirrorFilterIds = v + return s +} + +type DescribeTrafficMirrorFiltersOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about one or more Traffic Mirror filters. + TrafficMirrorFilters []*TrafficMirrorFilter `locationName:"trafficMirrorFilterSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorFiltersOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorFiltersOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorFiltersOutput) SetNextToken(v string) *DescribeTrafficMirrorFiltersOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorFilters sets the TrafficMirrorFilters field's value. +func (s *DescribeTrafficMirrorFiltersOutput) SetTrafficMirrorFilters(v []*TrafficMirrorFilter) *DescribeTrafficMirrorFiltersOutput { + s.TrafficMirrorFilters = v + return s +} + +type DescribeTrafficMirrorSessionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror session description. + // + // * network-interface-id: The ID of the Traffic Mirror session network interface. + // + // * owner-id: The ID of the account that owns the Traffic Mirror session. + // + // * packet-length: The assigned number of packets to mirror. + // + // * session-number: The assigned session number. + // + // * traffic-mirror-filter-id: The ID of the Traffic Mirror filter. + // + // * traffic-mirror-session-id: The ID of the Traffic Mirror session. + // + // * traffic-mirror-target-id: The ID of the Traffic Mirror target. + // + // * virtual-network-id: The virtual network ID of the Traffic Mirror session. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror session. + TrafficMirrorSessionIds []*string `locationName:"TrafficMirrorSessionId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorSessionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorSessionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorSessionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorSessionsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetDryRun(v bool) *DescribeTrafficMirrorSessionsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetFilters(v []*Filter) *DescribeTrafficMirrorSessionsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetMaxResults(v int64) *DescribeTrafficMirrorSessionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetNextToken(v string) *DescribeTrafficMirrorSessionsInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorSessionIds sets the TrafficMirrorSessionIds field's value. +func (s *DescribeTrafficMirrorSessionsInput) SetTrafficMirrorSessionIds(v []*string) *DescribeTrafficMirrorSessionsInput { + s.TrafficMirrorSessionIds = v + return s +} + +type DescribeTrafficMirrorSessionsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror + // sessions are described. Alternatively, you can filter the results. + TrafficMirrorSessions []*TrafficMirrorSession `locationName:"trafficMirrorSessionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorSessionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorSessionsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorSessionsOutput) SetNextToken(v string) *DescribeTrafficMirrorSessionsOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorSessions sets the TrafficMirrorSessions field's value. +func (s *DescribeTrafficMirrorSessionsOutput) SetTrafficMirrorSessions(v []*TrafficMirrorSession) *DescribeTrafficMirrorSessionsOutput { + s.TrafficMirrorSessions = v + return s +} + +type DescribeTrafficMirrorTargetsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. The possible values are: + // + // * description: The Traffic Mirror target description. + // + // * network-interface-id: The ID of the Traffic Mirror session network interface. + // + // * network-load-balancer-arn: The Amazon Resource Name (ARN) of the Network + // Load Balancer that is associated with the session. + // + // * owner-id: The ID of the account that owns the Traffic Mirror session. + // + // * traffic-mirror-target-id: The ID of the Traffic Mirror target. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` + + // The ID of the Traffic Mirror targets. + TrafficMirrorTargetIds []*string `locationName:"TrafficMirrorTargetId" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorTargetsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorTargetsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeTrafficMirrorTargetsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeTrafficMirrorTargetsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetDryRun(v bool) *DescribeTrafficMirrorTargetsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetFilters(v []*Filter) *DescribeTrafficMirrorTargetsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetMaxResults(v int64) *DescribeTrafficMirrorTargetsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetNextToken(v string) *DescribeTrafficMirrorTargetsInput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorTargetIds sets the TrafficMirrorTargetIds field's value. +func (s *DescribeTrafficMirrorTargetsInput) SetTrafficMirrorTargetIds(v []*string) *DescribeTrafficMirrorTargetsInput { + s.TrafficMirrorTargetIds = v + return s +} + +type DescribeTrafficMirrorTargetsOutput struct { + _ struct{} `type:"structure"` + + // The token to use to retrieve the next page of results. The value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about one or more Traffic Mirror targets. + TrafficMirrorTargets []*TrafficMirrorTarget `locationName:"trafficMirrorTargetSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation +func (s DescribeTrafficMirrorTargetsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeTrafficMirrorTargetsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeTrafficMirrorTargetsOutput) SetNextToken(v string) *DescribeTrafficMirrorTargetsOutput { + s.NextToken = &v + return s +} + +// SetTrafficMirrorTargets sets the TrafficMirrorTargets field's value. +func (s *DescribeTrafficMirrorTargetsOutput) SetTrafficMirrorTargets(v []*TrafficMirrorTarget) *DescribeTrafficMirrorTargetsOutput { + s.TrafficMirrorTargets = v + return s +} + type DescribeTransitGatewayAttachmentsInput struct { _ struct{} `type:"structure"` @@ -56881,8 +60339,8 @@ type DescribeVpcEndpointsInput struct { // // * vpc-endpoint-id: The ID of the endpoint. // - // * vpc-endpoint-state: The state of the endpoint. (pending | available - // | deleting | deleted) + // * vpc-endpoint-state - The state of the endpoint (pendingAcceptance | + // pending | available | deleting | deleted | rejected | failed). // // * tag:<key> - The key/value combination of a tag assigned to the resource. // Use the tag key in the filter name and the tag value as the filter value. @@ -57673,6 +61131,19 @@ type DetachNetworkInterfaceInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // Specifies whether to force a detachment. + // + // * Use the Force parameter only as a last resort to detach a network interface + // from a failed instance. + // + // * If you use the Force parameter to detach a network interface, you might + // not be able to attach a different network interface to the same index + // on the instance without first stopping and starting the instance. + // + // * If you force the detachment of a network interface, the instance metadata + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) + // might not get updated. This means that the attributes associated with + // the detached network interface might still be visible. The instance metadata + // will get updated when you stop and start the instance. Force *bool `locationName:"force" type:"boolean"` } @@ -58055,7 +61526,7 @@ func (s *DisableEbsEncryptionByDefaultInput) SetDryRun(v bool) *DisableEbsEncryp type DisableEbsEncryptionByDefaultOutput struct { _ struct{} `type:"structure"` - // Account-level encryption status after performing the action. + // The updated status of encryption by default. EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` } @@ -59164,18 +62635,17 @@ func (s *DnsServersOptionsModifyStructure) SetEnabled(v bool) *DnsServersOptions type EbsBlockDevice struct { _ struct{} `type:"structure"` - // Indicates whether the EBS volume is deleted on instance termination. + // Indicates whether the EBS volume is deleted on instance termination. For + // more information, see Preserving Amazon EBS Volumes on Instance Termination + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) + // in the Amazon Elastic Compute Cloud User Guide. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` // Indicates whether the encryption state of an EBS volume is changed while - // being restored from a backing snapshot. The default effect of setting the - // Encrypted parameter to true through the console, API, or CLI depends on the - // volume's origin (new or from a snapshot), starting encryption state, ownership, - // and whether account-level encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/account-level-encryption.html) - // is enabled. Each default case can be overridden by specifying a customer - // master key (CMK) with the KmsKeyId parameter in addition to setting Encrypted - // to true. For a complete list of possible encryption cases, see Amazon EBS - // Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) + // being restored from a backing snapshot. The effect of setting the encryption + // state to true depends on the volume origin (new or from a snapshot), starting + // encryption state, ownership, and whether encryption by default is enabled. + // For more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) // in the Amazon Elastic Compute Cloud User Guide. // // In no case can you remove encryption from an encrypted volume. @@ -59202,8 +62672,8 @@ type EbsBlockDevice struct { // it is not used in requests to create gp2, st1, sc1, or standard volumes. Iops *int64 `locationName:"iops" type:"integer"` - // Identifier (key ID, key alias, ID ARN, or alias ARN) for a user-managed CMK - // under which the EBS volume is encrypted. + // Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed + // CMK under which the EBS volume is encrypted. // // This parameter is only supported on BlockDeviceMapping objects called by // RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html), @@ -59226,9 +62696,10 @@ type EbsBlockDevice struct { // size. VolumeSize *int64 `locationName:"volumeSize" type:"integer"` - // The volume type. If you set the type to io1, you must also set the Iops property. + // The volume type. If you set the type to io1, you must also specify the IOPS + // that the volume supports. // - // Default: standard + // Default: gp2 VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -59731,7 +63202,7 @@ func (s *EnableEbsEncryptionByDefaultInput) SetDryRun(v bool) *EnableEbsEncrypti type EnableEbsEncryptionByDefaultOutput struct { _ struct{} `type:"structure"` - // Account-level encryption status after performing the action. + // The updated status of encryption by default. EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` } @@ -60352,6 +63823,295 @@ func (s *ExportClientVpnClientConfigurationOutput) SetClientConfiguration(v stri return s } +type ExportImageInput struct { + _ struct{} `type:"structure"` + + // Token to enable idempotency for export image requests. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A description of the image being exported. The maximum length is 255 bytes. + Description *string `type:"string"` + + // The disk image format. + // + // DiskImageFormat is a required field + DiskImageFormat *string `type:"string" required:"true" enum:"DiskImageFormat"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the image. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` + + // The name of the role that grants VM Import/Export permission to export images + // to your S3 bucket. If this parameter is not specified, the default role is + // named 'vmimport'. + RoleName *string `type:"string"` + + // Information about the destination S3 bucket. The bucket must exist and grant + // WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com. + // + // S3ExportLocation is a required field + S3ExportLocation *ExportTaskS3LocationRequest `type:"structure" required:"true"` +} + +// String returns the string representation +func (s ExportImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportImageInput"} + if s.DiskImageFormat == nil { + invalidParams.Add(request.NewErrParamRequired("DiskImageFormat")) + } + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + if s.S3ExportLocation == nil { + invalidParams.Add(request.NewErrParamRequired("S3ExportLocation")) + } + if s.S3ExportLocation != nil { + if err := s.S3ExportLocation.Validate(); err != nil { + invalidParams.AddNested("S3ExportLocation", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *ExportImageInput) SetClientToken(v string) *ExportImageInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *ExportImageInput) SetDescription(v string) *ExportImageInput { + s.Description = &v + return s +} + +// SetDiskImageFormat sets the DiskImageFormat field's value. +func (s *ExportImageInput) SetDiskImageFormat(v string) *ExportImageInput { + s.DiskImageFormat = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ExportImageInput) SetDryRun(v bool) *ExportImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageInput) SetImageId(v string) *ExportImageInput { + s.ImageId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *ExportImageInput) SetRoleName(v string) *ExportImageInput { + s.RoleName = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageInput) SetS3ExportLocation(v *ExportTaskS3LocationRequest) *ExportImageInput { + s.S3ExportLocation = v + return s +} + +type ExportImageOutput struct { + _ struct{} `type:"structure"` + + // A description of the image being exported. + Description *string `locationName:"description" type:"string"` + + // The disk image format for the exported image. + DiskImageFormat *string `locationName:"diskImageFormat" type:"string" enum:"DiskImageFormat"` + + // The ID of the export image task. + ExportImageTaskId *string `locationName:"exportImageTaskId" type:"string"` + + // The ID of the image. + ImageId *string `locationName:"imageId" type:"string"` + + // The percent complete of the export image task. + Progress *string `locationName:"progress" type:"string"` + + // The name of the role that grants VM Import/Export permission to export images + // to your S3 bucket. + RoleName *string `locationName:"roleName" type:"string"` + + // Information about the destination S3 bucket. + S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` + + // The status of the export image task. The possible values are active, completed, + // deleting, and deleted. + Status *string `locationName:"status" type:"string"` + + // The status message for the export image task. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation +func (s ExportImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageOutput) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *ExportImageOutput) SetDescription(v string) *ExportImageOutput { + s.Description = &v + return s +} + +// SetDiskImageFormat sets the DiskImageFormat field's value. +func (s *ExportImageOutput) SetDiskImageFormat(v string) *ExportImageOutput { + s.DiskImageFormat = &v + return s +} + +// SetExportImageTaskId sets the ExportImageTaskId field's value. +func (s *ExportImageOutput) SetExportImageTaskId(v string) *ExportImageOutput { + s.ExportImageTaskId = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageOutput) SetImageId(v string) *ExportImageOutput { + s.ImageId = &v + return s +} + +// SetProgress sets the Progress field's value. +func (s *ExportImageOutput) SetProgress(v string) *ExportImageOutput { + s.Progress = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *ExportImageOutput) SetRoleName(v string) *ExportImageOutput { + s.RoleName = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageOutput) SetS3ExportLocation(v *ExportTaskS3Location) *ExportImageOutput { + s.S3ExportLocation = v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportImageOutput) SetStatus(v string) *ExportImageOutput { + s.Status = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *ExportImageOutput) SetStatusMessage(v string) *ExportImageOutput { + s.StatusMessage = &v + return s +} + +// Describes an export image task. +type ExportImageTask struct { + _ struct{} `type:"structure"` + + // A description of the image being exported. + Description *string `locationName:"description" type:"string"` + + // The ID of the export image task. + ExportImageTaskId *string `locationName:"exportImageTaskId" type:"string"` + + // The ID of the image. + ImageId *string `locationName:"imageId" type:"string"` + + // The percent complete of the export image task. + Progress *string `locationName:"progress" type:"string"` + + // Information about the destination S3 bucket. + S3ExportLocation *ExportTaskS3Location `locationName:"s3ExportLocation" type:"structure"` + + // The status of the export image task. The possible values are active, completed, + // deleting, and deleted. + Status *string `locationName:"status" type:"string"` + + // The status message for the export image task. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation +func (s ExportImageTask) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportImageTask) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *ExportImageTask) SetDescription(v string) *ExportImageTask { + s.Description = &v + return s +} + +// SetExportImageTaskId sets the ExportImageTaskId field's value. +func (s *ExportImageTask) SetExportImageTaskId(v string) *ExportImageTask { + s.ExportImageTaskId = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *ExportImageTask) SetImageId(v string) *ExportImageTask { + s.ImageId = &v + return s +} + +// SetProgress sets the Progress field's value. +func (s *ExportImageTask) SetProgress(v string) *ExportImageTask { + s.Progress = &v + return s +} + +// SetS3ExportLocation sets the S3ExportLocation field's value. +func (s *ExportImageTask) SetS3ExportLocation(v *ExportTaskS3Location) *ExportImageTask { + s.S3ExportLocation = v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportImageTask) SetStatus(v string) *ExportImageTask { + s.Status = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *ExportImageTask) SetStatusMessage(v string) *ExportImageTask { + s.StatusMessage = &v + return s +} + // Describes an instance export task. type ExportTask struct { _ struct{} `type:"structure"` @@ -60421,6 +64181,87 @@ func (s *ExportTask) SetStatusMessage(v string) *ExportTask { return s } +// Describes the destination for an export image task. +type ExportTaskS3Location struct { + _ struct{} `type:"structure"` + + // The destination S3 bucket. + S3Bucket *string `locationName:"s3Bucket" type:"string"` + + // The prefix (logical hierarchy) in the bucket. + S3Prefix *string `locationName:"s3Prefix" type:"string"` +} + +// String returns the string representation +func (s ExportTaskS3Location) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportTaskS3Location) GoString() string { + return s.String() +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *ExportTaskS3Location) SetS3Bucket(v string) *ExportTaskS3Location { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *ExportTaskS3Location) SetS3Prefix(v string) *ExportTaskS3Location { + s.S3Prefix = &v + return s +} + +// Describes the destination for an export image task. +type ExportTaskS3LocationRequest struct { + _ struct{} `type:"structure"` + + // The destination S3 bucket. + // + // S3Bucket is a required field + S3Bucket *string `type:"string" required:"true"` + + // The prefix (logical hierarchy) in the bucket. + S3Prefix *string `type:"string"` +} + +// String returns the string representation +func (s ExportTaskS3LocationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ExportTaskS3LocationRequest) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ExportTaskS3LocationRequest) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ExportTaskS3LocationRequest"} + if s.S3Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("S3Bucket")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetS3Bucket sets the S3Bucket field's value. +func (s *ExportTaskS3LocationRequest) SetS3Bucket(v string) *ExportTaskS3LocationRequest { + s.S3Bucket = &v + return s +} + +// SetS3Prefix sets the S3Prefix field's value. +func (s *ExportTaskS3LocationRequest) SetS3Prefix(v string) *ExportTaskS3LocationRequest { + s.S3Prefix = &v + return s +} + // Describes the format and location for an instance export task. type ExportToS3Task struct { _ struct{} `type:"structure"` @@ -60539,7 +64380,7 @@ type ExportTransitGatewayRoutesInput struct { // One or more filters. The possible values are: // - // * attachment.transit-gateway-attachment-id- The id of the transit gateway + // * attachment.transit-gateway-attachment-id - The id of the transit gateway // attachment. // // * attachment.resource-id - The resource id of the transit gateway attachment. @@ -60563,7 +64404,7 @@ type ExportTransitGatewayRoutesInput struct { // // * transit-gateway-route-destination-cidr-block - The CIDR range. // - // * type - The type of roue (active | blackhole). + // * type - The type of route (active | blackhole). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The name of the S3 bucket. @@ -60650,6 +64491,39 @@ func (s *ExportTransitGatewayRoutesOutput) SetS3Location(v string) *ExportTransi return s } +// Describes a Reserved Instance whose queued purchase was not deleted. +type FailedQueuedPurchaseDeletion struct { + _ struct{} `type:"structure"` + + // The error. + Error *DeleteQueuedReservedInstancesError `locationName:"error" type:"structure"` + + // The ID of the Reserved Instance. + ReservedInstancesId *string `locationName:"reservedInstancesId" type:"string"` +} + +// String returns the string representation +func (s FailedQueuedPurchaseDeletion) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s FailedQueuedPurchaseDeletion) GoString() string { + return s.String() +} + +// SetError sets the Error field's value. +func (s *FailedQueuedPurchaseDeletion) SetError(v *DeleteQueuedReservedInstancesError) *FailedQueuedPurchaseDeletion { + s.Error = v + return s +} + +// SetReservedInstancesId sets the ReservedInstancesId field's value. +func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQueuedPurchaseDeletion { + s.ReservedInstancesId = &v + return s +} + // A filter name and value pair that is used to return a more specific list // of results from a describe operation. Filters can be used to match a set // of resources by specific criteria, such as tags, attributes, or IDs. The @@ -61247,7 +65121,8 @@ type FleetLaunchTemplateSpecificationRequest struct { // The name of the launch template. LaunchTemplateName *string `min:"3" type:"string"` - // The version number of the launch template. + // The version number of the launch template. Note: This is a required parameter + // and will be updated soon. Version *string `type:"string"` } @@ -61331,6 +65206,9 @@ type FlowLog struct { // Flow log data can be published to CloudWatch Logs or Amazon S3. LogDestinationType *string `locationName:"logDestinationType" type:"string" enum:"LogDestinationType"` + // The format of the flow log record. + LogFormat *string `locationName:"logFormat" type:"string"` + // The name of the flow log group. LogGroupName *string `locationName:"logGroupName" type:"string"` @@ -61399,6 +65277,12 @@ func (s *FlowLog) SetLogDestinationType(v string) *FlowLog { return s } +// SetLogFormat sets the LogFormat field's value. +func (s *FlowLog) SetLogFormat(v string) *FlowLog { + s.LogFormat = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. func (s *FlowLog) SetLogGroupName(v string) *FlowLog { s.LogGroupName = &v @@ -61669,6 +65553,178 @@ func (s *FpgaImageState) SetMessage(v string) *FpgaImageState { return s } +type GetCapacityReservationUsageInput struct { + _ struct{} `type:"structure"` + + // The ID of the Capacity Reservation. + // + // CapacityReservationId is a required field + CapacityReservationId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the returned + // nextToken value. + // + // Valid range: Minimum value of 1. Maximum value of 1000. + MaxResults *int64 `min:"1" type:"integer"` + + // The token to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetCapacityReservationUsageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCapacityReservationUsageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetCapacityReservationUsageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetCapacityReservationUsageInput"} + if s.CapacityReservationId == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityReservationId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityReservationId sets the CapacityReservationId field's value. +func (s *GetCapacityReservationUsageInput) SetCapacityReservationId(v string) *GetCapacityReservationUsageInput { + s.CapacityReservationId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetCapacityReservationUsageInput) SetDryRun(v bool) *GetCapacityReservationUsageInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetCapacityReservationUsageInput) SetMaxResults(v int64) *GetCapacityReservationUsageInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCapacityReservationUsageInput) SetNextToken(v string) *GetCapacityReservationUsageInput { + s.NextToken = &v + return s +} + +type GetCapacityReservationUsageOutput struct { + _ struct{} `type:"structure"` + + // The remaining capacity. Indicates the number of instances that can be launched + // in the Capacity Reservation. + AvailableInstanceCount *int64 `locationName:"availableInstanceCount" type:"integer"` + + // The ID of the Capacity Reservation. + CapacityReservationId *string `locationName:"capacityReservationId" type:"string"` + + // The type of instance for which the Capacity Reservation reserves capacity. + InstanceType *string `locationName:"instanceType" type:"string"` + + // Information about the Capacity Reservation usage. + InstanceUsages []*InstanceUsage `locationName:"instanceUsageSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The current state of the Capacity Reservation. A Capacity Reservation can + // be in one of the following states: + // + // * active - The Capacity Reservation is active and the capacity is available + // for your use. + // + // * expired - The Capacity Reservation expired automatically at the date + // and time specified in your request. The reserved capacity is no longer + // available for your use. + // + // * cancelled - The Capacity Reservation was manually cancelled. The reserved + // capacity is no longer available for your use. + // + // * pending - The Capacity Reservation request was successful but the capacity + // provisioning is still pending. + // + // * failed - The Capacity Reservation request has failed. A request might + // fail due to invalid request parameters, capacity constraints, or instance + // limit constraints. Failed requests are retained for 60 minutes. + State *string `locationName:"state" type:"string" enum:"CapacityReservationState"` + + // The number of instances for which the Capacity Reservation reserves capacity. + TotalInstanceCount *int64 `locationName:"totalInstanceCount" type:"integer"` +} + +// String returns the string representation +func (s GetCapacityReservationUsageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetCapacityReservationUsageOutput) GoString() string { + return s.String() +} + +// SetAvailableInstanceCount sets the AvailableInstanceCount field's value. +func (s *GetCapacityReservationUsageOutput) SetAvailableInstanceCount(v int64) *GetCapacityReservationUsageOutput { + s.AvailableInstanceCount = &v + return s +} + +// SetCapacityReservationId sets the CapacityReservationId field's value. +func (s *GetCapacityReservationUsageOutput) SetCapacityReservationId(v string) *GetCapacityReservationUsageOutput { + s.CapacityReservationId = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *GetCapacityReservationUsageOutput) SetInstanceType(v string) *GetCapacityReservationUsageOutput { + s.InstanceType = &v + return s +} + +// SetInstanceUsages sets the InstanceUsages field's value. +func (s *GetCapacityReservationUsageOutput) SetInstanceUsages(v []*InstanceUsage) *GetCapacityReservationUsageOutput { + s.InstanceUsages = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetCapacityReservationUsageOutput) SetNextToken(v string) *GetCapacityReservationUsageOutput { + s.NextToken = &v + return s +} + +// SetState sets the State field's value. +func (s *GetCapacityReservationUsageOutput) SetState(v string) *GetCapacityReservationUsageOutput { + s.State = &v + return s +} + +// SetTotalInstanceCount sets the TotalInstanceCount field's value. +func (s *GetCapacityReservationUsageOutput) SetTotalInstanceCount(v int64) *GetCapacityReservationUsageOutput { + s.TotalInstanceCount = &v + return s +} + type GetConsoleOutputInput struct { _ struct{} `type:"structure"` @@ -61893,8 +65949,7 @@ func (s *GetEbsDefaultKmsKeyIdInput) SetDryRun(v bool) *GetEbsDefaultKmsKeyIdInp type GetEbsDefaultKmsKeyIdOutput struct { _ struct{} `type:"structure"` - // The full ARN of the default CMK that your account uses to encrypt an EBS - // volume when no CMK is specified in the API call that creates the volume. + // The Amazon Resource Name (ARN) of the default CMK for encryption by default. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` } @@ -61943,7 +65998,7 @@ func (s *GetEbsEncryptionByDefaultInput) SetDryRun(v bool) *GetEbsEncryptionByDe type GetEbsEncryptionByDefaultOutput struct { _ struct{} `type:"structure"` - // Indicates whether default encryption for EBS volumes is enabled or disabled. + // Indicates whether encryption by default is enabled. EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` } @@ -62957,9 +67012,8 @@ type Host struct { // The number of new instances that can be launched onto the Dedicated Host. AvailableCapacity *AvailableCapacity `locationName:"availableCapacity" type:"structure"` - // Unique, case-sensitive identifier that you provide to ensure idempotency - // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The ID of the Dedicated Host. @@ -62968,6 +67022,10 @@ type Host struct { // The hardware specifications of the Dedicated Host. HostProperties *HostProperties `locationName:"hostProperties" type:"structure"` + // Indicates whether host recovery is enabled or disabled for the Dedicated + // Host. + HostRecovery *string `locationName:"hostRecovery" type:"string" enum:"HostRecovery"` + // The reservation ID of the Dedicated Host. This returns a null response if // the Dedicated Host doesn't have an associated reservation. HostReservationId *string `locationName:"hostReservationId" type:"string"` @@ -63037,6 +67095,12 @@ func (s *Host) SetHostProperties(v *HostProperties) *Host { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *Host) SetHostRecovery(v string) *Host { + s.HostRecovery = &v + return s +} + // SetHostReservationId sets the HostReservationId field's value. func (s *Host) SetHostReservationId(v string) *Host { s.HostReservationId = &v @@ -63375,6 +67439,54 @@ func (s *HostReservation) SetUpfrontPrice(v string) *HostReservation { return s } +// The internet key exchange (IKE) version permitted for the VPN tunnel. +type IKEVersionsListValue struct { + _ struct{} `type:"structure"` + + // The IKE version. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s IKEVersionsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IKEVersionsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *IKEVersionsListValue) SetValue(v string) *IKEVersionsListValue { + s.Value = &v + return s +} + +// The IKE version that is permitted for the VPN tunnel. +type IKEVersionsRequestListValue struct { + _ struct{} `type:"structure"` + + // The IKE version. + Value *string `type:"string"` +} + +// String returns the string representation +func (s IKEVersionsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s IKEVersionsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *IKEVersionsRequestListValue) SetValue(v string) *IKEVersionsRequestListValue { + s.Value = &v + return s +} + // Describes an IAM instance profile. type IamInstanceProfile struct { _ struct{} `type:"structure"` @@ -63623,7 +67735,7 @@ type Image struct { // The AWS account ID of the image owner. OwnerId *string `locationName:"imageOwnerId" type:"string"` - // The value is Windows for Windows AMIs; otherwise blank. + // This value is set to windows for Windows AMIs; otherwise, it is blank. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` // Any product codes associated with the AMI. @@ -63979,13 +68091,12 @@ func (s *ImportClientVpnClientCertificateRevocationListOutput) SetReturn(v bool) return s } -// Contains the parameters for ImportImage. type ImportImageInput struct { _ struct{} `type:"structure"` // The architecture of the virtual machine. // - // Valid values: i386 | x86_64 + // Valid values: i386 | x86_64 | arm64 Architecture *string `type:"string"` // The client-specific data. @@ -64049,21 +68160,15 @@ type ImportImageInput struct { // The license type to be used for the Amazon Machine Image (AMI) after importing. // - // Note: You may only use BYOL if you have existing licenses with rights to - // use these licenses in a third party cloud like AWS. For more information, - // see Prerequisites (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image) - // in the VM Import/Export User Guide. - // - // Valid values include: - // - // * Auto - Detects the source-system operating system (OS) and applies the - // appropriate license. - // - // * AWS - Replaces the source-system license with an AWS license, if appropriate. + // By default, we detect the source-system operating system (OS) and apply the + // appropriate license. Specify AWS to replace the source-system license with + // an AWS license, if appropriate. Specify BYOL to retain the source-system + // license, if appropriate. // - // * BYOL - Retains the source-system license, if appropriate. - // - // Default value: Auto + // To use BYOL, you must have existing licenses with rights to use these licenses + // in a third party cloud, such as AWS. For more information, see Prerequisites + // (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image) + // in the VM Import/Export User Guide. LicenseType *string `type:"string"` // The operating system of the virtual machine. @@ -64157,7 +68262,6 @@ func (s *ImportImageInput) SetRoleName(v string) *ImportImageInput { return s } -// Contains the output for ImportImage. type ImportImageOutput struct { _ struct{} `type:"structure"` @@ -64296,7 +68400,7 @@ type ImportImageTask struct { // The architecture of the virtual machine. // - // Valid values: i386 | x86_64 + // Valid values: i386 | x86_64 | arm64 Architecture *string `locationName:"architecture" type:"string"` // A description of the import task. @@ -64427,7 +68531,6 @@ func (s *ImportImageTask) SetStatusMessage(v string) *ImportImageTask { return s } -// Contains the parameters for ImportInstance. type ImportInstanceInput struct { _ struct{} `type:"structure"` @@ -64632,7 +68735,6 @@ func (s *ImportInstanceLaunchSpecification) SetUserData(v *UserData) *ImportInst return s } -// Contains the output for ImportInstance. type ImportInstanceOutput struct { _ struct{} `type:"structure"` @@ -64884,7 +68986,6 @@ func (s *ImportKeyPairOutput) SetKeyName(v string) *ImportKeyPairOutput { return s } -// Contains the parameters for ImportSnapshot. type ImportSnapshotInput struct { _ struct{} `type:"structure"` @@ -65005,7 +69106,6 @@ func (s *ImportSnapshotInput) SetRoleName(v string) *ImportSnapshotInput { return s } -// Contains the output for ImportSnapshot. type ImportSnapshotOutput struct { _ struct{} `type:"structure"` @@ -65089,7 +69189,6 @@ func (s *ImportSnapshotTask) SetSnapshotTaskDetail(v *SnapshotTaskDetail) *Impor return s } -// Contains the parameters for ImportVolume. type ImportVolumeInput struct { _ struct{} `type:"structure"` @@ -65187,7 +69286,6 @@ func (s *ImportVolumeInput) SetVolume(v *VolumeDetail) *ImportVolumeInput { return s } -// Contains the output for ImportVolume. type ImportVolumeOutput struct { _ struct{} `type:"structure"` @@ -66429,8 +70527,8 @@ type InstanceNetworkInterfaceSpecification struct { // request. SecondaryPrivateIpAddressCount *int64 `locationName:"secondaryPrivateIpAddressCount" type:"integer"` - // The ID of the subnet associated with the network string. Applies only if - // creating a network interface when launching an instance. + // The ID of the subnet associated with the network interface. Applies only + // if creating a network interface when launching an instance. SubnetId *string `locationName:"subnetId" type:"string"` } @@ -66929,6 +71027,39 @@ func (s *InstanceStatusSummary) SetStatus(v string) *InstanceStatusSummary { return s } +// Information about the Capacity Reservation usage. +type InstanceUsage struct { + _ struct{} `type:"structure"` + + // The ID of the AWS account that is making use of the Capacity Reservation. + AccountId *string `locationName:"accountId" type:"string"` + + // The number of instances the AWS account currently has in the Capacity Reservation. + UsedInstanceCount *int64 `locationName:"usedInstanceCount" type:"integer"` +} + +// String returns the string representation +func (s InstanceUsage) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s InstanceUsage) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *InstanceUsage) SetAccountId(v string) *InstanceUsage { + s.AccountId = &v + return s +} + +// SetUsedInstanceCount sets the UsedInstanceCount field's value. +func (s *InstanceUsage) SetUsedInstanceCount(v int64) *InstanceUsage { + s.UsedInstanceCount = &v + return s +} + // Describes an internet gateway. type InternetGateway struct { _ struct{} `type:"structure"` @@ -67865,9 +71996,8 @@ type LaunchTemplateCpuOptionsRequest struct { // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` - // The number of threads per CPU core. To disable Intel Hyper-Threading Technology - // for the instance, specify a value of 1. Otherwise, specify the default value - // of 2. + // The number of threads per CPU core. To disable multithreading for the instance, + // specify a value of 1. Otherwise, specify the default value of 2. ThreadsPerCore *int64 `type:"integer"` } @@ -69528,7 +73658,7 @@ func (s *ModifyCapacityReservationInput) SetInstanceCount(v int64) *ModifyCapaci type ModifyCapacityReservationOutput struct { _ struct{} `type:"structure"` - // Information about the Capacity Reservation. + // Returns true if the request succeeds; otherwise, it returns an error. Return *bool `locationName:"return" type:"boolean"` } @@ -69586,6 +73716,13 @@ type ModifyClientVpnEndpointInput struct { // The ARN of the server certificate to be used. The server certificate must // be provisioned in AWS Certificate Manager (ACM). ServerCertificateArn *string `type:"string"` + + // Indicates whether the VPN is split-tunnel. + // + // For information about split-tunnel VPN endpoints, see Split-Tunnel AWS Client + // VPN Endpoint (https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) + // in the AWS Client VPN Administrator Guide. + SplitTunnel *bool `type:"boolean"` } // String returns the string representation @@ -69647,6 +73784,12 @@ func (s *ModifyClientVpnEndpointInput) SetServerCertificateArn(v string) *Modify return s } +// SetSplitTunnel sets the SplitTunnel field's value. +func (s *ModifyClientVpnEndpointInput) SetSplitTunnel(v bool) *ModifyClientVpnEndpointInput { + s.SplitTunnel = &v + return s +} + type ModifyClientVpnEndpointOutput struct { _ struct{} `type:"structure"` @@ -69679,25 +73822,24 @@ type ModifyEbsDefaultKmsKeyIdInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // An identifier for the AWS Key Management Service (AWS KMS) customer master - // key (CMK) to use to encrypt the volume. This parameter is only required if - // you want to use a non-default CMK; if this parameter is not specified, the - // default CMK for EBS is used. If a KmsKeyId is specified, the Encrypted flag - // must also be set. + // The identifier of the AWS Key Management Service (AWS KMS) customer master + // key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, + // your AWS managed CMK for EBS is used. If KmsKeyId is specified, the encrypted + // state must be true. // - // The CMK identifier may be provided in any of the following formats: + // You can specify the CMK using any of the following: // - // * Key ID + // * Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab. // - // * Key alias + // * Key alias. For example, alias/ExampleAlias. // - // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed - // by the Region of the CMK, the AWS account ID of the CMK owner, the key - // namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. + // * Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. // - // * ARN using key alias. The alias ARN contains the arn:aws:kms namespace, - // followed by the Region of the CMK, the AWS account ID of the CMK owner, - // the alias namespace, and then the CMK alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // + // AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, + // alias, or ARN that is not valid, the action can appear to complete, but eventually + // fails. // // KmsKeyId is a required field KmsKeyId *string `type:"string" required:"true"` @@ -69741,8 +73883,7 @@ func (s *ModifyEbsDefaultKmsKeyIdInput) SetKmsKeyId(v string) *ModifyEbsDefaultK type ModifyEbsDefaultKmsKeyIdOutput struct { _ struct{} `type:"structure"` - // The full ARN of the default CMK that your account uses to encrypt an EBS - // volume when no CMK is specified in the API call that creates the volume. + // The Amazon Resource Name (ARN) of the default CMK for encryption by default. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` } @@ -70017,14 +74158,17 @@ type ModifyHostsInput struct { _ struct{} `type:"structure"` // Specify whether to enable or disable auto-placement. - // - // AutoPlacement is a required field - AutoPlacement *string `locationName:"autoPlacement" type:"string" required:"true" enum:"AutoPlacement"` + AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` // The IDs of the Dedicated Hosts to modify. // // HostIds is a required field HostIds []*string `locationName:"hostId" locationNameList:"item" type:"list" required:"true"` + + // Indicates whether to enable or disable host recovery for the Dedicated Host. + // For more information, see Host Recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) + // in the Amazon Elastic Compute Cloud User Guide. + HostRecovery *string `type:"string" enum:"HostRecovery"` } // String returns the string representation @@ -70040,9 +74184,6 @@ func (s ModifyHostsInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyHostsInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyHostsInput"} - if s.AutoPlacement == nil { - invalidParams.Add(request.NewErrParamRequired("AutoPlacement")) - } if s.HostIds == nil { invalidParams.Add(request.NewErrParamRequired("HostIds")) } @@ -70065,6 +74206,12 @@ func (s *ModifyHostsInput) SetHostIds(v []*string) *ModifyHostsInput { return s } +// SetHostRecovery sets the HostRecovery field's value. +func (s *ModifyHostsInput) SetHostRecovery(v string) *ModifyHostsInput { + s.HostRecovery = &v + return s +} + type ModifyHostsOutput struct { _ struct{} `type:"structure"` @@ -71449,6 +75596,9 @@ type ModifySpotFleetRequestInput struct { // the Spot Fleet. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` + // The number of On-Demand Instances in the fleet. + OnDemandTargetCapacity *int64 `type:"integer"` + // The ID of the Spot Fleet request. // // SpotFleetRequestId is a required field @@ -71487,6 +75637,12 @@ func (s *ModifySpotFleetRequestInput) SetExcessCapacityTerminationPolicy(v strin return s } +// SetOnDemandTargetCapacity sets the OnDemandTargetCapacity field's value. +func (s *ModifySpotFleetRequestInput) SetOnDemandTargetCapacity(v int64) *ModifySpotFleetRequestInput { + s.OnDemandTargetCapacity = &v + return s +} + // SetSpotFleetRequestId sets the SpotFleetRequestId field's value. func (s *ModifySpotFleetRequestInput) SetSpotFleetRequestId(v string) *ModifySpotFleetRequestInput { s.SpotFleetRequestId = &v @@ -71601,6 +75757,413 @@ func (s ModifySubnetAttributeOutput) GoString() string { return s.String() } +type ModifyTrafficMirrorFilterNetworkServicesInput struct { + _ struct{} `type:"structure"` + + // The network service, for example Amazon DNS, that you want to mirror. + AddNetworkServices []*string `locationName:"AddNetworkService" locationNameList:"item" type:"list"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The network service, for example Amazon DNS, that you no longer want to mirror. + RemoveNetworkServices []*string `locationName:"RemoveNetworkService" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + // + // TrafficMirrorFilterId is a required field + TrafficMirrorFilterId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorFilterNetworkServicesInput"} + if s.TrafficMirrorFilterId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddNetworkServices sets the AddNetworkServices field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetAddNetworkServices(v []*string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.AddNetworkServices = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetDryRun(v bool) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.DryRun = &v + return s +} + +// SetRemoveNetworkServices sets the RemoveNetworkServices field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetRemoveNetworkServices(v []*string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.RemoveNetworkServices = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesInput) SetTrafficMirrorFilterId(v string) *ModifyTrafficMirrorFilterNetworkServicesInput { + s.TrafficMirrorFilterId = &v + return s +} + +type ModifyTrafficMirrorFilterNetworkServicesOutput struct { + _ struct{} `type:"structure"` + + // The Traffic Mirror filter that the network service is associated with. + TrafficMirrorFilter *TrafficMirrorFilter `locationName:"trafficMirrorFilter" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterNetworkServicesOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilter sets the TrafficMirrorFilter field's value. +func (s *ModifyTrafficMirrorFilterNetworkServicesOutput) SetTrafficMirrorFilter(v *TrafficMirrorFilter) *ModifyTrafficMirrorFilterNetworkServicesOutput { + s.TrafficMirrorFilter = v + return s +} + +type ModifyTrafficMirrorFilterRuleInput struct { + _ struct{} `type:"structure"` + + // The description to assign to the Traffic Mirror rule. + Description *string `type:"string"` + + // The destination CIDR block to assign to the Traffic Mirror rule. + DestinationCidrBlock *string `type:"string"` + + // The destination ports that are associated with the Traffic Mirror rule. + DestinationPortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The protocol, for example TCP, to assign to the Traffic Mirror rule. + Protocol *int64 `type:"integer"` + + // The properties that you want to remove from the Traffic Mirror filter rule. + // + // When you remove a property from a Traffic Mirror filter rule, the property + // is set to the default. + RemoveFields []*string `locationName:"RemoveField" type:"list"` + + // The action to assign to the rule. + RuleAction *string `type:"string" enum:"TrafficMirrorRuleAction"` + + // The number of the Traffic Mirror rule. This number must be unique for each + // Traffic Mirror rule in a given direction. The rules are processed in ascending + // order by rule number. + RuleNumber *int64 `type:"integer"` + + // The source CIDR block to assign to the Traffic Mirror rule. + SourceCidrBlock *string `type:"string"` + + // The port range to assign to the Traffic Mirror rule. + SourcePortRange *TrafficMirrorPortRangeRequest `type:"structure"` + + // The type of traffic (ingress | egress) to assign to the rule. + TrafficDirection *string `type:"string" enum:"TrafficDirection"` + + // The ID of the Traffic Mirror rule. + // + // TrafficMirrorFilterRuleId is a required field + TrafficMirrorFilterRuleId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterRuleInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterRuleInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorFilterRuleInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorFilterRuleInput"} + if s.TrafficMirrorFilterRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorFilterRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDescription(v string) *ModifyTrafficMirrorFilterRuleInput { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDestinationCidrBlock(v string) *ModifyTrafficMirrorFilterRuleInput { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDestinationPortRange(v *TrafficMirrorPortRangeRequest) *ModifyTrafficMirrorFilterRuleInput { + s.DestinationPortRange = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetDryRun(v bool) *ModifyTrafficMirrorFilterRuleInput { + s.DryRun = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetProtocol(v int64) *ModifyTrafficMirrorFilterRuleInput { + s.Protocol = &v + return s +} + +// SetRemoveFields sets the RemoveFields field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRemoveFields(v []*string) *ModifyTrafficMirrorFilterRuleInput { + s.RemoveFields = v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRuleAction(v string) *ModifyTrafficMirrorFilterRuleInput { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetRuleNumber(v int64) *ModifyTrafficMirrorFilterRuleInput { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetSourceCidrBlock(v string) *ModifyTrafficMirrorFilterRuleInput { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetSourcePortRange(v *TrafficMirrorPortRangeRequest) *ModifyTrafficMirrorFilterRuleInput { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetTrafficDirection(v string) *ModifyTrafficMirrorFilterRuleInput { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *ModifyTrafficMirrorFilterRuleInput) SetTrafficMirrorFilterRuleId(v string) *ModifyTrafficMirrorFilterRuleInput { + s.TrafficMirrorFilterRuleId = &v + return s +} + +type ModifyTrafficMirrorFilterRuleOutput struct { + _ struct{} `type:"structure"` + + // Modifies a Traffic Mirror rule. + TrafficMirrorFilterRule *TrafficMirrorFilterRule `locationName:"trafficMirrorFilterRule" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorFilterRuleOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorFilterRuleOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorFilterRule sets the TrafficMirrorFilterRule field's value. +func (s *ModifyTrafficMirrorFilterRuleOutput) SetTrafficMirrorFilterRule(v *TrafficMirrorFilterRule) *ModifyTrafficMirrorFilterRuleOutput { + s.TrafficMirrorFilterRule = v + return s +} + +type ModifyTrafficMirrorSessionInput struct { + _ struct{} `type:"structure"` + + // The description to assign to the Traffic Mirror session. + Description *string `type:"string"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The number of bytes in each packet to mirror. These are bytes after the VXLAN + // header. To mirror a subset, set this to the length (in bytes) to mirror. + // For example, if you set this value to 100, then the first 100 bytes that + // meet the filter criteria are copied to the target. Do not specify this parameter + // when you want to mirror the entire packet. + PacketLength *int64 `type:"integer"` + + // The properties that you want to remove from the Traffic Mirror session. + // + // When you remove a property from a Traffic Mirror session, the property is + // set to the default. + RemoveFields []*string `locationName:"RemoveField" type:"list"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + SessionNumber *int64 `type:"integer"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `type:"string"` + + // The ID of the Traffic Mirror session. + // + // TrafficMirrorSessionId is a required field + TrafficMirrorSessionId *string `type:"string" required:"true"` + + // The Traffic Mirror target. The target must be in the same VPC as the source, + // or have a VPC peering connection with the source. + TrafficMirrorTargetId *string `type:"string"` + + // The virtual network ID of the Traffic Mirror session. + VirtualNetworkId *int64 `type:"integer"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyTrafficMirrorSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyTrafficMirrorSessionInput"} + if s.TrafficMirrorSessionId == nil { + invalidParams.Add(request.NewErrParamRequired("TrafficMirrorSessionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *ModifyTrafficMirrorSessionInput) SetDescription(v string) *ModifyTrafficMirrorSessionInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyTrafficMirrorSessionInput) SetDryRun(v bool) *ModifyTrafficMirrorSessionInput { + s.DryRun = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *ModifyTrafficMirrorSessionInput) SetPacketLength(v int64) *ModifyTrafficMirrorSessionInput { + s.PacketLength = &v + return s +} + +// SetRemoveFields sets the RemoveFields field's value. +func (s *ModifyTrafficMirrorSessionInput) SetRemoveFields(v []*string) *ModifyTrafficMirrorSessionInput { + s.RemoveFields = v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *ModifyTrafficMirrorSessionInput) SetSessionNumber(v int64) *ModifyTrafficMirrorSessionInput { + s.SessionNumber = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorFilterId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorSessionId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorSessionId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetTrafficMirrorTargetId(v string) *ModifyTrafficMirrorSessionInput { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *ModifyTrafficMirrorSessionInput) SetVirtualNetworkId(v int64) *ModifyTrafficMirrorSessionInput { + s.VirtualNetworkId = &v + return s +} + +type ModifyTrafficMirrorSessionOutput struct { + _ struct{} `type:"structure"` + + // Information about the Traffic Mirror session. + TrafficMirrorSession *TrafficMirrorSession `locationName:"trafficMirrorSession" type:"structure"` +} + +// String returns the string representation +func (s ModifyTrafficMirrorSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyTrafficMirrorSessionOutput) GoString() string { + return s.String() +} + +// SetTrafficMirrorSession sets the TrafficMirrorSession field's value. +func (s *ModifyTrafficMirrorSessionOutput) SetTrafficMirrorSession(v *TrafficMirrorSession) *ModifyTrafficMirrorSessionOutput { + s.TrafficMirrorSession = v + return s +} + type ModifyTransitGatewayVpcAttachmentInput struct { _ struct{} `type:"structure"` @@ -72115,8 +76678,7 @@ type ModifyVpcEndpointInput struct { DryRun *bool `type:"boolean"` // A policy to attach to the endpoint that controls access to the service. The - // policy must be in valid JSON format. If this parameter is not specified, - // we attach a default policy that allows full access to the service. + // policy must be in valid JSON format. PolicyDocument *string `type:"string"` // (Interface endpoint) Indicate whether a private hosted zone is associated @@ -72641,6 +77203,9 @@ func (s *ModifyVpcTenancyOutput) SetReturnValue(v bool) *ModifyVpcTenancyOutput type ModifyVpnConnectionInput struct { _ struct{} `type:"structure"` + // The ID of the customer gateway at your end of the VPN connection. + CustomerGatewayId *string `type:"string"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -72682,6 +77247,12 @@ func (s *ModifyVpnConnectionInput) Validate() error { return nil } +// SetCustomerGatewayId sets the CustomerGatewayId field's value. +func (s *ModifyVpnConnectionInput) SetCustomerGatewayId(v string) *ModifyVpnConnectionInput { + s.CustomerGatewayId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ModifyVpnConnectionInput) SetDryRun(v bool) *ModifyVpnConnectionInput { s.DryRun = &v @@ -72729,6 +77300,416 @@ func (s *ModifyVpnConnectionOutput) SetVpnConnection(v *VpnConnection) *ModifyVp return s } +type ModifyVpnTunnelCertificateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AWS Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyVpnTunnelCertificateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelCertificateInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnTunnelCertificateInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnTunnelCertificateInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnTunnelCertificateInput) SetDryRun(v bool) *ModifyVpnTunnelCertificateInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnTunnelCertificateInput) SetVpnConnectionId(v string) *ModifyVpnTunnelCertificateInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ModifyVpnTunnelCertificateInput) SetVpnTunnelOutsideIpAddress(v string) *ModifyVpnTunnelCertificateInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ModifyVpnTunnelCertificateOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnTunnelCertificateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelCertificateOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnTunnelCertificateOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnTunnelCertificateOutput { + s.VpnConnection = v + return s +} + +type ModifyVpnTunnelOptionsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The tunnel options to modify. + // + // TunnelOptions is a required field + TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true"` + + // The ID of the AWS Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyVpnTunnelOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyVpnTunnelOptionsInput"} + if s.TunnelOptions == nil { + invalidParams.Add(request.NewErrParamRequired("TunnelOptions")) + } + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyVpnTunnelOptionsInput) SetDryRun(v bool) *ModifyVpnTunnelOptionsInput { + s.DryRun = &v + return s +} + +// SetTunnelOptions sets the TunnelOptions field's value. +func (s *ModifyVpnTunnelOptionsInput) SetTunnelOptions(v *ModifyVpnTunnelOptionsSpecification) *ModifyVpnTunnelOptionsInput { + s.TunnelOptions = v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ModifyVpnTunnelOptionsInput) SetVpnConnectionId(v string) *ModifyVpnTunnelOptionsInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ModifyVpnTunnelOptionsInput) SetVpnTunnelOutsideIpAddress(v string) *ModifyVpnTunnelOptionsInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ModifyVpnTunnelOptionsOutput struct { + _ struct{} `type:"structure"` + + // Describes a VPN connection. + VpnConnection *VpnConnection `locationName:"vpnConnection" type:"structure"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsOutput) GoString() string { + return s.String() +} + +// SetVpnConnection sets the VpnConnection field's value. +func (s *ModifyVpnTunnelOptionsOutput) SetVpnConnection(v *VpnConnection) *ModifyVpnTunnelOptionsOutput { + s.VpnConnection = v + return s +} + +// The AWS Site-to-Site VPN tunnel options to modify. +type ModifyVpnTunnelOptionsSpecification struct { + _ struct{} `type:"structure"` + + // The number of seconds after which a DPD timeout occurs. + // + // Constraints: A value between 0 and 30. + // + // Default: 30 + DPDTimeoutSeconds *int64 `type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + // + // Valid values: ikev1 | ikev2 + IKEVersions []*IKEVersionsRequestListValue `locationName:"IKEVersion" locationNameList:"item" type:"list"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 1 IKE negotiations. + // + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 28,800. + // + // Default: 28800 + Phase1LifetimeSeconds *int64 `type:"integer"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 2 IKE negotiations. + // + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 3,600. The value must be less than the + // value for Phase1LifetimeSeconds. + // + // Default: 3600 + Phase2LifetimeSeconds *int64 `type:"integer"` + + // The pre-shared key (PSK) to establish initial authentication between the + // virtual private gateway and the customer gateway. + // + // Constraints: Allowed characters are alphanumeric characters, periods (.), + // and underscores (_). Must be between 8 and 64 characters in length and cannot + // start with zero (0). + PreSharedKey *string `type:"string"` + + // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) + // during which the rekey time is randomly selected. + // + // Constraints: A value between 0 and 100. + // + // Default: 100 + RekeyFuzzPercentage *int64 `type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. The exact + // time of the rekey is randomly selected based on the value for RekeyFuzzPercentage. + // + // Constraints: A value between 60 and half of Phase2LifetimeSeconds. + // + // Default: 540 + RekeyMarginTimeSeconds *int64 `type:"integer"` + + // The number of packets in an IKE replay window. + // + // Constraints: A value between 64 and 2048. + // + // Default: 1024 + ReplayWindowSize *int64 `type:"integer"` + + // The range of inside IP addresses for the tunnel. Any specified CIDR blocks + // must be unique across all VPN connections that use the same virtual private + // gateway. + // + // Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The following + // CIDR blocks are reserved and cannot be used: + // + // * 169.254.0.0/30 + // + // * 169.254.1.0/30 + // + // * 169.254.2.0/30 + // + // * 169.254.3.0/30 + // + // * 169.254.4.0/30 + // + // * 169.254.5.0/30 + // + // * 169.254.169.252/30 + TunnelInsideCidr *string `type:"string"` +} + +// String returns the string representation +func (s ModifyVpnTunnelOptionsSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s ModifyVpnTunnelOptionsSpecification) GoString() string { + return s.String() +} + +// SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.DPDTimeoutSeconds = &v + return s +} + +// SetIKEVersions sets the IKEVersions field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.IKEVersions = v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase1LifetimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsRequestListValue) *ModifyVpnTunnelOptionsSpecification { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPhase2LifetimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.Phase2LifetimeSeconds = &v + return s +} + +// SetPreSharedKey sets the PreSharedKey field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetPreSharedKey(v string) *ModifyVpnTunnelOptionsSpecification { + s.PreSharedKey = &v + return s +} + +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetRekeyFuzzPercentage(v int64) *ModifyVpnTunnelOptionsSpecification { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetRekeyMarginTimeSeconds(v int64) *ModifyVpnTunnelOptionsSpecification { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *ModifyVpnTunnelOptionsSpecification { + s.ReplayWindowSize = &v + return s +} + +// SetTunnelInsideCidr sets the TunnelInsideCidr field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *ModifyVpnTunnelOptionsSpecification { + s.TunnelInsideCidr = &v + return s +} + type MonitorInstancesInput struct { _ struct{} `type:"structure"` @@ -72988,7 +77969,7 @@ type NatGateway struct { NatGatewayId *string `locationName:"natGatewayId" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). ProvisionedBandwidth *ProvisionedBandwidth `locationName:"provisionedBandwidth" type:"structure"` @@ -73935,7 +78916,7 @@ func (s *NewDhcpConfiguration) SetValues(v []*string) *NewDhcpConfiguration { return s } -// The allocation strategy of On-Demand Instances in an EC2 Fleet. +// Describes the configuration of On-Demand Instances in an EC2 Fleet. type OnDemandOptions struct { _ struct{} `type:"structure"` @@ -73947,6 +78928,10 @@ type OnDemandOptions struct { // Fleet defaults to lowest-price. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"FleetOnDemandAllocationStrategy"` + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. + MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` + // The minimum target capacity for On-Demand Instances in the fleet. If the // minimum target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `locationName:"minTargetCapacity" type:"integer"` @@ -73976,6 +78961,12 @@ func (s *OnDemandOptions) SetAllocationStrategy(v string) *OnDemandOptions { return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *OnDemandOptions) SetMaxTotalPrice(v string) *OnDemandOptions { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *OnDemandOptions) SetMinTargetCapacity(v int64) *OnDemandOptions { s.MinTargetCapacity = &v @@ -73994,7 +78985,7 @@ func (s *OnDemandOptions) SetSingleInstanceType(v bool) *OnDemandOptions { return s } -// The allocation strategy of On-Demand Instances in an EC2 Fleet. +// Describes the configuration of On-Demand Instances in an EC2 Fleet. type OnDemandOptionsRequest struct { _ struct{} `type:"structure"` @@ -74006,6 +78997,10 @@ type OnDemandOptionsRequest struct { // Fleet defaults to lowest-price. AllocationStrategy *string `type:"string" enum:"FleetOnDemandAllocationStrategy"` + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. + MaxTotalPrice *string `type:"string"` + // The minimum target capacity for On-Demand Instances in the fleet. If the // minimum target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `type:"integer"` @@ -74035,6 +79030,12 @@ func (s *OnDemandOptionsRequest) SetAllocationStrategy(v string) *OnDemandOption return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *OnDemandOptionsRequest) SetMaxTotalPrice(v string) *OnDemandOptionsRequest { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *OnDemandOptionsRequest) SetMinTargetCapacity(v int64) *OnDemandOptionsRequest { s.MinTargetCapacity = &v @@ -74195,6 +79196,296 @@ func (s *PeeringConnectionOptionsRequest) SetAllowEgressFromLocalVpcToRemoteClas return s } +// The Diffie-Hellmann group number for phase 1 IKE negotiations. +type Phase1DHGroupNumbersListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `locationName:"value" type:"integer"` +} + +// String returns the string representation +func (s Phase1DHGroupNumbersListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1DHGroupNumbersListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1DHGroupNumbersListValue) SetValue(v int64) *Phase1DHGroupNumbersListValue { + s.Value = &v + return s +} + +// Specifies a Diffie-Hellman group number for the VPN tunnel for phase 1 IKE +// negotiations. +type Phase1DHGroupNumbersRequestListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `type:"integer"` +} + +// String returns the string representation +func (s Phase1DHGroupNumbersRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1DHGroupNumbersRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1DHGroupNumbersRequestListValue) SetValue(v int64) *Phase1DHGroupNumbersRequestListValue { + s.Value = &v + return s +} + +// The encryption algorithm for phase 1 IKE negotiations. +type Phase1EncryptionAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The value for the encryption algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase1EncryptionAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1EncryptionAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1EncryptionAlgorithmsListValue) SetValue(v string) *Phase1EncryptionAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the encryption algorithm for the VPN tunnel for phase 1 IKE negotiations. +type Phase1EncryptionAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The value for the encryption algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase1EncryptionAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1EncryptionAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1EncryptionAlgorithmsRequestListValue) SetValue(v string) *Phase1EncryptionAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The integrity algorithm for phase 1 IKE negotiations. +type Phase1IntegrityAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The value for the integrity algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase1IntegrityAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1IntegrityAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1IntegrityAlgorithmsListValue) SetValue(v string) *Phase1IntegrityAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the integrity algorithm for the VPN tunnel for phase 1 IKE negotiations. +type Phase1IntegrityAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The value for the integrity algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase1IntegrityAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase1IntegrityAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase1IntegrityAlgorithmsRequestListValue) SetValue(v string) *Phase1IntegrityAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The Diffie-Hellmann group number for phase 2 IKE negotiations. +type Phase2DHGroupNumbersListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `locationName:"value" type:"integer"` +} + +// String returns the string representation +func (s Phase2DHGroupNumbersListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2DHGroupNumbersListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2DHGroupNumbersListValue) SetValue(v int64) *Phase2DHGroupNumbersListValue { + s.Value = &v + return s +} + +// Specifies a Diffie-Hellman group number for the VPN tunnel for phase 2 IKE +// negotiations. +type Phase2DHGroupNumbersRequestListValue struct { + _ struct{} `type:"structure"` + + // The Diffie-Hellmann group number. + Value *int64 `type:"integer"` +} + +// String returns the string representation +func (s Phase2DHGroupNumbersRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2DHGroupNumbersRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2DHGroupNumbersRequestListValue) SetValue(v int64) *Phase2DHGroupNumbersRequestListValue { + s.Value = &v + return s +} + +// The encryption algorithm for phase 2 IKE negotiations. +type Phase2EncryptionAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The encryption algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase2EncryptionAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2EncryptionAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2EncryptionAlgorithmsListValue) SetValue(v string) *Phase2EncryptionAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the encryption algorithm for the VPN tunnel for phase 2 IKE negotiations. +type Phase2EncryptionAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The encryption algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase2EncryptionAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2EncryptionAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2EncryptionAlgorithmsRequestListValue) SetValue(v string) *Phase2EncryptionAlgorithmsRequestListValue { + s.Value = &v + return s +} + +// The integrity algorithm for phase 2 IKE negotiations. +type Phase2IntegrityAlgorithmsListValue struct { + _ struct{} `type:"structure"` + + // The integrity algorithm. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation +func (s Phase2IntegrityAlgorithmsListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2IntegrityAlgorithmsListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2IntegrityAlgorithmsListValue) SetValue(v string) *Phase2IntegrityAlgorithmsListValue { + s.Value = &v + return s +} + +// Specifies the integrity algorithm for the VPN tunnel for phase 2 IKE negotiations. +type Phase2IntegrityAlgorithmsRequestListValue struct { + _ struct{} `type:"structure"` + + // The integrity algorithm. + Value *string `type:"string"` +} + +// String returns the string representation +func (s Phase2IntegrityAlgorithmsRequestListValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s Phase2IntegrityAlgorithmsRequestListValue) GoString() string { + return s.String() +} + +// SetValue sets the Value field's value. +func (s *Phase2IntegrityAlgorithmsRequestListValue) SetValue(v string) *Phase2IntegrityAlgorithmsRequestListValue { + s.Value = &v + return s +} + // Describes the placement of an instance. type Placement struct { _ struct{} `type:"structure"` @@ -74831,33 +80122,33 @@ func (s *ProvisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *ProvisionByoipCid } // Reserved. If you need to sustain traffic greater than the documented limits -// (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), +// (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). type ProvisionedBandwidth struct { _ struct{} `type:"structure"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). ProvisionTime *time.Time `locationName:"provisionTime" type:"timestamp"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Provisioned *string `locationName:"provisioned" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). RequestTime *time.Time `locationName:"requestTime" type:"timestamp"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Requested *string `locationName:"requested" type:"string"` // Reserved. If you need to sustain traffic greater than the documented limits - // (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html), + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), // contact us through the Support Center (https://console.aws.amazon.com/support/home?). Status *string `locationName:"status" type:"string"` } @@ -75105,9 +80396,8 @@ func (s *Purchase) SetUpfrontPrice(v string) *Purchase { type PurchaseHostReservationInput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // The currency in which the totalUpfrontPrice, LimitPrice, and totalHourlyPrice @@ -75192,9 +80482,8 @@ func (s *PurchaseHostReservationInput) SetOfferingId(v string) *PurchaseHostRese type PurchaseHostReservationOutput struct { _ struct{} `type:"structure"` - // Unique, case-sensitive identifier you provide to ensure idempotency of the - // request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` // The currency in which the totalUpfrontPrice and totalHourlyPrice amounts @@ -75324,6 +80613,9 @@ type PurchaseReservedInstancesOfferingInput struct { // prices. LimitPrice *ReservedInstanceLimitPrice `locationName:"limitPrice" type:"structure"` + // The time at which to purchase the Reserved Instance. + PurchaseTime *time.Time `type:"timestamp"` + // The ID of the Reserved Instance offering to purchase. // // ReservedInstancesOfferingId is a required field @@ -75374,6 +80666,12 @@ func (s *PurchaseReservedInstancesOfferingInput) SetLimitPrice(v *ReservedInstan return s } +// SetPurchaseTime sets the PurchaseTime field's value. +func (s *PurchaseReservedInstancesOfferingInput) SetPurchaseTime(v time.Time) *PurchaseReservedInstancesOfferingInput { + s.PurchaseTime = &v + return s +} + // SetReservedInstancesOfferingId sets the ReservedInstancesOfferingId field's value. func (s *PurchaseReservedInstancesOfferingInput) SetReservedInstancesOfferingId(v string) *PurchaseReservedInstancesOfferingInput { s.ReservedInstancesOfferingId = &v @@ -75606,6 +80904,10 @@ type Region struct { // The Region service endpoint. Endpoint *string `locationName:"regionEndpoint" type:"string"` + // The Region opt-in status. The possible values are opt-in-not-required, opted-in, + // and not-opted-in. + OptInStatus *string `locationName:"optInStatus" type:"string"` + // The name of the Region. RegionName *string `locationName:"regionName" type:"string"` } @@ -75626,6 +80928,12 @@ func (s *Region) SetEndpoint(v string) *Region { return s } +// SetOptInStatus sets the OptInStatus field's value. +func (s *Region) SetOptInStatus(v string) *Region { + s.OptInStatus = &v + return s +} + // SetRegionName sets the RegionName field's value. func (s *Region) SetRegionName(v string) *Region { s.RegionName = &v @@ -77097,7 +82405,7 @@ type RequestLaunchTemplateData struct { Monitoring *LaunchTemplatesMonitoringRequest `type:"structure"` // One or more network interfaces. If you specify a network interface, you must - // specify any security groups as part of the network interface. + // specify any security groups and subnets as part of the network interface. NetworkInterfaces []*LaunchTemplateInstanceNetworkInterfaceSpecificationRequest `locationName:"NetworkInterface" locationNameList:"InstanceNetworkInterfaceSpecification" type:"list"` // The placement for the instance. @@ -77489,6 +82797,10 @@ type RequestSpotInstancesInput struct { // launch, the request expires, or the request is canceled. If the request is // persistent, the request becomes active at this date and time and remains // active until it expires or is canceled. + // + // The specified start date and time cannot be equal to the current date and + // time. You must specify a start date and time that occurs after the current + // date and time. ValidFrom *time.Time `locationName:"validFrom" type:"timestamp"` // The end date of the request. If this is a one-time request, the request remains @@ -77680,7 +82992,9 @@ type RequestSpotLaunchSpecification struct { // you can specify the names or the IDs of the security groups. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"item" type:"list"` - // The ID of the subnet in which to launch the instance. + // The IDs of the subnets in which to launch the instance. To specify multiple + // subnets, separate them using commas; for example, "subnet-1234abcdeexample1, + // subnet-0987cdef6example2". SubnetId *string `locationName:"subnetId" type:"string"` // The Base64-encoded user data for the instance. User data is limited to 16 @@ -78674,8 +83988,7 @@ func (s *ResetEbsDefaultKmsKeyIdInput) SetDryRun(v bool) *ResetEbsDefaultKmsKeyI type ResetEbsDefaultKmsKeyIdOutput struct { _ struct{} `type:"structure"` - // The full ARN of the default CMK that your account uses to encrypt an EBS - // volume when no CMK is specified in the API call that creates the volume. + // The Amazon Resource Name (ARN) of the default CMK for EBS encryption by default. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` } @@ -80106,10 +85419,7 @@ type RunInstancesInput struct { // Reserved. AdditionalInfo *string `locationName:"additionalInfo" type:"string"` - // The block device mapping entries. You can't specify both a snapshot ID and - // an encryption value. This is because only blank volumes can be encrypted - // on creation. If a snapshot is the basis for a volume, it is not blank and - // its encryption status is used for the volume encryption status. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // Information about the Capacity Reservation targeting option. If you do not @@ -80272,7 +85582,8 @@ type RunInstancesInput struct { Monitoring *RunInstancesMonitoringEnabled `type:"structure"` // The network interfaces to associate with the instance. If you specify a network - // interface, you must specify any security groups as part of the network interface. + // interface, you must specify any security groups and subnets as part of the + // network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterface" locationNameList:"item" type:"list"` // The placement for the instance. @@ -80318,8 +85629,8 @@ type RunInstancesInput struct { // [EC2-VPC] The ID of the subnet to launch the instance into. // - // You cannot specify this option and the network interfaces option in the same - // request. + // If you specify a network interface, you must specify any subnets as part + // of the network interface. SubnetId *string `type:"string"` // The tags to apply to the resources during launch. You can only tag instances @@ -81341,7 +86652,7 @@ type ScheduledInstancesEbs struct { // The volume type. gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, // Throughput Optimized HDD for st1, Cold HDD for sc1, or standard for Magnetic. // - // Default: standard + // Default: gp2 VolumeType *string `type:"string"` } @@ -81864,11 +87175,9 @@ type SearchTransitGatewayRoutesInput struct { // routes in your route table and you specify supernet-of-match as 10.0.1.0/30, // then the result returns 10.0.1.0/29. // - // * state - The state of the attachment (available | deleted | deleting - // | failed | modifying | pendingAcceptance | pending | rollingBack | rejected - // | rejecting). + // * state - The state of the route (active | blackhole). // - // * type - The type of roue (active | blackhole). + // * type - The type of route (propagated | static). // // Filters is a required field Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list" required:"true"` @@ -82129,6 +87438,70 @@ func (s *SecurityGroupReference) SetVpcPeeringConnectionId(v string) *SecurityGr return s } +type SendDiagnosticInterruptInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the instance. + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s SendDiagnosticInterruptInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SendDiagnosticInterruptInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SendDiagnosticInterruptInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SendDiagnosticInterruptInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *SendDiagnosticInterruptInput) SetDryRun(v bool) *SendDiagnosticInterruptInput { + s.DryRun = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *SendDiagnosticInterruptInput) SetInstanceId(v string) *SendDiagnosticInterruptInput { + s.InstanceId = &v + return s +} + +type SendDiagnosticInterruptOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s SendDiagnosticInterruptOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SendDiagnosticInterruptOutput) GoString() string { + return s.String() +} + // Describes a service configuration for a VPC endpoint service. type ServiceConfiguration struct { _ struct{} `type:"structure"` @@ -82483,7 +87856,7 @@ type Snapshot struct { // the original volume or snapshot copy. Because data encryption keys are inherited // by volumes created from snapshots, and vice versa, if snapshots share the // same data encryption key identifier, then they belong to the same volume/snapshot - // lineage. This parameter is only returned by the DescribeSnapshots API operation. + // lineage. This parameter is only returned by DescribeSnapshots. DataEncryptionKeyId *string `locationName:"dataEncryptionKeyId" type:"string"` // The description for the snapshot. @@ -82492,9 +87865,9 @@ type Snapshot struct { // Indicates whether the snapshot is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` - // The full ARN of the AWS Key Management Service (AWS KMS) customer master - // key (CMK) that was used to protect the volume encryption key for the parent - // volume. + // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) + // customer master key (CMK) that was used to protect the volume encryption + // key for the parent volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // Value from an Amazon-maintained list (amazon | self | all | aws-marketplace @@ -82522,7 +87895,7 @@ type Snapshot struct { // operation fails (for example, if the proper AWS Key Management Service (AWS // KMS) permissions are not obtained) this field displays error state details // to help you diagnose why the error occurred. This parameter is only returned - // by the DescribeSnapshots API operation. + // by DescribeSnapshots. StateMessage *string `locationName:"statusMessage" type:"string"` // Any tags assigned to the snapshot. @@ -82790,7 +88163,7 @@ func (s *SnapshotDiskContainer) SetUserBucket(v *UserBucket) *SnapshotDiskContai return s } -// Object that contains information about a snapshot. +// Information about a snapshot. type SnapshotInfo struct { _ struct{} `type:"structure"` @@ -82798,7 +88171,7 @@ type SnapshotInfo struct { // to all snapshots. Description *string `locationName:"description" type:"string"` - // Boolean that specifies whether or not this snapshot is encrypted. + // Indicates whether the snapshot is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` // Account id used when creating this snapshot. @@ -83081,7 +88454,7 @@ type SpotFleetLaunchSpecification struct { // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block devices that are mapped to the Spot instances. You can't + // One or more block devices that are mapped to the Spot Instances. You can't // specify both a snapshot ID and an encryption value. This is because only // blank volumes can be encrypted on creation. If a snapshot is the basis for // a volume, it is not blank and its encryption status is used for the volume @@ -83139,8 +88512,9 @@ type SpotFleetLaunchSpecification struct { // by the value of WeightedCapacity. SpotPrice *string `locationName:"spotPrice" type:"string"` - // The ID of the subnet in which to launch the instances. To specify multiple - // subnets, separate them using commas; for example, "subnet-a61dafcf, subnet-65ea5f08". + // The IDs of the subnets in which to launch the instances. To specify multiple + // subnets, separate them using commas; for example, "subnet-1234abcdeexample1, + // subnet-0987cdef6example2". SubnetId *string `locationName:"subnetId" type:"string"` // The tags to apply during creation. @@ -83371,8 +88745,19 @@ func (s *SpotFleetRequestConfig) SetSpotFleetRequestState(v string) *SpotFleetRe type SpotFleetRequestConfigData struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowestPrice. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the Spot Fleet request. + // + // If the allocation strategy is lowestPrice, Spot Fleet launches instances + // from the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, Spot Fleet launches instances + // from all the Spot Instance pools that you specify. + // + // If the allocation strategy is capacityOptimized, Spot Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"AllocationStrategy"` // A unique, case-sensitive identifier that you provide to ensure the idempotency @@ -83441,6 +88826,16 @@ type SpotFleetRequestConfigData struct { // target On-Demand capacity. OnDemandFulfilledCapacity *float64 `locationName:"onDemandFulfilledCapacity" type:"double"` + // The maximum amount per hour for On-Demand Instances that you're willing to + // pay. You can use the onDemandMaxTotalPrice parameter, the spotMaxTotalPrice + // parameter, or both parameters to ensure that your fleet cost does not exceed + // your budget. If you set a maximum price per hour for the On-Demand Instances + // and Spot Instances in your request, Spot Fleet will launch instances until + // it reaches the maximum amount you're willing to pay. When the maximum amount + // you're willing to pay is reached, the fleet stops launching instances even + // if it hasn’t met the target capacity. + OnDemandMaxTotalPrice *string `locationName:"onDemandMaxTotalPrice" type:"string"` + // The number of On-Demand units to request. You can choose to set the target // capacity in terms of instances or a performance characteristic that is important // to your application workload, such as vCPUs, memory, or I/O. If the request @@ -83451,6 +88846,16 @@ type SpotFleetRequestConfigData struct { // Indicates whether Spot Fleet should replace unhealthy instances. ReplaceUnhealthyInstances *bool `locationName:"replaceUnhealthyInstances" type:"boolean"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + // You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, + // or both parameters to ensure that your fleet cost does not exceed your budget. + // If you set a maximum price per hour for the On-Demand Instances and Spot + // Instances in your request, Spot Fleet will launch instances until it reaches + // the maximum amount you're willing to pay. When the maximum amount you're + // willing to pay is reached, the fleet stops launching instances even if it + // hasn’t met the target capacity. + SpotMaxTotalPrice *string `locationName:"spotMaxTotalPrice" type:"string"` + // The maximum price per unit hour that you are willing to pay for a Spot Instance. // The default is the On-Demand price. SpotPrice *string `locationName:"spotPrice" type:"string"` @@ -83602,6 +89007,12 @@ func (s *SpotFleetRequestConfigData) SetOnDemandFulfilledCapacity(v float64) *Sp return s } +// SetOnDemandMaxTotalPrice sets the OnDemandMaxTotalPrice field's value. +func (s *SpotFleetRequestConfigData) SetOnDemandMaxTotalPrice(v string) *SpotFleetRequestConfigData { + s.OnDemandMaxTotalPrice = &v + return s +} + // SetOnDemandTargetCapacity sets the OnDemandTargetCapacity field's value. func (s *SpotFleetRequestConfigData) SetOnDemandTargetCapacity(v int64) *SpotFleetRequestConfigData { s.OnDemandTargetCapacity = &v @@ -83614,6 +89025,12 @@ func (s *SpotFleetRequestConfigData) SetReplaceUnhealthyInstances(v bool) *SpotF return s } +// SetSpotMaxTotalPrice sets the SpotMaxTotalPrice field's value. +func (s *SpotFleetRequestConfigData) SetSpotMaxTotalPrice(v string) *SpotFleetRequestConfigData { + s.SpotMaxTotalPrice = &v + return s +} + // SetSpotPrice sets the SpotPrice field's value. func (s *SpotFleetRequestConfigData) SetSpotPrice(v string) *SpotFleetRequestConfigData { s.SpotPrice = &v @@ -84033,8 +89450,19 @@ func (s *SpotMarketOptions) SetValidUntil(v time.Time) *SpotMarketOptions { type SpotOptions struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowest-price. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the EC2 Fleet. + // + // If the allocation strategy is lowestPrice, EC2 Fleet launches instances from + // the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, EC2 Fleet launches instances from + // all the Spot Instance pools that you specify. + // + // If the allocation strategy is capacityOptimized, EC2 Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `locationName:"allocationStrategy" type:"string" enum:"SpotAllocationStrategy"` // The behavior when a Spot Instance is interrupted. The default is terminate. @@ -84046,6 +89474,9 @@ type SpotOptions struct { // the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `locationName:"instancePoolsToUseCount" type:"integer"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` + // The minimum target capacity for Spot Instances in the fleet. If the minimum // target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `locationName:"minTargetCapacity" type:"integer"` @@ -84087,6 +89518,12 @@ func (s *SpotOptions) SetInstancePoolsToUseCount(v int64) *SpotOptions { return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *SpotOptions) SetMaxTotalPrice(v string) *SpotOptions { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *SpotOptions) SetMinTargetCapacity(v int64) *SpotOptions { s.MinTargetCapacity = &v @@ -84109,8 +89546,19 @@ func (s *SpotOptions) SetSingleInstanceType(v bool) *SpotOptions { type SpotOptionsRequest struct { _ struct{} `type:"structure"` - // Indicates how to allocate the target capacity across the Spot pools specified - // by the Spot Fleet request. The default is lowestPrice. + // Indicates how to allocate the target Spot Instance capacity across the Spot + // Instance pools specified by the EC2 Fleet. + // + // If the allocation strategy is lowestPrice, EC2 Fleet launches instances from + // the Spot Instance pools with the lowest price. This is the default allocation + // strategy. + // + // If the allocation strategy is diversified, EC2 Fleet launches instances from + // all the Spot Instance pools that you specify. + // + // If the allocation strategy is capacityOptimized, EC2 Fleet launches instances + // from Spot Instance pools with optimal capacity for the number of instances + // that are launching. AllocationStrategy *string `type:"string" enum:"SpotAllocationStrategy"` // The behavior when a Spot Instance is interrupted. The default is terminate. @@ -84122,6 +89570,9 @@ type SpotOptionsRequest struct { // across the number of Spot pools that you specify. InstancePoolsToUseCount *int64 `type:"integer"` + // The maximum amount per hour for Spot Instances that you're willing to pay. + MaxTotalPrice *string `type:"string"` + // The minimum target capacity for Spot Instances in the fleet. If the minimum // target capacity is not reached, the fleet launches no instances. MinTargetCapacity *int64 `type:"integer"` @@ -84163,6 +89614,12 @@ func (s *SpotOptionsRequest) SetInstancePoolsToUseCount(v int64) *SpotOptionsReq return s } +// SetMaxTotalPrice sets the MaxTotalPrice field's value. +func (s *SpotOptionsRequest) SetMaxTotalPrice(v string) *SpotOptionsRequest { + s.MaxTotalPrice = &v + return s +} + // SetMinTargetCapacity sets the MinTargetCapacity field's value. func (s *SpotOptionsRequest) SetMinTargetCapacity(v int64) *SpotOptionsRequest { s.MinTargetCapacity = &v @@ -84987,6 +90444,30 @@ func (s *SuccessfulInstanceCreditSpecificationItem) SetInstanceId(v string) *Suc return s } +// Describes a Reserved Instance whose queued purchase was successfully deleted. +type SuccessfulQueuedPurchaseDeletion struct { + _ struct{} `type:"structure"` + + // The ID of the Reserved Instance. + ReservedInstancesId *string `locationName:"reservedInstancesId" type:"string"` +} + +// String returns the string representation +func (s SuccessfulQueuedPurchaseDeletion) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s SuccessfulQueuedPurchaseDeletion) GoString() string { + return s.String() +} + +// SetReservedInstancesId sets the ReservedInstancesId field's value. +func (s *SuccessfulQueuedPurchaseDeletion) SetReservedInstancesId(v string) *SuccessfulQueuedPurchaseDeletion { + s.ReservedInstancesId = &v + return s +} + // Describes a tag. type Tag struct { _ struct{} `type:"structure"` @@ -85082,8 +90563,11 @@ type TagSpecification struct { _ struct{} `type:"structure"` // The type of resource to tag. Currently, the resource types that support tagging - // on creation are fleet, dedicated-host, instance, snapshot, and volume. To - // tag a resource after it has been created, see CreateTags. + // on creation are: capacity-reservation | client-vpn-endpoint | dedicated-host + // | fleet | instance | launch-template | snapshot | transit-gateway | transit-gateway-attachment + // | transit-gateway-route-table | volume. + // + // To tag a resource after it has been created, see CreateTags. ResourceType *string `locationName:"resourceType" type:"string" enum:"ResourceType"` // The tags to apply to the resource. @@ -85117,16 +90601,27 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { // your application workload, such as vCPUs, memory, or I/O. If the request // type is maintain, you can specify a target capacity of 0 and add capacity // later. +// +// You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance +// MaxTotalPrice, or both to ensure your fleet cost does not exceed your budget. +// If you set a maximum price per hour for the On-Demand Instances and Spot +// Instances in your request, EC2 Fleet will launch instances until it reaches +// the maximum amount you're willing to pay. When the maximum amount you're +// willing to pay is reached, the fleet stops launching instances even if it +// hasn’t met the target capacity. The MaxTotalPrice parameters are located +// in and type TargetCapacitySpecification struct { _ struct{} `type:"structure"` // The default TotalTargetCapacity, which is either Spot or On-Demand. DefaultTargetCapacityType *string `locationName:"defaultTargetCapacityType" type:"string" enum:"DefaultTargetCapacityType"` - // The number of On-Demand units to request. + // The number of On-Demand units to request. If you specify a target capacity + // for Spot units, you cannot specify a target capacity for On-Demand units. OnDemandTargetCapacity *int64 `locationName:"onDemandTargetCapacity" type:"integer"` - // The maximum number of Spot units to launch. + // The maximum number of Spot units to launch. If you specify a target capacity + // for On-Demand units, you cannot specify a target capacity for Spot units. SpotTargetCapacity *int64 `locationName:"spotTargetCapacity" type:"integer"` // The number of units to request, filled using DefaultTargetCapacityType. @@ -85168,10 +90663,19 @@ func (s *TargetCapacitySpecification) SetTotalTargetCapacity(v int64) *TargetCap } // The number of units to request. You can choose to set the target capacity -// in terms of instances or a performance characteristic that is important to -// your application workload, such as vCPUs, memory, or I/O. If the request -// type is maintain, you can specify a target capacity of 0 and add capacity -// later. +// as the number of instances. Or you can set the target capacity to a performance +// characteristic that is important to your application workload, such as vCPUs, +// memory, or I/O. If the request type is maintain, you can specify a target +// capacity of 0 and add capacity later. +// +// You can use the On-Demand Instance MaxTotalPrice parameter, the Spot Instance +// MaxTotalPrice parameter, or both parameters to ensure that your fleet cost +// does not exceed your budget. If you set a maximum price per hour for the +// On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch +// instances until it reaches the maximum amount you're willing to pay. When +// the maximum amount you're willing to pay is reached, the fleet stops launching +// instances even if it hasn’t met the target capacity. The MaxTotalPrice +// parameters are located in and . type TargetCapacitySpecificationRequest struct { _ struct{} `type:"structure"` @@ -85716,6 +91220,452 @@ func (s *TerminateInstancesOutput) SetTerminatingInstances(v []*InstanceStateCha return s } +// Describes the Traffic Mirror filter. +type TrafficMirrorFilter struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror filter. + Description *string `locationName:"description" type:"string"` + + // Information about the egress rules that are associated with the Traffic Mirror + // filter. + EgressFilterRules []*TrafficMirrorFilterRule `locationName:"egressFilterRuleSet" locationNameList:"item" type:"list"` + + // Information about the ingress rules that are associated with the Traffic + // Mirror filter. + IngressFilterRules []*TrafficMirrorFilterRule `locationName:"ingressFilterRuleSet" locationNameList:"item" type:"list"` + + // The network service traffic that is associated with the Traffic Mirror filter. + NetworkServices []*string `locationName:"networkServiceSet" locationNameList:"item" type:"list"` + + // The tags assigned to the Traffic Mirror filter. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` +} + +// String returns the string representation +func (s TrafficMirrorFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorFilter) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorFilter) SetDescription(v string) *TrafficMirrorFilter { + s.Description = &v + return s +} + +// SetEgressFilterRules sets the EgressFilterRules field's value. +func (s *TrafficMirrorFilter) SetEgressFilterRules(v []*TrafficMirrorFilterRule) *TrafficMirrorFilter { + s.EgressFilterRules = v + return s +} + +// SetIngressFilterRules sets the IngressFilterRules field's value. +func (s *TrafficMirrorFilter) SetIngressFilterRules(v []*TrafficMirrorFilterRule) *TrafficMirrorFilter { + s.IngressFilterRules = v + return s +} + +// SetNetworkServices sets the NetworkServices field's value. +func (s *TrafficMirrorFilter) SetNetworkServices(v []*string) *TrafficMirrorFilter { + s.NetworkServices = v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorFilter) SetTags(v []*Tag) *TrafficMirrorFilter { + s.Tags = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorFilter) SetTrafficMirrorFilterId(v string) *TrafficMirrorFilter { + s.TrafficMirrorFilterId = &v + return s +} + +// Describes the Traffic Mirror rule. +type TrafficMirrorFilterRule struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror rule. + Description *string `locationName:"description" type:"string"` + + // The destination CIDR block assigned to the Traffic Mirror rule. + DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + + // The destination port range assigned to the Traffic Mirror rule. + DestinationPortRange *TrafficMirrorPortRange `locationName:"destinationPortRange" type:"structure"` + + // The protocol assigned to the Traffic Mirror rule. + Protocol *int64 `locationName:"protocol" type:"integer"` + + // The action assigned to the Traffic Mirror rule. + RuleAction *string `locationName:"ruleAction" type:"string" enum:"TrafficMirrorRuleAction"` + + // The rule number of the Traffic Mirror rule. + RuleNumber *int64 `locationName:"ruleNumber" type:"integer"` + + // The source CIDR block assigned to the Traffic Mirror rule. + SourceCidrBlock *string `locationName:"sourceCidrBlock" type:"string"` + + // The source port range assigned to the Traffic Mirror rule. + SourcePortRange *TrafficMirrorPortRange `locationName:"sourcePortRange" type:"structure"` + + // The traffic direction assigned to the Traffic Mirror rule. + TrafficDirection *string `locationName:"trafficDirection" type:"string" enum:"TrafficDirection"` + + // The ID of the Traffic Mirror filter that the rule is associated with. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` + + // The ID of the Traffic Mirror rule. + TrafficMirrorFilterRuleId *string `locationName:"trafficMirrorFilterRuleId" type:"string"` +} + +// String returns the string representation +func (s TrafficMirrorFilterRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorFilterRule) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorFilterRule) SetDescription(v string) *TrafficMirrorFilterRule { + s.Description = &v + return s +} + +// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. +func (s *TrafficMirrorFilterRule) SetDestinationCidrBlock(v string) *TrafficMirrorFilterRule { + s.DestinationCidrBlock = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *TrafficMirrorFilterRule) SetDestinationPortRange(v *TrafficMirrorPortRange) *TrafficMirrorFilterRule { + s.DestinationPortRange = v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *TrafficMirrorFilterRule) SetProtocol(v int64) *TrafficMirrorFilterRule { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *TrafficMirrorFilterRule) SetRuleAction(v string) *TrafficMirrorFilterRule { + s.RuleAction = &v + return s +} + +// SetRuleNumber sets the RuleNumber field's value. +func (s *TrafficMirrorFilterRule) SetRuleNumber(v int64) *TrafficMirrorFilterRule { + s.RuleNumber = &v + return s +} + +// SetSourceCidrBlock sets the SourceCidrBlock field's value. +func (s *TrafficMirrorFilterRule) SetSourceCidrBlock(v string) *TrafficMirrorFilterRule { + s.SourceCidrBlock = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *TrafficMirrorFilterRule) SetSourcePortRange(v *TrafficMirrorPortRange) *TrafficMirrorFilterRule { + s.SourcePortRange = v + return s +} + +// SetTrafficDirection sets the TrafficDirection field's value. +func (s *TrafficMirrorFilterRule) SetTrafficDirection(v string) *TrafficMirrorFilterRule { + s.TrafficDirection = &v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorFilterRule) SetTrafficMirrorFilterId(v string) *TrafficMirrorFilterRule { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorFilterRuleId sets the TrafficMirrorFilterRuleId field's value. +func (s *TrafficMirrorFilterRule) SetTrafficMirrorFilterRuleId(v string) *TrafficMirrorFilterRule { + s.TrafficMirrorFilterRuleId = &v + return s +} + +// Describes the Traffic Mirror port range. +type TrafficMirrorPortRange struct { + _ struct{} `type:"structure"` + + // The start of the Traffic Mirror port range. This applies to the TCP and UDP + // protocols. + FromPort *int64 `locationName:"fromPort" type:"integer"` + + // The end of the Traffic Mirror port range. This applies to the TCP and UDP + // protocols. + ToPort *int64 `locationName:"toPort" type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *TrafficMirrorPortRange) SetFromPort(v int64) *TrafficMirrorPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *TrafficMirrorPortRange) SetToPort(v int64) *TrafficMirrorPortRange { + s.ToPort = &v + return s +} + +// Information about the Traffic Mirror filter rule port range. +type TrafficMirrorPortRangeRequest struct { + _ struct{} `type:"structure"` + + // The first port in the Traffic Mirror port range. This applies to the TCP + // and UDP protocols. + FromPort *int64 `type:"integer"` + + // The last port in the Traffic Mirror port range. This applies to the TCP and + // UDP protocols. + ToPort *int64 `type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorPortRangeRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorPortRangeRequest) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *TrafficMirrorPortRangeRequest) SetFromPort(v int64) *TrafficMirrorPortRangeRequest { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *TrafficMirrorPortRangeRequest) SetToPort(v int64) *TrafficMirrorPortRangeRequest { + s.ToPort = &v + return s +} + +// Describes a Traffic Mirror session. +type TrafficMirrorSession struct { + _ struct{} `type:"structure"` + + // The description of the Traffic Mirror session. + Description *string `locationName:"description" type:"string"` + + // The ID of the Traffic Mirror session's network interface. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The ID of the account that owns the Traffic Mirror session. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The number of bytes in each packet to mirror. These are the bytes after the + // VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. + // For example, if you set this value to 100, then the first 100 bytes that + // meet the filter criteria are copied to the target. Do not specify this parameter + // when you want to mirror the entire packet + PacketLength *int64 `locationName:"packetLength" type:"integer"` + + // The session number determines the order in which sessions are evaluated when + // an interface is used by multiple sessions. The first session with a matching + // filter is the one that mirrors the packets. + // + // Valid values are 1-32766. + SessionNumber *int64 `locationName:"sessionNumber" type:"integer"` + + // The tags assigned to the Traffic Mirror session. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror filter. + TrafficMirrorFilterId *string `locationName:"trafficMirrorFilterId" type:"string"` + + // The ID for the Traffic Mirror session. + TrafficMirrorSessionId *string `locationName:"trafficMirrorSessionId" type:"string"` + + // The ID of the Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` + + // The virtual network ID associated with the Traffic Mirror session. + VirtualNetworkId *int64 `locationName:"virtualNetworkId" type:"integer"` +} + +// String returns the string representation +func (s TrafficMirrorSession) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorSession) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorSession) SetDescription(v string) *TrafficMirrorSession { + s.Description = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *TrafficMirrorSession) SetNetworkInterfaceId(v string) *TrafficMirrorSession { + s.NetworkInterfaceId = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *TrafficMirrorSession) SetOwnerId(v string) *TrafficMirrorSession { + s.OwnerId = &v + return s +} + +// SetPacketLength sets the PacketLength field's value. +func (s *TrafficMirrorSession) SetPacketLength(v int64) *TrafficMirrorSession { + s.PacketLength = &v + return s +} + +// SetSessionNumber sets the SessionNumber field's value. +func (s *TrafficMirrorSession) SetSessionNumber(v int64) *TrafficMirrorSession { + s.SessionNumber = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorSession) SetTags(v []*Tag) *TrafficMirrorSession { + s.Tags = v + return s +} + +// SetTrafficMirrorFilterId sets the TrafficMirrorFilterId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorFilterId(v string) *TrafficMirrorSession { + s.TrafficMirrorFilterId = &v + return s +} + +// SetTrafficMirrorSessionId sets the TrafficMirrorSessionId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorSessionId(v string) *TrafficMirrorSession { + s.TrafficMirrorSessionId = &v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *TrafficMirrorSession) SetTrafficMirrorTargetId(v string) *TrafficMirrorSession { + s.TrafficMirrorTargetId = &v + return s +} + +// SetVirtualNetworkId sets the VirtualNetworkId field's value. +func (s *TrafficMirrorSession) SetVirtualNetworkId(v int64) *TrafficMirrorSession { + s.VirtualNetworkId = &v + return s +} + +// Describes a Traffic Mirror target. +type TrafficMirrorTarget struct { + _ struct{} `type:"structure"` + + // Information about the Traffic Mirror target. + Description *string `locationName:"description" type:"string"` + + // The network interface ID that is attached to the target. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The Amazon Resource Name (ARN) of the Network Load Balancer. + NetworkLoadBalancerArn *string `locationName:"networkLoadBalancerArn" type:"string"` + + // The ID of the account that owns the Traffic Mirror target. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The tags assigned to the Traffic Mirror target. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the Traffic Mirror target. + TrafficMirrorTargetId *string `locationName:"trafficMirrorTargetId" type:"string"` + + // The type of Traffic Mirror target. + Type *string `locationName:"type" type:"string" enum:"TrafficMirrorTargetType"` +} + +// String returns the string representation +func (s TrafficMirrorTarget) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TrafficMirrorTarget) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *TrafficMirrorTarget) SetDescription(v string) *TrafficMirrorTarget { + s.Description = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *TrafficMirrorTarget) SetNetworkInterfaceId(v string) *TrafficMirrorTarget { + s.NetworkInterfaceId = &v + return s +} + +// SetNetworkLoadBalancerArn sets the NetworkLoadBalancerArn field's value. +func (s *TrafficMirrorTarget) SetNetworkLoadBalancerArn(v string) *TrafficMirrorTarget { + s.NetworkLoadBalancerArn = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *TrafficMirrorTarget) SetOwnerId(v string) *TrafficMirrorTarget { + s.OwnerId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *TrafficMirrorTarget) SetTags(v []*Tag) *TrafficMirrorTarget { + s.Tags = v + return s +} + +// SetTrafficMirrorTargetId sets the TrafficMirrorTargetId field's value. +func (s *TrafficMirrorTarget) SetTrafficMirrorTargetId(v string) *TrafficMirrorTarget { + s.TrafficMirrorTargetId = &v + return s +} + +// SetType sets the Type field's value. +func (s *TrafficMirrorTarget) SetType(v string) *TrafficMirrorTarget { + s.Type = &v + return s +} + // Describes a transit gateway. type TransitGateway struct { _ struct{} `type:"structure"` @@ -86664,6 +92614,170 @@ func (s *TransitGatewayVpcAttachmentOptions) SetIpv6Support(v string) *TransitGa return s } +// The VPN tunnel options. +type TunnelOption struct { + _ struct{} `type:"structure"` + + // The number of seconds after which a DPD timeout occurs. + DpdTimeoutSeconds *int64 `locationName:"dpdTimeoutSeconds" type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + IkeVersions []*IKEVersionsListValue `locationName:"ikeVersionSet" locationNameList:"item" type:"list"` + + // The external IP address of the VPN tunnel. + OutsideIpAddress *string `locationName:"outsideIpAddress" type:"string"` + + // The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 + // IKE negotiations. + Phase1DHGroupNumbers []*Phase1DHGroupNumbersListValue `locationName:"phase1DHGroupNumberSet" locationNameList:"item" type:"list"` + + // The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations. + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsListValue `locationName:"phase1EncryptionAlgorithmSet" locationNameList:"item" type:"list"` + + // The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations. + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsListValue `locationName:"phase1IntegrityAlgorithmSet" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + Phase1LifetimeSeconds *int64 `locationName:"phase1LifetimeSeconds" type:"integer"` + + // The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 + // IKE negotiations. + Phase2DHGroupNumbers []*Phase2DHGroupNumbersListValue `locationName:"phase2DHGroupNumberSet" locationNameList:"item" type:"list"` + + // The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations. + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsListValue `locationName:"phase2EncryptionAlgorithmSet" locationNameList:"item" type:"list"` + + // The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations. + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsListValue `locationName:"phase2IntegrityAlgorithmSet" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + Phase2LifetimeSeconds *int64 `locationName:"phase2LifetimeSeconds" type:"integer"` + + // The pre-shared key (PSK) to establish initial authentication between the + // virtual private gateway and the customer gateway. + PreSharedKey *string `locationName:"preSharedKey" type:"string"` + + // The percentage of the rekey window determined by RekeyMarginTimeSeconds during + // which the rekey time is randomly selected. + RekeyFuzzPercentage *int64 `locationName:"rekeyFuzzPercentage" type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. + RekeyMarginTimeSeconds *int64 `locationName:"rekeyMarginTimeSeconds" type:"integer"` + + // The number of packets in an IKE replay window. + ReplayWindowSize *int64 `locationName:"replayWindowSize" type:"integer"` + + // The range of inside IP addresses for the tunnel. + TunnelInsideCidr *string `locationName:"tunnelInsideCidr" type:"string"` +} + +// String returns the string representation +func (s TunnelOption) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s TunnelOption) GoString() string { + return s.String() +} + +// SetDpdTimeoutSeconds sets the DpdTimeoutSeconds field's value. +func (s *TunnelOption) SetDpdTimeoutSeconds(v int64) *TunnelOption { + s.DpdTimeoutSeconds = &v + return s +} + +// SetIkeVersions sets the IkeVersions field's value. +func (s *TunnelOption) SetIkeVersions(v []*IKEVersionsListValue) *TunnelOption { + s.IkeVersions = v + return s +} + +// SetOutsideIpAddress sets the OutsideIpAddress field's value. +func (s *TunnelOption) SetOutsideIpAddress(v string) *TunnelOption { + s.OutsideIpAddress = &v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *TunnelOption) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersListValue) *TunnelOption { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *TunnelOption) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsListValue) *TunnelOption { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *TunnelOption) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsListValue) *TunnelOption { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *TunnelOption) SetPhase1LifetimeSeconds(v int64) *TunnelOption { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *TunnelOption) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersListValue) *TunnelOption { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *TunnelOption) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsListValue) *TunnelOption { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *TunnelOption) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsListValue) *TunnelOption { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *TunnelOption) SetPhase2LifetimeSeconds(v int64) *TunnelOption { + s.Phase2LifetimeSeconds = &v + return s +} + +// SetPreSharedKey sets the PreSharedKey field's value. +func (s *TunnelOption) SetPreSharedKey(v string) *TunnelOption { + s.PreSharedKey = &v + return s +} + +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *TunnelOption) SetRekeyFuzzPercentage(v int64) *TunnelOption { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *TunnelOption) SetRekeyMarginTimeSeconds(v int64) *TunnelOption { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *TunnelOption) SetReplayWindowSize(v int64) *TunnelOption { + s.ReplayWindowSize = &v + return s +} + +// SetTunnelInsideCidr sets the TunnelInsideCidr field's value. +func (s *TunnelOption) SetTunnelInsideCidr(v string) *TunnelOption { + s.TunnelInsideCidr = &v + return s +} + type UnassignIpv6AddressesInput struct { _ struct{} `type:"structure"` @@ -87406,6 +93520,9 @@ type VgwTelemetry struct { // The number of accepted routes. AcceptedRouteCount *int64 `locationName:"acceptedRouteCount" type:"integer"` + // The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate. + CertificateArn *string `locationName:"certificateArn" type:"string"` + // The date and time of the last change in status. LastStatusChange *time.Time `locationName:"lastStatusChange" type:"timestamp"` @@ -87436,6 +93553,12 @@ func (s *VgwTelemetry) SetAcceptedRouteCount(v int64) *VgwTelemetry { return s } +// SetCertificateArn sets the CertificateArn field's value. +func (s *VgwTelemetry) SetCertificateArn(v string) *VgwTelemetry { + s.CertificateArn = &v + return s +} + // SetLastStatusChange sets the LastStatusChange field's value. func (s *VgwTelemetry) SetLastStatusChange(v time.Time) *VgwTelemetry { s.LastStatusChange = &v @@ -87473,7 +93596,7 @@ type Volume struct { // The time stamp when volume creation was initiated. CreateTime *time.Time `locationName:"createTime" type:"timestamp"` - // Indicates whether the volume will be encrypted. + // Indicates whether the volume is encrypted. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS) that the volume supports. @@ -87493,8 +93616,9 @@ type Volume struct { // it is not used in requests to create gp2, st1, sc1, or standard volumes. Iops *int64 `locationName:"iops" type:"integer"` - // The full ARN of the AWS Key Management Service (AWS KMS) customer master - // key (CMK) that was used to protect the volume encryption key for the volume. + // The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) + // customer master key (CMK) that was used to protect the volume encryption + // key for the volume. KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // The size of the volume, in GiBs. @@ -88344,6 +94468,9 @@ type VpcEndpoint struct { // (Interface endpoint) One or more network interfaces for the endpoint. NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` + // The ID of the AWS account that owns the VPC endpoint. + OwnerId *string `locationName:"ownerId" type:"string"` + // The policy document associated with the endpoint, if applicable. PolicyDocument *string `locationName:"policyDocument" type:"string"` @@ -88413,6 +94540,12 @@ func (s *VpcEndpoint) SetNetworkInterfaceIds(v []*string) *VpcEndpoint { return s } +// SetOwnerId sets the OwnerId field's value. +func (s *VpcEndpoint) SetOwnerId(v string) *VpcEndpoint { + s.OwnerId = &v + return s +} + // SetPolicyDocument sets the PolicyDocument field's value. func (s *VpcEndpoint) SetPolicyDocument(v string) *VpcEndpoint { s.PolicyDocument = &v @@ -88486,6 +94619,12 @@ type VpcEndpointConnection struct { // The date and time the VPC endpoint was created. CreationTimestamp *time.Time `locationName:"creationTimestamp" type:"timestamp"` + // The DNS entries for the VPC endpoint. + DnsEntries []*DnsEntry `locationName:"dnsEntrySet" locationNameList:"item" type:"list"` + + // The Amazon Resource Names (ARNs) of the network load balancers for the service. + NetworkLoadBalancerArns []*string `locationName:"networkLoadBalancerArnSet" locationNameList:"item" type:"list"` + // The ID of the service to which the endpoint is connected. ServiceId *string `locationName:"serviceId" type:"string"` @@ -88515,6 +94654,18 @@ func (s *VpcEndpointConnection) SetCreationTimestamp(v time.Time) *VpcEndpointCo return s } +// SetDnsEntries sets the DnsEntries field's value. +func (s *VpcEndpointConnection) SetDnsEntries(v []*DnsEntry) *VpcEndpointConnection { + s.DnsEntries = v + return s +} + +// SetNetworkLoadBalancerArns sets the NetworkLoadBalancerArns field's value. +func (s *VpcEndpointConnection) SetNetworkLoadBalancerArns(v []*string) *VpcEndpointConnection { + s.NetworkLoadBalancerArns = v + return s +} + // SetServiceId sets the ServiceId field's value. func (s *VpcEndpointConnection) SetServiceId(v string) *VpcEndpointConnection { s.ServiceId = &v @@ -88943,6 +95094,9 @@ type VpnConnectionOptions struct { // Indicates whether the VPN connection uses static routes only. Static routes // must be used for devices that don't support BGP. StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` + + // Indicates the VPN tunnel options. + TunnelOptions []*TunnelOption `locationName:"tunnelOptionSet" locationNameList:"item" type:"list"` } // String returns the string representation @@ -88961,6 +95115,12 @@ func (s *VpnConnectionOptions) SetStaticRoutesOnly(v bool) *VpnConnectionOptions return s } +// SetTunnelOptions sets the TunnelOptions field's value. +func (s *VpnConnectionOptions) SetTunnelOptions(v []*TunnelOption) *VpnConnectionOptions { + s.TunnelOptions = v + return s +} + // Describes VPN connection options. type VpnConnectionOptionsSpecification struct { _ struct{} `type:"structure"` @@ -88973,7 +95133,7 @@ type VpnConnectionOptionsSpecification struct { StaticRoutesOnly *bool `locationName:"staticRoutesOnly" type:"boolean"` // The tunnel options for the VPN connection. - TunnelOptions []*VpnTunnelOptionsSpecification `locationNameList:"item" type:"list"` + TunnelOptions []*VpnTunnelOptionsSpecification `type:"list"` } // String returns the string representation @@ -89123,13 +95283,101 @@ func (s *VpnStaticRoute) SetState(v string) *VpnStaticRoute { type VpnTunnelOptionsSpecification struct { _ struct{} `type:"structure"` + // The number of seconds after which a DPD timeout occurs. + // + // Constraints: A value between 0 and 30. + // + // Default: 30 + DPDTimeoutSeconds *int64 `type:"integer"` + + // The IKE versions that are permitted for the VPN tunnel. + // + // Valid values: ikev1 | ikev2 + IKEVersions []*IKEVersionsRequestListValue `locationName:"IKEVersion" locationNameList:"item" type:"list"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 1 IKE negotiations. + // + // Valid values: 2 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase1DHGroupNumbers []*Phase1DHGroupNumbersRequestListValue `locationName:"Phase1DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase1EncryptionAlgorithms []*Phase1EncryptionAlgorithmsRequestListValue `locationName:"Phase1EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 1 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase1IntegrityAlgorithms []*Phase1IntegrityAlgorithmsRequestListValue `locationName:"Phase1IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 1 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 28,800. + // + // Default: 28800 + Phase1LifetimeSeconds *int64 `type:"integer"` + + // One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel + // for phase 2 IKE negotiations. + // + // Valid values: 2 | 5 | 14 | 15 | 16 | 17 | 18 | 22 | 23 | 24 + Phase2DHGroupNumbers []*Phase2DHGroupNumbersRequestListValue `locationName:"Phase2DHGroupNumber" locationNameList:"item" type:"list"` + + // One or more encryption algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: AES128 | AES256 + Phase2EncryptionAlgorithms []*Phase2EncryptionAlgorithmsRequestListValue `locationName:"Phase2EncryptionAlgorithm" locationNameList:"item" type:"list"` + + // One or more integrity algorithms that are permitted for the VPN tunnel for + // phase 2 IKE negotiations. + // + // Valid values: SHA1 | SHA2-256 + Phase2IntegrityAlgorithms []*Phase2IntegrityAlgorithmsRequestListValue `locationName:"Phase2IntegrityAlgorithm" locationNameList:"item" type:"list"` + + // The lifetime for phase 2 of the IKE negotiation, in seconds. + // + // Constraints: A value between 900 and 3,600. The value must be less than the + // value for Phase1LifetimeSeconds. + // + // Default: 3600 + Phase2LifetimeSeconds *int64 `type:"integer"` + // The pre-shared key (PSK) to establish initial authentication between the // virtual private gateway and customer gateway. // - // Constraints: Allowed characters are alphanumeric characters and ._. Must - // be between 8 and 64 characters in length and cannot start with zero (0). + // Constraints: Allowed characters are alphanumeric characters, periods (.), + // and underscores (_). Must be between 8 and 64 characters in length and cannot + // start with zero (0). PreSharedKey *string `type:"string"` + // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) + // during which the rekey time is randomly selected. + // + // Constraints: A value between 0 and 100. + // + // Default: 100 + RekeyFuzzPercentage *int64 `type:"integer"` + + // The margin time, in seconds, before the phase 2 lifetime expires, during + // which the AWS side of the VPN connection performs an IKE rekey. The exact + // time of the rekey is randomly selected based on the value for RekeyFuzzPercentage. + // + // Constraints: A value between 60 and half of Phase2LifetimeSeconds. + // + // Default: 540 + RekeyMarginTimeSeconds *int64 `type:"integer"` + + // The number of packets in an IKE replay window. + // + // Constraints: A value between 64 and 2048. + // + // Default: 1024 + ReplayWindowSize *int64 `type:"integer"` + // The range of inside IP addresses for the tunnel. Any specified CIDR blocks // must be unique across all VPN connections that use the same virtual private // gateway. @@ -89163,12 +95411,90 @@ func (s VpnTunnelOptionsSpecification) GoString() string { return s.String() } +// SetDPDTimeoutSeconds sets the DPDTimeoutSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *VpnTunnelOptionsSpecification { + s.DPDTimeoutSeconds = &v + return s +} + +// SetIKEVersions sets the IKEVersions field's value. +func (s *VpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *VpnTunnelOptionsSpecification { + s.IKEVersions = v + return s +} + +// SetPhase1DHGroupNumbers sets the Phase1DHGroupNumbers field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1DHGroupNumbers(v []*Phase1DHGroupNumbersRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1DHGroupNumbers = v + return s +} + +// SetPhase1EncryptionAlgorithms sets the Phase1EncryptionAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1EncryptionAlgorithms(v []*Phase1EncryptionAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1EncryptionAlgorithms = v + return s +} + +// SetPhase1IntegrityAlgorithms sets the Phase1IntegrityAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1IntegrityAlgorithms(v []*Phase1IntegrityAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase1IntegrityAlgorithms = v + return s +} + +// SetPhase1LifetimeSeconds sets the Phase1LifetimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase1LifetimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.Phase1LifetimeSeconds = &v + return s +} + +// SetPhase2DHGroupNumbers sets the Phase2DHGroupNumbers field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2DHGroupNumbers(v []*Phase2DHGroupNumbersRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2DHGroupNumbers = v + return s +} + +// SetPhase2EncryptionAlgorithms sets the Phase2EncryptionAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2EncryptionAlgorithms(v []*Phase2EncryptionAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2EncryptionAlgorithms = v + return s +} + +// SetPhase2IntegrityAlgorithms sets the Phase2IntegrityAlgorithms field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2IntegrityAlgorithms(v []*Phase2IntegrityAlgorithmsRequestListValue) *VpnTunnelOptionsSpecification { + s.Phase2IntegrityAlgorithms = v + return s +} + +// SetPhase2LifetimeSeconds sets the Phase2LifetimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetPhase2LifetimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.Phase2LifetimeSeconds = &v + return s +} + // SetPreSharedKey sets the PreSharedKey field's value. func (s *VpnTunnelOptionsSpecification) SetPreSharedKey(v string) *VpnTunnelOptionsSpecification { s.PreSharedKey = &v return s } +// SetRekeyFuzzPercentage sets the RekeyFuzzPercentage field's value. +func (s *VpnTunnelOptionsSpecification) SetRekeyFuzzPercentage(v int64) *VpnTunnelOptionsSpecification { + s.RekeyFuzzPercentage = &v + return s +} + +// SetRekeyMarginTimeSeconds sets the RekeyMarginTimeSeconds field's value. +func (s *VpnTunnelOptionsSpecification) SetRekeyMarginTimeSeconds(v int64) *VpnTunnelOptionsSpecification { + s.RekeyMarginTimeSeconds = &v + return s +} + +// SetReplayWindowSize sets the ReplayWindowSize field's value. +func (s *VpnTunnelOptionsSpecification) SetReplayWindowSize(v int64) *VpnTunnelOptionsSpecification { + s.ReplayWindowSize = &v + return s +} + // SetTunnelInsideCidr sets the TunnelInsideCidr field's value. func (s *VpnTunnelOptionsSpecification) SetTunnelInsideCidr(v string) *VpnTunnelOptionsSpecification { s.TunnelInsideCidr = &v @@ -89293,6 +95619,9 @@ const ( // AllocationStateReleasedPermanentFailure is a AllocationState enum value AllocationStateReleasedPermanentFailure = "released-permanent-failure" + + // AllocationStatePending is a AllocationState enum value + AllocationStatePending = "pending" ) const ( @@ -89301,6 +95630,9 @@ const ( // AllocationStrategyDiversified is a AllocationStrategy enum value AllocationStrategyDiversified = "diversified" + + // AllocationStrategyCapacityOptimized is a AllocationStrategy enum value + AllocationStrategyCapacityOptimized = "capacityOptimized" ) const ( @@ -89709,6 +96041,17 @@ const ( ) const ( + // DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeReservedInstancesIdInvalid = "reserved-instances-id-invalid" + + // DeleteQueuedReservedInstancesErrorCodeReservedInstancesNotInQueuedState is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeReservedInstancesNotInQueuedState = "reserved-instances-not-in-queued-state" + + // DeleteQueuedReservedInstancesErrorCodeUnexpectedError is a DeleteQueuedReservedInstancesErrorCode enum value + DeleteQueuedReservedInstancesErrorCodeUnexpectedError = "unexpected-error" +) + +const ( // DeviceTypeEbs is a DeviceType enum value DeviceTypeEbs = "ebs" @@ -89790,6 +96133,9 @@ const ( // EventTypeError is a EventType enum value EventTypeError = "error" + + // EventTypeInformation is a EventType enum value + EventTypeInformation = "information" ) const ( @@ -89830,10 +96176,10 @@ const ( FleetActivityStatusError = "error" // FleetActivityStatusPendingFulfillment is a FleetActivityStatus enum value - FleetActivityStatusPendingFulfillment = "pending-fulfillment" + FleetActivityStatusPendingFulfillment = "pending_fulfillment" // FleetActivityStatusPendingTermination is a FleetActivityStatus enum value - FleetActivityStatusPendingTermination = "pending-termination" + FleetActivityStatusPendingTermination = "pending_termination" // FleetActivityStatusFulfilled is a FleetActivityStatus enum value FleetActivityStatusFulfilled = "fulfilled" @@ -89880,10 +96226,10 @@ const ( FleetStateCodeFailed = "failed" // FleetStateCodeDeletedRunning is a FleetStateCode enum value - FleetStateCodeDeletedRunning = "deleted-running" + FleetStateCodeDeletedRunning = "deleted_running" // FleetStateCodeDeletedTerminating is a FleetStateCode enum value - FleetStateCodeDeletedTerminating = "deleted-terminating" + FleetStateCodeDeletedTerminating = "deleted_terminating" // FleetStateCodeModifying is a FleetStateCode enum value FleetStateCodeModifying = "modifying" @@ -89945,6 +96291,14 @@ const ( ) const ( + // HostRecoveryOn is a HostRecovery enum value + HostRecoveryOn = "on" + + // HostRecoveryOff is a HostRecovery enum value + HostRecoveryOff = "off" +) + +const ( // HostTenancyDedicated is a HostTenancy enum value HostTenancyDedicated = "dedicated" @@ -90304,9 +96658,15 @@ const ( // InstanceTypeR54xlarge is a InstanceType enum value InstanceTypeR54xlarge = "r5.4xlarge" + // InstanceTypeR58xlarge is a InstanceType enum value + InstanceTypeR58xlarge = "r5.8xlarge" + // InstanceTypeR512xlarge is a InstanceType enum value InstanceTypeR512xlarge = "r5.12xlarge" + // InstanceTypeR516xlarge is a InstanceType enum value + InstanceTypeR516xlarge = "r5.16xlarge" + // InstanceTypeR524xlarge is a InstanceType enum value InstanceTypeR524xlarge = "r5.24xlarge" @@ -90325,9 +96685,15 @@ const ( // InstanceTypeR5a4xlarge is a InstanceType enum value InstanceTypeR5a4xlarge = "r5a.4xlarge" + // InstanceTypeR5a8xlarge is a InstanceType enum value + InstanceTypeR5a8xlarge = "r5a.8xlarge" + // InstanceTypeR5a12xlarge is a InstanceType enum value InstanceTypeR5a12xlarge = "r5a.12xlarge" + // InstanceTypeR5a16xlarge is a InstanceType enum value + InstanceTypeR5a16xlarge = "r5a.16xlarge" + // InstanceTypeR5a24xlarge is a InstanceType enum value InstanceTypeR5a24xlarge = "r5a.24xlarge" @@ -90343,9 +96709,15 @@ const ( // InstanceTypeR5d4xlarge is a InstanceType enum value InstanceTypeR5d4xlarge = "r5d.4xlarge" + // InstanceTypeR5d8xlarge is a InstanceType enum value + InstanceTypeR5d8xlarge = "r5d.8xlarge" + // InstanceTypeR5d12xlarge is a InstanceType enum value InstanceTypeR5d12xlarge = "r5d.12xlarge" + // InstanceTypeR5d16xlarge is a InstanceType enum value + InstanceTypeR5d16xlarge = "r5d.16xlarge" + // InstanceTypeR5d24xlarge is a InstanceType enum value InstanceTypeR5d24xlarge = "r5d.24xlarge" @@ -90433,6 +96805,30 @@ const ( // InstanceTypeI3Metal is a InstanceType enum value InstanceTypeI3Metal = "i3.metal" + // InstanceTypeI3enLarge is a InstanceType enum value + InstanceTypeI3enLarge = "i3en.large" + + // InstanceTypeI3enXlarge is a InstanceType enum value + InstanceTypeI3enXlarge = "i3en.xlarge" + + // InstanceTypeI3en2xlarge is a InstanceType enum value + InstanceTypeI3en2xlarge = "i3en.2xlarge" + + // InstanceTypeI3en3xlarge is a InstanceType enum value + InstanceTypeI3en3xlarge = "i3en.3xlarge" + + // InstanceTypeI3en6xlarge is a InstanceType enum value + InstanceTypeI3en6xlarge = "i3en.6xlarge" + + // InstanceTypeI3en12xlarge is a InstanceType enum value + InstanceTypeI3en12xlarge = "i3en.12xlarge" + + // InstanceTypeI3en24xlarge is a InstanceType enum value + InstanceTypeI3en24xlarge = "i3en.24xlarge" + + // InstanceTypeI3enMetal is a InstanceType enum value + InstanceTypeI3enMetal = "i3en.metal" + // InstanceTypeHi14xlarge is a InstanceType enum value InstanceTypeHi14xlarge = "hi1.4xlarge" @@ -90490,9 +96886,18 @@ const ( // InstanceTypeC59xlarge is a InstanceType enum value InstanceTypeC59xlarge = "c5.9xlarge" + // InstanceTypeC512xlarge is a InstanceType enum value + InstanceTypeC512xlarge = "c5.12xlarge" + // InstanceTypeC518xlarge is a InstanceType enum value InstanceTypeC518xlarge = "c5.18xlarge" + // InstanceTypeC524xlarge is a InstanceType enum value + InstanceTypeC524xlarge = "c5.24xlarge" + + // InstanceTypeC5Metal is a InstanceType enum value + InstanceTypeC5Metal = "c5.metal" + // InstanceTypeC5dLarge is a InstanceType enum value InstanceTypeC5dLarge = "c5d.large" @@ -90553,6 +96958,24 @@ const ( // InstanceTypeG3sXlarge is a InstanceType enum value InstanceTypeG3sXlarge = "g3s.xlarge" + // InstanceTypeG4dnXlarge is a InstanceType enum value + InstanceTypeG4dnXlarge = "g4dn.xlarge" + + // InstanceTypeG4dn2xlarge is a InstanceType enum value + InstanceTypeG4dn2xlarge = "g4dn.2xlarge" + + // InstanceTypeG4dn4xlarge is a InstanceType enum value + InstanceTypeG4dn4xlarge = "g4dn.4xlarge" + + // InstanceTypeG4dn8xlarge is a InstanceType enum value + InstanceTypeG4dn8xlarge = "g4dn.8xlarge" + + // InstanceTypeG4dn12xlarge is a InstanceType enum value + InstanceTypeG4dn12xlarge = "g4dn.12xlarge" + + // InstanceTypeG4dn16xlarge is a InstanceType enum value + InstanceTypeG4dn16xlarge = "g4dn.16xlarge" + // InstanceTypeCg14xlarge is a InstanceType enum value InstanceTypeCg14xlarge = "cg1.4xlarge" @@ -90610,9 +97033,15 @@ const ( // InstanceTypeM54xlarge is a InstanceType enum value InstanceTypeM54xlarge = "m5.4xlarge" + // InstanceTypeM58xlarge is a InstanceType enum value + InstanceTypeM58xlarge = "m5.8xlarge" + // InstanceTypeM512xlarge is a InstanceType enum value InstanceTypeM512xlarge = "m5.12xlarge" + // InstanceTypeM516xlarge is a InstanceType enum value + InstanceTypeM516xlarge = "m5.16xlarge" + // InstanceTypeM524xlarge is a InstanceType enum value InstanceTypeM524xlarge = "m5.24xlarge" @@ -90631,9 +97060,15 @@ const ( // InstanceTypeM5a4xlarge is a InstanceType enum value InstanceTypeM5a4xlarge = "m5a.4xlarge" + // InstanceTypeM5a8xlarge is a InstanceType enum value + InstanceTypeM5a8xlarge = "m5a.8xlarge" + // InstanceTypeM5a12xlarge is a InstanceType enum value InstanceTypeM5a12xlarge = "m5a.12xlarge" + // InstanceTypeM5a16xlarge is a InstanceType enum value + InstanceTypeM5a16xlarge = "m5a.16xlarge" + // InstanceTypeM5a24xlarge is a InstanceType enum value InstanceTypeM5a24xlarge = "m5a.24xlarge" @@ -90649,9 +97084,15 @@ const ( // InstanceTypeM5d4xlarge is a InstanceType enum value InstanceTypeM5d4xlarge = "m5d.4xlarge" + // InstanceTypeM5d8xlarge is a InstanceType enum value + InstanceTypeM5d8xlarge = "m5d.8xlarge" + // InstanceTypeM5d12xlarge is a InstanceType enum value InstanceTypeM5d12xlarge = "m5d.12xlarge" + // InstanceTypeM5d16xlarge is a InstanceType enum value + InstanceTypeM5d16xlarge = "m5d.16xlarge" + // InstanceTypeM5d24xlarge is a InstanceType enum value InstanceTypeM5d24xlarge = "m5d.24xlarge" @@ -91117,6 +97558,12 @@ const ( // ReservedInstanceStateRetired is a ReservedInstanceState enum value ReservedInstanceStateRetired = "retired" + + // ReservedInstanceStateQueued is a ReservedInstanceState enum value + ReservedInstanceStateQueued = "queued" + + // ReservedInstanceStateQueuedDeleted is a ReservedInstanceState enum value + ReservedInstanceStateQueuedDeleted = "queued-deleted" ) const ( @@ -91193,6 +97640,15 @@ const ( // ResourceTypeSubnet is a ResourceType enum value ResourceTypeSubnet = "subnet" + // ResourceTypeTrafficMirrorFilter is a ResourceType enum value + ResourceTypeTrafficMirrorFilter = "traffic-mirror-filter" + + // ResourceTypeTrafficMirrorSession is a ResourceType enum value + ResourceTypeTrafficMirrorSession = "traffic-mirror-session" + + // ResourceTypeTrafficMirrorTarget is a ResourceType enum value + ResourceTypeTrafficMirrorTarget = "traffic-mirror-target" + // ResourceTypeTransitGateway is a ResourceType enum value ResourceTypeTransitGateway = "transit-gateway" @@ -91303,6 +97759,9 @@ const ( // SpotAllocationStrategyDiversified is a SpotAllocationStrategy enum value SpotAllocationStrategyDiversified = "diversified" + + // SpotAllocationStrategyCapacityOptimized is a SpotAllocationStrategy enum value + SpotAllocationStrategyCapacityOptimized = "capacity-optimized" ) const ( @@ -91462,6 +97921,60 @@ const ( ) const ( + // TrafficDirectionIngress is a TrafficDirection enum value + TrafficDirectionIngress = "ingress" + + // TrafficDirectionEgress is a TrafficDirection enum value + TrafficDirectionEgress = "egress" +) + +const ( + // TrafficMirrorFilterRuleFieldDestinationPortRange is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldDestinationPortRange = "destination-port-range" + + // TrafficMirrorFilterRuleFieldSourcePortRange is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldSourcePortRange = "source-port-range" + + // TrafficMirrorFilterRuleFieldProtocol is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldProtocol = "protocol" + + // TrafficMirrorFilterRuleFieldDescription is a TrafficMirrorFilterRuleField enum value + TrafficMirrorFilterRuleFieldDescription = "description" +) + +const ( + // TrafficMirrorNetworkServiceAmazonDns is a TrafficMirrorNetworkService enum value + TrafficMirrorNetworkServiceAmazonDns = "amazon-dns" +) + +const ( + // TrafficMirrorRuleActionAccept is a TrafficMirrorRuleAction enum value + TrafficMirrorRuleActionAccept = "accept" + + // TrafficMirrorRuleActionReject is a TrafficMirrorRuleAction enum value + TrafficMirrorRuleActionReject = "reject" +) + +const ( + // TrafficMirrorSessionFieldPacketLength is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldPacketLength = "packet-length" + + // TrafficMirrorSessionFieldDescription is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldDescription = "description" + + // TrafficMirrorSessionFieldVirtualNetworkId is a TrafficMirrorSessionField enum value + TrafficMirrorSessionFieldVirtualNetworkId = "virtual-network-id" +) + +const ( + // TrafficMirrorTargetTypeNetworkInterface is a TrafficMirrorTargetType enum value + TrafficMirrorTargetTypeNetworkInterface = "network-interface" + + // TrafficMirrorTargetTypeNetworkLoadBalancer is a TrafficMirrorTargetType enum value + TrafficMirrorTargetTypeNetworkLoadBalancer = "network-load-balancer" +) + +const ( // TrafficTypeAccept is a TrafficType enum value TrafficTypeAccept = "ACCEPT" @@ -91492,6 +98005,9 @@ const ( // TransitGatewayAttachmentResourceTypeVpn is a TransitGatewayAttachmentResourceType enum value TransitGatewayAttachmentResourceTypeVpn = "vpn" + + // TransitGatewayAttachmentResourceTypeDirectConnectGateway is a TransitGatewayAttachmentResourceType enum value + TransitGatewayAttachmentResourceTypeDirectConnectGateway = "direct-connect-gateway" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go index 7b42719d..efec8d8a 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go @@ -8,65 +8,32 @@ import ( "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkrand" ) -type retryer struct { - client.DefaultRetryer -} - -func (d retryer) RetryRules(r *request.Request) time.Duration { - switch r.Operation.Name { - case opModifyNetworkInterfaceAttribute: - fallthrough - case opAssignPrivateIpAddresses: - return customRetryRule(r) - default: - return d.DefaultRetryer.RetryRules(r) - } -} - -func customRetryRule(r *request.Request) time.Duration { - retryTimes := []time.Duration{ - time.Second, - 3 * time.Second, - 5 * time.Second, - } - - count := r.RetryCount - if count >= len(retryTimes) { - count = len(retryTimes) - 1 - } - - minTime := int(retryTimes[count]) - return time.Duration(sdkrand.SeededRand.Intn(minTime) + minTime) -} +const ( + // customRetryerMinRetryDelay sets min retry delay + customRetryerMinRetryDelay = 1 * time.Second -func setCustomRetryer(c *client.Client) { - maxRetries := aws.IntValue(c.Config.MaxRetries) - if c.Config.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries { - maxRetries = 3 - } - - c.Retryer = retryer{ - DefaultRetryer: client.DefaultRetryer{ - NumMaxRetries: maxRetries, - }, - } -} + // customRetryerMaxRetryDelay sets max retry delay + customRetryerMaxRetryDelay = 8 * time.Second +) func init() { - initClient = func(c *client.Client) { - if c.Config.Retryer == nil { - // Only override the retryer with a custom one if the config - // does not already contain a retryer - setCustomRetryer(c) - } - } initRequest = func(r *request.Request) { if r.Operation.Name == opCopySnapshot { // fill the PresignedURL parameter r.Handlers.Build.PushFront(fillPresignedURL) } + + // only set the retryer on request if config doesn't have a retryer + if r.Config.Retryer == nil && (r.Operation.Name == opModifyNetworkInterfaceAttribute || r.Operation.Name == opAssignPrivateIpAddresses) { + r.Retryer = client.DefaultRetryer{ + NumMaxRetries: client.DefaultRetryerMaxNumRetries, + MinRetryDelay: customRetryerMinRetryDelay, + MinThrottleDelay: customRetryerMinRetryDelay, + MaxRetryDelay: customRetryerMaxRetryDelay, + MaxThrottleDelay: customRetryerMaxRetryDelay, + } + } } } diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go index c258e0e8..31c314e0 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go @@ -7,18 +7,19 @@ // capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest // in hardware up front, so you can develop and deploy applications faster. // -// To learn more about Amazon EC2, Amazon EBS, and Amazon VPC, see the following -// resources: +// To learn more, see the following resources: // -// * Amazon EC2 product page (http://aws.amazon.com/ec2) +// * Amazon EC2: AmazonEC2 product page (http://aws.amazon.com/ec2), Amazon +// EC2 documentation (http://aws.amazon.com/documentation/ec2) // -// * Amazon EC2 documentation (http://aws.amazon.com/documentation/ec2) +// * Amazon EBS: Amazon EBS product page (http://aws.amazon.com/ebs), Amazon +// EBS documentation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) // -// * Amazon EBS product page (http://aws.amazon.com/ebs) +// * Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon +// VPC documentation (http://aws.amazon.com/documentation/vpc) // -// * Amazon VPC product page (http://aws.amazon.com/vpc) -// -// * Amazon VPC documentation (http://aws.amazon.com/documentation/vpc) +// * AWS VPN: AWS VPN product page (http://aws.amazon.com/vpn), AWS VPN documentation +// (http://aws.amazon.com/documentation/vpn) // // See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service. // diff --git a/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go b/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go index eac6c94d..b002302e 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go @@ -3181,6 +3181,8 @@ type DescribeSecretOutput struct { // The user-provided friendly name of the secret. Name *string `min:"1" type:"string"` + OwningService *string `min:"1" type:"string"` + // Specifies whether automatic rotation is enabled for this secret. // // To enable rotation, use RotateSecret with AutomaticallyRotateAfterDays set @@ -3266,6 +3268,12 @@ func (s *DescribeSecretOutput) SetName(v string) *DescribeSecretOutput { return s } +// SetOwningService sets the OwningService field's value. +func (s *DescribeSecretOutput) SetOwningService(v string) *DescribeSecretOutput { + s.OwningService = &v + return s +} + // SetRotationEnabled sets the RotationEnabled field's value. func (s *DescribeSecretOutput) SetRotationEnabled(v bool) *DescribeSecretOutput { s.RotationEnabled = &v @@ -3419,7 +3427,7 @@ type GetRandomPasswordOutput struct { _ struct{} `type:"structure"` // A string with the generated password. - RandomPassword *string `type:"string"` + RandomPassword *string `type:"string" sensitive:"true"` } // String returns the string representation @@ -4647,6 +4655,8 @@ type SecretListEntry struct { // in the folder prod. Name *string `min:"1" type:"string"` + OwningService *string `min:"1" type:"string"` + // Indicated whether automatic, scheduled rotation is enabled for this secret. RotationEnabled *bool `type:"boolean"` @@ -4729,6 +4739,12 @@ func (s *SecretListEntry) SetName(v string) *SecretListEntry { return s } +// SetOwningService sets the OwningService field's value. +func (s *SecretListEntry) SetOwningService(v string) *SecretListEntry { + s.OwningService = &v + return s +} + // SetRotationEnabled sets the RotationEnabled field's value. func (s *SecretListEntry) SetRotationEnabled(v bool) *SecretListEntry { s.RotationEnabled = &v diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index 56615369..4c2bb71f 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -194,12 +194,9 @@ func (c *SSM) CancelCommandRequest(input *CancelCommandInput) (req *request.Requ // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -482,12 +479,9 @@ func (c *SSM) CreateAssociationRequest(input *CreateAssociationInput) (req *requ // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -609,12 +603,9 @@ func (c *SSM) CreateAssociationBatchRequest(input *CreateAssociationBatchInput) // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -736,7 +727,7 @@ func (c *SSM) CreateDocumentRequest(input *CreateDocumentInput) (req *request.Re // The content for the document is not valid. // // * ErrCodeDocumentLimitExceeded "DocumentLimitExceeded" -// You can have at most 200 active Systems Manager documents. +// You can have at most 500 active Systems Manager documents. // // * ErrCodeInvalidDocumentSchemaVersion "InvalidDocumentSchemaVersion" // The version of the document schema is not supported. @@ -853,6 +844,105 @@ func (c *SSM) CreateMaintenanceWindowWithContext(ctx aws.Context, input *CreateM return out, req.Send() } +const opCreateOpsItem = "CreateOpsItem" + +// CreateOpsItemRequest generates a "aws/request.Request" representing the +// client's request for the CreateOpsItem operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateOpsItem for more information on using the CreateOpsItem +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the CreateOpsItemRequest method. +// req, resp := client.CreateOpsItemRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/CreateOpsItem +func (c *SSM) CreateOpsItemRequest(input *CreateOpsItemInput) (req *request.Request, output *CreateOpsItemOutput) { + op := &request.Operation{ + Name: opCreateOpsItem, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateOpsItemInput{} + } + + output = &CreateOpsItemOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateOpsItem API operation for Amazon Simple Systems Manager (SSM). +// +// Creates a new OpsItem. You must have permission in AWS Identity and Access +// Management (IAM) to create a new OpsItem. For more information, see Getting +// Started with OpsCenter (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// in the AWS Systems Manager User Guide. +// +// Operations engineers and IT professionals use OpsCenter to view, investigate, +// and remediate operational issues impacting the performance and health of +// their AWS resources. For more information, see AWS Systems Manager OpsCenter +// (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// in the AWS Systems Manager User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation CreateOpsItem for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalServerError "InternalServerError" +// An error occurred on the server side. +// +// * ErrCodeOpsItemAlreadyExistsException "OpsItemAlreadyExistsException" +// The OpsItem already exists. +// +// * ErrCodeOpsItemLimitExceededException "OpsItemLimitExceededException" +// The request caused OpsItems to exceed one or more limits. For information +// about OpsItem limits, see What are the resource limits for OpsCenter? (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// +// * ErrCodeOpsItemInvalidParameterException "OpsItemInvalidParameterException" +// A specified parameter argument isn't valid. Verify the available arguments +// and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/CreateOpsItem +func (c *SSM) CreateOpsItem(input *CreateOpsItemInput) (*CreateOpsItemOutput, error) { + req, out := c.CreateOpsItemRequest(input) + return out, req.Send() +} + +// CreateOpsItemWithContext is the same as CreateOpsItem with the addition of +// the ability to pass a context and additional request options. +// +// See CreateOpsItem for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) CreateOpsItemWithContext(ctx aws.Context, input *CreateOpsItemInput, opts ...request.Option) (*CreateOpsItemOutput, error) { + req, out := c.CreateOpsItemRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreatePatchBaseline = "CreatePatchBaseline" // CreatePatchBaselineRequest generates a "aws/request.Request" representing the @@ -1214,12 +1304,9 @@ func (c *SSM) DeleteAssociationRequest(input *DeleteAssociationInput) (req *requ // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -1646,8 +1733,7 @@ func (c *SSM) DeleteParametersRequest(input *DeleteParametersInput) (req *reques // DeleteParameters API operation for Amazon Simple Systems Manager (SSM). // -// Delete a list of parameters. This API is used to delete parameters by using -// the Amazon EC2 console. +// Delete a list of parameters. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1913,12 +1999,9 @@ func (c *SSM) DeregisterManagedInstanceRequest(input *DeregisterManagedInstanceI // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -2257,9 +2340,9 @@ func (c *SSM) DescribeActivationsRequest(input *DescribeActivationsInput) (req * // DescribeActivations API operation for Amazon Simple Systems Manager (SSM). // -// Details about the activation, including: the date and time the activation -// was created, the expiration date, the IAM role assigned to the instances -// in the activation, and the number of instances activated by this registration. +// Describes details about the activation, such as the date and time the activation +// was created, its expiration date, the IAM role assigned to the instances +// in the activation, and the number of instances registered by using this activation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2428,12 +2511,9 @@ func (c *SSM) DescribeAssociationRequest(input *DescribeAssociationInput) (req * // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -2859,7 +2939,7 @@ func (c *SSM) DescribeAvailablePatchesRequest(input *DescribeAvailablePatchesInp // DescribeAvailablePatches API operation for Amazon Simple Systems Manager (SSM). // -// Lists all patches that could possibly be included in a patch baseline. +// Lists all patches eligible to be included in a patch baseline. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3129,12 +3209,9 @@ func (c *SSM) DescribeEffectiveInstanceAssociationsRequest(input *DescribeEffect // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -3323,12 +3400,9 @@ func (c *SSM) DescribeInstanceAssociationsStatusRequest(input *DescribeInstanceA // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -3435,12 +3509,9 @@ func (c *SSM) DescribeInstanceInformationRequest(input *DescribeInstanceInformat // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -3758,12 +3829,9 @@ func (c *SSM) DescribeInstancePatchesRequest(input *DescribeInstancePatchesInput // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -4554,6 +4622,94 @@ func (c *SSM) DescribeMaintenanceWindowsForTargetWithContext(ctx aws.Context, in return out, req.Send() } +const opDescribeOpsItems = "DescribeOpsItems" + +// DescribeOpsItemsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeOpsItems operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeOpsItems for more information on using the DescribeOpsItems +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the DescribeOpsItemsRequest method. +// req, resp := client.DescribeOpsItemsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeOpsItems +func (c *SSM) DescribeOpsItemsRequest(input *DescribeOpsItemsInput) (req *request.Request, output *DescribeOpsItemsOutput) { + op := &request.Operation{ + Name: opDescribeOpsItems, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeOpsItemsInput{} + } + + output = &DescribeOpsItemsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeOpsItems API operation for Amazon Simple Systems Manager (SSM). +// +// Query a set of OpsItems. You must have permission in AWS Identity and Access +// Management (IAM) to query a list of OpsItems. For more information, see Getting +// Started with OpsCenter (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// in the AWS Systems Manager User Guide. +// +// Operations engineers and IT professionals use OpsCenter to view, investigate, +// and remediate operational issues impacting the performance and health of +// their AWS resources. For more information, see AWS Systems Manager OpsCenter +// (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// in the AWS Systems Manager User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation DescribeOpsItems for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalServerError "InternalServerError" +// An error occurred on the server side. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeOpsItems +func (c *SSM) DescribeOpsItems(input *DescribeOpsItemsInput) (*DescribeOpsItemsOutput, error) { + req, out := c.DescribeOpsItemsRequest(input) + return out, req.Send() +} + +// DescribeOpsItemsWithContext is the same as DescribeOpsItems with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeOpsItems for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) DescribeOpsItemsWithContext(ctx aws.Context, input *DescribeOpsItemsInput, opts ...request.Option) (*DescribeOpsItemsOutput, error) { + req, out := c.DescribeOpsItemsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeParameters = "DescribeParameters" // DescribeParametersRequest generates a "aws/request.Request" representing the @@ -5298,12 +5454,9 @@ func (c *SSM) GetCommandInvocationRequest(input *GetCommandInvocationInput) (req // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -5993,8 +6146,7 @@ func (c *SSM) GetMaintenanceWindowExecutionRequest(input *GetMaintenanceWindowEx // GetMaintenanceWindowExecution API operation for Amazon Simple Systems Manager (SSM). // -// Retrieves details about a specific task run as part of a maintenance window -// execution. +// Retrieves details about a specific a maintenance window execution. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6167,8 +6319,7 @@ func (c *SSM) GetMaintenanceWindowExecutionTaskInvocationRequest(input *GetMaint // GetMaintenanceWindowExecutionTaskInvocation API operation for Amazon Simple Systems Manager (SSM). // -// Retrieves a task invocation. A task invocation is a specific task running -// on a specific target. maintenance windows report status for all invocations. +// Retrieves information about a specific task running on a specific target. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6296,6 +6447,190 @@ func (c *SSM) GetMaintenanceWindowTaskWithContext(ctx aws.Context, input *GetMai return out, req.Send() } +const opGetOpsItem = "GetOpsItem" + +// GetOpsItemRequest generates a "aws/request.Request" representing the +// client's request for the GetOpsItem operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetOpsItem for more information on using the GetOpsItem +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetOpsItemRequest method. +// req, resp := client.GetOpsItemRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetOpsItem +func (c *SSM) GetOpsItemRequest(input *GetOpsItemInput) (req *request.Request, output *GetOpsItemOutput) { + op := &request.Operation{ + Name: opGetOpsItem, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetOpsItemInput{} + } + + output = &GetOpsItemOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetOpsItem API operation for Amazon Simple Systems Manager (SSM). +// +// Get information about an OpsItem by using the ID. You must have permission +// in AWS Identity and Access Management (IAM) to view information about an +// OpsItem. For more information, see Getting Started with OpsCenter (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// in the AWS Systems Manager User Guide. +// +// Operations engineers and IT professionals use OpsCenter to view, investigate, +// and remediate operational issues impacting the performance and health of +// their AWS resources. For more information, see AWS Systems Manager OpsCenter +// (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// in the AWS Systems Manager User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation GetOpsItem for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalServerError "InternalServerError" +// An error occurred on the server side. +// +// * ErrCodeOpsItemNotFoundException "OpsItemNotFoundException" +// The specified OpsItem ID doesn't exist. Verify the ID and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetOpsItem +func (c *SSM) GetOpsItem(input *GetOpsItemInput) (*GetOpsItemOutput, error) { + req, out := c.GetOpsItemRequest(input) + return out, req.Send() +} + +// GetOpsItemWithContext is the same as GetOpsItem with the addition of +// the ability to pass a context and additional request options. +// +// See GetOpsItem for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) GetOpsItemWithContext(ctx aws.Context, input *GetOpsItemInput, opts ...request.Option) (*GetOpsItemOutput, error) { + req, out := c.GetOpsItemRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetOpsSummary = "GetOpsSummary" + +// GetOpsSummaryRequest generates a "aws/request.Request" representing the +// client's request for the GetOpsSummary operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetOpsSummary for more information on using the GetOpsSummary +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetOpsSummaryRequest method. +// req, resp := client.GetOpsSummaryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetOpsSummary +func (c *SSM) GetOpsSummaryRequest(input *GetOpsSummaryInput) (req *request.Request, output *GetOpsSummaryOutput) { + op := &request.Operation{ + Name: opGetOpsSummary, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetOpsSummaryInput{} + } + + output = &GetOpsSummaryOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetOpsSummary API operation for Amazon Simple Systems Manager (SSM). +// +// View a summary of OpsItems based on specified filters and aggregators. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation GetOpsSummary for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalServerError "InternalServerError" +// An error occurred on the server side. +// +// * ErrCodeInvalidFilter "InvalidFilter" +// The filter name is not valid. Verify the you entered the correct name and +// try again. +// +// * ErrCodeInvalidNextToken "InvalidNextToken" +// The specified token is not valid. +// +// * ErrCodeInvalidTypeNameException "InvalidTypeNameException" +// The parameter type name is not valid. +// +// * ErrCodeInvalidAggregatorException "InvalidAggregatorException" +// The specified aggregator is not valid for inventory groups. Verify that the +// aggregator uses a valid inventory type such as AWS:Application or AWS:InstanceInformation. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetOpsSummary +func (c *SSM) GetOpsSummary(input *GetOpsSummaryInput) (*GetOpsSummaryOutput, error) { + req, out := c.GetOpsSummaryRequest(input) + return out, req.Send() +} + +// GetOpsSummaryWithContext is the same as GetOpsSummary with the addition of +// the ability to pass a context and additional request options. +// +// See GetOpsSummary for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) GetOpsSummaryWithContext(ctx aws.Context, input *GetOpsSummaryInput, opts ...request.Option) (*GetOpsSummaryOutput, error) { + req, out := c.GetOpsSummaryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetParameter = "GetParameter" // GetParameterRequest generates a "aws/request.Request" representing the @@ -7461,12 +7796,9 @@ func (c *SSM) ListCommandInvocationsRequest(input *ListCommandInvocationsInput) // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -7619,12 +7951,9 @@ func (c *SSM) ListCommandsRequest(input *ListCommandsInput) (req *request.Reques // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -8180,12 +8509,9 @@ func (c *SSM) ListInventoryEntriesRequest(input *ListInventoryEntriesInput) (req // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -8562,7 +8888,7 @@ func (c *SSM) ModifyDocumentPermissionRequest(input *ModifyDocumentPermissionInp // documents. If you need to increase this limit, contact AWS Support. // // * ErrCodeDocumentLimitExceeded "DocumentLimitExceeded" -// You can have at most 200 active Systems Manager documents. +// You can have at most 500 active Systems Manager documents. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/ModifyDocumentPermission func (c *SSM) ModifyDocumentPermission(input *ModifyDocumentPermissionInput) (*ModifyDocumentPermissionOutput, error) { @@ -8792,12 +9118,9 @@ func (c *SSM) PutInventoryRequest(input *PutInventoryInput) (req *request.Reques // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -9035,7 +9358,12 @@ func (c *SSM) RegisterDefaultPatchBaselineRequest(input *RegisterDefaultPatchBas // RegisterDefaultPatchBaseline API operation for Amazon Simple Systems Manager (SSM). // -// Defines the default patch baseline. +// Defines the default patch baseline for the relevant operating system. +// +// To reset the AWS predefined patch baseline as the default, specify the full +// patch baseline ARN as the baseline ID value. For example, for CentOS, specify +// arn:aws:ssm:us-east-2:733109147000:patchbaseline/pb-0574b43a65ea646ed instead +// of pb-0574b43a65ea646ed. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9352,7 +9680,7 @@ func (c *SSM) RegisterTaskWithMaintenanceWindowRequest(input *RegisterTaskWithMa // Manager Limits (http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_ssm). // // * ErrCodeFeatureNotAvailableException "FeatureNotAvailableException" -// You attempted to register a LAMBDA or STEP_FUNCTION task in a region where +// You attempted to register a LAMBDA or STEP_FUNCTIONS task in a region where // the corresponding service is not available. // // * ErrCodeInternalServerError "InternalServerError" @@ -9425,7 +9753,7 @@ func (c *SSM) RemoveTagsFromResourceRequest(input *RemoveTagsFromResourceInput) // RemoveTagsFromResource API operation for Amazon Simple Systems Manager (SSM). // -// Removes all tags from the specified resource. +// Removes tag keys from the specified resource. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9821,12 +10149,9 @@ func (c *SSM) SendCommandRequest(input *SendCommandInput) (req *request.Request, // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -10388,6 +10713,13 @@ func (c *SSM) UpdateAssociationRequest(input *UpdateAssociationInput) (req *requ // Updates an association. You can update the association name and version, // the document version, schedule, parameters, and Amazon S3 output. // +// In order to call this API action, your IAM user account, group, or role must +// be configured with permission to call the DescribeAssociation API action. +// If you don't have permission to call DescribeAssociation, then you receive +// the following error: An error occurred (AccessDeniedException) when calling +// the UpdateAssociation operation: User: <user_arn> is not authorized to perform: +// ssm:DescribeAssociation on resource: <resource_arn> +// // When you update an association, the association immediately runs against // the specified targets. // @@ -10527,12 +10859,9 @@ func (c *SSM) UpdateAssociationStatusRequest(input *UpdateAssociationStatusInput // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -10616,7 +10945,7 @@ func (c *SSM) UpdateDocumentRequest(input *UpdateDocumentInput) (req *request.Re // UpdateDocument API operation for Amazon Simple Systems Manager (SSM). // -// The document you want to update. +// Updates one or more values for an SSM document. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10900,21 +11229,22 @@ func (c *SSM) UpdateMaintenanceWindowTargetRequest(input *UpdateMaintenanceWindo // UpdateMaintenanceWindowTarget API operation for Amazon Simple Systems Manager (SSM). // -// Modifies the target of an existing maintenance window. You can't change the -// target type, but you can change the following: +// Modifies the target of an existing maintenance window. You can change the +// following: // -// The target from being an ID target to a Tag target, or a Tag target to an -// ID target. +// * Name // -// IDs for an ID target. +// * Description // -// Tags for a Tag target. +// * Owner // -// Owner. +// * IDs for an ID target // -// Name. +// * Tags for a Tag target // -// Description. +// * From any supported tag type to another. The three supported tag types +// are ID target, Tag target, and resource group. For more information, see +// Target. // // If a parameter is null, then the corresponding field is not modified. // @@ -11108,7 +11438,7 @@ func (c *SSM) UpdateManagedInstanceRoleRequest(input *UpdateManagedInstanceRoleI // UpdateManagedInstanceRole API operation for Amazon Simple Systems Manager (SSM). // -// Assigns or changes an Amazon Identity and Access Management (IAM) role to +// Assigns or changes an Amazon Identity and Access Management (IAM) role for // the managed instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -11124,12 +11454,9 @@ func (c *SSM) UpdateManagedInstanceRoleRequest(input *UpdateManagedInstanceRoleI // // You do not have permission to access the instance. // -// SSM Agent is not running. On managed instances and Linux instances, verify -// that the SSM Agent is running. On EC2 Windows instances, verify that the -// EC2Config service is running. +// SSM Agent is not running. Verify that SSM Agent is running. // -// SSM Agent or EC2Config service is not registered to the SSM endpoint. Try -// reinstalling SSM Agent or EC2Config service. +// SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -11159,6 +11486,109 @@ func (c *SSM) UpdateManagedInstanceRoleWithContext(ctx aws.Context, input *Updat return out, req.Send() } +const opUpdateOpsItem = "UpdateOpsItem" + +// UpdateOpsItemRequest generates a "aws/request.Request" representing the +// client's request for the UpdateOpsItem operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateOpsItem for more information on using the UpdateOpsItem +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the UpdateOpsItemRequest method. +// req, resp := client.UpdateOpsItemRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateOpsItem +func (c *SSM) UpdateOpsItemRequest(input *UpdateOpsItemInput) (req *request.Request, output *UpdateOpsItemOutput) { + op := &request.Operation{ + Name: opUpdateOpsItem, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateOpsItemInput{} + } + + output = &UpdateOpsItemOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateOpsItem API operation for Amazon Simple Systems Manager (SSM). +// +// Edit or change an OpsItem. You must have permission in AWS Identity and Access +// Management (IAM) to update an OpsItem. For more information, see Getting +// Started with OpsCenter (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// in the AWS Systems Manager User Guide. +// +// Operations engineers and IT professionals use OpsCenter to view, investigate, +// and remediate operational issues impacting the performance and health of +// their AWS resources. For more information, see AWS Systems Manager OpsCenter +// (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// in the AWS Systems Manager User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation UpdateOpsItem for usage and error information. +// +// Returned Error Codes: +// * ErrCodeInternalServerError "InternalServerError" +// An error occurred on the server side. +// +// * ErrCodeOpsItemNotFoundException "OpsItemNotFoundException" +// The specified OpsItem ID doesn't exist. Verify the ID and try again. +// +// * ErrCodeOpsItemAlreadyExistsException "OpsItemAlreadyExistsException" +// The OpsItem already exists. +// +// * ErrCodeOpsItemLimitExceededException "OpsItemLimitExceededException" +// The request caused OpsItems to exceed one or more limits. For information +// about OpsItem limits, see What are the resource limits for OpsCenter? (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// +// * ErrCodeOpsItemInvalidParameterException "OpsItemInvalidParameterException" +// A specified parameter argument isn't valid. Verify the available arguments +// and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateOpsItem +func (c *SSM) UpdateOpsItem(input *UpdateOpsItemInput) (*UpdateOpsItemOutput, error) { + req, out := c.UpdateOpsItemRequest(input) + return out, req.Send() +} + +// UpdateOpsItemWithContext is the same as UpdateOpsItem with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateOpsItem for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) UpdateOpsItemWithContext(ctx aws.Context, input *UpdateOpsItemInput, opts ...request.Option) (*UpdateOpsItemOutput, error) { + req, out := c.UpdateOpsItemRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUpdatePatchBaseline = "UpdatePatchBaseline" // UpdatePatchBaselineRequest generates a "aws/request.Request" representing the @@ -15001,6 +15431,12 @@ type CreateAssociationInput struct { DocumentVersion *string `type:"string"` // The instance ID. + // + // InstanceId has been deprecated. To specify an instance ID for an association, + // use the Targets parameter. If you use the parameter InstanceId, you cannot + // use the parameters AssociationName, DocumentVersion, MaxErrors, MaxConcurrency, + // OutputLocation, or ScheduleExpression. To use these parameters, you must + // use the Targets parameter. InstanceId *string `type:"string"` // The maximum number of targets allowed to run the association at the same @@ -15060,7 +15496,8 @@ type CreateAssociationInput struct { // A cron expression when the association will be applied to the target(s). ScheduleExpression *string `min:"1" type:"string"` - // The targets (either instances or tags) for the association. + // The targets (either instances or tags) for the association. You must specify + // a value for Targets if you don't specify a value for InstanceId. Targets []*Target `type:"list"` } @@ -15615,6 +16052,205 @@ func (s *CreateMaintenanceWindowOutput) SetWindowId(v string) *CreateMaintenance return s } +type CreateOpsItemInput struct { + _ struct{} `type:"structure"` + + // Information about the OpsItem. + // + // Description is a required field + Description *string `min:"1" type:"string" required:"true"` + + // The Amazon Resource Name (ARN) of an SNS topic where notifications are sent + // when this OpsItem is edited or changed. + Notifications []*OpsItemNotification `type:"list"` + + // Operational data is custom data that provides useful reference details about + // the OpsItem. For example, you can specify log files, error strings, license + // keys, troubleshooting tips, or other relevant data. You enter operational + // data as key-value pairs. The key has a maximum length of 128 characters. + // The value has a maximum size of 20 KB. + // + // Operational data keys can't begin with the following: amazon, aws, amzn, + // ssm, /amazon, /aws, /amzn, /ssm. + // + // You can choose to make the data searchable by other users in the account + // or you can restrict search access. Searchable data means that all users with + // access to the OpsItem Overview page (as provided by the DescribeOpsItems + // API action) can view and search on the specified data. Operational data that + // is not searchable is only viewable by users who have access to the OpsItem + // (as provided by the GetOpsItem API action). + // + // Use the /aws/resources key in OperationalData to specify a related resource + // in the request. Use the /aws/automations key in OperationalData to associate + // an Automation runbook with the OpsItem. To view AWS CLI example commands + // that use these keys, see Creating OpsItems Manually (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // in the AWS Systems Manager User Guide. + OperationalData map[string]*OpsItemDataValue `type:"map"` + + // The importance of this OpsItem in relation to other OpsItems in the system. + Priority *int64 `min:"1" type:"integer"` + + // One or more OpsItems that share something in common with the current OpsItems. + // For example, related OpsItems can include OpsItems with similar error messages, + // impacted resources, or statuses for the impacted resource. + RelatedOpsItems []*RelatedOpsItem `type:"list"` + + // The origin of the OpsItem, such as Amazon EC2 or AWS Systems Manager. + // + // Source is a required field + Source *string `min:"1" type:"string" required:"true"` + + // Optional metadata that you assign to a resource. You can restrict access + // to OpsItems by using an inline IAM policy that specifies tags. For more information, + // see Getting Started with OpsCenter (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html#OpsCenter-getting-started-user-permissions) + // in the AWS Systems Manager User Guide. + // + // Tags use a key-value pair. For example: + // + // Key=Department,Value=Finance + // + // To add tags to an existing OpsItem, use the AddTagsToResource action. + Tags []*Tag `type:"list"` + + // A short heading that describes the nature of the OpsItem and the impacted + // resource. + // + // Title is a required field + Title *string `min:"1" type:"string" required:"true"` +} + +// String returns the string representation +func (s CreateOpsItemInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateOpsItemInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateOpsItemInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateOpsItemInput"} + if s.Description == nil { + invalidParams.Add(request.NewErrParamRequired("Description")) + } + if s.Description != nil && len(*s.Description) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Description", 1)) + } + if s.Priority != nil && *s.Priority < 1 { + invalidParams.Add(request.NewErrParamMinValue("Priority", 1)) + } + if s.Source == nil { + invalidParams.Add(request.NewErrParamRequired("Source")) + } + if s.Source != nil && len(*s.Source) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Source", 1)) + } + if s.Title == nil { + invalidParams.Add(request.NewErrParamRequired("Title")) + } + if s.Title != nil && len(*s.Title) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Title", 1)) + } + if s.RelatedOpsItems != nil { + for i, v := range s.RelatedOpsItems { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RelatedOpsItems", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Tags != nil { + for i, v := range s.Tags { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *CreateOpsItemInput) SetDescription(v string) *CreateOpsItemInput { + s.Description = &v + return s +} + +// SetNotifications sets the Notifications field's value. +func (s *CreateOpsItemInput) SetNotifications(v []*OpsItemNotification) *CreateOpsItemInput { + s.Notifications = v + return s +} + +// SetOperationalData sets the OperationalData field's value. +func (s *CreateOpsItemInput) SetOperationalData(v map[string]*OpsItemDataValue) *CreateOpsItemInput { + s.OperationalData = v + return s +} + +// SetPriority sets the Priority field's value. +func (s *CreateOpsItemInput) SetPriority(v int64) *CreateOpsItemInput { + s.Priority = &v + return s +} + +// SetRelatedOpsItems sets the RelatedOpsItems field's value. +func (s *CreateOpsItemInput) SetRelatedOpsItems(v []*RelatedOpsItem) *CreateOpsItemInput { + s.RelatedOpsItems = v + return s +} + +// SetSource sets the Source field's value. +func (s *CreateOpsItemInput) SetSource(v string) *CreateOpsItemInput { + s.Source = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateOpsItemInput) SetTags(v []*Tag) *CreateOpsItemInput { + s.Tags = v + return s +} + +// SetTitle sets the Title field's value. +func (s *CreateOpsItemInput) SetTitle(v string) *CreateOpsItemInput { + s.Title = &v + return s +} + +type CreateOpsItemOutput struct { + _ struct{} `type:"structure"` + + // The ID of the OpsItem. + OpsItemId *string `type:"string"` +} + +// String returns the string representation +func (s CreateOpsItemOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s CreateOpsItemOutput) GoString() string { + return s.String() +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *CreateOpsItemOutput) SetOpsItemId(v string) *CreateOpsItemOutput { + s.OpsItemId = &v + return s +} + type CreatePatchBaselineInput struct { _ struct{} `type:"structure"` @@ -16045,10 +16681,18 @@ func (s DeleteAssociationOutput) GoString() string { type DeleteDocumentInput struct { _ struct{} `type:"structure"` + // The version of the document that you want to delete. If not provided, all + // versions of the document are deleted. + DocumentVersion *string `type:"string"` + // The name of the document. // // Name is a required field Name *string `type:"string" required:"true"` + + // The version name of the document that you want to delete. If not provided, + // all versions of the document are deleted. + VersionName *string `type:"string"` } // String returns the string representation @@ -16074,12 +16718,24 @@ func (s *DeleteDocumentInput) Validate() error { return nil } +// SetDocumentVersion sets the DocumentVersion field's value. +func (s *DeleteDocumentInput) SetDocumentVersion(v string) *DeleteDocumentInput { + s.DocumentVersion = &v + return s +} + // SetName sets the Name field's value. func (s *DeleteDocumentInput) SetName(v string) *DeleteDocumentInput { s.Name = &v return s } +// SetVersionName sets the VersionName field's value. +func (s *DeleteDocumentInput) SetVersionName(v string) *DeleteDocumentInput { + s.VersionName = &v + return s +} + type DeleteDocumentOutput struct { _ struct{} `type:"structure"` } @@ -18452,11 +19108,9 @@ func (s *DescribeInstancePatchStatesOutput) SetNextToken(v string) *DescribeInst type DescribeInstancePatchesInput struct { _ struct{} `type:"structure"` - // Each entry in the array is a structure containing: - // - // Key (string, between 1 and 128 characters) - // - // Values (array of strings, each string between 1 and 256 characters) + // An array of structures. Each entry in the array is a structure containing + // a Key, Value combination. Valid values for Key are Classification | KBId + // | Severity | State. Filters []*PatchOrchestratorFilter `type:"list"` // The ID of the instance whose patch state information should be retrieved. @@ -19652,6 +20306,134 @@ func (s *DescribeMaintenanceWindowsOutput) SetWindowIdentities(v []*MaintenanceW return s } +type DescribeOpsItemsInput struct { + _ struct{} `type:"structure"` + + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + MaxResults *int64 `min:"1" type:"integer"` + + // A token to start the list. Use this token to get the next set of results. + NextToken *string `type:"string"` + + // One or more filters to limit the reponse. + // + // * Key: CreatedTime Operations: GreaterThan, LessThan + // + // * Key: LastModifiedBy Operations: Contains, Equals + // + // * Key: LastModifiedTime Operations: GreaterThan, LessThan + // + // * Key: Priority Operations: Equals + // + // * Key: Source Operations: Contains, Equals + // + // * Key: Status Operations: Equals + // + // * Key: Title Operations: Contains + // + // * Key: OperationalData* Operations: Equals + // + // * Key: OperationalDataKey Operations: Equals + // + // * Key: OperationalDataValue Operations: Equals, Contains + // + // * Key: OpsItemId Operations: Equals + // + // * Key: ResourceId Operations: Contains + // + // * Key: AutomationId Operations: Equals + // + // *If you filter the response by using the OperationalData operator, specify + // a key-value pair by using the following JSON format: {"key":"key_name","value":"a_value"} + OpsItemFilters []*OpsItemFilter `type:"list"` +} + +// String returns the string representation +func (s DescribeOpsItemsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOpsItemsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeOpsItemsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeOpsItemsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.OpsItemFilters != nil { + for i, v := range s.OpsItemFilters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "OpsItemFilters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeOpsItemsInput) SetMaxResults(v int64) *DescribeOpsItemsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOpsItemsInput) SetNextToken(v string) *DescribeOpsItemsInput { + s.NextToken = &v + return s +} + +// SetOpsItemFilters sets the OpsItemFilters field's value. +func (s *DescribeOpsItemsInput) SetOpsItemFilters(v []*OpsItemFilter) *DescribeOpsItemsInput { + s.OpsItemFilters = v + return s +} + +type DescribeOpsItemsOutput struct { + _ struct{} `type:"structure"` + + // The token for the next set of items to return. Use this token to get the + // next set of results. + NextToken *string `type:"string"` + + // A list of OpsItems. + OpsItemSummaries []*OpsItemSummary `type:"list"` +} + +// String returns the string representation +func (s DescribeOpsItemsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s DescribeOpsItemsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeOpsItemsOutput) SetNextToken(v string) *DescribeOpsItemsOutput { + s.NextToken = &v + return s +} + +// SetOpsItemSummaries sets the OpsItemSummaries field's value. +func (s *DescribeOpsItemsOutput) SetOpsItemSummaries(v []*OpsItemSummary) *DescribeOpsItemsOutput { + s.OpsItemSummaries = v + return s +} + type DescribeParametersInput struct { _ struct{} `type:"structure"` @@ -22429,7 +23211,7 @@ type GetMaintenanceWindowExecutionTaskInvocationOutput struct { TaskExecutionId *string `min:"36" type:"string"` // Retrieves the task type for a maintenance window. Task types include the - // following: LAMBDA, STEP_FUNCTION, AUTOMATION, RUN_COMMAND. + // following: LAMBDA, STEP_FUNCTIONS, AUTOMATION, RUN_COMMAND. TaskType *string `type:"string" enum:"MaintenanceWindowTaskType"` // The maintenance window execution ID. @@ -22950,8 +23732,8 @@ type GetMaintenanceWindowTaskOutput struct { // The resource that the task used during execution. For RUN_COMMAND and AUTOMATION // task types, the TaskArn is the Systems Manager Document name/ARN. For LAMBDA - // tasks, the value is the function name/ARN. For STEP_FUNCTION tasks, the value - // is the state machine ARN. + // tasks, the value is the function name/ARN. For STEP_FUNCTIONS tasks, the + // value is the state machine ARN. TaskArn *string `min:"1" type:"string"` // The parameters to pass to the task when it runs. @@ -23069,6 +23851,197 @@ func (s *GetMaintenanceWindowTaskOutput) SetWindowTaskId(v string) *GetMaintenan return s } +type GetOpsItemInput struct { + _ struct{} `type:"structure"` + + // The ID of the OpsItem that you want to get. + // + // OpsItemId is a required field + OpsItemId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s GetOpsItemInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetOpsItemInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetOpsItemInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetOpsItemInput"} + if s.OpsItemId == nil { + invalidParams.Add(request.NewErrParamRequired("OpsItemId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *GetOpsItemInput) SetOpsItemId(v string) *GetOpsItemInput { + s.OpsItemId = &v + return s +} + +type GetOpsItemOutput struct { + _ struct{} `type:"structure"` + + // The OpsItem. + OpsItem *OpsItem `type:"structure"` +} + +// String returns the string representation +func (s GetOpsItemOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetOpsItemOutput) GoString() string { + return s.String() +} + +// SetOpsItem sets the OpsItem field's value. +func (s *GetOpsItemOutput) SetOpsItem(v *OpsItem) *GetOpsItemOutput { + s.OpsItem = v + return s +} + +type GetOpsSummaryInput struct { + _ struct{} `type:"structure"` + + // Optional aggregators that return counts of OpsItems based on one or more + // expressions. + // + // Aggregators is a required field + Aggregators []*OpsAggregator `min:"1" type:"list" required:"true"` + + // Optional filters used to scope down the returned OpsItems. + Filters []*OpsFilter `min:"1" type:"list"` + + // The maximum number of items to return for this call. The call also returns + // a token that you can specify in a subsequent call to get the next set of + // results. + MaxResults *int64 `min:"1" type:"integer"` + + // A token to start the list. Use this token to get the next set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetOpsSummaryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetOpsSummaryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetOpsSummaryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetOpsSummaryInput"} + if s.Aggregators == nil { + invalidParams.Add(request.NewErrParamRequired("Aggregators")) + } + if s.Aggregators != nil && len(s.Aggregators) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Aggregators", 1)) + } + if s.Filters != nil && len(s.Filters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Filters", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.Aggregators != nil { + for i, v := range s.Aggregators { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Aggregators", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregators sets the Aggregators field's value. +func (s *GetOpsSummaryInput) SetAggregators(v []*OpsAggregator) *GetOpsSummaryInput { + s.Aggregators = v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetOpsSummaryInput) SetFilters(v []*OpsFilter) *GetOpsSummaryInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetOpsSummaryInput) SetMaxResults(v int64) *GetOpsSummaryInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetOpsSummaryInput) SetNextToken(v string) *GetOpsSummaryInput { + s.NextToken = &v + return s +} + +type GetOpsSummaryOutput struct { + _ struct{} `type:"structure"` + + // The list of aggregated and filtered OpsItems. + Entities []*OpsEntity `type:"list"` + + // The token for the next set of items to return. Use this token to get the + // next set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation +func (s GetOpsSummaryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetOpsSummaryOutput) GoString() string { + return s.String() +} + +// SetEntities sets the Entities field's value. +func (s *GetOpsSummaryOutput) SetEntities(v []*OpsEntity) *GetOpsSummaryOutput { + s.Entities = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetOpsSummaryOutput) SetNextToken(v string) *GetOpsSummaryOutput { + s.NextToken = &v + return s +} + type GetParameterHistoryInput struct { _ struct{} `type:"structure"` @@ -24135,10 +25108,10 @@ type InstanceInformation struct { // The instance ID. InstanceId *string `type:"string"` - // Indicates whether latest version of SSM Agent is running on your instance. - // Some older versions of Windows Server use the EC2Config service to process - // SSM requests. For this reason, this field does not indicate whether or not - // the latest version is installed on Windows managed instances. + // Indicates whether the latest version of SSM Agent is running on your Linux + // Managed Instance. This field does not indicate whether or not the latest + // version is installed on Windows managed instances, because some older versions + // of Windows Server use the EC2Config service to process SSM requests. IsLatestVersion *bool `type:"boolean"` // The date the association was last run. @@ -25409,7 +26382,7 @@ type LabelParameterVersionInput struct { // The specific version of the parameter on which you want to attach one or // more labels. If no version is specified, the system attaches the label to - // the latest version.) + // the latest version. ParameterVersion *int64 `type:"long"` } @@ -25470,6 +26443,9 @@ type LabelParameterVersionOutput struct { // label requirements, see Labeling Parameters (http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html) // in the AWS Systems Manager User Guide. InvalidLabels []*string `min:"1" type:"list"` + + // The version of the parameter that has been labeled. + ParameterVersion *int64 `type:"long"` } // String returns the string representation @@ -25488,6 +26464,12 @@ func (s *LabelParameterVersionOutput) SetInvalidLabels(v []*string) *LabelParame return s } +// SetParameterVersion sets the ParameterVersion field's value. +func (s *LabelParameterVersionOutput) SetParameterVersion(v int64) *LabelParameterVersionOutput { + s.ParameterVersion = &v + return s +} + type ListAssociationVersionsInput struct { _ struct{} `type:"structure"` @@ -27650,7 +28632,7 @@ func (s *MaintenanceWindowRunCommandParameters) SetTimeoutSeconds(v int64) *Main return s } -// The parameters for a STEP_FUNCTION task. +// The parameters for a STEP_FUNCTIONS task. // // For information about specifying and updating task parameters, see RegisterTaskWithMaintenanceWindow // and UpdateMaintenanceWindowTask. @@ -27670,10 +28652,10 @@ func (s *MaintenanceWindowRunCommandParameters) SetTimeoutSeconds(v int64) *Main type MaintenanceWindowStepFunctionsParameters struct { _ struct{} `type:"structure"` - // The inputs for the STEP_FUNCTION task. + // The inputs for the STEP_FUNCTIONS task. Input *string `type:"string" sensitive:"true"` - // The name of the STEP_FUNCTION task. + // The name of the STEP_FUNCTIONS task. Name *string `min:"1" type:"string"` } @@ -27838,8 +28820,8 @@ type MaintenanceWindowTask struct { // The resource that the task uses during execution. For RUN_COMMAND and AUTOMATION // task types, TaskArn is the Systems Manager document name or ARN. For LAMBDA - // tasks, it's the function name or ARN. For STEP_FUNCTION tasks, it's the state - // machine ARN. + // tasks, it's the function name or ARN. For STEP_FUNCTIONS tasks, it's the + // state machine ARN. TaskArn *string `min:"1" type:"string"` // The parameters that should be passed to the task when it is run. @@ -27851,7 +28833,7 @@ type MaintenanceWindowTask struct { TaskParameters map[string]*MaintenanceWindowTaskParameterValueExpression `type:"map" sensitive:"true"` // The type of task. The type can be one of the following: RUN_COMMAND, AUTOMATION, - // LAMBDA, or STEP_FUNCTION. + // LAMBDA, or STEP_FUNCTIONS. Type *string `type:"string" enum:"MaintenanceWindowTaskType"` // The ID of the maintenance window where the task is registered. @@ -27962,7 +28944,7 @@ type MaintenanceWindowTaskInvocationParameters struct { // The parameters for a RUN_COMMAND task type. RunCommand *MaintenanceWindowRunCommandParameters `type:"structure"` - // The parameters for a STEP_FUNCTION task type. + // The parameters for a STEP_FUNCTIONS task type. StepFunctions *MaintenanceWindowStepFunctionsParameters `type:"structure"` } @@ -28227,6 +29209,649 @@ func (s *NotificationConfig) SetNotificationType(v string) *NotificationConfig { return s } +// One or more aggregators for viewing counts of OpsItems using different dimensions +// such as Source, CreatedTime, or Source and CreatedTime, to name a few. +type OpsAggregator struct { + _ struct{} `type:"structure"` + + // Either a Range or Count aggregator for limiting an OpsItem summary. + AggregatorType *string `min:"1" type:"string"` + + // A nested aggregator for viewing counts of OpsItems. + Aggregators []*OpsAggregator `min:"1" type:"list"` + + // The name of an OpsItem attribute on which to limit the count of OpsItems. + AttributeName *string `type:"string"` + + // The aggregator filters. + Filters []*OpsFilter `min:"1" type:"list"` + + // The data type name to use for viewing counts of OpsItems. + TypeName *string `min:"1" type:"string"` + + // The aggregator value. + Values map[string]*string `type:"map"` +} + +// String returns the string representation +func (s OpsAggregator) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsAggregator) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *OpsAggregator) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "OpsAggregator"} + if s.AggregatorType != nil && len(*s.AggregatorType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AggregatorType", 1)) + } + if s.Aggregators != nil && len(s.Aggregators) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Aggregators", 1)) + } + if s.Filters != nil && len(s.Filters) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Filters", 1)) + } + if s.TypeName != nil && len(*s.TypeName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TypeName", 1)) + } + if s.Aggregators != nil { + for i, v := range s.Aggregators { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Aggregators", i), err.(request.ErrInvalidParams)) + } + } + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregatorType sets the AggregatorType field's value. +func (s *OpsAggregator) SetAggregatorType(v string) *OpsAggregator { + s.AggregatorType = &v + return s +} + +// SetAggregators sets the Aggregators field's value. +func (s *OpsAggregator) SetAggregators(v []*OpsAggregator) *OpsAggregator { + s.Aggregators = v + return s +} + +// SetAttributeName sets the AttributeName field's value. +func (s *OpsAggregator) SetAttributeName(v string) *OpsAggregator { + s.AttributeName = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *OpsAggregator) SetFilters(v []*OpsFilter) *OpsAggregator { + s.Filters = v + return s +} + +// SetTypeName sets the TypeName field's value. +func (s *OpsAggregator) SetTypeName(v string) *OpsAggregator { + s.TypeName = &v + return s +} + +// SetValues sets the Values field's value. +func (s *OpsAggregator) SetValues(v map[string]*string) *OpsAggregator { + s.Values = v + return s +} + +// The result of the query. +type OpsEntity struct { + _ struct{} `type:"structure"` + + // The data returned by the query. + Data map[string]*OpsEntityItem `type:"map"` + + // The query ID. + Id *string `type:"string"` +} + +// String returns the string representation +func (s OpsEntity) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsEntity) GoString() string { + return s.String() +} + +// SetData sets the Data field's value. +func (s *OpsEntity) SetData(v map[string]*OpsEntityItem) *OpsEntity { + s.Data = v + return s +} + +// SetId sets the Id field's value. +func (s *OpsEntity) SetId(v string) *OpsEntity { + s.Id = &v + return s +} + +// The OpsItem summaries result item. +type OpsEntityItem struct { + _ struct{} `type:"structure"` + + // The detailed data content for an OpsItem summaries result item. + Content []map[string]*string `type:"list"` +} + +// String returns the string representation +func (s OpsEntityItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsEntityItem) GoString() string { + return s.String() +} + +// SetContent sets the Content field's value. +func (s *OpsEntityItem) SetContent(v []map[string]*string) *OpsEntityItem { + s.Content = v + return s +} + +// A filter for viewing OpsItem summaries. +type OpsFilter struct { + _ struct{} `type:"structure"` + + // The name of the filter. + // + // Key is a required field + Key *string `min:"1" type:"string" required:"true"` + + // The type of filter. + Type *string `type:"string" enum:"OpsFilterOperatorType"` + + // The filter value. + // + // Values is a required field + Values []*string `min:"1" type:"list" required:"true"` +} + +// String returns the string representation +func (s OpsFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsFilter) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *OpsFilter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "OpsFilter"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Key != nil && len(*s.Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Key", 1)) + } + if s.Values == nil { + invalidParams.Add(request.NewErrParamRequired("Values")) + } + if s.Values != nil && len(s.Values) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Values", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *OpsFilter) SetKey(v string) *OpsFilter { + s.Key = &v + return s +} + +// SetType sets the Type field's value. +func (s *OpsFilter) SetType(v string) *OpsFilter { + s.Type = &v + return s +} + +// SetValues sets the Values field's value. +func (s *OpsFilter) SetValues(v []*string) *OpsFilter { + s.Values = v + return s +} + +// Operations engineers and IT professionals use OpsCenter to view, investigate, +// and remediate operational issues impacting the performance and health of +// their AWS resources. For more information, see AWS Systems Manager OpsCenter +// (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// in the AWS Systems Manager User Guide. +type OpsItem struct { + _ struct{} `type:"structure"` + + // The ARN of the AWS account that created the OpsItem. + CreatedBy *string `type:"string"` + + // The date and time the OpsItem was created. + CreatedTime *time.Time `type:"timestamp"` + + // The OpsItem description. + Description *string `min:"1" type:"string"` + + // The ARN of the AWS account that last updated the OpsItem. + LastModifiedBy *string `type:"string"` + + // The date and time the OpsItem was last updated. + LastModifiedTime *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) of an SNS topic where notifications are sent + // when this OpsItem is edited or changed. + Notifications []*OpsItemNotification `type:"list"` + + // Operational data is custom data that provides useful reference details about + // the OpsItem. For example, you can specify log files, error strings, license + // keys, troubleshooting tips, or other relevant data. You enter operational + // data as key-value pairs. The key has a maximum length of 128 characters. + // The value has a maximum size of 20 KB. + // + // Operational data keys can't begin with the following: amazon, aws, amzn, + // ssm, /amazon, /aws, /amzn, /ssm. + // + // You can choose to make the data searchable by other users in the account + // or you can restrict search access. Searchable data means that all users with + // access to the OpsItem Overview page (as provided by the DescribeOpsItems + // API action) can view and search on the specified data. Operational data that + // is not searchable is only viewable by users who have access to the OpsItem + // (as provided by the GetOpsItem API action). + // + // Use the /aws/resources key in OperationalData to specify a related resource + // in the request. Use the /aws/automations key in OperationalData to associate + // an Automation runbook with the OpsItem. To view AWS CLI example commands + // that use these keys, see Creating OpsItems Manually (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // in the AWS Systems Manager User Guide. + OperationalData map[string]*OpsItemDataValue `type:"map"` + + // The ID of the OpsItem. + OpsItemId *string `type:"string"` + + // The importance of this OpsItem in relation to other OpsItems in the system. + Priority *int64 `min:"1" type:"integer"` + + // One or more OpsItems that share something in common with the current OpsItem. + // For example, related OpsItems can include OpsItems with similar error messages, + // impacted resources, or statuses for the impacted resource. + RelatedOpsItems []*RelatedOpsItem `type:"list"` + + // The origin of the OpsItem, such as Amazon EC2 or AWS Systems Manager. The + // impacted resource is a subset of source. + Source *string `min:"1" type:"string"` + + // The OpsItem status. Status can be Open, In Progress, or Resolved. For more + // information, see Editing OpsItem Details (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-working-with-OpsItems-editing-details.html) + // in the AWS Systems Manager User Guide. + Status *string `type:"string" enum:"OpsItemStatus"` + + // A short heading that describes the nature of the OpsItem and the impacted + // resource. + Title *string `min:"1" type:"string"` + + // The version of this OpsItem. Each time the OpsItem is edited the version + // number increments by one. + Version *string `type:"string"` +} + +// String returns the string representation +func (s OpsItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItem) GoString() string { + return s.String() +} + +// SetCreatedBy sets the CreatedBy field's value. +func (s *OpsItem) SetCreatedBy(v string) *OpsItem { + s.CreatedBy = &v + return s +} + +// SetCreatedTime sets the CreatedTime field's value. +func (s *OpsItem) SetCreatedTime(v time.Time) *OpsItem { + s.CreatedTime = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *OpsItem) SetDescription(v string) *OpsItem { + s.Description = &v + return s +} + +// SetLastModifiedBy sets the LastModifiedBy field's value. +func (s *OpsItem) SetLastModifiedBy(v string) *OpsItem { + s.LastModifiedBy = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *OpsItem) SetLastModifiedTime(v time.Time) *OpsItem { + s.LastModifiedTime = &v + return s +} + +// SetNotifications sets the Notifications field's value. +func (s *OpsItem) SetNotifications(v []*OpsItemNotification) *OpsItem { + s.Notifications = v + return s +} + +// SetOperationalData sets the OperationalData field's value. +func (s *OpsItem) SetOperationalData(v map[string]*OpsItemDataValue) *OpsItem { + s.OperationalData = v + return s +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *OpsItem) SetOpsItemId(v string) *OpsItem { + s.OpsItemId = &v + return s +} + +// SetPriority sets the Priority field's value. +func (s *OpsItem) SetPriority(v int64) *OpsItem { + s.Priority = &v + return s +} + +// SetRelatedOpsItems sets the RelatedOpsItems field's value. +func (s *OpsItem) SetRelatedOpsItems(v []*RelatedOpsItem) *OpsItem { + s.RelatedOpsItems = v + return s +} + +// SetSource sets the Source field's value. +func (s *OpsItem) SetSource(v string) *OpsItem { + s.Source = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *OpsItem) SetStatus(v string) *OpsItem { + s.Status = &v + return s +} + +// SetTitle sets the Title field's value. +func (s *OpsItem) SetTitle(v string) *OpsItem { + s.Title = &v + return s +} + +// SetVersion sets the Version field's value. +func (s *OpsItem) SetVersion(v string) *OpsItem { + s.Version = &v + return s +} + +// An object that defines the value of the key and its type in the OperationalData +// map. +type OpsItemDataValue struct { + _ struct{} `type:"structure"` + + // The type of key-value pair. Valid types include SearchableString and String. + Type *string `type:"string" enum:"OpsItemDataType"` + + // The value of the OperationalData key. + Value *string `type:"string"` +} + +// String returns the string representation +func (s OpsItemDataValue) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemDataValue) GoString() string { + return s.String() +} + +// SetType sets the Type field's value. +func (s *OpsItemDataValue) SetType(v string) *OpsItemDataValue { + s.Type = &v + return s +} + +// SetValue sets the Value field's value. +func (s *OpsItemDataValue) SetValue(v string) *OpsItemDataValue { + s.Value = &v + return s +} + +// Describes an OpsItem filter. +type OpsItemFilter struct { + _ struct{} `type:"structure"` + + // The name of the filter. + // + // Key is a required field + Key *string `type:"string" required:"true" enum:"OpsItemFilterKey"` + + // The operator used by the filter call. + // + // Operator is a required field + Operator *string `type:"string" required:"true" enum:"OpsItemFilterOperator"` + + // The filter value. + // + // Values is a required field + Values []*string `type:"list" required:"true"` +} + +// String returns the string representation +func (s OpsItemFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemFilter) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *OpsItemFilter) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "OpsItemFilter"} + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Operator == nil { + invalidParams.Add(request.NewErrParamRequired("Operator")) + } + if s.Values == nil { + invalidParams.Add(request.NewErrParamRequired("Values")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKey sets the Key field's value. +func (s *OpsItemFilter) SetKey(v string) *OpsItemFilter { + s.Key = &v + return s +} + +// SetOperator sets the Operator field's value. +func (s *OpsItemFilter) SetOperator(v string) *OpsItemFilter { + s.Operator = &v + return s +} + +// SetValues sets the Values field's value. +func (s *OpsItemFilter) SetValues(v []*string) *OpsItemFilter { + s.Values = v + return s +} + +// A notification about the OpsItem. +type OpsItemNotification struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of an SNS topic where notifications are sent + // when this OpsItem is edited or changed. + Arn *string `type:"string"` +} + +// String returns the string representation +func (s OpsItemNotification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemNotification) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *OpsItemNotification) SetArn(v string) *OpsItemNotification { + s.Arn = &v + return s +} + +// A count of OpsItems. +type OpsItemSummary struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the IAM entity that created the OpsItem. + CreatedBy *string `type:"string"` + + // The date and time the OpsItem was created. + CreatedTime *time.Time `type:"timestamp"` + + // The Amazon Resource Name (ARN) of the IAM entity that created the OpsItem. + LastModifiedBy *string `type:"string"` + + // The date and time the OpsItem was last updated. + LastModifiedTime *time.Time `type:"timestamp"` + + // Operational data is custom data that provides useful reference details about + // the OpsItem. + OperationalData map[string]*OpsItemDataValue `type:"map"` + + // The ID of the OpsItem. + OpsItemId *string `type:"string"` + + // The importance of this OpsItem in relation to other OpsItems in the system. + Priority *int64 `min:"1" type:"integer"` + + // The impacted AWS resource. + Source *string `min:"1" type:"string"` + + // The OpsItem status. Status can be Open, In Progress, or Resolved. + Status *string `type:"string" enum:"OpsItemStatus"` + + // A short heading that describes the nature of the OpsItem and the impacted + // resource. + Title *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s OpsItemSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s OpsItemSummary) GoString() string { + return s.String() +} + +// SetCreatedBy sets the CreatedBy field's value. +func (s *OpsItemSummary) SetCreatedBy(v string) *OpsItemSummary { + s.CreatedBy = &v + return s +} + +// SetCreatedTime sets the CreatedTime field's value. +func (s *OpsItemSummary) SetCreatedTime(v time.Time) *OpsItemSummary { + s.CreatedTime = &v + return s +} + +// SetLastModifiedBy sets the LastModifiedBy field's value. +func (s *OpsItemSummary) SetLastModifiedBy(v string) *OpsItemSummary { + s.LastModifiedBy = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *OpsItemSummary) SetLastModifiedTime(v time.Time) *OpsItemSummary { + s.LastModifiedTime = &v + return s +} + +// SetOperationalData sets the OperationalData field's value. +func (s *OpsItemSummary) SetOperationalData(v map[string]*OpsItemDataValue) *OpsItemSummary { + s.OperationalData = v + return s +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *OpsItemSummary) SetOpsItemId(v string) *OpsItemSummary { + s.OpsItemId = &v + return s +} + +// SetPriority sets the Priority field's value. +func (s *OpsItemSummary) SetPriority(v int64) *OpsItemSummary { + s.Priority = &v + return s +} + +// SetSource sets the Source field's value. +func (s *OpsItemSummary) SetSource(v string) *OpsItemSummary { + s.Source = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *OpsItemSummary) SetStatus(v string) *OpsItemSummary { + s.Status = &v + return s +} + +// SetTitle sets the Title field's value. +func (s *OpsItemSummary) SetTitle(v string) *OpsItemSummary { + s.Title = &v + return s +} + // Information about the source where the association execution details are // stored. type OutputSource struct { @@ -29920,29 +31545,66 @@ type PutParameterInput struct { // action. Tags []*Tag `type:"list"` + // The parameter tier to assign to a parameter. + // // Parameter Store offers a standard tier and an advanced tier for parameters. - // Standard parameters have a value limit of 4 KB and can't be configured to - // use parameter policies. You can create a maximum of 10,000 standard parameters - // per account and per Region. Standard parameters are offered at no additional - // cost. - // - // Advanced parameters have a value limit of 8 KB and can be configured to use - // parameter policies. You can create a maximum of 100,000 advanced parameters - // per account and per Region. Advanced parameters incur a charge. - // - // If you don't specify a parameter tier when you create a new parameter, the - // parameter defaults to using the standard tier. You can change a standard - // parameter to an advanced parameter at any time. But you can't revert an advanced - // parameter to a standard parameter. Reverting an advanced parameter to a standard - // parameter would result in data loss because the system would truncate the - // size of the parameter from 8 KB to 4 KB. Reverting would also remove any - // policies attached to the parameter. Lastly, advanced parameters use a different - // form of encryption than standard parameters. + // Standard parameters have a content size limit of 4 KB and can't be configured + // to use parameter policies. You can create a maximum of 10,000 standard parameters + // for each Region in an AWS account. Standard parameters are offered at no + // additional cost. + // + // Advanced parameters have a content size limit of 8 KB and can be configured + // to use parameter policies. You can create a maximum of 100,000 advanced parameters + // for each Region in an AWS account. Advanced parameters incur a charge. For + // more information, see About Advanced Parameters (http://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html) + // in the AWS Systems Manager User Guide. + // + // You can change a standard parameter to an advanced parameter any time. But + // you can't revert an advanced parameter to a standard parameter. Reverting + // an advanced parameter to a standard parameter would result in data loss because + // the system would truncate the size of the parameter from 8 KB to 4 KB. Reverting + // would also remove any policies attached to the parameter. Lastly, advanced + // parameters use a different form of encryption than standard parameters. // // If you no longer need an advanced parameter, or if you no longer want to // incur charges for an advanced parameter, you must delete it and recreate - // it as a new standard parameter. For more information, see About Advanced - // Parameters (http://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html) + // it as a new standard parameter. + // + // Using the Default Tier Configuration + // + // In PutParameter requests, you can specify the tier to create the parameter + // in. Whenever you specify a tier in the request, Parameter Store creates or + // updates the parameter according to that request. However, if you do not specify + // a tier in a request, Parameter Store assigns the tier based on the current + // Parameter Store default tier configuration. + // + // The default tier when you begin using Parameter Store is the standard-parameter + // tier. If you use the advanced-parameter tier, you can specify one of the + // following as the default: + // + // * Advanced: With this option, Parameter Store evaluates all requests as + // advanced parameters. + // + // * Intelligent-Tiering: With this option, Parameter Store evaluates each + // request to determine if the parameter is standard or advanced. If the + // request doesn't include any options that require an advanced parameter, + // the parameter is created in the standard-parameter tier. If one or more + // options requiring an advanced parameter are included in the request, Parameter + // Store create a parameter in the advanced-parameter tier. This approach + // helps control your parameter-related costs by always creating standard + // parameters unless an advanced parameter is necessary. + // + // Options that require an advanced parameter include the following: + // + // * The content size of the parameter is more than 4 KB. + // + // * The parameter uses a parameter policy. + // + // * More than 10,000 parameters already exist in your AWS account in the + // current Region. + // + // For more information about configuring the default tier option, see Specifying + // a Default Parameter Tier (http://docs.aws.amazon.com/systems-manager/latest/userguide/ps-default-tier.html) // in the AWS Systems Manager User Guide. Tier *string `type:"string" enum:"ParameterTier"` @@ -30076,6 +31738,9 @@ func (s *PutParameterInput) SetValue(v string) *PutParameterInput { type PutParameterOutput struct { _ struct{} `type:"structure"` + // The tier assigned to the parameter. + Tier *string `type:"string" enum:"ParameterTier"` + // The new version number of a parameter. If you edit a parameter value, Parameter // Store automatically creates a new version and assigns this new version a // unique ID. You can reference a parameter version ID in API actions or in @@ -30095,6 +31760,12 @@ func (s PutParameterOutput) GoString() string { return s.String() } +// SetTier sets the Tier field's value. +func (s *PutParameterOutput) SetTier(v string) *PutParameterOutput { + s.Tier = &v + return s +} + // SetVersion sets the Version field's value. func (s *PutParameterOutput) SetVersion(v int64) *PutParameterOutput { s.Version = &v @@ -30279,8 +31950,8 @@ type RegisterTargetWithMaintenanceWindowInput struct { // The targets to register with the maintenance window. In other words, the // instances to run commands on when the maintenance window runs. // - // You can specify targets using either instance IDs or tags that have been - // applied to instances. + // You can specify targets using instance IDs, resource group names, or tags + // that have been applied to instances. // // Example 1: Specify instance IDs // @@ -30294,6 +31965,19 @@ type RegisterTargetWithMaintenanceWindowInput struct { // // Key=tag-key,Values=my-tag-key-1,my-tag-key-2 // + // Example 4: Use resource group names + // + // Key=resource-groups:Name,Values=resource-group-name + // + // Example 5: Use filters for resource group types + // + // Key=resource-groups:ResourceTypeFilters,Values=resource-type-1,resource-type-2 + // + // For Key=resource-groups:ResourceTypeFilters, specify resource types in the + // following format + // + // Key=resource-groups:ResourceTypeFilters,Values=AWS::EC2::INSTANCE,AWS::EC2::VPC + // // For more information about these examples formats, including the best use // case for each one, see Examples: Register Targets with a Maintenance Window // (https://docs.aws.amazon.com/systems-manager/latest/userguide/mw-cli-tutorial-targets-examples.html) @@ -30485,7 +32169,7 @@ type RegisterTaskWithMaintenanceWindowInput struct { // // Specify maintenance window targets using the following format: // - // Key=<WindowTargetIds>,Values=<window-target-id-1>,<window-target-id-2> + // Key=WindowTargetIds;,Values=<window-target-id-1>,<window-target-id-2> // // Targets is a required field Targets []*Target `type:"list" required:"true"` @@ -30704,11 +32388,51 @@ func (s *RegisterTaskWithMaintenanceWindowOutput) SetWindowTaskId(v string) *Reg return s } +// An OpsItems that shares something in common with the current OpsItem. For +// example, related OpsItems can include OpsItems with similar error messages, +// impacted resources, or statuses for the impacted resource. +type RelatedOpsItem struct { + _ struct{} `type:"structure"` + + // The ID of an OpsItem related to the current OpsItem. + // + // OpsItemId is a required field + OpsItemId *string `type:"string" required:"true"` +} + +// String returns the string representation +func (s RelatedOpsItem) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s RelatedOpsItem) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RelatedOpsItem) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RelatedOpsItem"} + if s.OpsItemId == nil { + invalidParams.Add(request.NewErrParamRequired("OpsItemId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *RelatedOpsItem) SetOpsItemId(v string) *RelatedOpsItem { + s.OpsItemId = &v + return s +} + type RemoveTagsFromResourceInput struct { _ struct{} `type:"structure"` - // The resource ID for which you want to remove tags. Use the ID of the resource. - // Here are some examples: + // The ID of the resource from which you want to remove tags. For example: // // ManagedInstance: mi-012345abcde // @@ -30719,17 +32443,17 @@ type RemoveTagsFromResourceInput struct { // For the Document and Parameter values, use the name of the resource. // // The ManagedInstance type for this API action is only for on-premises managed - // instances. You must specify the name of the managed instance in the following - // format: mi-ID_number. For example, mi-1a2b3c4d5e6f. + // instances. Specify the name of the managed instance in the following format: + // mi-ID_number. For example, mi-1a2b3c4d5e6f. // // ResourceId is a required field ResourceId *string `type:"string" required:"true"` - // The type of resource of which you want to remove a tag. + // The type of resource from which you want to remove a tag. // // The ManagedInstance type for this API action is only for on-premises managed - // instances. You must specify the name of the managed instance in the following - // format: mi-ID_number. For example, mi-1a2b3c4d5e6f. + // instances. Specify the name of the managed instance in the following format: + // mi-ID_number. For example, mi-1a2b3c4d5e6f. // // ResourceType is a required field ResourceType *string `type:"string" required:"true" enum:"ResourceTypeForTagging"` @@ -31258,7 +32982,7 @@ type ResumeSessionOutput struct { SessionId *string `min:"1" type:"string"` // A URL back to SSM Agent on the instance that the Session Manager client uses - // to send commands and receive output from the instance. Format: wss://ssm-messages.region.amazonaws.com/v1/data-channel/session-id?stream=(input|output). + // to send commands and receive output from the instance. Format: wss://ssmmessages.region.amazonaws.com/v1/data-channel/session-id?stream=(input|output). // // region represents the Region identifier for an AWS Region supported by AWS // Systems Manager, such as us-east-2 for the US East (Ohio) Region. For a list @@ -32519,7 +34243,7 @@ type StartSessionOutput struct { SessionId *string `min:"1" type:"string"` // A URL back to SSM Agent on the instance that the Session Manager client uses - // to send commands and receive output from the instance. Format: wss://ssm-messages.region.amazonaws.com/v1/data-channel/session-id?stream=(input|output) + // to send commands and receive output from the instance. Format: wss://ssmmessages.region.amazonaws.com/v1/data-channel/session-id?stream=(input|output) // // region represents the Region identifier for an AWS Region supported by AWS // Systems Manager, such as us-east-2 for the US East (Ohio) Region. For a list @@ -32975,24 +34699,46 @@ func (s *Tag) SetValue(v string) *Tag { } // An array of search criteria that targets instances using a Key,Value combination -// that you specify. Targets is required if you don't provide one or more instance -// IDs in the call. +// that you specify. +// +// Supported formats include the following. +// +// * Key=InstanceIds,Values=instance-id-1,instance-id-2,instance-id-3 +// +// * Key=tag:my-tag-key,Values=my-tag-value-1,my-tag-value-2 +// +// * Key=tag-key,Values=my-tag-key-1,my-tag-key-2 +// +// * (Maintenance window targets only) Key=resource-groups:Name,Values=resource-group-name +// +// * (Maintenance window targets only) Key=resource-groups:ResourceTypeFilters,Values=resource-type-1,resource-type-2 +// +// For example: +// +// * Key=InstanceIds,Values=i-02573cafcfEXAMPLE,i-0471e04240EXAMPLE,i-07782c72faEXAMPLE +// +// * Key=tag:CostCenter,Values=CostCenter1,CostCenter2,CostCenter3 +// +// * Key=tag-key,Values=Name,Instance-Type,CostCenter +// +// * (Maintenance window targets only) Key=resource-groups:Name,Values=ProductionResourceGroup +// +// * (Maintenance window targets only) Key=resource-groups:ResourceTypeFilters,Values=AWS::EC2::INSTANCE,AWS::EC2::VPC +// +// For information about how to send commands that target instances using Key,Value +// parameters, see Using Targets and Rate Controls to Send Commands to a Fleet +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html#send-commands-targeting) +// in the AWS Systems Manager User Guide. type Target struct { _ struct{} `type:"structure"` // User-defined criteria for sending commands that target instances that meet - // the criteria. Key can be tag:<Amazon EC2 tag> or InstanceIds. For more information - // about how to send commands that target instances using Key,Value parameters, - // see Using Targets and Rate Controls to Send Commands to a Fleet (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html#send-commands-targeting) - // in the AWS Systems Manager User Guide. + // the criteria. Key *string `min:"1" type:"string"` // User-defined criteria that maps to Key. For example, if you specified tag:ServerRole, // you could specify value:WebServer to run a command on instances that include - // Amazon EC2 tags of ServerRole,WebServer. For more information about how to - // send commands that target instances using Key,Value parameters, see Using - // Targets and Rate Controls to Send Commands to a Fleet (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html) - // in the AWS Systems Manager User Guide. + // Amazon EC2 tags of ServerRole,WebServer. Values []*string `type:"list"` } @@ -33606,7 +35352,7 @@ type UpdateDocumentInput struct { // supports JSON and YAML documents. JSON is the default format. DocumentFormat *string `type:"string" enum:"DocumentFormat"` - // The version of the document that you want to update. + // (Required) The version of the document that you want to update. DocumentVersion *string `type:"string"` // The name of the document that you want to update. @@ -34650,6 +36396,179 @@ func (s UpdateManagedInstanceRoleOutput) GoString() string { return s.String() } +type UpdateOpsItemInput struct { + _ struct{} `type:"structure"` + + // Update the information about the OpsItem. Provide enough information so that + // users reading this OpsItem for the first time understand the issue. + Description *string `min:"1" type:"string"` + + // The Amazon Resource Name (ARN) of an SNS topic where notifications are sent + // when this OpsItem is edited or changed. + Notifications []*OpsItemNotification `type:"list"` + + // Add new keys or edit existing key-value pairs of the OperationalData map + // in the OpsItem object. + // + // Operational data is custom data that provides useful reference details about + // the OpsItem. For example, you can specify log files, error strings, license + // keys, troubleshooting tips, or other relevant data. You enter operational + // data as key-value pairs. The key has a maximum length of 128 characters. + // The value has a maximum size of 20 KB. + // + // Operational data keys can't begin with the following: amazon, aws, amzn, + // ssm, /amazon, /aws, /amzn, /ssm. + // + // You can choose to make the data searchable by other users in the account + // or you can restrict search access. Searchable data means that all users with + // access to the OpsItem Overview page (as provided by the DescribeOpsItems + // API action) can view and search on the specified data. Operational data that + // is not searchable is only viewable by users who have access to the OpsItem + // (as provided by the GetOpsItem API action). + // + // Use the /aws/resources key in OperationalData to specify a related resource + // in the request. Use the /aws/automations key in OperationalData to associate + // an Automation runbook with the OpsItem. To view AWS CLI example commands + // that use these keys, see Creating OpsItems Manually (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // in the AWS Systems Manager User Guide. + OperationalData map[string]*OpsItemDataValue `type:"map"` + + // Keys that you want to remove from the OperationalData map. + OperationalDataToDelete []*string `type:"list"` + + // The ID of the OpsItem. + // + // OpsItemId is a required field + OpsItemId *string `type:"string" required:"true"` + + // The importance of this OpsItem in relation to other OpsItems in the system. + Priority *int64 `min:"1" type:"integer"` + + // One or more OpsItems that share something in common with the current OpsItems. + // For example, related OpsItems can include OpsItems with similar error messages, + // impacted resources, or statuses for the impacted resource. + RelatedOpsItems []*RelatedOpsItem `type:"list"` + + // The OpsItem status. Status can be Open, In Progress, or Resolved. For more + // information, see Editing OpsItem Details (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-working-with-OpsItems-editing-details.html) + // in the AWS Systems Manager User Guide. + Status *string `type:"string" enum:"OpsItemStatus"` + + // A short heading that describes the nature of the OpsItem and the impacted + // resource. + Title *string `min:"1" type:"string"` +} + +// String returns the string representation +func (s UpdateOpsItemInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateOpsItemInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateOpsItemInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateOpsItemInput"} + if s.Description != nil && len(*s.Description) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Description", 1)) + } + if s.OpsItemId == nil { + invalidParams.Add(request.NewErrParamRequired("OpsItemId")) + } + if s.Priority != nil && *s.Priority < 1 { + invalidParams.Add(request.NewErrParamMinValue("Priority", 1)) + } + if s.Title != nil && len(*s.Title) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Title", 1)) + } + if s.RelatedOpsItems != nil { + for i, v := range s.RelatedOpsItems { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "RelatedOpsItems", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescription sets the Description field's value. +func (s *UpdateOpsItemInput) SetDescription(v string) *UpdateOpsItemInput { + s.Description = &v + return s +} + +// SetNotifications sets the Notifications field's value. +func (s *UpdateOpsItemInput) SetNotifications(v []*OpsItemNotification) *UpdateOpsItemInput { + s.Notifications = v + return s +} + +// SetOperationalData sets the OperationalData field's value. +func (s *UpdateOpsItemInput) SetOperationalData(v map[string]*OpsItemDataValue) *UpdateOpsItemInput { + s.OperationalData = v + return s +} + +// SetOperationalDataToDelete sets the OperationalDataToDelete field's value. +func (s *UpdateOpsItemInput) SetOperationalDataToDelete(v []*string) *UpdateOpsItemInput { + s.OperationalDataToDelete = v + return s +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *UpdateOpsItemInput) SetOpsItemId(v string) *UpdateOpsItemInput { + s.OpsItemId = &v + return s +} + +// SetPriority sets the Priority field's value. +func (s *UpdateOpsItemInput) SetPriority(v int64) *UpdateOpsItemInput { + s.Priority = &v + return s +} + +// SetRelatedOpsItems sets the RelatedOpsItems field's value. +func (s *UpdateOpsItemInput) SetRelatedOpsItems(v []*RelatedOpsItem) *UpdateOpsItemInput { + s.RelatedOpsItems = v + return s +} + +// SetStatus sets the Status field's value. +func (s *UpdateOpsItemInput) SetStatus(v string) *UpdateOpsItemInput { + s.Status = &v + return s +} + +// SetTitle sets the Title field's value. +func (s *UpdateOpsItemInput) SetTitle(v string) *UpdateOpsItemInput { + s.Title = &v + return s +} + +type UpdateOpsItemOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation +func (s UpdateOpsItemOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s UpdateOpsItemOutput) GoString() string { + return s.String() +} + type UpdatePatchBaselineInput struct { _ struct{} `type:"structure"` @@ -35588,6 +37507,9 @@ const ( const ( // MaintenanceWindowResourceTypeInstance is a MaintenanceWindowResourceType enum value MaintenanceWindowResourceTypeInstance = "INSTANCE" + + // MaintenanceWindowResourceTypeResourceGroup is a MaintenanceWindowResourceType enum value + MaintenanceWindowResourceTypeResourceGroup = "RESOURCE_GROUP" ) const ( @@ -35656,11 +37578,108 @@ const ( ) const ( + // OpsFilterOperatorTypeEqual is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeEqual = "Equal" + + // OpsFilterOperatorTypeNotEqual is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeNotEqual = "NotEqual" + + // OpsFilterOperatorTypeBeginWith is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeBeginWith = "BeginWith" + + // OpsFilterOperatorTypeLessThan is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeLessThan = "LessThan" + + // OpsFilterOperatorTypeGreaterThan is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeGreaterThan = "GreaterThan" + + // OpsFilterOperatorTypeExists is a OpsFilterOperatorType enum value + OpsFilterOperatorTypeExists = "Exists" +) + +const ( + // OpsItemDataTypeSearchableString is a OpsItemDataType enum value + OpsItemDataTypeSearchableString = "SearchableString" + + // OpsItemDataTypeString is a OpsItemDataType enum value + OpsItemDataTypeString = "String" +) + +const ( + // OpsItemFilterKeyStatus is a OpsItemFilterKey enum value + OpsItemFilterKeyStatus = "Status" + + // OpsItemFilterKeyCreatedBy is a OpsItemFilterKey enum value + OpsItemFilterKeyCreatedBy = "CreatedBy" + + // OpsItemFilterKeySource is a OpsItemFilterKey enum value + OpsItemFilterKeySource = "Source" + + // OpsItemFilterKeyPriority is a OpsItemFilterKey enum value + OpsItemFilterKeyPriority = "Priority" + + // OpsItemFilterKeyTitle is a OpsItemFilterKey enum value + OpsItemFilterKeyTitle = "Title" + + // OpsItemFilterKeyOpsItemId is a OpsItemFilterKey enum value + OpsItemFilterKeyOpsItemId = "OpsItemId" + + // OpsItemFilterKeyCreatedTime is a OpsItemFilterKey enum value + OpsItemFilterKeyCreatedTime = "CreatedTime" + + // OpsItemFilterKeyLastModifiedTime is a OpsItemFilterKey enum value + OpsItemFilterKeyLastModifiedTime = "LastModifiedTime" + + // OpsItemFilterKeyOperationalData is a OpsItemFilterKey enum value + OpsItemFilterKeyOperationalData = "OperationalData" + + // OpsItemFilterKeyOperationalDataKey is a OpsItemFilterKey enum value + OpsItemFilterKeyOperationalDataKey = "OperationalDataKey" + + // OpsItemFilterKeyOperationalDataValue is a OpsItemFilterKey enum value + OpsItemFilterKeyOperationalDataValue = "OperationalDataValue" + + // OpsItemFilterKeyResourceId is a OpsItemFilterKey enum value + OpsItemFilterKeyResourceId = "ResourceId" + + // OpsItemFilterKeyAutomationId is a OpsItemFilterKey enum value + OpsItemFilterKeyAutomationId = "AutomationId" +) + +const ( + // OpsItemFilterOperatorEqual is a OpsItemFilterOperator enum value + OpsItemFilterOperatorEqual = "Equal" + + // OpsItemFilterOperatorContains is a OpsItemFilterOperator enum value + OpsItemFilterOperatorContains = "Contains" + + // OpsItemFilterOperatorGreaterThan is a OpsItemFilterOperator enum value + OpsItemFilterOperatorGreaterThan = "GreaterThan" + + // OpsItemFilterOperatorLessThan is a OpsItemFilterOperator enum value + OpsItemFilterOperatorLessThan = "LessThan" +) + +const ( + // OpsItemStatusOpen is a OpsItemStatus enum value + OpsItemStatusOpen = "Open" + + // OpsItemStatusInProgress is a OpsItemStatus enum value + OpsItemStatusInProgress = "InProgress" + + // OpsItemStatusResolved is a OpsItemStatus enum value + OpsItemStatusResolved = "Resolved" +) + +const ( // ParameterTierStandard is a ParameterTier enum value ParameterTierStandard = "Standard" // ParameterTierAdvanced is a ParameterTier enum value ParameterTierAdvanced = "Advanced" + + // ParameterTierIntelligentTiering is a ParameterTier enum value + ParameterTierIntelligentTiering = "Intelligent-Tiering" ) const ( @@ -35862,6 +37881,9 @@ const ( // ResourceTypeForTaggingPatchBaseline is a ResourceTypeForTagging enum value ResourceTypeForTaggingPatchBaseline = "PatchBaseline" + + // ResourceTypeForTaggingOpsItem is a ResourceTypeForTagging enum value + ResourceTypeForTaggingOpsItem = "OpsItem" ) const ( diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go index a9650950..90c4a777 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go @@ -105,7 +105,7 @@ const ( // ErrCodeDocumentLimitExceeded for service response error code // "DocumentLimitExceeded". // - // You can have at most 200 active Systems Manager documents. + // You can have at most 500 active Systems Manager documents. ErrCodeDocumentLimitExceeded = "DocumentLimitExceeded" // ErrCodeDocumentPermissionLimit for service response error code @@ -156,7 +156,7 @@ const ( // ErrCodeFeatureNotAvailableException for service response error code // "FeatureNotAvailableException". // - // You attempted to register a LAMBDA or STEP_FUNCTION task in a region where + // You attempted to register a LAMBDA or STEP_FUNCTIONS task in a region where // the corresponding service is not available. ErrCodeFeatureNotAvailableException = "FeatureNotAvailableException" @@ -340,12 +340,9 @@ const ( // // You do not have permission to access the instance. // - // SSM Agent is not running. On managed instances and Linux instances, verify - // that the SSM Agent is running. On EC2 Windows instances, verify that the - // EC2Config service is running. + // SSM Agent is not running. Verify that SSM Agent is running. // - // SSM Agent or EC2Config service is not registered to the SSM endpoint. Try - // reinstalling SSM Agent or EC2Config service. + // SSM Agent is not registered with the SSM endpoint. Try reinstalling SSM Agent. // // The instance is not in valid state. Valid states are: Running, Pending, Stopped, // Stopping. Invalid states are: Shutting-down and Terminated. @@ -534,6 +531,32 @@ const ( // The size limit of a document is 64 KB. ErrCodeMaxDocumentSizeExceeded = "MaxDocumentSizeExceeded" + // ErrCodeOpsItemAlreadyExistsException for service response error code + // "OpsItemAlreadyExistsException". + // + // The OpsItem already exists. + ErrCodeOpsItemAlreadyExistsException = "OpsItemAlreadyExistsException" + + // ErrCodeOpsItemInvalidParameterException for service response error code + // "OpsItemInvalidParameterException". + // + // A specified parameter argument isn't valid. Verify the available arguments + // and try again. + ErrCodeOpsItemInvalidParameterException = "OpsItemInvalidParameterException" + + // ErrCodeOpsItemLimitExceededException for service response error code + // "OpsItemLimitExceededException". + // + // The request caused OpsItems to exceed one or more limits. For information + // about OpsItem limits, see What are the resource limits for OpsCenter? (http://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). + ErrCodeOpsItemLimitExceededException = "OpsItemLimitExceededException" + + // ErrCodeOpsItemNotFoundException for service response error code + // "OpsItemNotFoundException". + // + // The specified OpsItem ID doesn't exist. Verify the ID and try again. + ErrCodeOpsItemNotFoundException = "OpsItemNotFoundException" + // ErrCodeParameterAlreadyExists for service response error code // "ParameterAlreadyExists". // diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index 9e610591..eb0a6a41 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -702,6 +702,102 @@ func (c *STS) DecodeAuthorizationMessageWithContext(ctx aws.Context, input *Deco return out, req.Send() } +const opGetAccessKeyInfo = "GetAccessKeyInfo" + +// GetAccessKeyInfoRequest generates a "aws/request.Request" representing the +// client's request for the GetAccessKeyInfo operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetAccessKeyInfo for more information on using the GetAccessKeyInfo +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// +// // Example sending a request using the GetAccessKeyInfoRequest method. +// req, resp := client.GetAccessKeyInfoRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo +func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *request.Request, output *GetAccessKeyInfoOutput) { + op := &request.Operation{ + Name: opGetAccessKeyInfo, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetAccessKeyInfoInput{} + } + + output = &GetAccessKeyInfoOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetAccessKeyInfo API operation for AWS Security Token Service. +// +// Returns the account identifier for the specified access key ID. +// +// Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) +// and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). +// For more information about access keys, see Managing Access Keys for IAM +// Users (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) +// in the IAM User Guide. +// +// When you pass an access key ID to this operation, it returns the ID of the +// AWS account to which the keys belong. Access key IDs beginning with AKIA +// are long-term credentials for an IAM user or the AWS account root user. Access +// key IDs beginning with ASIA are temporary credentials that are created using +// STS operations. If the account in the response belongs to you, you can sign +// in as the root user and review your root user access keys. Then, you can +// pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) +// to learn which IAM user owns the keys. To learn who requested the temporary +// credentials for an ASIA access key, view the STS events in your CloudTrail +// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html). +// +// This operation does not indicate the state of the access key. The key might +// be active, inactive, or deleted. Active keys might not have permissions to +// perform an operation. Providing a deleted access key might return an error +// that the key doesn't exist. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Security Token Service's +// API operation GetAccessKeyInfo for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo +func (c *STS) GetAccessKeyInfo(input *GetAccessKeyInfoInput) (*GetAccessKeyInfoOutput, error) { + req, out := c.GetAccessKeyInfoRequest(input) + return out, req.Send() +} + +// GetAccessKeyInfoWithContext is the same as GetAccessKeyInfo with the addition of +// the ability to pass a context and additional request options. +// +// See GetAccessKeyInfo for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *STS) GetAccessKeyInfoWithContext(ctx aws.Context, input *GetAccessKeyInfoInput, opts ...request.Option) (*GetAccessKeyInfoOutput, error) { + req, out := c.GetAccessKeyInfoRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetCallerIdentity = "GetCallerIdentity" // GetCallerIdentityRequest generates a "aws/request.Request" representing the @@ -746,8 +842,15 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // GetCallerIdentity API operation for AWS Security Token Service. // -// Returns details about the IAM identity whose credentials are used to call -// the API. +// Returns details about the IAM user or role whose credentials are used to +// call the operation. +// +// No permissions are required to perform this operation. If an administrator +// adds a policy to your IAM user or role that explicitly denies access to the +// sts:GetCallerIdentity action, you can still perform this operation. Permissions +// are not required because the same information is returned when an IAM user +// or role is denied access. To view an example response, see I Am Not Authorized +// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1129,7 +1232,7 @@ type AssumeRoleInput struct { // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session // policies shouldn't exceed 2048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (general/latest/gr/aws-arns-and-namespaces.html) + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // The characters in this parameter count towards the 2048 character session @@ -1407,7 +1510,7 @@ type AssumeRoleWithSAMLInput struct { // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session // policies shouldn't exceed 2048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (general/latest/gr/aws-arns-and-namespaces.html) + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // The characters in this parameter count towards the 2048 character session @@ -1702,7 +1805,7 @@ type AssumeRoleWithWebIdentityInput struct { // This parameter is optional. You can provide up to 10 managed policy ARNs. // However, the plain text that you use for both inline and managed session // policies shouldn't exceed 2048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (general/latest/gr/aws-arns-and-namespaces.html) + // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // The characters in this parameter count towards the 2048 character session @@ -2156,6 +2259,73 @@ func (s *FederatedUser) SetFederatedUserId(v string) *FederatedUser { return s } +type GetAccessKeyInfoInput struct { + _ struct{} `type:"structure"` + + // The identifier of an access key. + // + // This parameter allows (through its regex pattern) a string of characters + // that can consist of any upper- or lowercased letter or digit. + // + // AccessKeyId is a required field + AccessKeyId *string `min:"16" type:"string" required:"true"` +} + +// String returns the string representation +func (s GetAccessKeyInfoInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAccessKeyInfoInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetAccessKeyInfoInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyInfoInput"} + if s.AccessKeyId == nil { + invalidParams.Add(request.NewErrParamRequired("AccessKeyId")) + } + if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 { + invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *GetAccessKeyInfoInput) SetAccessKeyId(v string) *GetAccessKeyInfoInput { + s.AccessKeyId = &v + return s +} + +type GetAccessKeyInfoOutput struct { + _ struct{} `type:"structure"` + + // The number used to identify the AWS account. + Account *string `type:"string"` +} + +// String returns the string representation +func (s GetAccessKeyInfoOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation +func (s GetAccessKeyInfoOutput) GoString() string { + return s.String() +} + +// SetAccount sets the Account field's value. +func (s *GetAccessKeyInfoOutput) SetAccount(v string) *GetAccessKeyInfoOutput { + s.Account = &v + return s +} + type GetCallerIdentityInput struct { _ struct{} `type:"structure"` } @@ -2284,7 +2454,7 @@ type GetFederationTokenInput struct { // use as managed session policies. The plain text that you use for both inline // and managed session policies shouldn't exceed 2048 characters. You can provide // up to 10 managed policy ARNs. For more information about ARNs, see Amazon - // Resource Names (ARNs) and AWS Service Namespaces (general/latest/gr/aws-arns-and-namespaces.html) + // Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. // // This parameter is optional. However, if you do not pass any session policies, @@ -2545,7 +2715,7 @@ type PolicyDescriptorType struct { // The Amazon Resource Name (ARN) of the IAM managed policy to use as a session // policy for the role. For more information about ARNs, see Amazon Resource - // Names (ARNs) and AWS Service Namespaces (general/latest/gr/aws-arns-and-namespaces.html) + // Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) // in the AWS General Reference. Arn *string `locationName:"arn" min:"20" type:"string"` } diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go new file mode 100644 index 00000000..d5307fca --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go @@ -0,0 +1,11 @@ +package sts + +import "github.com/aws/aws-sdk-go/aws/request" + +func init() { + initRequest = customizeRequest +} + +func customizeRequest(r *request.Request) { + r.RetryErrorCodes = append(r.RetryErrorCodes, ErrCodeIDPCommunicationErrorException) +} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go new file mode 100644 index 00000000..e2e1d6ef --- /dev/null +++ b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go @@ -0,0 +1,96 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package stsiface provides an interface to enable mocking the AWS Security Token Service service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package stsiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/sts" +) + +// STSAPI provides an interface to enable mocking the +// sts.STS service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // AWS Security Token Service. +// func myFunc(svc stsiface.STSAPI) bool { +// // Make svc.AssumeRole request +// } +// +// func main() { +// sess := session.New() +// svc := sts.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockSTSClient struct { +// stsiface.STSAPI +// } +// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockSTSClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type STSAPI interface { + AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) + AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error) + AssumeRoleRequest(*sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput) + + AssumeRoleWithSAML(*sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error) + AssumeRoleWithSAMLWithContext(aws.Context, *sts.AssumeRoleWithSAMLInput, ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error) + AssumeRoleWithSAMLRequest(*sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput) + + AssumeRoleWithWebIdentity(*sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error) + AssumeRoleWithWebIdentityWithContext(aws.Context, *sts.AssumeRoleWithWebIdentityInput, ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error) + AssumeRoleWithWebIdentityRequest(*sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput) + + DecodeAuthorizationMessage(*sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error) + DecodeAuthorizationMessageWithContext(aws.Context, *sts.DecodeAuthorizationMessageInput, ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error) + DecodeAuthorizationMessageRequest(*sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput) + + GetAccessKeyInfo(*sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error) + GetAccessKeyInfoWithContext(aws.Context, *sts.GetAccessKeyInfoInput, ...request.Option) (*sts.GetAccessKeyInfoOutput, error) + GetAccessKeyInfoRequest(*sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput) + + GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error) + GetCallerIdentityWithContext(aws.Context, *sts.GetCallerIdentityInput, ...request.Option) (*sts.GetCallerIdentityOutput, error) + GetCallerIdentityRequest(*sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput) + + GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error) + GetFederationTokenWithContext(aws.Context, *sts.GetFederationTokenInput, ...request.Option) (*sts.GetFederationTokenOutput, error) + GetFederationTokenRequest(*sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput) + + GetSessionToken(*sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error) + GetSessionTokenWithContext(aws.Context, *sts.GetSessionTokenInput, ...request.Option) (*sts.GetSessionTokenOutput, error) + GetSessionTokenRequest(*sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput) +} + +var _ STSAPI = (*sts.STS)(nil) |