From 2c3de3702532914a63139c0c7ba359a0d508ade2 Mon Sep 17 00:00:00 2001 From: aws-sdk-cpp-automation Date: Fri, 24 Jan 2025 19:09:41 +0000 Subject: [PATCH] Update API model --- .../smithy/api-descriptions/cloudtrail.json | 157 +++++++++++++++++- .../smithy/api-descriptions/eks.json | 149 ++++++++++------- .../smithy/api-descriptions/healthlake.json | 18 +- .../smithy/api-descriptions/ssm.json | 62 +++---- .../smithy/api-descriptions/sso-oidc.json | 128 +++++++------- .../smithy/api-descriptions/transfer.json | 68 +++++++- 6 files changed, 414 insertions(+), 168 deletions(-) diff --git a/tools/code-generation/smithy/api-descriptions/cloudtrail.json b/tools/code-generation/smithy/api-descriptions/cloudtrail.json index cd57d4a614f..0eb96f168ea 100644 --- a/tools/code-generation/smithy/api-descriptions/cloudtrail.json +++ b/tools/code-generation/smithy/api-descriptions/cloudtrail.json @@ -251,7 +251,7 @@ } }, "traits": { - "smithy.api#documentation": "

Advanced event selectors let you create fine-grained selectors for CloudTrail management, data, and network activity events. They help you control costs by logging only those\n events that are important to you. For more information about configuring advanced event selectors, see\n the Logging data events, Logging network activity events, and Logging management events topics in the CloudTrail User Guide.

\n

You cannot apply both event selectors and advanced event selectors to a trail.

\n

For information about configurable advanced event selector fields, see \n AdvancedEventSelector \n in the CloudTrailUser Guide.

" + "smithy.api#documentation": "

Advanced event selectors let you create fine-grained selectors for CloudTrail management, data, and network activity events. They help you control costs by logging only those\n events that are important to you. For more information about configuring advanced event selectors, see\n the Logging data events, Logging network activity events, and Logging management events topics in the CloudTrail User Guide.

\n

You cannot apply both event selectors and advanced event selectors to a trail.

\n

For information about configurable advanced event selector fields, see \n AdvancedEventSelector \n in the CloudTrail API Reference.

" } }, "com.amazonaws.cloudtrail#AdvancedEventSelectors": { @@ -266,7 +266,7 @@ "Field": { "target": "com.amazonaws.cloudtrail#SelectorField", "traits": { - "smithy.api#documentation": "

A field in a CloudTrail event record on which to filter events to be logged. For\n event data stores for CloudTrail Insights events, Config configuration items, Audit Manager evidence, or events outside of Amazon Web Services, the field is used only for\n selecting events as filtering is not supported.

\n

For more information, see \n AdvancedFieldSelector \n in the CloudTrailUser Guide.

", + "smithy.api#documentation": "

A field in a CloudTrail event record on which to filter events to be logged. For\n event data stores for CloudTrail Insights events, Config configuration items, Audit Manager evidence, or events outside of Amazon Web Services, the field is used only for\n selecting events as filtering is not supported.

\n

For more information, see \n AdvancedFieldSelector \n in the CloudTrail API Reference.

\n \n

Selectors don't support the use of wildcards like * . To match multiple values with a single condition, \n you may use StartsWith, EndsWith, NotStartsWith, or NotEndsWith to explicitly match the beginning or end of the event field.

\n ", "smithy.api#required": {} } }, @@ -810,6 +810,9 @@ { "target": "com.amazonaws.cloudtrail#RestoreEventDataStore" }, + { + "target": "com.amazonaws.cloudtrail#SearchSampleQueries" + }, { "target": "com.amazonaws.cloudtrail#StartDashboardRefresh" }, @@ -4943,7 +4946,7 @@ } ], "traits": { - "smithy.api#documentation": "

Describes the settings for the Insights event selectors that you configured for your\n trail or event data store. GetInsightSelectors shows if CloudTrail Insights event logging\n is enabled on the trail or event data store, and if it is, which Insights types are enabled. If you run\n GetInsightSelectors on a trail or event data store that does not have Insights events enabled,\n the operation throws the exception InsightNotEnabledException\n

\n

Specify either the EventDataStore parameter to get Insights event selectors for an event data store, \n or the TrailName parameter to the get Insights event selectors for a trail. You cannot specify these parameters together.

\n

For more information, see Logging CloudTrail Insights events in the CloudTrail User Guide.

", + "smithy.api#documentation": "

Describes the settings for the Insights event selectors that you configured for your\n trail or event data store. GetInsightSelectors shows if CloudTrail Insights event logging\n is enabled on the trail or event data store, and if it is, which Insights types are enabled. If you run\n GetInsightSelectors on a trail or event data store that does not have Insights events enabled,\n the operation throws the exception InsightNotEnabledException\n

\n

Specify either the EventDataStore parameter to get Insights event selectors for an event data store, \n or the TrailName parameter to the get Insights event selectors for a trail. You cannot specify these parameters together.

\n

For more information, see Working with CloudTrail Insights in the CloudTrail User Guide.

", "smithy.api#idempotent": {} } }, @@ -8012,7 +8015,7 @@ } ], "traits": { - "smithy.api#documentation": "

Configures event selectors (also referred to as basic event selectors) or advanced event selectors for your trail. You can use\n either AdvancedEventSelectors or EventSelectors, but not both. If\n you apply AdvancedEventSelectors to a trail, any existing\n EventSelectors are overwritten.

\n

You can use AdvancedEventSelectors to \n log management events, data events for all resource types, and network activity events.

\n

You can use EventSelectors to log management events and data events for the following resource types:

\n \n

You can't use EventSelectors to log network activity events.

\n

If you want your trail to log Insights events, be sure the event selector or advanced event selector enables \n logging of the Insights event types you want configured for your trail. For more information about logging Insights events, see Logging Insights events in the CloudTrail User Guide.\n By default, trails created without specific event selectors are configured to\n log all read and write management events, and no data events or network activity events.

\n

When an event occurs in your account, CloudTrail evaluates the event selectors or\n advanced event selectors in all trails. For each trail, if the event matches any event\n selector, the trail processes and logs the event. If the event doesn't match any event\n selector, the trail doesn't log the event.

\n

Example

\n
    \n
  1. \n

    You create an event selector for a trail and specify that you want to log write-only\n events.

    \n
    2. \n
  2. \n

    The EC2 GetConsoleOutput and RunInstances API operations\n occur in your account.

    \n
    3. \n
  3. \n

    CloudTrail evaluates whether the events match your event selectors.

    \n
    4. \n
  4. \n

    The RunInstances is a write-only event and it matches your event\n selector. The trail logs the event.

    \n
    5. \n
  5. \n

    The GetConsoleOutput is a read-only event that doesn't match your\n event selector. The trail doesn't log the event.

    \n
    6. \n
\n

The PutEventSelectors operation must be called from the Region in which the\n trail was created; otherwise, an InvalidHomeRegionException exception is\n thrown.

\n

You can configure up to five event selectors for each trail.

\n

You can add advanced event selectors, and conditions for your advanced event selectors,\n up to a maximum of 500 values for all conditions and selectors on a trail. For more information, see\n Logging management events, Logging\n data events, Logging\n network activity events, and Quotas in CloudTrail in the CloudTrail User\n Guide.

", + "smithy.api#documentation": "

Configures event selectors (also referred to as basic event selectors) or advanced event selectors for your trail. You can use\n either AdvancedEventSelectors or EventSelectors, but not both. If\n you apply AdvancedEventSelectors to a trail, any existing\n EventSelectors are overwritten.

\n

You can use AdvancedEventSelectors to \n log management events, data events for all resource types, and network activity events.

\n

You can use EventSelectors to log management events and data events for the following resource types:

\n \n

You can't use EventSelectors to log network activity events.

\n

If you want your trail to log Insights events, be sure the event selector or advanced event selector enables \n logging of the Insights event types you want configured for your trail. For more information about logging Insights events, see Working with CloudTrail Insights in the CloudTrail User Guide.\n By default, trails created without specific event selectors are configured to\n log all read and write management events, and no data events or network activity events.

\n

When an event occurs in your account, CloudTrail evaluates the event selectors or\n advanced event selectors in all trails. For each trail, if the event matches any event\n selector, the trail processes and logs the event. If the event doesn't match any event\n selector, the trail doesn't log the event.

\n

Example

\n
    \n
  1. \n

    You create an event selector for a trail and specify that you want to log write-only\n events.

    \n
    2. \n
  2. \n

    The EC2 GetConsoleOutput and RunInstances API operations\n occur in your account.

    \n
    3. \n
  3. \n

    CloudTrail evaluates whether the events match your event selectors.

    \n
    4. \n
  4. \n

    The RunInstances is a write-only event and it matches your event\n selector. The trail logs the event.

    \n
    5. \n
  5. \n

    The GetConsoleOutput is a read-only event that doesn't match your\n event selector. The trail doesn't log the event.

    \n
    6. \n
\n

The PutEventSelectors operation must be called from the Region in which the\n trail was created; otherwise, an InvalidHomeRegionException exception is\n thrown.

\n

You can configure up to five event selectors for each trail.

\n

You can add advanced event selectors, and conditions for your advanced event selectors,\n up to a maximum of 500 values for all conditions and selectors on a trail. For more information, see\n Logging management events, Logging\n data events, Logging\n network activity events, and Quotas in CloudTrail in the CloudTrail User\n Guide.

", "smithy.api#idempotent": {} } }, @@ -8128,7 +8131,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lets you enable Insights event logging by specifying the Insights selectors that you\n want to enable on an existing trail or event data store. You also use PutInsightSelectors to turn\n off Insights event logging, by passing an empty list of Insights types. The valid Insights\n event types are ApiErrorRateInsight and\n ApiCallRateInsight.

\n

To enable Insights on an event data store, you must specify the ARNs (or ID suffix of the ARNs) for the source event data store (EventDataStore) and the destination event data store (InsightsDestination). The source event data store logs management events and enables Insights. \n The destination event data store logs Insights events based upon the management event activity of the source event data store. The source and destination event data stores must belong to the same Amazon Web Services account.

\n

To log Insights events for a trail, you must specify the name (TrailName) of the CloudTrail trail for which you want to change or add Insights\n selectors.

\n

To log CloudTrail Insights events on API call volume, the trail or event data store\n must log write management events. To log CloudTrail\n Insights events on API error rate, the trail or event data store must log read or\n write management events. You can call GetEventSelectors on a trail \n to check whether the trail logs management events. You can call GetEventDataStore on an \n event data store to check whether the event data store logs management events.

\n

For more information, see Logging CloudTrail Insights events in the CloudTrail User Guide.

", + "smithy.api#documentation": "

Lets you enable Insights event logging by specifying the Insights selectors that you\n want to enable on an existing trail or event data store. You also use PutInsightSelectors to turn\n off Insights event logging, by passing an empty list of Insights types. The valid Insights\n event types are ApiErrorRateInsight and\n ApiCallRateInsight.

\n

To enable Insights on an event data store, you must specify the ARNs (or ID suffix of the ARNs) for the source event data store (EventDataStore) and the destination event data store (InsightsDestination). The source event data store logs management events and enables Insights. \n The destination event data store logs Insights events based upon the management event activity of the source event data store. The source and destination event data stores must belong to the same Amazon Web Services account.

\n

To log Insights events for a trail, you must specify the name (TrailName) of the CloudTrail trail for which you want to change or add Insights\n selectors.

\n

To log CloudTrail Insights events on API call volume, the trail or event data store\n must log write management events. To log CloudTrail\n Insights events on API error rate, the trail or event data store must log read or\n write management events. You can call GetEventSelectors on a trail \n to check whether the trail logs management events. You can call GetEventDataStore on an \n event data store to check whether the event data store logs management events.

\n

For more information, see Working with CloudTrail Insights in the CloudTrail User Guide.

", "smithy.api#idempotent": {} } }, @@ -9241,6 +9244,150 @@ "smithy.api#documentation": "

The settings for the source S3 bucket.

" } }, + "com.amazonaws.cloudtrail#SampleQueryDescription": { + "type": "string" + }, + "com.amazonaws.cloudtrail#SampleQueryName": { + "type": "string" + }, + "com.amazonaws.cloudtrail#SampleQueryRelevance": { + "type": "float", + "traits": { + "smithy.api#default": 0 + } + }, + "com.amazonaws.cloudtrail#SampleQuerySQL": { + "type": "string" + }, + "com.amazonaws.cloudtrail#SearchSampleQueries": { + "type": "operation", + "input": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesRequest" + }, + "output": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.cloudtrail#InvalidParameterException" + }, + { + "target": "com.amazonaws.cloudtrail#OperationNotPermittedException" + }, + { + "target": "com.amazonaws.cloudtrail#UnsupportedOperationException" + } + ], + "traits": { + "smithy.api#documentation": "

\n Searches sample queries and returns a list of sample queries that are sorted by relevance. \n To search for sample queries, provide a natural language SearchPhrase in English.\n

", + "smithy.api#idempotent": {} + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesMaxResults": { + "type": "integer", + "traits": { + "smithy.api#range": { + "min": 1, + "max": 50 + } + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesRequest": { + "type": "structure", + "members": { + "SearchPhrase": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesSearchPhrase", + "traits": { + "smithy.api#documentation": "

\n The natural language phrase to use for the semantic search. The phrase must be in English. The length constraint is in characters, not words.

", + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesMaxResults", + "traits": { + "smithy.api#documentation": "

\n The maximum number of results to return on a single page. The default value is 10.\n

" + } + }, + "NextToken": { + "target": "com.amazonaws.cloudtrail#PaginationToken", + "traits": { + "smithy.api#documentation": "

\n A token you can use to get the next page of results. The length constraint is in characters, not words.\n

" + } + } + }, + "traits": { + "smithy.api#input": {} + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesResponse": { + "type": "structure", + "members": { + "SearchResults": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesSearchResults", + "traits": { + "smithy.api#documentation": "

\n A list of objects containing the search results ordered from most relevant to least relevant.\n

" + } + }, + "NextToken": { + "target": "com.amazonaws.cloudtrail#PaginationToken", + "traits": { + "smithy.api#documentation": "

\n A token you can use to get the next page of results.

" + } + } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesSearchPhrase": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 2, + "max": 1000 + }, + "smithy.api#pattern": "^[ -~\\n]*$" + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesSearchResult": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.cloudtrail#SampleQueryName", + "traits": { + "smithy.api#documentation": "

\n The name of a sample query.\n

" + } + }, + "Description": { + "target": "com.amazonaws.cloudtrail#SampleQueryDescription", + "traits": { + "smithy.api#documentation": "

\n A longer description of a sample query.\n

" + } + }, + "SQL": { + "target": "com.amazonaws.cloudtrail#SampleQuerySQL", + "traits": { + "smithy.api#documentation": "

\n The SQL code of the sample query.\n

" + } + }, + "Relevance": { + "target": "com.amazonaws.cloudtrail#SampleQueryRelevance", + "traits": { + "smithy.api#default": 0, + "smithy.api#documentation": "

\n A value between 0 and 1 indicating the similarity between the search phrase and result.\n

" + } + } + }, + "traits": { + "smithy.api#documentation": "

\n A search result returned by the SearchSampleQueries operation.\n

" + } + }, + "com.amazonaws.cloudtrail#SearchSampleQueriesSearchResults": { + "type": "list", + "member": { + "target": "com.amazonaws.cloudtrail#SearchSampleQueriesSearchResult" + } + }, "com.amazonaws.cloudtrail#SelectorField": { "type": "string", "traits": { diff --git a/tools/code-generation/smithy/api-descriptions/eks.json b/tools/code-generation/smithy/api-descriptions/eks.json index edca7c041cf..5d9bfb9b36b 100644 --- a/tools/code-generation/smithy/api-descriptions/eks.json +++ b/tools/code-generation/smithy/api-descriptions/eks.json @@ -318,7 +318,7 @@ "name": "eks" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that makes it easy\n for you to run Kubernetes on Amazon Web Services without needing to setup or maintain your own\n Kubernetes control plane. Kubernetes is an open-source system for automating the deployment,\n scaling, and management of containerized applications.

\n

Amazon EKS runs up-to-date versions of the open-source Kubernetes software, so you\n can use all the existing plugins and tooling from the Kubernetes community. Applications\n running on Amazon EKS are fully compatible with applications running on any\n standard Kubernetes environment, whether running in on-premises data centers or public\n clouds. This means that you can easily migrate any standard Kubernetes application to Amazon EKS without any code modification required.

", + "smithy.api#documentation": "

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that makes it easy\n for you to run Kubernetes on Amazon Web Services without needing to setup or maintain your own\n Kubernetes control plane. Kubernetes is an open-source system for automating the deployment,\n scaling, and management of containerized applications.

\n

Amazon EKS runs up-to-date versions of the open-source Kubernetes software, so you\n can use all the existing plugins and tooling from the Kubernetes community. Applications\n running on Amazon EKS are fully compatible with applications running on any\n standard Kubernetes environment, whether running in on-premises data centers or public\n clouds. This means that you can easily migrate any standard Kubernetes application to Amazon EKS\n without any code modification required.

", "smithy.api#title": "Amazon Elastic Kubernetes Service", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -1399,7 +1399,7 @@ "principalArn": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The ARN of the IAM principal for the access entry. If you ever delete\n the IAM principal with this ARN, the access entry isn't automatically\n deleted. We recommend that you delete the access entry with an ARN for an IAM principal that you delete. If you don't delete the access entry and ever\n recreate the IAM principal, even if it has the same ARN, the access\n entry won't work. This is because even though the ARN is the same for the recreated\n IAM principal, the roleID or userID (you\n can see this with the Security Token Service\n GetCallerIdentity API) is different for the recreated IAM\n principal than it was for the original IAM principal. Even though you\n don't see the IAM principal's roleID or userID\n for an access entry, Amazon EKS stores it with the access entry.

" + "smithy.api#documentation": "

The ARN of the IAM principal for the access entry. If you ever delete\n the IAM principal with this ARN, the access entry isn't automatically\n deleted. We recommend that you delete the access entry with an ARN for an IAM\n principal that you delete. If you don't delete the access entry and ever\n recreate the IAM principal, even if it has the same ARN, the access\n entry won't work. This is because even though the ARN is the same for the recreated\n IAM principal, the roleID or userID (you\n can see this with the Security Token Service\n GetCallerIdentity API) is different for the recreated IAM\n principal than it was for the original IAM principal. Even though you\n don't see the IAM principal's roleID or userID\n for an access entry, Amazon EKS stores it with the access entry.

" } }, "kubernetesGroups": { @@ -1611,7 +1611,7 @@ "podIdentityAssociations": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

An array of Pod Identity Assocations owned by the Addon. Each EKS Pod Identity association maps a role to a service account in a namespace in the cluster.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the EKS User Guide.

" + "smithy.api#documentation": "

An array of Pod Identity Assocations owned by the Addon. Each EKS Pod Identity association maps a role to a service account in a namespace in the cluster.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the Amazon EKS User Guide.

" } } }, @@ -1631,12 +1631,12 @@ "compatibleVersions": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

A list of compatible add-on versions.

" + "smithy.api#documentation": "

The list of compatible Amazon EKS add-on versions for the next Kubernetes version.

" } } }, "traits": { - "smithy.api#documentation": "

Contains compatibility information for an Amazon EKS add-on.

" + "smithy.api#documentation": "

The summary information about the Amazon EKS add-on compatibility for the next Kubernetes \n version for an insight check in the UPGRADE_READINESS category.

" } }, "com.amazonaws.eks#AddonCompatibilityDetails": { @@ -1819,7 +1819,7 @@ } }, "traits": { - "smithy.api#documentation": "

A type of Pod Identity Association owned by an Amazon EKS Add-on.

\n

Each EKS Pod Identity Association maps a role to a service account in a namespace in the cluster.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the EKS User Guide.

" + "smithy.api#documentation": "

A type of Pod Identity Association owned by an Amazon EKS Add-on.

\n

Each EKS Pod Identity Association maps a role to a service account in a namespace in the cluster.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#AddonPodIdentityAssociationsList": { @@ -2336,7 +2336,7 @@ } }, "traits": { - "smithy.api#documentation": "

Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your Amazon Web Services account. For more information, see EKS Auto Mode block storage capability in the EKS User Guide.

" + "smithy.api#documentation": "

Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your Amazon Web Services account. For more information, see EKS Auto Mode block storage capability in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#Boolean": { @@ -2606,7 +2606,7 @@ "outpostConfig": { "target": "com.amazonaws.eks#OutpostConfigResponse", "traits": { - "smithy.api#documentation": "

An object representing the configuration of your local Amazon EKS cluster on\n an Amazon Web Services Outpost. This object isn't available for clusters on the Amazon Web Services cloud.

" + "smithy.api#documentation": "

An object representing the configuration of your local Amazon EKS cluster on\n an Amazon Web Services Outpost. This object isn't available for clusters on the Amazon Web Services\n cloud.

" } }, "accessConfig": { @@ -2618,7 +2618,7 @@ "upgradePolicy": { "target": "com.amazonaws.eks#UpgradePolicyResponse", "traits": { - "smithy.api#documentation": "

This value indicates if extended support is enabled or disabled for the cluster.

\n

\n Learn more about EKS Extended Support in the EKS User Guide.\n

" + "smithy.api#documentation": "

This value indicates if extended support is enabled or disabled for the cluster.

\n

\n Learn more about EKS Extended Support in the Amazon EKS User Guide.\n

" } }, "zonalShiftConfig": { @@ -2636,13 +2636,13 @@ "computeConfig": { "target": "com.amazonaws.eks#ComputeConfigResponse", "traits": { - "smithy.api#documentation": "

Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account. For more information, see EKS Auto Mode compute capability in the EKS User Guide.

" + "smithy.api#documentation": "

Indicates the current configuration of the compute capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the compute capability is enabled, EKS Auto Mode will create and delete EC2 Managed Instances in your Amazon Web Services account. For more information, see EKS Auto Mode compute capability in the Amazon EKS User Guide.

" } }, "storageConfig": { "target": "com.amazonaws.eks#StorageConfigResponse", "traits": { - "smithy.api#documentation": "

Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your Amazon Web Services account. For more information, see EKS Auto Mode block storage capability in the EKS User Guide.

" + "smithy.api#documentation": "

Indicates the current configuration of the block storage capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. If the block storage capability is enabled, EKS Auto Mode will create and delete EBS volumes in your Amazon Web Services account. For more information, see EKS Auto Mode block storage capability in the Amazon EKS User Guide.

" } } }, @@ -3003,18 +3003,18 @@ "nodePools": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the EKS User Guide.

" + "smithy.api#documentation": "

Configuration for node pools that defines the compute resources for your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the Amazon EKS User Guide.

" } }, "nodeRoleArn": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the EKS User Guide.

" + "smithy.api#documentation": "

The ARN of the IAM Role EKS will assign to EC2 Managed Instances in your EKS Auto Mode cluster. This value cannot be changed after the compute capability of EKS Auto Mode is enabled. For more information, see the IAM Reference in the Amazon EKS User Guide.

" } } }, "traits": { - "smithy.api#documentation": "

Request to update the configuration of the compute capability of your EKS Auto Mode cluster. For example, enable the capability. For more information, see EKS Auto Mode compute capability in the EKS User Guide.

" + "smithy.api#documentation": "

Request to update the configuration of the compute capability of your EKS Auto Mode cluster. For example, enable the capability. For more information, see EKS Auto Mode compute capability in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#ComputeConfigResponse": { @@ -3029,7 +3029,7 @@ "nodePools": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

Indicates the current configuration of node pools in your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the EKS User Guide.

" + "smithy.api#documentation": "

Indicates the current configuration of node pools in your EKS Auto Mode cluster. For more information, see EKS Auto Mode Node Pools in the Amazon EKS User Guide.

" } }, "nodeRoleArn": { @@ -3173,7 +3173,7 @@ } }, "traits": { - "smithy.api#documentation": "

The placement configuration for all the control plane instances of your local Amazon EKS cluster on an Amazon Web Services Outpost. For more information, see\n Capacity\n considerations in the Amazon EKS User Guide.

" + "smithy.api#documentation": "

The placement configuration for all the control plane instances of your local Amazon EKS\n cluster on an Amazon Web Services Outpost. For more information, see\n Capacity\n considerations in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#ControlPlanePlacementResponse": { @@ -3187,7 +3187,7 @@ } }, "traits": { - "smithy.api#documentation": "

The placement configuration for all the control plane instances of your local Amazon EKS cluster on an Amazon Web Services Outpost. For more information, see\n Capacity considerations in the Amazon EKS User Guide.

" + "smithy.api#documentation": "

The placement configuration for all the control plane instances of your local Amazon EKS\n cluster on an Amazon Web Services Outpost. For more information, see\n Capacity considerations in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#CreateAccessConfigRequest": { @@ -3261,7 +3261,7 @@ "principalArn": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You can't specify the\n same ARN in more than one access entry. This value can't be changed after access entry\n creation.

\n

The valid principals differ depending on the type of the access entry in the\n type field. The only valid ARN is IAM roles for the types of access\n entries for nodes: \n . You can use every IAM principal type for STANDARD access entries.\n You can't use the STS session principal type with access entries because this is a\n temporary principal for each session and not a permanent identity that can be assigned\n permissions.

\n

\n IAM best practices recommend using IAM roles with\n temporary credentials, rather than IAM users with long-term credentials.\n

", + "smithy.api#documentation": "

The ARN of the IAM principal for the AccessEntry. You can specify one ARN for each access entry. You can't specify the\n same ARN in more than one access entry. This value can't be changed after access entry\n creation.

\n

The valid principals differ depending on the type of the access entry in the\n type field. For STANDARD access entries, you can use every\n IAM principal type. For nodes (EC2 (for EKS Auto Mode),\n EC2_LINUX, EC2_WINDOWS, FARGATE_LINUX, and\n HYBRID_LINUX), the only valid ARN is IAM roles.\n \n You can't use the STS session principal type with access entries because this is a\n temporary principal for each session and not a permanent identity that can be assigned\n permissions.

\n

\n IAM\n best practices recommend using IAM roles with\n temporary credentials, rather than IAM users with long-term credentials.\n

", "smithy.api#required": {} } }, @@ -3293,7 +3293,7 @@ "type": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The type of the new access entry. Valid values are Standard,\n FARGATE_LINUX, EC2_LINUX, and\n EC2_WINDOWS.

\n

If the principalArn is for an IAM role that's used for\n self-managed Amazon EC2 nodes, specify EC2_LINUX or\n EC2_WINDOWS. Amazon EKS grants the necessary permissions to the\n node for you. If the principalArn is for any other purpose, specify\n STANDARD. If you don't specify a value, Amazon EKS sets the\n value to STANDARD. It's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the\n aws-auth\n ConfigMap for the roles. You can't change this value once you've created\n the access entry.

\n

If you set the value to EC2_LINUX or EC2_WINDOWS, you can't\n specify values for kubernetesGroups, or associate an\n AccessPolicy to the access entry.

" + "smithy.api#documentation": "

The type of the new access entry. Valid values are STANDARD,\n FARGATE_LINUX, EC2_LINUX, EC2_WINDOWS,\n EC2 (for EKS Auto Mode), HYBRID_LINUX, and HYPERPOD_LINUX.\n

\n

If the principalArn is for an IAM role that's used for self-managed\n Amazon EC2 nodes, specify EC2_LINUX or EC2_WINDOWS. Amazon EKS grants\n the necessary permissions to the node for you. If the principalArn is for\n any other purpose, specify STANDARD. If you don't specify a value, Amazon EKS\n sets the value to STANDARD. If you have the access mode of the cluster set\n to API_AND_CONFIG_MAP, it's unnecessary to create access entries for IAM\n roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries\n in the aws-auth\n ConfigMap for the roles. You can't change this value once you've created\n the access entry.

\n

If you set the value to EC2_LINUX or EC2_WINDOWS, you can't\n specify values for kubernetesGroups, or associate an\n AccessPolicy to the access entry.

" } } }, @@ -3341,7 +3341,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an Amazon EKS add-on.

\n

Amazon EKS add-ons help to automate the provisioning and lifecycle management\n of common operational software for Amazon EKS clusters. For more information,\n see Amazon EKS add-ons in the Amazon EKS User Guide.

", + "smithy.api#documentation": "

Creates an Amazon EKS add-on.

\n

Amazon EKS add-ons help to automate the provisioning and lifecycle management\n of common operational software for Amazon EKS clusters. For more information,\n see Amazon EKS\n add-ons in the Amazon EKS User Guide.

", "smithy.api#http": { "method": "POST", "uri": "/clusters/{clusterName}/addons", @@ -3407,7 +3407,7 @@ "podIdentityAssociations": { "target": "com.amazonaws.eks#AddonPodIdentityAssociationsList", "traits": { - "smithy.api#documentation": "

An array of Pod Identity Assocations to be created. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the EKS User Guide.

" + "smithy.api#documentation": "

An array of Pod Identity Assocations to be created. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the Amazon EKS User Guide.

" } } }, @@ -3458,7 +3458,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an Amazon EKS control plane.

\n

The Amazon EKS control plane consists of control plane instances that run the\n Kubernetes software, such as etcd and the API server. The control plane runs in\n an account managed by Amazon Web Services, and the Kubernetes API is exposed by the Amazon EKS API server endpoint. Each Amazon EKS cluster control plane is\n single tenant and unique. It runs on its own set of Amazon EC2 instances.

\n

The cluster control plane is provisioned across multiple Availability Zones and\n fronted by an Elastic Load Balancing\n Network Load Balancer. Amazon EKS also provisions elastic network interfaces in\n your VPC subnets to provide connectivity from the control plane instances to the nodes\n (for example, to support kubectl exec, logs, and\n proxy data flows).

\n

Amazon EKS nodes run in your Amazon Web Services account and connect to your\n cluster's control plane over the Kubernetes API server endpoint and a certificate file that\n is created for your cluster.

\n

You can use the endpointPublicAccess and\n endpointPrivateAccess parameters to enable or disable public and\n private access to your cluster's Kubernetes API server endpoint. By default, public access is\n enabled, and private access is disabled. For more information, see Amazon EKS Cluster Endpoint Access Control in the\n \n Amazon EKS User Guide\n .

\n

You can use the logging parameter to enable or disable exporting the\n Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster\n control plane logs aren't exported to CloudWatch Logs. For more information, see\n Amazon EKS Cluster Control Plane Logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n \n

In most cases, it takes several minutes to create a cluster. After you create an\n Amazon EKS cluster, you must configure your Kubernetes tooling to communicate\n with the API server and launch nodes into your cluster. For more information, see Allowing users to\n access your cluster and Launching\n Amazon EKS nodes in the Amazon EKS User Guide.

", + "smithy.api#documentation": "

Creates an Amazon EKS control plane.

\n

The Amazon EKS control plane consists of control plane instances that run the\n Kubernetes software, such as etcd and the API server. The control plane runs in\n an account managed by Amazon Web Services, and the Kubernetes API is exposed by the Amazon EKS\n API server endpoint. Each Amazon EKS cluster control plane is\n single tenant and unique. It runs on its own set of Amazon EC2 instances.

\n

The cluster control plane is provisioned across multiple Availability Zones and\n fronted by an Elastic Load Balancing\n Network Load Balancer. Amazon EKS also provisions elastic network interfaces in\n your VPC subnets to provide connectivity from the control plane instances to the nodes\n (for example, to support kubectl exec, logs, and\n proxy data flows).

\n

Amazon EKS nodes run in your Amazon Web Services account and connect to your\n cluster's control plane over the Kubernetes API server endpoint and a certificate file that\n is created for your cluster.

\n

You can use the endpointPublicAccess and\n endpointPrivateAccess parameters to enable or disable public and\n private access to your cluster's Kubernetes API server endpoint. By default, public access is\n enabled, and private access is disabled. For more information, see Amazon EKS\n Cluster Endpoint Access Control in the\n \n Amazon EKS User Guide\n .

\n

You can use the logging parameter to enable or disable exporting the\n Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster\n control plane logs aren't exported to CloudWatch Logs. For more information, see\n Amazon EKS Cluster Control Plane Logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n \n

In most cases, it takes several minutes to create a cluster. After you create an\n Amazon EKS cluster, you must configure your Kubernetes tooling to communicate\n with the API server and launch nodes into your cluster. For more information, see Allowing users to\n access your cluster and Launching\n Amazon EKS nodes in the Amazon EKS User Guide.

", "smithy.api#examples": [ { "title": "To create a new cluster", @@ -3507,7 +3507,7 @@ "roleArn": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes\n control plane to make calls to Amazon Web Services API operations on your behalf. For\n more information, see Amazon EKS Service IAM Role in the \n Amazon EKS User Guide\n .

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes\n control plane to make calls to Amazon Web Services API operations on your behalf. For\n more information, see Amazon EKS Service IAM\n Role in the \n Amazon EKS User Guide\n .

", "smithy.api#required": {} } }, @@ -3527,7 +3527,7 @@ "logging": { "target": "com.amazonaws.eks#Logging", "traits": { - "smithy.api#documentation": "

Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n " + "smithy.api#documentation": "

Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs\n . By default, cluster control plane logs aren't exported to CloudWatch Logs\n . For more information, see Amazon EKS\n Cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n " } }, "clientRequestToken": { @@ -3576,7 +3576,7 @@ "zonalShiftConfig": { "target": "com.amazonaws.eks#ZonalShiftConfigRequest", "traits": { - "smithy.api#documentation": "

Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled, Amazon Web Services\n configures zonal autoshift for the cluster.

\n

Zonal shift is a feature of\n Amazon Application Recovery Controller (ARC). ARC zonal shift is designed to be a temporary measure that allows you to move\n traffic for a resource away from an impaired AZ until the zonal shift expires or you cancel\n it. You can extend the zonal shift if necessary.

\n

You can start a zonal shift for an EKS cluster, or you can allow Amazon Web Services to do it for you\n by enabling zonal autoshift. This shift updates the flow of\n east-to-west network traffic in your cluster to only consider network endpoints for Pods\n running on worker nodes in healthy AZs. Additionally, any ALB or NLB handling ingress\n traffic for applications in your EKS cluster will automatically route traffic to targets in\n the healthy AZs. For more information about zonal shift in EKS, see Learn about Amazon Application Recovery Controller (ARC)\n Zonal Shift in Amazon EKS in the\n \n Amazon EKS User Guide\n .

" + "smithy.api#documentation": "

Enable or disable ARC zonal shift for the cluster. If zonal shift is enabled, Amazon Web Services\n configures zonal autoshift for the cluster.

\n

Zonal shift is a feature of\n Amazon Application Recovery Controller (ARC). ARC zonal shift is designed to be a temporary measure that allows you to move\n traffic for a resource away from an impaired AZ until the zonal shift expires or you cancel\n it. You can extend the zonal shift if necessary.

\n

You can start a zonal shift for an Amazon EKS cluster, or you can allow Amazon Web Services to do it for you\n by enabling zonal autoshift. This shift updates the flow of\n east-to-west network traffic in your cluster to only consider network endpoints for Pods\n running on worker nodes in healthy AZs. Additionally, any ALB or NLB handling ingress\n traffic for applications in your Amazon EKS cluster will automatically route traffic to targets in\n the healthy AZs. For more information about zonal shift in EKS, see Learn about Amazon Application Recovery Controller (ARC)\n Zonal Shift in Amazon EKS in the\n \n Amazon EKS User Guide\n .

" } }, "remoteNetworkConfig": { @@ -3748,7 +3748,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates an Fargate profile for your Amazon EKS cluster. You\n must have at least one Fargate profile in a cluster to be able to run\n pods on Fargate.

\n

The Fargate profile allows an administrator to declare which pods run\n on Fargate and specify which pods run on which Fargate\n profile. This declaration is done through the profile’s selectors. Each profile can have\n up to five selectors that contain a namespace and labels. A namespace is required for\n every selector. The label field consists of multiple optional key-value pairs. Pods that\n match the selectors are scheduled on Fargate. If a to-be-scheduled pod\n matches any of the selectors in the Fargate profile, then that pod is run\n on Fargate.

\n

When you create a Fargate profile, you must specify a pod execution\n role to use with the pods that are scheduled with the profile. This role is added to the\n cluster's Kubernetes Role Based\n Access Control (RBAC) for authorization so that the kubelet\n that is running on the Fargate infrastructure can register with your\n Amazon EKS cluster so that it can appear in your cluster as a node. The pod\n execution role also provides IAM permissions to the Fargate infrastructure to allow read access to Amazon ECR image repositories. For\n more information, see Pod Execution Role in the Amazon EKS User Guide.

\n

Fargate profiles are immutable. However, you can create a new updated\n profile to replace an existing profile and then delete the original after the updated\n profile has finished creating.

\n

If any Fargate profiles in a cluster are in the DELETING\n status, you must wait for that Fargate profile to finish deleting before\n you can create any other profiles in that cluster.

\n

For more information, see Fargate profile in the\n Amazon EKS User Guide.

", + "smithy.api#documentation": "

Creates an Fargate profile for your Amazon EKS cluster. You\n must have at least one Fargate profile in a cluster to be able to run\n pods on Fargate.

\n

The Fargate profile allows an administrator to declare which pods run\n on Fargate and specify which pods run on which Fargate\n profile. This declaration is done through the profile's selectors. Each profile can have\n up to five selectors that contain a namespace and labels. A namespace is required for\n every selector. The label field consists of multiple optional key-value pairs. Pods that\n match the selectors are scheduled on Fargate. If a to-be-scheduled pod\n matches any of the selectors in the Fargate profile, then that pod is run\n on Fargate.

\n

When you create a Fargate profile, you must specify a pod execution\n role to use with the pods that are scheduled with the profile. This role is added to the\n cluster's Kubernetes Role Based\n Access Control (RBAC) for authorization so that the kubelet\n that is running on the Fargate infrastructure can register with your\n Amazon EKS cluster so that it can appear in your cluster as a node. The pod\n execution role also provides IAM permissions to the Fargate infrastructure to \n allow read access to Amazon ECR image repositories. For\n more information, see Pod Execution Role in the Amazon EKS User Guide.

\n

Fargate profiles are immutable. However, you can create a new updated\n profile to replace an existing profile and then delete the original after the updated\n profile has finished creating.

\n

If any Fargate profiles in a cluster are in the DELETING\n status, you must wait for that Fargate profile to finish deleting before\n you can create any other profiles in that cluster.

\n

For more information, see Fargate profile in the\n Amazon EKS User Guide.

", "smithy.api#http": { "method": "POST", "uri": "/clusters/{clusterName}/fargate-profiles", @@ -3923,7 +3923,7 @@ "nodeRole": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The\n Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls\n through an IAM instance profile and associated policies. Before you can\n launch nodes and register them into a cluster, you must create an IAM\n role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role in the\n \n Amazon EKS User Guide\n . If you specify launchTemplate, then don't specify \n \n IamInstanceProfile\n in your launch template, or the node group \n deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

", + "smithy.api#documentation": "

The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The\n Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services\n APIs on your behalf. Nodes receive permissions for these API calls\n through an IAM instance profile and associated policies. Before you can\n launch nodes and register them into a cluster, you must create an IAM\n role for those nodes to use when they are launched. For more information, see Amazon EKS\n node IAM role in the\n \n Amazon EKS User Guide\n . If you specify launchTemplate, then don't specify \n \n IamInstanceProfile\n in your launch template, or the node group \n deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

", "smithy.api#required": {} } }, @@ -3985,7 +3985,7 @@ "releaseVersion": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The AMI version of the Amazon EKS optimized AMI to use with your node group.\n By default, the latest available AMI version for the node group's current Kubernetes version\n is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the\n Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions in the\n Amazon EKS User Guide.

\n

If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify \n releaseVersion, or the node group deployment will fail.\n For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

" + "smithy.api#documentation": "

The AMI version of the Amazon EKS optimized AMI to use with your node group.\n By default, the latest available AMI version for the node group's current Kubernetes version\n is used. For information about Linux versions, see Amazon EKS\n optimized Amazon Linux AMI versions in the Amazon EKS User Guide. Amazon EKS\n managed node groups support the November 2022 and later releases of the\n Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions in the\n Amazon EKS User Guide.

\n

If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify \n releaseVersion, or the node group deployment will fail.\n For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

" } } }, @@ -4065,7 +4065,7 @@ "serviceAccount": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.

", + "smithy.api#documentation": "

The name of the Kubernetes service account inside the cluster to associate the IAM\n credentials with.

", "smithy.api#required": {} } }, @@ -4224,7 +4224,7 @@ "target": "com.amazonaws.eks#Boolean", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "

Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM\n account is associated with the add-on, it isn't removed.

", + "smithy.api#documentation": "

Specifying this option preserves the add-on software on your cluster but Amazon EKS\n stops managing any settings for the add-on. If an IAM\n account is associated with the add-on, it isn't removed.

", "smithy.api#httpQuery": "preserve" } } @@ -6324,7 +6324,7 @@ } }, "traits": { - "smithy.api#documentation": "

Indicates the current configuration of the load balancing capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. For more information, see EKS Auto Mode load balancing capability in the EKS User Guide.

" + "smithy.api#documentation": "

Indicates the current configuration of the load balancing capability on your EKS Auto Mode cluster. For example, if the capability is enabled or disabled. For more information, see EKS Auto Mode load balancing capability in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#EncryptionConfig": { @@ -6874,7 +6874,7 @@ "addonCompatibilityDetails": { "target": "com.amazonaws.eks#AddonCompatibilityDetails", "traits": { - "smithy.api#documentation": "

A list of AddonCompatibilityDetail objects for Amazon EKS add-ons.

" + "smithy.api#documentation": "

A list of AddonCompatibilityDetail objects for Amazon EKS add-ons.

" } } }, @@ -7172,7 +7172,7 @@ "code": { "target": "com.amazonaws.eks#NodegroupIssueCode", "traits": { - "smithy.api#documentation": "

A brief description of the error.

\n " + "smithy.api#documentation": "

A brief description of the error.

\n " } }, "message": { @@ -7210,13 +7210,13 @@ "ipFamily": { "target": "com.amazonaws.eks#IpFamily", "traits": { - "smithy.api#documentation": "

Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you\n don't specify a value, ipv4 is used by default. You can only specify an IP\n family when you create a cluster and can't change this value once the cluster is\n created. If you specify ipv6, the VPC and subnets that you specify for\n cluster creation must have both IPv4 and IPv6 CIDR blocks\n assigned to them. You can't specify ipv6 for clusters in China\n Regions.

\n

You can only specify ipv6 for 1.21 and later clusters that\n use version 1.10.1 or later of the Amazon VPC CNI add-on. If you specify\n ipv6, then ensure that your VPC meets the requirements listed in the\n considerations listed in Assigning IPv6 addresses to pods and\n services in the Amazon EKS User Guide. Kubernetes assigns services\n IPv6 addresses from the unique local address range\n (fc00::/7). You can't specify a custom IPv6 CIDR block.\n Pod addresses are assigned from the subnet's IPv6 CIDR.

" + "smithy.api#documentation": "

Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you\n don't specify a value, ipv4 is used by default. You can only specify an IP\n family when you create a cluster and can't change this value once the cluster is\n created. If you specify ipv6, the VPC and subnets that you specify for\n cluster creation must have both IPv4 and IPv6 CIDR blocks\n assigned to them. You can't specify ipv6 for clusters in China\n Regions.

\n

You can only specify ipv6 for 1.21 and later clusters that\n use version 1.10.1 or later of the Amazon VPC CNI add-on. If you specify\n ipv6, then ensure that your VPC meets the requirements listed in the\n considerations listed in Assigning IPv6 addresses to pods and\n services in the Amazon EKS User Guide. Kubernetes assigns services\n IPv6 addresses from the unique local address range\n (fc00::/7). You can't specify a custom IPv6 CIDR block.\n Pod addresses are assigned from the subnet's IPv6 CIDR.

" } }, "elasticLoadBalancing": { "target": "com.amazonaws.eks#ElasticLoadBalancing", "traits": { - "smithy.api#documentation": "

Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the EKS User Guide.

" + "smithy.api#documentation": "

Request to enable or disable the load balancing capability on your EKS Auto Mode cluster. For more information, see EKS Auto Mode load balancing capability in the Amazon EKS User Guide.

" } } }, @@ -7769,7 +7769,7 @@ "clusters": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

A list of all of the clusters for your account in the specified Amazon Web Services Region.

" + "smithy.api#documentation": "

A list of all of the clusters for your account in the specified Amazon Web Services Region\n .

" } }, "nextToken": { @@ -8190,7 +8190,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists the managed node groups associated with the specified cluster in your Amazon Web Services account in the specified Amazon Web Services Region. Self-managed node\n groups aren't listed.

", + "smithy.api#documentation": "

Lists the managed node groups associated with the specified cluster in your Amazon Web Services\n account in the specified Amazon Web Services Region. Self-managed node\n groups aren't listed.

", "smithy.api#http": { "method": "GET", "uri": "/clusters/{clusterName}/node-groups", @@ -8465,7 +8465,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists the updates associated with an Amazon EKS resource in your Amazon Web Services account, in the specified Amazon Web Services Region.

", + "smithy.api#documentation": "

Lists the updates associated with an Amazon EKS resource in your Amazon Web Services\n account, in the specified Amazon Web Services Region.

", "smithy.api#http": { "method": "GET", "uri": "/clusters/{name}/updates", @@ -8564,7 +8564,7 @@ "enabled": { "target": "com.amazonaws.eks#BoxedBoolean", "traits": { - "smithy.api#documentation": "

If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs. If a log type isn't enabled, that log type doesn't export its control\n plane logs. Each individual log type can be enabled or disabled independently.

" + "smithy.api#documentation": "

If a log type is enabled, that log type exports its control plane logs to CloudWatch Logs\n . If a log type isn't enabled, that log type doesn't export its control\n plane logs. Each individual log type can be enabled or disabled independently.

" } } }, @@ -9086,13 +9086,13 @@ "maxSize": { "target": "com.amazonaws.eks#Capacity", "traits": { - "smithy.api#documentation": "

The maximum number of nodes that the managed node group can scale out to. For\n information about the maximum number that you can specify, see Amazon EKS service quotas in the Amazon EKS User Guide.

" + "smithy.api#documentation": "

The maximum number of nodes that the managed node group can scale out to. For\n information about the maximum number that you can specify, see Amazon EKS service \n quotas in the Amazon EKS User Guide.

" } }, "desiredSize": { "target": "com.amazonaws.eks#ZeroCapacity", "traits": { - "smithy.api#documentation": "

The current number of nodes that the managed node group should maintain.

\n \n

If you use the Kubernetes Cluster\n Autoscaler, you shouldn't change the desiredSize value\n directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale\n down.

\n \n

Whenever this parameter changes, the number of worker nodes in the node group is\n updated to the specified size. If this parameter is given a value that is smaller than\n the current number of running worker nodes, the necessary number of worker nodes are\n terminated to match the given value.\n \n When using CloudFormation, no action occurs if you remove this parameter from your CFN\n template.

\n

This parameter can be different from minSize in some cases, such as when\n starting with extra hosts for testing. This parameter can also be different when you\n want to start with an estimated number of needed hosts, but let the Cluster Autoscaler\n reduce the number if there are too many. When the Cluster Autoscaler is used, the\n desiredSize parameter is altered by the Cluster Autoscaler (but can be\n out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed\n node group lower than minSize or higher than maxSize.

" + "smithy.api#documentation": "

The current number of nodes that the managed node group should maintain.

\n \n

If you use the Kubernetes Cluster\n Autoscaler, you shouldn't change the desiredSize value\n directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale\n down.

\n \n

Whenever this parameter changes, the number of worker nodes in the node group is\n updated to the specified size. If this parameter is given a value that is smaller than\n the current number of running worker nodes, the necessary number of worker nodes are\n terminated to match the given value.\n \n When using CloudFormation, no action occurs if you remove this parameter from your CFN\n template.

\n

This parameter can be different from minSize in some cases, such as when\n starting with extra hosts for testing. This parameter can also be different when you\n want to start with an estimated number of needed hosts, but let the Cluster Autoscaler\n reduce the number if there are too many. When the Cluster Autoscaler is used, the \n desiredSize parameter is altered by the Cluster Autoscaler (but can be\n out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed\n node group lower than minSize or higher than maxSize.

" } } }, @@ -9161,10 +9161,33 @@ "traits": { "smithy.api#documentation": "

The maximum percentage of nodes unavailable during a version update. This percentage\n of nodes are updated in parallel, up to 100 nodes at once. This value or\n maxUnavailable is required to have a value.

" } + }, + "updateStrategy": { + "target": "com.amazonaws.eks#NodegroupUpdateStrategies", + "traits": { + "smithy.api#documentation": "

The configuration for the behavior to follow during a node group version update of this managed\n node group. You choose between two possible strategies for replacing nodes during an\n UpdateNodegroupVersion action.

\n

An Amazon EKS managed node group updates by replacing nodes with new nodes of newer AMI\n versions in parallel. The update strategy changes the managed node\n update behavior of the managed node group for each quantity. The\n default strategy has guardrails to protect you from\n misconfiguration and launches the new instances first, before terminating the old\n instances. The minimal strategy removes the guardrails and\n terminates the old instances before launching the new instances. This minimal\n strategy is useful in scenarios where you are constrained to resources or costs (for\n example, with hardware accelerators such as GPUs).

" + } } }, "traits": { - "smithy.api#documentation": "

The node group update configuration.

" + "smithy.api#documentation": "

The node group update configuration. An Amazon EKS managed node group updates by replacing nodes with new\n nodes of newer AMI versions in parallel. You choose the maximum\n unavailable and the update strategy.

" + } + }, + "com.amazonaws.eks#NodegroupUpdateStrategies": { + "type": "enum", + "members": { + "DEFAULT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DEFAULT" + } + }, + "MINIMAL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MINIMAL" + } + } } }, "com.amazonaws.eks#NonZeroInteger": { @@ -9357,7 +9380,7 @@ "controlPlaneInstanceType": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes\n that your cluster will have. For more information, see Capacity\n considerations in the Amazon EKS User Guide.

\n

The instance type that you specify is used for all Kubernetes control plane instances. The\n instance type can't be changed after cluster creation. The control plane is not\n automatically scaled by Amazon EKS.

\n

", + "smithy.api#documentation": "

The Amazon EC2 instance type that you want to use for your local Amazon EKS\n cluster on Outposts. Choose an instance type based on the number of nodes\n that your cluster will have. For more information, see Capacity\n considerations in the Amazon EKS User Guide.

\n

The instance type that you specify is used for all Kubernetes control plane instances. The\n instance type can't be changed after cluster creation. The control plane is not\n automatically scaled by Amazon EKS.

\n

", "smithy.api#required": {} } }, @@ -9427,7 +9450,7 @@ "serviceAccount": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.

" + "smithy.api#documentation": "

The name of the Kubernetes service account inside the cluster to associate the IAM\n credentials with.

" } }, "roleArn": { @@ -9597,7 +9620,7 @@ "connectorConfig": { "target": "com.amazonaws.eks#ConnectorConfigRequest", "traits": { - "smithy.api#documentation": "

The configuration settings required to connect the Kubernetes cluster to the Amazon EKS control plane.

", + "smithy.api#documentation": "

The configuration settings required to connect the Kubernetes cluster to the Amazon EKS\n control plane.

", "smithy.api#required": {} } }, @@ -9636,7 +9659,7 @@ "ec2SshKey": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The Amazon EC2 SSH key name that provides access for SSH communication with\n the nodes in the managed node group. For more information, see Amazon EC2 key pairs and Linux instances in the Amazon Elastic Compute Cloud User Guide for Linux Instances. For\n Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more\n information, see Amazon EC2 key pairs and Windows instances in\n the Amazon Elastic Compute Cloud User Guide for Windows Instances.

" + "smithy.api#documentation": "

The Amazon EC2 SSH key name that provides access for SSH communication with\n the nodes in the managed node group. For more information, see Amazon EC2\n key pairs and Linux instances in the Amazon Elastic Compute Cloud User Guide for Linux Instances. For\n Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more\n information, see Amazon EC2 key pairs and Windows instances in\n the Amazon Elastic Compute Cloud User Guide for Windows Instances.

" } }, "sourceSecurityGroups": { @@ -9874,7 +9897,7 @@ } }, "traits": { - "smithy.api#documentation": "

The specified resource could not be found. You can view your available clusters with\n ListClusters. You can view your available managed node groups with\n ListNodegroups. Amazon EKS clusters and node groups are Amazon Web Services Region specific.

", + "smithy.api#documentation": "

The specified resource could not be found. You can view your available clusters with\n ListClusters. You can view your available managed node groups with\n ListNodegroups. Amazon EKS clusters and node groups are Amazon Web Services Region\n specific.

", "smithy.api#error": "client", "smithy.api#httpError": 404 } @@ -9971,7 +9994,7 @@ } }, "traits": { - "smithy.api#documentation": "

Request to update the configuration of the storage capability of your EKS Auto Mode cluster. For example, enable the capability. For more information, see EKS Auto Mode block storage capability in the EKS User Guide.

" + "smithy.api#documentation": "

Request to update the configuration of the storage capability of your EKS Auto Mode cluster. For example, enable the capability. For more information, see EKS Auto Mode block storage capability in the Amazon EKS User Guide.

" } }, "com.amazonaws.eks#StorageConfigResponse": { @@ -10495,7 +10518,7 @@ "podIdentityAssociations": { "target": "com.amazonaws.eks#AddonPodIdentityAssociationsList", "traits": { - "smithy.api#documentation": "

An array of Pod Identity Assocations to be updated. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role. If this value is left blank, no change. If an empty array is provided, existing Pod Identity Assocations owned by the Addon are deleted.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the EKS User Guide.

" + "smithy.api#documentation": "

An array of Pod Identity Assocations to be updated. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role. If this value is left blank, no change. If an empty array is provided, existing Pod Identity Assocations owned by the Addon are deleted.

\n

For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity in the Amazon EKS User Guide.

" } } }, @@ -10543,7 +10566,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates an Amazon EKS cluster configuration. Your cluster continues to\n function during the update. The response output includes an update ID that you can use\n to track the status of your cluster update with DescribeUpdate\"/>.

\n

You can use this API operation to enable or disable exporting the Kubernetes control plane\n logs for your cluster to CloudWatch Logs. By default, cluster control plane logs\n aren't exported to CloudWatch Logs. For more information, see Amazon EKS Cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n \n

You can also use this API operation to enable or disable public and private access to\n your cluster's Kubernetes API server endpoint. By default, public access is enabled, and\n private access is disabled. For more information, see Amazon EKS cluster endpoint access control in the\n \n Amazon EKS User Guide\n .

\n

You can also use this API operation to choose different subnets and security groups\n for the cluster. You must specify at least two subnets that are in different\n Availability Zones. You can't change which VPC the subnets are from, the subnets must be\n in the same VPC as the subnets that the cluster was created with. For more information\n about the VPC requirements, see https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html in the \n Amazon EKS User Guide\n .

\n

You can also use this API operation to enable or disable ARC zonal shift. If zonal shift is enabled, Amazon Web Services\n configures zonal autoshift for the cluster.

\n

Cluster updates are asynchronous, and they should finish within a few minutes. During\n an update, the cluster status moves to UPDATING (this status transition is\n eventually consistent). When the update is complete (either Failed or\n Successful), the cluster status moves to Active.

", + "smithy.api#documentation": "

Updates an Amazon EKS cluster configuration. Your cluster continues to\n function during the update. The response output includes an update ID that you can use\n to track the status of your cluster update with DescribeUpdate\"/>.

\n

You can use this API operation to enable or disable exporting the Kubernetes control plane\n logs for your cluster to CloudWatch Logs. By default, cluster control plane logs\n aren't exported to CloudWatch Logs. For more information, see Amazon EKS\n Cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n \n

You can also use this API operation to enable or disable public and private access to\n your cluster's Kubernetes API server endpoint. By default, public access is enabled, and\n private access is disabled. For more information, see Amazon EKS\n cluster endpoint access control in the\n \n Amazon EKS User Guide\n .

\n

You can also use this API operation to choose different subnets and security groups\n for the cluster. You must specify at least two subnets that are in different\n Availability Zones. You can't change which VPC the subnets are from, the subnets must be\n in the same VPC as the subnets that the cluster was created with. For more information\n about the VPC requirements, see https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html in the \n Amazon EKS User Guide\n .

\n

You can also use this API operation to enable or disable ARC zonal shift. If zonal shift is enabled, Amazon Web Services\n configures zonal autoshift for the cluster.

\n

Cluster updates are asynchronous, and they should finish within a few minutes. During\n an update, the cluster status moves to UPDATING (this status transition is\n eventually consistent). When the update is complete (either Failed or\n Successful), the cluster status moves to Active.

", "smithy.api#http": { "method": "POST", "uri": "/clusters/{name}/update-config", @@ -10568,7 +10591,7 @@ "logging": { "target": "com.amazonaws.eks#Logging", "traits": { - "smithy.api#documentation": "

Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs. By default, cluster control plane logs aren't exported to CloudWatch Logs. For more information, see Amazon EKS cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n " + "smithy.api#documentation": "

Enable or disable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs\n . By default, cluster control plane logs aren't exported to CloudWatch Logs\n . For more information, see Amazon EKS\n cluster control plane logs in the\n \n Amazon EKS User Guide\n .

\n \n

CloudWatch Logs ingestion, archive storage, and data scanning rates apply to\n exported control plane logs. For more information, see CloudWatch\n Pricing.

\n " } }, "clientRequestToken": { @@ -10656,7 +10679,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates an Amazon EKS cluster to the specified Kubernetes version. Your cluster\n continues to function during the update. The response output includes an update ID that\n you can use to track the status of your cluster update with the DescribeUpdate API operation.

\n

Cluster updates are asynchronous, and they should finish within a few minutes. During\n an update, the cluster status moves to UPDATING (this status transition is\n eventually consistent). When the update is complete (either Failed or\n Successful), the cluster status moves to Active.

\n

If your cluster has managed node groups attached to it, all of your node groups’ Kubernetes\n versions must match the cluster’s Kubernetes version in order to update the cluster to a new\n Kubernetes version.

", + "smithy.api#documentation": "

Updates an Amazon EKS cluster to the specified Kubernetes version. Your cluster\n continues to function during the update. The response output includes an update ID that\n you can use to track the status of your cluster update with the DescribeUpdate API operation.

\n

Cluster updates are asynchronous, and they should finish within a few minutes. During\n an update, the cluster status moves to UPDATING (this status transition is\n eventually consistent). When the update is complete (either Failed or\n Successful), the cluster status moves to Active.

\n

If your cluster has managed node groups attached to it, all of your node groups' Kubernetes\n versions must match the cluster's Kubernetes version in order to update the cluster to a new\n Kubernetes version.

", "smithy.api#http": { "method": "POST", "uri": "/clusters/{name}/updates", @@ -10836,7 +10859,7 @@ } ], "traits": { - "smithy.api#documentation": "

Updates an Amazon EKS managed node group configuration. Your node group\n continues to function during the update. The response output includes an update ID that\n you can use to track the status of your node group update with the DescribeUpdate API operation. Currently you can update the Kubernetes labels\n for a node group or the scaling configuration.

", + "smithy.api#documentation": "

Updates an Amazon EKS managed node group configuration. Your node group\n continues to function during the update. The response output includes an update ID that\n you can use to track the status of your node group update with the DescribeUpdate API operation. You can update the Kubernetes labels and taints\n for a node group and the scaling and version update configuration.

", "smithy.api#http": { "method": "POST", "uri": "/clusters/{clusterName}/node-groups/{nodegroupName}/update-config", @@ -10981,7 +11004,7 @@ "releaseVersion": { "target": "com.amazonaws.eks#String", "traits": { - "smithy.api#documentation": "

The AMI version of the Amazon EKS optimized AMI to use for the update. By\n default, the latest available AMI version for the node group's Kubernetes version is used.\n For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the\n Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions in the\n Amazon EKS User Guide.

\n

If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify \n releaseVersion, or the node group update will fail.\n For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

" + "smithy.api#documentation": "

The AMI version of the Amazon EKS optimized AMI to use for the update. By\n default, the latest available AMI version for the node group's Kubernetes version is used.\n For information about Linux versions, see Amazon EKS\n optimized Amazon Linux AMI versions in the Amazon EKS User Guide. Amazon EKS\n managed node groups support the November 2022 and later releases of the\n Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions in the\n Amazon EKS User Guide.

\n

If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify \n releaseVersion, or the node group update will fail.\n For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates in the Amazon EKS User Guide.

" } }, "launchTemplate": { @@ -11187,6 +11210,12 @@ "smithy.api#enumValue": "NodeRepairEnabled" } }, + "UPDATE_STRATEGY": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UpdateStrategy" + } + }, "CONFIGURATION_VALUES": { "target": "smithy.api#Unit", "traits": { @@ -11475,12 +11504,12 @@ "supportType": { "target": "com.amazonaws.eks#SupportType", "traits": { - "smithy.api#documentation": "

If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.

\n

\n Learn more about EKS Extended Support in the EKS User Guide.\n

" + "smithy.api#documentation": "

If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.

\n

\n Learn more about EKS Extended Support in the Amazon EKS User Guide.\n

" } } }, "traits": { - "smithy.api#documentation": "

The support policy to use for the cluster. Extended support allows you to remain on specific Kubernetes versions for longer. Clusters in extended support have higher costs. The default value is EXTENDED. Use STANDARD to disable extended support.

\n

\n Learn more about EKS Extended Support in the EKS User Guide.\n

" + "smithy.api#documentation": "

The support policy to use for the cluster. Extended support allows you to remain on specific Kubernetes versions for longer. Clusters in extended support have higher costs. The default value is EXTENDED. Use STANDARD to disable extended support.

\n

\n Learn more about EKS Extended Support in the Amazon EKS User Guide.\n

" } }, "com.amazonaws.eks#UpgradePolicyResponse": { @@ -11489,12 +11518,12 @@ "supportType": { "target": "com.amazonaws.eks#SupportType", "traits": { - "smithy.api#documentation": "

If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.

\n

\n Learn more about EKS Extended Support in the EKS User Guide.\n

" + "smithy.api#documentation": "

If the cluster is set to EXTENDED, it will enter extended support at the end of standard support. If the cluster is set to STANDARD, it will be automatically upgraded at the end of standard support.

\n

\n Learn more about EKS Extended Support in the Amazon EKS User Guide.\n

" } } }, "traits": { - "smithy.api#documentation": "

This value indicates if extended support is enabled or disabled for the cluster.

\n

\n Learn more about EKS Extended Support in the EKS User Guide.\n

" + "smithy.api#documentation": "

This value indicates if extended support is enabled or disabled for the cluster.

\n

\n Learn more about EKS Extended Support in the Amazon EKS User Guide.\n

" } }, "com.amazonaws.eks#VpcConfigRequest": { @@ -11527,7 +11556,7 @@ "publicAccessCidrs": { "target": "com.amazonaws.eks#StringList", "traits": { - "smithy.api#documentation": "

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server\n endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that\n you specify is denied. The default value is 0.0.0.0/0. If you've disabled\n private endpoint access, make sure that you specify the necessary CIDR blocks for every\n node and Fargate\n Pod in the cluster. For more information, see Amazon EKS cluster endpoint access control in the\n \n Amazon EKS User Guide\n .

" + "smithy.api#documentation": "

The CIDR blocks that are allowed access to your cluster's public Kubernetes API server\n endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that\n you specify is denied. The default value is 0.0.0.0/0. If you've disabled\n private endpoint access, make sure that you specify the necessary CIDR blocks for every\n node and Fargate\n Pod in the cluster. For more information, see Amazon EKS cluster \n endpoint access control in the \n Amazon EKS User Guide\n .

" } } }, @@ -11573,7 +11602,7 @@ "target": "com.amazonaws.eks#Boolean", "traits": { "smithy.api#default": false, - "smithy.api#documentation": "

This parameter indicates whether the Amazon EKS private API server endpoint is\n enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API\n requests that originate from within your cluster's VPC use the private VPC endpoint\n instead of traversing the internet. If this value is disabled and you have nodes or\n Fargate pods in the cluster, then ensure that\n publicAccessCidrs includes the necessary CIDR blocks for communication\n with the nodes or Fargate pods. For more information, see Amazon EKS cluster endpoint access control in the\n \n Amazon EKS User Guide\n .

" + "smithy.api#documentation": "

This parameter indicates whether the Amazon EKS private API server endpoint is\n enabled. If the Amazon EKS private API server endpoint is enabled, Kubernetes API\n requests that originate from within your cluster's VPC use the private VPC endpoint\n instead of traversing the internet. If this value is disabled and you have nodes or\n Fargate pods in the cluster, then ensure that\n publicAccessCidrs includes the necessary CIDR blocks for communication\n with the nodes or Fargate pods. For more information, see Amazon EKS\n cluster endpoint access control in the\n \n Amazon EKS User Guide\n .

" } }, "publicAccessCidrs": { diff --git a/tools/code-generation/smithy/api-descriptions/healthlake.json b/tools/code-generation/smithy/api-descriptions/healthlake.json index 33db822d026..dcb828d648b 100644 --- a/tools/code-generation/smithy/api-descriptions/healthlake.json +++ b/tools/code-generation/smithy/api-descriptions/healthlake.json @@ -61,6 +61,12 @@ "smithy.api#enumValue": "SMART_ON_FHIR_V1" } }, + "SMART_ON_FHIR": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SMART_ON_FHIR" + } + }, "AWS_AUTH": { "target": "smithy.api#Unit", "traits": { @@ -1783,6 +1789,12 @@ "smithy.api#enumValue": "SUBMITTED" } }, + "QUEUED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "QUEUED" + } + }, "IN_PROGRESS": { "target": "smithy.api#Unit", "traits": { @@ -2392,8 +2404,7 @@ "target": "com.amazonaws.healthlake#ClientTokenString", "traits": { "smithy.api#documentation": "

An optional user provided token used for ensuring idempotency.

", - "smithy.api#idempotencyToken": {}, - "smithy.api#required": {} + "smithy.api#idempotencyToken": {} } } }, @@ -2498,8 +2509,7 @@ "target": "com.amazonaws.healthlake#ClientTokenString", "traits": { "smithy.api#documentation": "

Optional user provided token used for ensuring idempotency.

", - "smithy.api#idempotencyToken": {}, - "smithy.api#required": {} + "smithy.api#idempotencyToken": {} } } }, diff --git a/tools/code-generation/smithy/api-descriptions/ssm.json b/tools/code-generation/smithy/api-descriptions/ssm.json index fb11af8ac7d..3d8dad7d0d5 100644 --- a/tools/code-generation/smithy/api-descriptions/ssm.json +++ b/tools/code-generation/smithy/api-descriptions/ssm.json @@ -858,7 +858,7 @@ "name": "ssm" }, "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "

Amazon Web Services Systems Manager is the operations hub for your Amazon Web Services applications and resources and a secure\n end-to-end management solution for hybrid cloud environments that enables safe and secure\n operations at scale.

\n

This reference is intended to be used with the Amazon Web Services Systems Manager User Guide. To get started, see Setting up Amazon Web Services Systems Manager.

\n

\n Related resources\n

\n ", + "smithy.api#documentation": "

Amazon Web Services Systems Manager is the operations hub for your Amazon Web Services applications and resources and a secure\n end-to-end management solution for hybrid cloud environments that enables safe and secure\n operations at scale.

\n

This reference is intended to be used with the Amazon Web Services Systems Manager User Guide. To get started, see Setting up Amazon Web Services Systems Manager.

\n

\n Related resources\n

\n ", "smithy.api#title": "Amazon Simple Systems Manager (SSM)", "smithy.api#xmlNamespace": { "uri": "http://ssm.amazonaws.com/doc/2014-11-06/" @@ -1936,7 +1936,7 @@ } ], "traits": { - "smithy.api#documentation": "

Associates a related item to a Systems Manager OpsCenter OpsItem. For example, you can associate an\n Incident Manager incident or analysis with an OpsItem. Incident Manager and OpsCenter are capabilities of\n Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Associates a related item to a Systems Manager OpsCenter OpsItem. For example, you can associate an\n Incident Manager incident or analysis with an OpsItem. Incident Manager and OpsCenter are tools in\n Amazon Web Services Systems Manager.

" } }, "com.amazonaws.ssm#AssociateOpsItemRelatedItemRequest": { @@ -2188,7 +2188,7 @@ "AutomationTargetParameterName": { "target": "com.amazonaws.ssm#AutomationTargetParameterName", "traits": { - "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a tool in Amazon Web Services Systems Manager.

" } }, "Parameters": { @@ -2260,7 +2260,7 @@ "SyncCompliance": { "target": "com.amazonaws.ssm#AssociationSyncCompliance", "traits": { - "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a capability of Amazon Web Services Systems Manager. It is managed by your direct call to the\n PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" + "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a tool in Amazon Web Services Systems Manager. It is managed by your direct call to the PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" } }, "ApplyOnlyAtCronInterval": { @@ -3030,7 +3030,7 @@ "SyncCompliance": { "target": "com.amazonaws.ssm#AssociationSyncCompliance", "traits": { - "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a capability of Amazon Web Services Systems Manager. It is managed by your direct call to the\n PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" + "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a tool in Amazon Web Services Systems Manager. It is managed by your direct call to the PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" } }, "ApplyOnlyAtCronInterval": { @@ -4700,7 +4700,7 @@ "ServiceRole": { "target": "com.amazonaws.ssm#ServiceRole", "traits": { - "smithy.api#documentation": "

The Identity and Access Management (IAM) service role that Run Command, a capability\n of Amazon Web Services Systems Manager, uses to act on your behalf when sending notifications about command status changes.\n

" + "smithy.api#documentation": "

The Identity and Access Management (IAM) service role that Run Command, a tool in\n Amazon Web Services Systems Manager, uses to act on your behalf when sending notifications about command status changes.\n

" } }, "NotificationConfig": { @@ -4909,7 +4909,7 @@ "ServiceRole": { "target": "com.amazonaws.ssm#ServiceRole", "traits": { - "smithy.api#documentation": "

The Identity and Access Management (IAM) service role that Run Command, a capability\n of Amazon Web Services Systems Manager, uses to act on your behalf when sending notifications about command status changes\n on a per managed node basis.

" + "smithy.api#documentation": "

The Identity and Access Management (IAM) service role that Run Command, a tool in\n Amazon Web Services Systems Manager, uses to act on your behalf when sending notifications about command status changes on\n a per managed node basis.

" } }, "NotificationConfig": { @@ -5757,7 +5757,7 @@ } ], "traits": { - "smithy.api#documentation": "

Generates an activation code and activation ID you can use to register your on-premises\n servers, edge devices, or virtual machine (VM) with Amazon Web Services Systems Manager. Registering these machines with\n Systems Manager makes it possible to manage them using Systems Manager capabilities. You use the activation code and\n ID when installing SSM Agent on machines in your hybrid environment. For more information about\n requirements for managing on-premises machines using Systems Manager, see Using Amazon Web Services Systems Manager in\n hybrid and multicloud environments in the Amazon Web Services Systems Manager User Guide.

\n \n

Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises servers and VMs that are\n configured for Systems Manager are all called managed nodes.

\n " + "smithy.api#documentation": "

Generates an activation code and activation ID you can use to register your on-premises\n servers, edge devices, or virtual machine (VM) with Amazon Web Services Systems Manager. Registering these machines with\n Systems Manager makes it possible to manage them using Systems Manager tools. You use the activation code and ID when\n installing SSM Agent on machines in your hybrid environment. For more information about\n requirements for managing on-premises machines using Systems Manager, see Using Amazon Web Services Systems Manager in\n hybrid and multicloud environments in the Amazon Web Services Systems Manager User Guide.

\n \n

Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises servers and VMs that are\n configured for Systems Manager are all called managed nodes.

\n " } }, "com.amazonaws.ssm#CreateActivationRequest": { @@ -5881,7 +5881,7 @@ } ], "traits": { - "smithy.api#documentation": "

A State Manager association defines the state that you want to maintain on your managed\n nodes. For example, an association can specify that anti-virus software must be installed and\n running on your managed nodes, or that certain ports must be closed. For static targets, the\n association specifies a schedule for when the configuration is reapplied. For dynamic targets,\n such as an Amazon Web Services resource group or an Amazon Web Services autoscaling group, State Manager, a capability of\n Amazon Web Services Systems Manager applies the configuration when new managed nodes are added to the group. The\n association also specifies actions to take when applying the configuration. For example, an\n association for anti-virus software might run once a day. If the software isn't installed, then\n State Manager installs it. If the software is installed, but the service isn't running, then the\n association might instruct State Manager to start the service.

" + "smithy.api#documentation": "

A State Manager association defines the state that you want to maintain on your managed\n nodes. For example, an association can specify that anti-virus software must be installed and\n running on your managed nodes, or that certain ports must be closed. For static targets, the\n association specifies a schedule for when the configuration is reapplied. For dynamic targets,\n such as an Amazon Web Services resource group or an Amazon Web Services autoscaling group, State Manager, a tool in Amazon Web Services Systems Manager\n applies the configuration when new managed nodes are added to the group. The association also\n specifies actions to take when applying the configuration. For example, an association for\n anti-virus software might run once a day. If the software isn't installed, then State Manager\n installs it. If the software is installed, but the service isn't running, then the association\n might instruct State Manager to start the service.

" } }, "com.amazonaws.ssm#CreateAssociationBatch": { @@ -5988,7 +5988,7 @@ "AutomationTargetParameterName": { "target": "com.amazonaws.ssm#AutomationTargetParameterName", "traits": { - "smithy.api#documentation": "

Specify the target for the association. This target is required for associations that use an\n Automation runbook and target resources by using rate controls. Automation is a capability of\n Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Specify the target for the association. This target is required for associations that use an\n Automation runbook and target resources by using rate controls. Automation is a tool in\n Amazon Web Services Systems Manager.

" } }, "DocumentVersion": { @@ -6042,7 +6042,7 @@ "SyncCompliance": { "target": "com.amazonaws.ssm#AssociationSyncCompliance", "traits": { - "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a capability of Amazon Web Services Systems Manager. It is managed by your direct call to the\n PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" + "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a tool in Amazon Web Services Systems Manager. It is managed by your direct call to the PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" } }, "ApplyOnlyAtCronInterval": { @@ -6165,7 +6165,7 @@ "AutomationTargetParameterName": { "target": "com.amazonaws.ssm#AutomationTargetParameterName", "traits": { - "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a tool in Amazon Web Services Systems Manager.

" } }, "MaxErrors": { @@ -10327,7 +10327,7 @@ "target": "com.amazonaws.ssm#Integer", "traits": { "smithy.api#default": null, - "smithy.api#documentation": "

The number of managed nodes with NotApplicable patches beyond the supported\n limit, which aren't reported by name to Inventory. Inventory is a capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

The number of managed nodes with NotApplicable patches beyond the supported\n limit, which aren't reported by name to Inventory. Inventory is a tool in Amazon Web Services Systems Manager.

" } }, "InstancesWithCriticalNonCompliantPatches": { @@ -10619,7 +10619,7 @@ } ], "traits": { - "smithy.api#documentation": "

Deletes the association between an OpsItem and a related item. For example, this API\n operation can delete an Incident Manager incident from an OpsItem. Incident Manager is a capability of\n Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Deletes the association between an OpsItem and a related item. For example, this API\n operation can delete an Incident Manager incident from an OpsItem. Incident Manager is a tool in\n Amazon Web Services Systems Manager.

" } }, "com.amazonaws.ssm#DisassociateOpsItemRelatedItemRequest": { @@ -12220,7 +12220,7 @@ } ], "traits": { - "smithy.api#documentation": "

Gets the state of a Amazon Web Services Systems Manager change calendar at the current time or a specified time. If\n you specify a time, GetCalendarState returns the state of the calendar at that\n specific time, and returns the next time that the change calendar state will transition. If you\n don't specify a time, GetCalendarState uses the current time. Change Calendar\n entries have two possible states: OPEN or CLOSED.

\n

If you specify more than one calendar in a request, the command returns the status of\n OPEN only if all calendars in the request are open. If one or more calendars in the\n request are closed, the status returned is CLOSED.

\n

For more information about Change Calendar, a capability of Amazon Web Services Systems Manager, see Amazon Web Services Systems Manager Change Calendar in the Amazon Web Services Systems Manager User Guide.

" + "smithy.api#documentation": "

Gets the state of a Amazon Web Services Systems Manager change calendar at the current time or a specified time. If\n you specify a time, GetCalendarState returns the state of the calendar at that\n specific time, and returns the next time that the change calendar state will transition. If you\n don't specify a time, GetCalendarState uses the current time. Change Calendar\n entries have two possible states: OPEN or CLOSED.

\n

If you specify more than one calendar in a request, the command returns the status of\n OPEN only if all calendars in the request are open. If one or more calendars in the\n request are closed, the status returned is CLOSED.

\n

For more information about Change Calendar, a tool in Amazon Web Services Systems Manager, see Amazon Web Services Systems Manager Change Calendar in the Amazon Web Services Systems Manager User Guide.

" } }, "com.amazonaws.ssm#GetCalendarStateRequest": { @@ -12654,7 +12654,7 @@ } ], "traits": { - "smithy.api#documentation": "

Retrieves the current snapshot for the patch baseline the managed node uses. This API is\n primarily used by the AWS-RunPatchBaseline Systems Manager document (SSM document).

\n \n

If you run the command locally, such as with the Command Line Interface (CLI), the system attempts to use your local Amazon Web Services credentials and the operation fails. To avoid\n this, you can run the command in the Amazon Web Services Systems Manager console. Use Run Command, a capability of\n Amazon Web Services Systems Manager, with an SSM document that enables you to target a managed node with a script or\n command. For example, run the command using the AWS-RunShellScript document or the\n AWS-RunPowerShellScript document.

\n " + "smithy.api#documentation": "

Retrieves the current snapshot for the patch baseline the managed node uses. This API is\n primarily used by the AWS-RunPatchBaseline Systems Manager document (SSM document).

\n \n

If you run the command locally, such as with the Command Line Interface (CLI), the system attempts to use your local Amazon Web Services credentials and the operation fails. To avoid\n this, you can run the command in the Amazon Web Services Systems Manager console. Use Run Command, a tool in Amazon Web Services Systems Manager,\n with an SSM document that enables you to target a managed node with a script or command. For\n example, run the command using the AWS-RunShellScript document or the\n AWS-RunPowerShellScript document.

\n " } }, "com.amazonaws.ssm#GetDeployablePatchSnapshotForInstanceRequest": { @@ -14199,7 +14199,7 @@ } ], "traits": { - "smithy.api#documentation": "

Retrieve information about one or more parameters in a specific hierarchy.

\n

Request results are returned on a best-effort basis. If you specify MaxResults\n in the request, the response includes information up to the limit specified. The number of items\n returned, however, can be between zero and the value of MaxResults. If the service\n reaches an internal limit while processing the results, it stops the operation and returns the\n matching values up to that point and a NextToken. You can specify the\n NextToken in a subsequent call to get the next set of results.

", + "smithy.api#documentation": "

Retrieve information about one or more parameters under a specified level in a hierarchy.

\n

Request results are returned on a best-effort basis. If you specify MaxResults\n in the request, the response includes information up to the limit specified. The number of items\n returned, however, can be between zero and the value of MaxResults. If the service\n reaches an internal limit while processing the results, it stops the operation and returns the\n matching values up to that point and a NextToken. You can specify the\n NextToken in a subsequent call to get the next set of results.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -15499,7 +15499,7 @@ "target": "com.amazonaws.ssm#PatchUnreportedNotApplicableCount", "traits": { "smithy.api#default": null, - "smithy.api#documentation": "

The number of patches beyond the supported limit of NotApplicableCount that\n aren't reported by name to Inventory. Inventory is a capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

The number of patches beyond the supported limit of NotApplicableCount that\n aren't reported by name to Inventory. Inventory is a tool in Amazon Web Services Systems Manager.

" } }, "NotApplicableCount": { @@ -17900,7 +17900,7 @@ } ], "traits": { - "smithy.api#documentation": "

Returns all State Manager associations in the current Amazon Web Services account and Amazon Web Services Region. You\n can limit the results to a specific State Manager association document or managed node by\n specifying a filter. State Manager is a capability of Amazon Web Services Systems Manager.

", + "smithy.api#documentation": "

Returns all State Manager associations in the current Amazon Web Services account and Amazon Web Services Region. You\n can limit the results to a specific State Manager association document or managed node by\n specifying a filter. State Manager is a tool in Amazon Web Services Systems Manager.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -19021,7 +19021,7 @@ } ], "traits": { - "smithy.api#documentation": "

Lists all related-item resources associated with a Systems Manager OpsCenter OpsItem. OpsCenter is a\n capability of Amazon Web Services Systems Manager.

", + "smithy.api#documentation": "

Lists all related-item resources associated with a Systems Manager OpsCenter OpsItem. OpsCenter is a\n tool in Amazon Web Services Systems Manager.

", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -23617,7 +23617,7 @@ "PolicyType": { "target": "com.amazonaws.ssm#String", "traits": { - "smithy.api#documentation": "

The type of policy. Parameter Store, a capability of Amazon Web Services Systems Manager, supports the following\n policy types: Expiration, ExpirationNotification, and NoChangeNotification.

" + "smithy.api#documentation": "

The type of policy. Parameter Store, a tool in Amazon Web Services Systems Manager, supports the following policy\n types: Expiration, ExpirationNotification, and NoChangeNotification.

" } }, "PolicyStatus": { @@ -25690,7 +25690,7 @@ "Value": { "target": "com.amazonaws.ssm#PSParameterValue", "traits": { - "smithy.api#documentation": "

The parameter value that you want to add to the system. Standard parameters have a value\n limit of 4 KB. Advanced parameters have a value limit of 8 KB.

\n \n

Parameters can't be referenced or nested in the values of other parameters. You can't\n include {{}} or {{ssm:parameter-name}} in a\n parameter value.

\n ", + "smithy.api#documentation": "

The parameter value that you want to add to the system. Standard parameters have a value\n limit of 4 KB. Advanced parameters have a value limit of 8 KB.

\n \n

Parameters can't be referenced or nested in the values of other parameters. You can't\n include values wrapped in double brackets {{}} or\n {{ssm:parameter-name}} in a parameter value.

\n ", "smithy.api#required": {} } }, @@ -25734,7 +25734,7 @@ "Policies": { "target": "com.amazonaws.ssm#ParameterPolicies", "traits": { - "smithy.api#documentation": "

One or more policies to apply to a parameter. This operation takes a JSON array. Parameter\n Store, a capability of Amazon Web Services Systems Manager supports the following policy types:

\n

Expiration: This policy deletes the parameter after it expires. When you create the policy,\n you specify the expiration date. You can update the expiration date and time by updating the\n policy. Updating the parameter doesn't affect the expiration date and time.\n When the expiration time is reached, Parameter Store deletes the parameter.

\n

ExpirationNotification: This policy initiates an event in Amazon CloudWatch Events that\n notifies you about the expiration. By using this policy, you can receive notification before or\n after the expiration time is reached, in units of days or hours.

\n

NoChangeNotification: This policy initiates a CloudWatch Events event if a parameter hasn't\n been modified for a specified period of time. This policy type is useful when, for example, a\n secret needs to be changed within a period of time, but it hasn't been changed.

\n

All existing policies are preserved until you send new policies or an empty policy. For more\n information about parameter policies, see Assigning parameter\n policies.

" + "smithy.api#documentation": "

One or more policies to apply to a parameter. This operation takes a JSON array. Parameter\n Store, a tool in Amazon Web Services Systems Manager supports the following policy types:

\n

Expiration: This policy deletes the parameter after it expires. When you create the policy,\n you specify the expiration date. You can update the expiration date and time by updating the\n policy. Updating the parameter doesn't affect the expiration date and time.\n When the expiration time is reached, Parameter Store deletes the parameter.

\n

ExpirationNotification: This policy initiates an event in Amazon CloudWatch Events that\n notifies you about the expiration. By using this policy, you can receive notification before or\n after the expiration time is reached, in units of days or hours.

\n

NoChangeNotification: This policy initiates a CloudWatch Events event if a parameter hasn't\n been modified for a specified period of time. This policy type is useful when, for example, a\n secret needs to be changed within a period of time, but it hasn't been changed.

\n

All existing policies are preserved until you send new policies or an empty policy. For more\n information about parameter policies, see Assigning parameter\n policies.

" } }, "DataType": { @@ -27892,7 +27892,7 @@ "CloudWatchOutputConfig": { "target": "com.amazonaws.ssm#CloudWatchOutputConfig", "traits": { - "smithy.api#documentation": "

Enables Amazon Web Services Systems Manager to send Run Command output to Amazon CloudWatch Logs. Run Command is a\n capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Enables Amazon Web Services Systems Manager to send Run Command output to Amazon CloudWatch Logs. Run Command is a\n tool in Amazon Web Services Systems Manager.

" } }, "AlarmConfiguration": { @@ -28659,7 +28659,7 @@ "Tags": { "target": "com.amazonaws.ssm#TagList", "traits": { - "smithy.api#documentation": "

Optional metadata that you assign to a resource. You can specify a maximum of five tags for\n an automation. Tags enable you to categorize a resource in different ways, such as by purpose,\n owner, or environment. For example, you might want to tag an automation to identify an\n environment or operating system. In this case, you could specify the following key-value\n pairs:

\n \n \n

To add tags to an existing automation, use the AddTagsToResource\n operation.

\n " + "smithy.api#documentation": "

Optional metadata that you assign to a resource. You can specify a maximum of five tags for\n an automation. Tags enable you to categorize a resource in different ways, such as by purpose,\n owner, or environment. For example, you might want to tag an automation to identify an\n environment or operating system. In this case, you could specify the following key-value\n pairs:

\n \n \n

The Array Members maximum value is reported as 1000. This number includes\n capacity reserved for internal operations. When calling the\n StartAutomationExecution action, you can specify a maximum of 5 tags. You can,\n however, use the AddTagsToResource action to add up to a total of 50 tags to\n an existing automation configuration.

\n " } }, "AlarmConfiguration": { @@ -28785,7 +28785,7 @@ "Tags": { "target": "com.amazonaws.ssm#TagList", "traits": { - "smithy.api#documentation": "

Optional metadata that you assign to a resource. You can specify a maximum of five tags for\n a change request. Tags enable you to categorize a resource in different ways, such as by\n purpose, owner, or environment. For example, you might want to tag a change request to identify\n an environment or target Amazon Web Services Region. In this case, you could specify the following key-value\n pairs:

\n " + "smithy.api#documentation": "

Optional metadata that you assign to a resource. You can specify a maximum of five tags for\n a change request. Tags enable you to categorize a resource in different ways, such as by\n purpose, owner, or environment. For example, you might want to tag a change request to identify\n an environment or target Amazon Web Services Region. In this case, you could specify the following key-value\n pairs:

\n \n \n

The Array Members maximum value is reported as 1000. This number includes\n capacity reserved for internal operations. When calling the\n StartChangeRequestExecution action, you can specify a maximum of 5 tags. You can,\n however, use the AddTagsToResource action to add up to a total of 50 tags to\n an existing change request configuration.

\n " } }, "ScheduledEndTime": { @@ -28940,7 +28940,7 @@ "Parameters": { "target": "com.amazonaws.ssm#SessionManagerParameters", "traits": { - "smithy.api#documentation": "

The values you want to specify for the parameters defined in the Session\n document.

" + "smithy.api#documentation": "

The values you want to specify for the parameters defined in the Session document.\n For more information about these parameters, see Create a\n Session Manager preferences document in the\n Amazon Web Services Systems Manager User Guide.

" } } }, @@ -29474,7 +29474,7 @@ } }, "traits": { - "smithy.api#documentation": "

An array of search criteria that targets managed nodes using a key-value pair that you\n specify.

\n \n

One or more targets must be specified for maintenance window Run Command-type tasks.\n Depending on the task, targets are optional for other maintenance window task types (Automation,\n Lambda, and Step Functions). For more information about running tasks\n that don't specify targets, see Registering\n maintenance window tasks without targets in the\n Amazon Web Services Systems Manager User Guide.

\n \n

Supported formats include the following.

\n

\n For all Systems Manager capabilities:\n

\n \n

\n For Automation and Change Manager:\n

\n \n

\n For Run Command and Maintenance Windows:\n

\n \n

\n For State Manager:\n

\n \n

For more information about how to send commands that target managed nodes using\n Key,Value parameters, see Targeting multiple managed nodes in the Amazon Web Services Systems Manager User Guide.

" + "smithy.api#documentation": "

An array of search criteria that targets managed nodes using a key-value pair that you\n specify.

\n \n

One or more targets must be specified for maintenance window Run Command-type tasks.\n Depending on the task, targets are optional for other maintenance window task types (Automation,\n Lambda, and Step Functions). For more information about running tasks\n that don't specify targets, see Registering\n maintenance window tasks without targets in the\n Amazon Web Services Systems Manager User Guide.

\n \n

Supported formats include the following.

\n

\n For all Systems Manager tools:\n

\n \n

\n For Automation and Change Manager:\n

\n \n

\n For Run Command and Maintenance Windows:\n

\n \n

\n For State Manager:\n

\n \n

For more information about how to send commands that target managed nodes using\n Key,Value parameters, see Targeting multiple managed nodes in the Amazon Web Services Systems Manager User Guide.

" } }, "com.amazonaws.ssm#TargetCount": { @@ -30141,7 +30141,7 @@ "Parameters": { "target": "com.amazonaws.ssm#Parameters", "traits": { - "smithy.api#documentation": "

The parameters you want to update for the association. If you create a parameter using\n Parameter Store, a capability of Amazon Web Services Systems Manager, you can reference the parameter using\n {{ssm:parameter-name}}.

" + "smithy.api#documentation": "

The parameters you want to update for the association. If you create a parameter using\n Parameter Store, a tool in Amazon Web Services Systems Manager, you can reference the parameter using\n {{ssm:parameter-name}}.

" } }, "DocumentVersion": { @@ -30189,7 +30189,7 @@ "AutomationTargetParameterName": { "target": "com.amazonaws.ssm#AutomationTargetParameterName", "traits": { - "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a capability of Amazon Web Services Systems Manager.

" + "smithy.api#documentation": "

Choose the parameter that will define how your automation will branch out. This target is\n required for associations that use an Automation runbook and target resources by using rate\n controls. Automation is a tool in Amazon Web Services Systems Manager.

" } }, "MaxErrors": { @@ -30213,7 +30213,7 @@ "SyncCompliance": { "target": "com.amazonaws.ssm#AssociationSyncCompliance", "traits": { - "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a capability of Amazon Web Services Systems Manager. It is managed by your direct call to the\n PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" + "smithy.api#documentation": "

The mode for generating association compliance. You can specify AUTO or\n MANUAL. In AUTO mode, the system uses the status of the association\n execution to determine the compliance status. If the association execution runs successfully,\n then the association is COMPLIANT. If the association execution doesn't run\n successfully, the association is NON-COMPLIANT.

\n

In MANUAL mode, you must specify the AssociationId as a parameter\n for the PutComplianceItems API operation. In this case, compliance data isn't\n managed by State Manager, a tool in Amazon Web Services Systems Manager. It is managed by your direct call to the PutComplianceItems API operation.

\n

By default, all associations use AUTO mode.

" } }, "ApplyOnlyAtCronInterval": { diff --git a/tools/code-generation/smithy/api-descriptions/sso-oidc.json b/tools/code-generation/smithy/api-descriptions/sso-oidc.json index ad40043c8de..7cd97dd1221 100644 --- a/tools/code-generation/smithy/api-descriptions/sso-oidc.json +++ b/tools/code-generation/smithy/api-descriptions/sso-oidc.json @@ -58,7 +58,7 @@ "name": "sso-oauth" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "

IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI\n or a native application) to register with IAM Identity Center. The service also enables the client to\n fetch the user’s access token upon successful authentication and authorization with\n IAM Identity Center.

\n \n

IAM Identity Center uses the sso and identitystore API namespaces.

\n \n

\n Considerations for Using This Guide\n

\n

Before you begin using this guide, we recommend that you first review the following\n important information about how the IAM Identity Center OIDC service works.

\n \n

For general information about IAM Identity Center, see What is\n IAM Identity Center? in the IAM Identity Center User Guide.

", + "smithy.api#documentation": "

IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI or a\n native application) to register with IAM Identity Center. The service also enables the client to fetch the\n user’s access token upon successful authentication and authorization with IAM Identity Center.

\n

\n API namespaces\n

\n

IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity Center\n OpenID Connect uses the sso-oidc namespace.

\n

\n Considerations for using this guide\n

\n

Before you begin using this guide, we recommend that you first review the following\n important information about how the IAM Identity Center OIDC service works.

\n \n

For general information about IAM Identity Center, see What is\n IAM Identity Center? in the IAM Identity Center User Guide.

", "smithy.api#title": "AWS SSO OIDC", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -968,13 +968,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be access_denied.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be access_denied.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1008,13 +1008,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be authorization_pending.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n authorization_pending.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1090,7 +1090,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "

Creates and returns access and refresh tokens for clients that are authenticated using\n client secrets. The access token can be used to fetch short-term credentials for the assigned\n AWS accounts or to access application APIs using bearer authentication.

", + "smithy.api#documentation": "

Creates and returns access and refresh tokens for clients that are authenticated using\n client secrets. The access token can be used to fetch short-lived credentials for the assigned\n AWS accounts or to access application APIs using bearer authentication.

", "smithy.api#examples": [ { "title": "Call OAuth/OIDC /token endpoint for Device Code grant with Secret authentication", @@ -1156,44 +1156,44 @@ "grantType": { "target": "com.amazonaws.ssooidc#GrantType", "traits": { - "smithy.api#documentation": "

Supports the following OAuth grant types: Device Code and Refresh Token.\n Specify either of the following values, depending on the grant type that you want:

\n

* Device Code - urn:ietf:params:oauth:grant-type:device_code\n

\n

* Refresh Token - refresh_token\n

\n

For information about how to obtain the device code, see the StartDeviceAuthorization topic.

", + "smithy.api#documentation": "

Supports the following OAuth grant types: Authorization Code, Device Code, and Refresh\n Token. Specify one of the following values, depending on the grant type that you want:

\n

* Authorization Code - authorization_code\n

\n

* Device Code - urn:ietf:params:oauth:grant-type:device_code\n

\n

* Refresh Token - refresh_token\n

", "smithy.api#required": {} } }, "deviceCode": { "target": "com.amazonaws.ssooidc#DeviceCode", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Device Code grant type. This short-term code is\n used to identify this authorization request. This comes from the result of the\n StartDeviceAuthorization API.

" + "smithy.api#documentation": "

Used only when calling this API for the Device Code grant type. This short-lived code is\n used to identify this authorization request. This comes from the result of the StartDeviceAuthorization API.

" } }, "code": { "target": "com.amazonaws.ssooidc#AuthCode", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. The short-term code is\n used to identify this authorization request. This grant type is currently unsupported for the\n CreateToken API.

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. The short-lived\n code is used to identify this authorization request.

" } }, "refreshToken": { "target": "com.amazonaws.ssooidc#RefreshToken", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Refresh Token grant type. This token is used to\n refresh short-term tokens, such as the access token, that might expire.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" + "smithy.api#documentation": "

Used only when calling this API for the Refresh Token grant type. This token is used to\n refresh short-lived tokens, such as the access token, that might expire.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" } }, "scope": { "target": "com.amazonaws.ssooidc#Scopes", "traits": { - "smithy.api#documentation": "

The list of scopes for which authorization is requested. The access token that is issued\n is limited to the scopes that are granted. If this value is not specified, IAM Identity Center authorizes\n all scopes that are configured for the client during the call to\n RegisterClient.

" + "smithy.api#documentation": "

The list of scopes for which authorization is requested. The access token that is issued\n is limited to the scopes that are granted. If this value is not specified, IAM Identity Center authorizes\n all scopes that are configured for the client during the call to RegisterClient.

" } }, "redirectUri": { "target": "com.amazonaws.ssooidc#URI", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value specifies\n the location of the client or application that has registered to receive the authorization\n code.

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value\n specifies the location of the client or application that has registered to receive the\n authorization code.

" } }, "codeVerifier": { "target": "com.amazonaws.ssooidc#CodeVerifier", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value is generated\n by the client and presented to validate the original code challenge value the client passed at\n authorization time.

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value is\n generated by the client and presented to validate the original code challenge value the client\n passed at authorization time.

" } } }, @@ -1226,13 +1226,13 @@ "refreshToken": { "target": "com.amazonaws.ssooidc#RefreshToken", "traits": { - "smithy.api#documentation": "

A token that, if present, can be used to refresh a previously issued access token that\n might have expired.

\n

For more\n information about the features and limitations of the current IAM Identity Center OIDC implementation,\n see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" + "smithy.api#documentation": "

A token that, if present, can be used to refresh a previously issued access token that\n might have expired.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" } }, "idToken": { "target": "com.amazonaws.ssooidc#IdToken", "traits": { - "smithy.api#documentation": "

The idToken is not implemented or supported. For more information about the\n features and limitations of the current IAM Identity Center OIDC implementation, see Considerations\n for Using this Guide in the IAM Identity Center\n OIDC API Reference.

\n

A JSON Web Token (JWT) that identifies who is associated with the issued access token.\n

" + "smithy.api#documentation": "

The idToken is not implemented or supported. For more information about the\n features and limitations of the current IAM Identity Center OIDC implementation, see\n Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

\n

A JSON Web Token (JWT) that identifies who is associated with the issued access token.\n

" } } }, @@ -1287,7 +1287,7 @@ } ], "traits": { - "smithy.api#documentation": "

Creates and returns access and refresh tokens for clients and applications that are\n authenticated using IAM entities. The access token can be used to fetch short-term credentials\n for the assigned Amazon Web Services accounts or to access application APIs using bearer\n authentication.

", + "smithy.api#documentation": "

Creates and returns access and refresh tokens for clients and applications that are\n authenticated using IAM entities. The access token can be used to fetch short-lived\n credentials for the assigned Amazon Web Services accounts or to access application APIs using\n bearer authentication.

", "smithy.api#examples": [ { "title": "Call OAuth/OIDC /token endpoint for Authorization Code grant with IAM authentication", @@ -1318,18 +1318,19 @@ } }, { - "title": "Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication", + "title": "Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication", "documentation": "", "input": { "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222", - "grantType": "refresh_token", - "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN" + "grantType": "urn:ietf:params:oauth:grant-type:jwt-bearer", + "assertion": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw" }, "output": { "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN", "tokenType": "Bearer", "expiresIn": 1579729529, "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN", + "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0", "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token", "scope": [ "openid", @@ -1339,19 +1340,18 @@ } }, { - "title": "Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication", + "title": "Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication", "documentation": "", "input": { "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222", - "grantType": "urn:ietf:params:oauth:grant-type:jwt-bearer", - "assertion": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw" + "grantType": "refresh_token", + "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN" }, "output": { "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN", "tokenType": "Bearer", "expiresIn": 1579729529, "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN", - "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0", "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token", "scope": [ "openid", @@ -1411,37 +1411,37 @@ "code": { "target": "com.amazonaws.ssooidc#AuthCode", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This short-term\n code is used to identify this authorization request. The code is obtained through a redirect\n from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the\n application.

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This short-lived\n code is used to identify this authorization request. The code is obtained through a redirect\n from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the\n application.

" } }, "refreshToken": { "target": "com.amazonaws.ssooidc#RefreshToken", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Refresh Token grant type. This token is used to\n refresh short-term tokens, such as the access token, that might expire.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" + "smithy.api#documentation": "

Used only when calling this API for the Refresh Token grant type. This token is used to\n refresh short-lived tokens, such as the access token, that might expire.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" } }, "assertion": { "target": "com.amazonaws.ssooidc#Assertion", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the JWT Bearer grant type. This value specifies the JSON\n Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer,\n configure the JWT Bearer GrantOptions for the application.

" + "smithy.api#documentation": "

Used only when calling this API for the JWT Bearer grant type. This value specifies the\n JSON Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer,\n configure the JWT Bearer GrantOptions for the application.

" } }, "scope": { "target": "com.amazonaws.ssooidc#Scopes", "traits": { - "smithy.api#documentation": "

The list of scopes for which authorization is requested. The access token that is issued\n is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all\n scopes configured for the application, including the following default scopes:\n openid, aws, sts:identity_context.

" + "smithy.api#documentation": "

The list of scopes for which authorization is requested. The access token that is issued\n is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all\n scopes configured for the application, including the following default scopes:\n openid, aws, sts:identity_context.

" } }, "redirectUri": { "target": "com.amazonaws.ssooidc#URI", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value specifies\n the location of the client or application that has registered to receive the authorization code.\n

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value\n specifies the location of the client or application that has registered to receive the\n authorization code.

" } }, "subjectToken": { "target": "com.amazonaws.ssooidc#SubjectToken", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Token Exchange grant type. This value specifies\n the subject of the exchange. The value of the subject token must be an access token issued by\n IAM Identity Center to a different client or application. The access token must have authorized scopes\n that indicate the requested application as a target audience.

" + "smithy.api#documentation": "

Used only when calling this API for the Token Exchange grant type. This value specifies\n the subject of the exchange. The value of the subject token must be an access token issued by\n IAM Identity Center to a different client or application. The access token must have authorized scopes that\n indicate the requested application as a target audience.

" } }, "subjectTokenType": { @@ -1459,7 +1459,7 @@ "codeVerifier": { "target": "com.amazonaws.ssooidc#CodeVerifier", "traits": { - "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value is generated\n by the client and presented to validate the original code challenge value the client passed at\n authorization time.

" + "smithy.api#documentation": "

Used only when calling this API for the Authorization Code grant type. This value is\n generated by the client and presented to validate the original code challenge value the client\n passed at authorization time.

" } } }, @@ -1492,25 +1492,25 @@ "refreshToken": { "target": "com.amazonaws.ssooidc#RefreshToken", "traits": { - "smithy.api#documentation": "

A token that, if present, can be used to refresh a previously issued access token that\n might have expired.

\n

For more\n information about the features and limitations of the current IAM Identity Center OIDC implementation,\n see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" + "smithy.api#documentation": "

A token that, if present, can be used to refresh a previously issued access token that\n might have expired.

\n

For more information about the features and limitations of the current IAM Identity Center OIDC\n implementation, see Considerations for Using this Guide in the IAM Identity Center\n OIDC API Reference.

" } }, "idToken": { "target": "com.amazonaws.ssooidc#IdToken", "traits": { - "smithy.api#documentation": "

A JSON Web Token (JWT) that identifies the user associated with the issued access token.\n

" + "smithy.api#documentation": "

A JSON Web Token (JWT) that identifies the user associated with the issued access token.\n

" } }, "issuedTokenType": { "target": "com.amazonaws.ssooidc#TokenTypeURI", "traits": { - "smithy.api#documentation": "

Indicates the type of tokens that are issued by IAM Identity Center. The following values are supported:\n

\n

* Access Token - urn:ietf:params:oauth:token-type:access_token\n

\n

* Refresh Token - urn:ietf:params:oauth:token-type:refresh_token\n

" + "smithy.api#documentation": "

Indicates the type of tokens that are issued by IAM Identity Center. The following values are supported:

\n

* Access Token - urn:ietf:params:oauth:token-type:access_token\n

\n

* Refresh Token - urn:ietf:params:oauth:token-type:refresh_token\n

" } }, "scope": { "target": "com.amazonaws.ssooidc#Scopes", "traits": { - "smithy.api#documentation": "

The list of scopes for which authorization is granted. The access token that is issued\n is limited to the scopes that are granted.

" + "smithy.api#documentation": "

The list of scopes for which authorization is granted. The access token that is issued is\n limited to the scopes that are granted.

" } } }, @@ -1539,13 +1539,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be expired_token.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be expired_token.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1576,13 +1576,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be server_error.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be server_error.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1604,13 +1604,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_client.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n invalid_client.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1626,13 +1626,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_client_metadata.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n invalid_client_metadata.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1648,13 +1648,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_grant.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be invalid_grant.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1670,18 +1670,18 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_redirect_uri.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n invalid_redirect_uri.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, "traits": { - "smithy.api#documentation": "

Indicates that one or more redirect URI in the request is not supported for this operation.

", + "smithy.api#documentation": "

Indicates that one or more redirect URI in the request is not supported for this\n operation.

", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -1692,13 +1692,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_request.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n invalid_request.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1714,13 +1714,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_request.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n invalid_request.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } }, "endpoint": { @@ -1748,13 +1748,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be invalid_scope.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be invalid_scope.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -1818,7 +1818,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "

Registers a client with IAM Identity Center. This allows clients to initiate device authorization.\n The output should be persisted for reuse through many authentication requests.

", + "smithy.api#documentation": "

Registers a public client with IAM Identity Center. This allows clients to perform authorization using\n the authorization code grant with Proof Key for Code Exchange (PKCE) or the device\n code grant.

", "smithy.api#examples": [ { "title": "Call OAuth/OIDC /register-client endpoint", @@ -1888,19 +1888,19 @@ "grantTypes": { "target": "com.amazonaws.ssooidc#GrantTypes", "traits": { - "smithy.api#documentation": "

The list of OAuth 2.0 grant types that are defined by the client. This list is used to\n restrict the token granting flows available to the client.

" + "smithy.api#documentation": "

The list of OAuth 2.0 grant types that are defined by the client. This list is used to\n restrict the token granting flows available to the client. Supports the following OAuth 2.0\n grant types: Authorization Code, Device Code, and Refresh Token.

\n

* Authorization Code - authorization_code\n

\n

* Device Code - urn:ietf:params:oauth:grant-type:device_code\n

\n

* Refresh Token - refresh_token\n

" } }, "issuerUrl": { "target": "com.amazonaws.ssooidc#URI", "traits": { - "smithy.api#documentation": "

The IAM Identity Center Issuer URL associated with an instance of IAM Identity Center. This value is needed for user access to resources through the client.

" + "smithy.api#documentation": "

The IAM Identity Center Issuer URL associated with an instance of IAM Identity Center. This value is needed for user\n access to resources through the client.

" } }, "entitledApplicationArn": { "target": "com.amazonaws.ssooidc#ArnType", "traits": { - "smithy.api#documentation": "

This IAM Identity Center application ARN is used to define administrator-managed configuration for public client access to resources. At\n authorization, the scopes, grants, and redirect URI available to this client will be restricted by this application resource.

" + "smithy.api#documentation": "

This IAM Identity Center application ARN is used to define administrator-managed configuration for\n public client access to resources. At authorization, the scopes, grants, and redirect URI\n available to this client will be restricted by this application resource.

" } } }, @@ -1969,13 +1969,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be slow_down.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be slow_down.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -2060,7 +2060,7 @@ "startUrl": { "target": "com.amazonaws.ssooidc#URI", "traits": { - "smithy.api#documentation": "

The URL for the Amazon Web Services access portal. For more information, see Using\n the Amazon Web Services access portal in the IAM Identity Center User Guide.

", + "smithy.api#documentation": "

The URL for the Amazon Web Services access portal. For more information, see Using\n the Amazon Web Services access portal in the IAM Identity Center User Guide.

", "smithy.api#required": {} } } @@ -2136,13 +2136,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be unauthorized_client.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n unauthorized_client.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, @@ -2158,13 +2158,13 @@ "error": { "target": "com.amazonaws.ssooidc#Error", "traits": { - "smithy.api#documentation": "

Single error code.\n For this exception the value will be unsupported_grant_type.

" + "smithy.api#documentation": "

Single error code. For this exception the value will be\n unsupported_grant_type.

" } }, "error_description": { "target": "com.amazonaws.ssooidc#ErrorDescription", "traits": { - "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the\n client developer in understanding the error that occurred.

" + "smithy.api#documentation": "

Human-readable text providing additional information, used to assist the client developer\n in understanding the error that occurred.

" } } }, diff --git a/tools/code-generation/smithy/api-descriptions/transfer.json b/tools/code-generation/smithy/api-descriptions/transfer.json index 9ed633734e3..18d7db616bc 100644 --- a/tools/code-generation/smithy/api-descriptions/transfer.json +++ b/tools/code-generation/smithy/api-descriptions/transfer.json @@ -714,7 +714,7 @@ "iam:PassRole" ] }, - "smithy.api#documentation": "

Creates an agreement. An agreement is a bilateral trading partner agreement, or partnership,\n between an Transfer Family server and an AS2 process. The agreement defines the file and message\n transfer relationship between the server and the AS2 process. To define an agreement, Transfer Family\n combines a server, local profile, partner profile, certificate, and other\n attributes.

\n

The partner is identified with the PartnerProfileId, and the AS2 process is identified with the LocalProfileId.

" + "smithy.api#documentation": "

Creates an agreement. An agreement is a bilateral trading partner agreement, or partnership,\n between an Transfer Family server and an AS2 process. The agreement defines the file and message\n transfer relationship between the server and the AS2 process. To define an agreement, Transfer Family\n combines a server, local profile, partner profile, certificate, and other\n attributes.

\n

The partner is identified with the PartnerProfileId, and the AS2 process is identified with the LocalProfileId.

\n \n

Specify either\n BaseDirectory or CustomDirectories, but not both. Specifying both causes the command to fail.

\n " } }, "com.amazonaws.transfer#CreateAgreementRequest": { @@ -750,8 +750,7 @@ "BaseDirectory": { "target": "com.amazonaws.transfer#HomeDirectory", "traits": { - "smithy.api#documentation": "

The landing directory (folder) for files transferred by using the AS2 protocol.

\n

A BaseDirectory example is\n /amzn-s3-demo-bucket/home/mydirectory.

", - "smithy.api#required": {} + "smithy.api#documentation": "

The landing directory (folder) for files transferred by using the AS2 protocol.

\n

A BaseDirectory example is\n /amzn-s3-demo-bucket/home/mydirectory.

" } }, "AccessRole": { @@ -784,6 +783,12 @@ "traits": { "smithy.api#documentation": "

\n Determines whether or not unsigned messages from your trading partners will be accepted.\n

\n " } + }, + "CustomDirectories": { + "target": "com.amazonaws.transfer#CustomDirectoriesType", + "traits": { + "smithy.api#documentation": "

A CustomDirectoriesType structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.

\n " + } } }, "traits": { @@ -1487,6 +1492,49 @@ "smithy.api#output": {} } }, + "com.amazonaws.transfer#CustomDirectoriesType": { + "type": "structure", + "members": { + "FailedFilesDirectory": { + "target": "com.amazonaws.transfer#HomeDirectory", + "traits": { + "smithy.api#documentation": "

Specifies a location to store failed AS2 message files.

", + "smithy.api#required": {} + } + }, + "MdnFilesDirectory": { + "target": "com.amazonaws.transfer#HomeDirectory", + "traits": { + "smithy.api#documentation": "

Specifies a location to store MDN files.

", + "smithy.api#required": {} + } + }, + "PayloadFilesDirectory": { + "target": "com.amazonaws.transfer#HomeDirectory", + "traits": { + "smithy.api#documentation": "

Specifies a location to store the payload for AS2 message files.

", + "smithy.api#required": {} + } + }, + "StatusFilesDirectory": { + "target": "com.amazonaws.transfer#HomeDirectory", + "traits": { + "smithy.api#documentation": "

Specifies a location to store AS2 status messages.

", + "smithy.api#required": {} + } + }, + "TemporaryFilesDirectory": { + "target": "com.amazonaws.transfer#HomeDirectory", + "traits": { + "smithy.api#documentation": "

Specifies a location to store temporary AS2 message files.

", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "

Contains Amazon S3 locations for storing specific types of AS2 message files.

" + } + }, "com.amazonaws.transfer#CustomStepDetails": { "type": "structure", "members": { @@ -3248,6 +3296,12 @@ "traits": { "smithy.api#documentation": "

\n Determines whether or not unsigned messages from your trading partners will be accepted.\n

\n " } + }, + "CustomDirectories": { + "target": "com.amazonaws.transfer#CustomDirectoriesType", + "traits": { + "smithy.api#documentation": "

A CustomDirectoriesType structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.

\n " + } } }, "traits": { @@ -10014,7 +10068,7 @@ "iam:PassRole" ] }, - "smithy.api#documentation": "

Updates some of the parameters for an existing agreement. Provide the\n AgreementId and the ServerId for the agreement that you want to\n update, along with the new values for the parameters to update.

" + "smithy.api#documentation": "

Updates some of the parameters for an existing agreement. Provide the\n AgreementId and the ServerId for the agreement that you want to\n update, along with the new values for the parameters to update.

\n \n

Specify either\n BaseDirectory or CustomDirectories, but not both. Specifying both causes the command to fail.

\n

If you update an agreement from using base directory to custom directories, the base directory is no longer used. Similarly, if you change from custom directories to a base directory, the custom directories are no longer used.

\n " } }, "com.amazonaws.transfer#UpdateAgreementRequest": { @@ -10081,6 +10135,12 @@ "traits": { "smithy.api#documentation": "

\n Determines whether or not unsigned messages from your trading partners will be accepted.\n

\n " } + }, + "CustomDirectories": { + "target": "com.amazonaws.transfer#CustomDirectoriesType", + "traits": { + "smithy.api#documentation": "

A CustomDirectoriesType structure. This structure specifies custom directories for storing various AS2 message files. You can specify directories for the following types of files.

\n " + } } }, "traits": {