The headroom threshold value in percentage used for the specified metric parameter.
" + "CustomizableMetricParameters$headroom": "The headroom value in percentage used for the specified metric parameter.
The following lists the valid values for CPU and memory utilization.
CPU utilization: PERCENT_30 | PERCENT_20 | PERCENT_0
Memory utilization: PERCENT_30 | PERCENT_20 | PERCENT_10
The name of the resource utilization metric name to customize.
Compute Optimizer only supports CpuUtilization.
The name of the resource utilization metric name to customize.
" } }, "CustomizableMetricParameters": { @@ -260,7 +260,7 @@ "CustomizableMetricThreshold": { "base": null, "refs": { - "CustomizableMetricParameters$threshold": "The threshold value used for the specified metric parameter.
" + "CustomizableMetricParameters$threshold": "The threshold value used for the specified metric parameter.
You can only specify the threshold value for CPU utilization.
The resource’s CPU utilization threshold preferences, such as threshold and headroom, that are used to generate rightsizing recommendations.
This preference is only available for the Amazon EC2 instance resource type.
The resource’s CPU utilization threshold preferences, such as threshold and headroom, that were used to generate rightsizing recommendations. It considers all applicable preferences that you set at the resource, account, and organization level.
To validate that the preference is applied to your last generated set of recommendations, review the effectiveRecommendationPreferences value in the response of the GetAutoScalingGroupRecommendations or GetEC2InstanceRecommendations actions.
The preference to control the resource’s CPU utilization thresholds - threshold and headroom. When this preference isn't specified, we use the following default values:
P99_5 for threshold
PERCENT_17 for headroom
You can only set this preference for the Amazon EC2 instance resource type.
The preference to control the resource’s CPU utilization thresholds - threshold and headroom. If the preference isn’t set, this object is null.
This preference is only available for the Amazon EC2 instance resource type.
The resource’s CPU and memory utilization preferences, such as threshold and headroom, that are used to generate rightsizing recommendations.
This preference is only available for the Amazon EC2 instance resource type.
The resource’s CPU and memory utilization preferences, such as threshold and headroom, that were used to generate rightsizing recommendations. It considers all applicable preferences that you set at the resource, account, and organization level.
To validate that the preference is applied to your last generated set of recommendations, review the effectiveRecommendationPreferences value in the response of the GetAutoScalingGroupRecommendations or GetEC2InstanceRecommendations actions.
The preference to control the resource’s CPU utilization threshold, CPU utilization headroom, and memory utilization headroom. When this preference isn't specified, we use the following default values.
CPU utilization:
P99_5 for threshold
PERCENT_20 for headroom
Memory utilization:
PERCENT_20 for headroom
You can only set CPU and memory utilization preferences for the Amazon EC2 instance resource type.
The threshold setting isn’t available for memory utilization.
The preference to control the resource’s CPU utilization threshold, CPU utilization headroom, and memory utilization headroom. If the preference isn’t set, this object is null.
This preference is only available for the Amazon EC2 instance resource type.
Creates a single GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you enable the service. You can have only one detector per account per Region. All data sources are enabled in a new detector by default.
When you don't specify any features, with an exception to RUNTIME_MONITORING, all the optional features are enabled by default.
When you specify some of the features, any feature that is not specified in the API call gets enabled by default, with an exception to RUNTIME_MONITORING.
Specifying both EKS Runtime Monitoring (EKS_RUNTIME_MONITORING) and Runtime Monitoring (RUNTIME_MONITORING) will cause an error. You can add only one of these two features because Runtime Monitoring already includes the threat detection for Amazon EKS resources. For more information, see Runtime Monitoring.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
", "CreateFilter": "Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services account per Region is 100. For more information, see Quotas for GuardDuty.
", "CreateIPSet": "Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web Services infrastructure and applications. GuardDuty doesn't generate findings for IP addresses that are included in IPSets. Only users from the administrator account can use this operation.
", - "CreateMembers": "Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization.
As a delegated administrator, using CreateMembers will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account. A delegated administrator must enable GuardDuty prior to being added as a member.
When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration.
If you are adding accounts by invitation, before using InviteMembers, use CreateMembers after GuardDuty has been enabled in potential member accounts.
If you disassociate a member from a GuardDuty delegated administrator, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
", + "CreateMembers": "Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated member accounts either by invitation or through an organization.
As a delegated administrator, using CreateMembers will enable GuardDuty in the added member accounts, with the exception of the organization delegated administrator account. A delegated administrator must enable GuardDuty prior to being added as a member.
When you use CreateMembers as an Organizations delegated administrator, GuardDuty applies your organization's auto-enable settings to the member accounts in this request, irrespective of the accounts being new or existing members. For more information about the existing auto-enable settings for your organization, see DescribeOrganizationConfiguration.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
", "CreatePublishingDestination": "Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation.
", "CreateSampleFindings": "Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes, the API generates sample findings of all supported finding types.
Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator account can use this operation.
", @@ -26,7 +26,7 @@ "DisableOrganizationAdminAccount": "Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation.
", "DisassociateFromAdministratorAccount": "Disassociates the current GuardDuty member account from its administrator account.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disable GuardDuty in a member account.
Disassociates the current GuardDuty member account from its administrator account.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
", - "DisassociateMembers": "Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your organization.
Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.
When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
With autoEnableOrganizationMembers configuration for your organization set to ALL, you'll receive an error if you attempt to disassociate a member account before removing them from your organization.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
", "EnableOrganizationAdminAccount": "Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation.
", "GetAdministratorAccount": "Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account.
If the organization's management account or a delegated administrator runs this API, it will return success (HTTP 200) but no content.
Retrieves aggregated statistics for your account. If you are a GuardDuty administrator, you can retrieve the statistics for all the resources associated with the active member accounts in your organization who have enabled Runtime Monitoring and have the GuardDuty security agent running on their resources.
", @@ -44,7 +44,7 @@ "GetRemainingFreeTrialDays": "Provides the number of days left for each data source used in the free trial period.
", "GetThreatIntelSet": "Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.
", "GetUsageStatistics": "Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID. For newly enabled detectors or data sources, the cost returned will include only the usage so far under 30 days. This may differ from the cost metrics in the console, which project usage over 30 days to provide a monthly cost estimate. For more information, see Understanding How Usage Costs are Calculated.
", - "InviteMembers": "Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using Amazon Web Services Organizations to manage your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations.
To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation.
After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers, including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers again. To remove the details associated with a member account, you must also invoke DeleteMembers.
", + "InviteMembers": "Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API. If you are using Amazon Web Services Organizations to manage your GuardDuty environment, this step is not needed. For more information, see Managing accounts with organizations.
To invite Amazon Web Services accounts, the first step is to ensure that GuardDuty has been enabled in the potential member accounts. You can now invoke this API to add accounts by invitation. The invited accounts can either accept or decline the invitation from their GuardDuty accounts. Each invited Amazon Web Services account can choose to accept the invitation from only one Amazon Web Services account. For more information, see Managing GuardDuty accounts by invitation.
After the invite has been accepted and you choose to disassociate a member account (by using DisassociateMembers) from your account, the details of the member account obtained by invoking CreateMembers, including the associated email addresses, will be retained. This is done so that you can invoke InviteMembers without the need to invoke CreateMembers again. To remove the details associated with a member account, you must also invoke DeleteMembers.
If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.
When the member accounts added through Organizations are later disassociated, you (administrator) can't invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.
", "ListCoverage": "Lists coverage details for your GuardDuty account. If you're a GuardDuty administrator, you can retrieve all resources associated with the active member accounts in your organization.
Make sure the accounts have Runtime Monitoring enabled and GuardDuty agent running on their resources.
", "ListDetectors": "Lists detectorIds of all the existing Amazon GuardDuty detector resources.
", "ListFilters": "Returns a paginated list of the current filters.
", @@ -440,9 +440,9 @@ } }, "CoverageEc2InstanceDetails": { - "base": "This API is also used when you use GuardDuty Runtime Monitoring for your Amazon EC2 instances (currently in preview release) and is subject to change. The use of this API is subject to Section 2 of the Amazon Web Services Service Terms (\"Betas and Previews\").
Contains information about the Amazon EC2 instance runtime coverage details.
", + "base": "Contains information about the Amazon EC2 instance runtime coverage details.
", "refs": { - "CoverageResourceDetails$Ec2InstanceDetails": "This API is also used when you use GuardDuty Runtime Monitoring for your Amazon EC2 instances (currently in preview release) and is subject to change. The use of this API is subject to Section 2 of the Amazon Web Services Service Terms (\"Betas and Previews\").
Information about the Amazon EC2 instance assessed for runtime coverage.
" + "CoverageResourceDetails$Ec2InstanceDetails": "Information about the Amazon EC2 instance assessed for runtime coverage.
" } }, "CoverageEcsClusterDetails": { @@ -2801,7 +2801,7 @@ "DisableOrganizationAdminAccountRequest$AdminAccountId": "The Amazon Web Services Account ID for the organizations account to be disabled as a GuardDuty delegated administrator.
", "DnsRequestAction$Domain": "The domain information for the DNS query.
", "DnsRequestAction$Protocol": "The network connection protocol observed in the activity that prompted GuardDuty to generate the finding.
", - "DnsRequestAction$DomainWithSuffix": "The second and top level domain involved in the activity that prompted GuardDuty to generate this finding.
", + "DnsRequestAction$DomainWithSuffix": "The second and top level domain involved in the activity that potentially prompted GuardDuty to generate this finding. For a list of top-level and second-level domains, see public suffix list.
", "DomainDetails$Domain": "The domain information for the Amazon Web Services API call.
", "EbsVolumeScanDetails$ScanId": "Unique Id of the malware scan that generated the finding.
", "EbsVolumeScanDetails$TriggerFindingId": "GuardDuty finding ID that triggered a malware scan.
", @@ -2991,6 +2991,11 @@ "RuntimeContext$ModuleSha256": "The SHA256 hash of the module.
The path to the modified shell history file.
", "RuntimeContext$AddressFamily": "Represents the communication protocol associated with the address. For example, the address family AF_INET is used for IP version of 4 protocol.
Name of the potentially suspicious tool.
", + "RuntimeContext$ToolCategory": "Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.
", + "RuntimeContext$ServiceName": "Name of the security service that has been potentially disabled.
", + "RuntimeContext$CommandLineExample": "Example of the command line involved in the suspicious activity.
", + "RuntimeContext$ThreatFilePath": "The suspicious file path for which the threat intelligence details were found.
", "S3BucketDetail$Arn": "The Amazon Resource Name (ARN) of the S3 bucket.
", "S3BucketDetail$Name": "The name of the S3 bucket.
", "S3BucketDetail$Type": "Describes whether the bucket is a source or destination bucket.
", @@ -3019,6 +3024,7 @@ "Tag$Value": "The EC2 instance tag value.
", "ThreatIntelSetIds$member": null, "ThreatIntelligenceDetail$ThreatListName": "The name of the threat intelligence list that triggered the finding.
", + "ThreatIntelligenceDetail$ThreatFileSha256": "SHA256 of the file that generated the finding.
", "ThreatNames$member": null, "Total$Amount": "The total usage.
", "Total$Unit": "The currency unit that the amount is given in.
", diff --git a/models/apis/oam/2022-06-10/api-2.json b/models/apis/oam/2022-06-10/api-2.json index bb0eb02845f..92e73507647 100644 --- a/models/apis/oam/2022-06-10/api-2.json +++ b/models/apis/oam/2022-06-10/api-2.json @@ -604,7 +604,8 @@ "AWS::CloudWatch::Metric", "AWS::Logs::LogGroup", "AWS::XRay::Trace", - "AWS::ApplicationInsights::Application" + "AWS::ApplicationInsights::Application", + "AWS::InternetMonitor::Monitor" ] }, "ResourceTypesInput":{ diff --git a/models/apis/oam/2022-06-10/endpoint-rule-set-1.json b/models/apis/oam/2022-06-10/endpoint-rule-set-1.json index 8e08eb2b3f9..66108a30441 100644 --- a/models/apis/oam/2022-06-10/endpoint-rule-set-1.json +++ b/models/apis/oam/2022-06-10/endpoint-rule-set-1.json @@ -40,7 +40,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -59,7 +58,6 @@ }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [ @@ -87,13 +85,14 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [ @@ -106,7 +105,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -120,7 +118,6 @@ "assign": "PartitionResult" } ], - "type": "tree", "rules": [ { "conditions": [ @@ -143,7 +140,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -178,11 +174,9 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -193,16 +187,19 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS and DualStack are enabled, but this partition does not support one or both", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -216,14 +213,12 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ - true, { "fn": "getAttr", "argv": [ @@ -232,15 +227,14 @@ }, "supportsFIPS" ] - } + }, + true ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -251,16 +245,19 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS is enabled but this partition does not support FIPS", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -274,7 +271,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -294,11 +290,9 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -309,20 +303,22 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "DualStack is enabled but this partition does not support DualStack", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [], - "type": "tree", "rules": [ { "conditions": [], @@ -333,18 +329,22 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "Invalid Configuration: Missing Region", "type": "error" } - ] + ], + "type": "tree" } ] } \ No newline at end of file diff --git a/models/apis/quicksight/2018-04-01/api-2.json b/models/apis/quicksight/2018-04-01/api-2.json index 47aac27e29f..d3f5ec62b0c 100644 --- a/models/apis/quicksight/2018-04-01/api-2.json +++ b/models/apis/quicksight/2018-04-01/api-2.json @@ -9426,6 +9426,8 @@ "members":{ "AwsAccountId":{"shape":"AwsAccountId"}, "IpRestrictionRuleMap":{"shape":"IpRestrictionRuleMap"}, + "VpcIdRestrictionRuleMap":{"shape":"VpcIdRestrictionRuleMap"}, + "VpcEndpointIdRestrictionRuleMap":{"shape":"VpcEndpointIdRestrictionRuleMap"}, "Enabled":{"shape":"NullableBoolean"}, "RequestId":{"shape":"String"}, "Status":{ @@ -17341,7 +17343,7 @@ }, "SqlQuery":{ "type":"string", - "max":65536, + "max":168000, "min":1 }, "SqlServerParameters":{ @@ -19750,6 +19752,8 @@ "locationName":"AwsAccountId" }, "IpRestrictionRuleMap":{"shape":"IpRestrictionRuleMap"}, + "VpcIdRestrictionRuleMap":{"shape":"VpcIdRestrictionRuleMap"}, + "VpcEndpointIdRestrictionRuleMap":{"shape":"VpcEndpointIdRestrictionRuleMap"}, "Enabled":{"shape":"NullableBoolean"} } }, @@ -20590,6 +20594,38 @@ "VpcConnectionArn":{"shape":"Arn"} } }, + "VpcEndpointId":{ + "type":"string", + "max":255, + "min":1, + "pattern":"^vpce-[0-9a-z]*$" + }, + "VpcEndpointIdRestrictionRuleDescription":{ + "type":"string", + "max":150, + "min":0 + }, + "VpcEndpointIdRestrictionRuleMap":{ + "type":"map", + "key":{"shape":"VpcEndpointId"}, + "value":{"shape":"VpcEndpointIdRestrictionRuleDescription"} + }, + "VpcId":{ + "type":"string", + "max":255, + "min":1, + "pattern":"^vpc-[0-9a-z]*$" + }, + "VpcIdRestrictionRuleDescription":{ + "type":"string", + "max":150, + "min":0 + }, + "VpcIdRestrictionRuleMap":{ + "type":"map", + "key":{"shape":"VpcId"}, + "value":{"shape":"VpcIdRestrictionRuleDescription"} + }, "Warehouse":{ "type":"string", "max":128 diff --git a/models/apis/quicksight/2018-04-01/docs-2.json b/models/apis/quicksight/2018-04-01/docs-2.json index c0fc19cb51c..515084136b5 100644 --- a/models/apis/quicksight/2018-04-01/docs-2.json +++ b/models/apis/quicksight/2018-04-01/docs-2.json @@ -158,7 +158,7 @@ "UpdateGroup": "Changes a group description.
", "UpdateIAMPolicyAssignment": "Updates an existing IAM policy assignment. This operation updates only the optional parameter or parameters that are specified in the request. This overwrites all of the users included in Identities.
Adds or updates services and authorized targets to configure what the Amazon QuickSight IAM Identity Center application can access.
This operation is only supported for Amazon QuickSight accounts using IAM Identity Center
", - "UpdateIpRestriction": "Updates the content and status of IP rules. To use this operation, you must provide the entire map of rules. You can use the DescribeIpRestriction operation to get the current rule map.
Updates the content and status of IP rules. Traffic from a source is allowed when the source satisfies either the IpRestrictionRule, VpcIdRestrictionRule, or VpcEndpointIdRestrictionRule. To use this operation, you must provide the entire map of rules. You can use the DescribeIpRestriction operation to get the current rule map.
Use the UpdatePublicSharingSettings operation to turn on or turn off the public sharing settings of an Amazon QuickSight dashboard.
To use this operation, turn on session capacity pricing for your Amazon QuickSight account.
Before you can turn on public sharing on your account, make sure to give public sharing permissions to an administrative user in the Identity and Access Management (IAM) console. For more information on using IAM with Amazon QuickSight, see Using Amazon QuickSight with IAM in the Amazon QuickSight User Guide.
", "UpdateRefreshSchedule": "Updates a refresh schedule for a dataset.
", "UpdateRoleCustomPermission": "Updates the custom permissions that are associated with a role.
", @@ -674,7 +674,7 @@ "ArnList": { "base": null, "refs": { - "GenerateEmbedUrlForAnonymousUserRequest$AuthorizedResourceArns": "The Amazon Resource Names (ARNs) for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session.
If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view.
Currently, you can pass up to 25 dashboard ARNs in each API call.
" + "GenerateEmbedUrlForAnonymousUserRequest$AuthorizedResourceArns": "The Amazon Resource Names (ARNs) for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session.
If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view.
If you want to make changes to the theme of your embedded content, pass a list of theme ARNs that the anonymous users need access to.
Currently, you can pass up to 25 theme ARNs in each API call.
" } }, "AssetBundleCloudFormationOverridePropertyConfiguration": { @@ -3557,7 +3557,7 @@ } }, "DatasetParameter": { - "base": "A dataset parameter.
", + "base": "A parameter that is created in a dataset. The parameter can be a string, integer, decimal, or datetime data type.
", "refs": { "DatasetParameterList$member": null } @@ -3591,7 +3591,7 @@ } }, "DatasetParameterValueType": { - "base": null, + "base": "The value type of the parameter. The value type is used to validate the parameter before it is evaluated.
", "refs": { "DateTimeDatasetParameter$ValueType": "The value type of the dataset parameter. Valid values are single value or multi value.
The value type of the dataset parameter. Valid values are single value or multi value.
Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.
" } }, + "VpcEndpointId": { + "base": null, + "refs": { + "VpcEndpointIdRestrictionRuleMap$key": null + } + }, + "VpcEndpointIdRestrictionRuleDescription": { + "base": null, + "refs": { + "VpcEndpointIdRestrictionRuleMap$value": null + } + }, + "VpcEndpointIdRestrictionRuleMap": { + "base": null, + "refs": { + "DescribeIpRestrictionResponse$VpcEndpointIdRestrictionRuleMap": "A map of allowed VPC endpoint IDs and their rule descriptions.
", + "UpdateIpRestrictionRequest$VpcEndpointIdRestrictionRuleMap": "A map of allowed VPC endpoint IDs and their corresponding rule descriptions.
" + } + }, + "VpcId": { + "base": null, + "refs": { + "VpcIdRestrictionRuleMap$key": null + } + }, + "VpcIdRestrictionRuleDescription": { + "base": null, + "refs": { + "VpcIdRestrictionRuleMap$value": null + } + }, + "VpcIdRestrictionRuleMap": { + "base": null, + "refs": { + "DescribeIpRestrictionResponse$VpcIdRestrictionRuleMap": "A map of allowed VPC IDs and their rule descriptions.
", + "UpdateIpRestrictionRequest$VpcIdRestrictionRuleMap": "A map of VPC IDs and their corresponding rules. When you configure this parameter, traffic from all VPC endpoints that are present in the specified VPC is allowed.
" + } + }, "Warehouse": { "base": null, "refs": { diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index b54a34aab79..a6cbf950d46 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -27736,6 +27736,16 @@ "us-isob-east-1" : { } } }, + "medialive" : { + "endpoints" : { + "us-isob-east-1" : { } + } + }, + "mediapackage" : { + "endpoints" : { + "us-isob-east-1" : { } + } + }, "metering.marketplace" : { "defaults" : { "credentialScope" : { diff --git a/service/computeoptimizer/api.go b/service/computeoptimizer/api.go index 49eda8f53ab..b0db27a60bf 100644 --- a/service/computeoptimizer/api.go +++ b/service/computeoptimizer/api.go @@ -3518,11 +3518,18 @@ func (s *CurrentPerformanceRiskRatings) SetVeryLow(v int64) *CurrentPerformanceR type CustomizableMetricParameters struct { _ struct{} `type:"structure"` - // The headroom threshold value in percentage used for the specified metric - // parameter. + // The headroom value in percentage used for the specified metric parameter. + // + // The following lists the valid values for CPU and memory utilization. + // + // * CPU utilization: PERCENT_30 | PERCENT_20 | PERCENT_0 + // + // * Memory utilization: PERCENT_30 | PERCENT_20 | PERCENT_10 Headroom *string `locationName:"headroom" type:"string" enum:"CustomizableMetricHeadroom"` // The threshold value used for the specified metric parameter. + // + // You can only specify the threshold value for CPU utilization. Threshold *string `locationName:"threshold" type:"string" enum:"CustomizableMetricThreshold"` } @@ -4993,7 +5000,7 @@ type EffectiveRecommendationPreferences struct { // for a resource. SavingsEstimationMode *InstanceSavingsEstimationMode `locationName:"savingsEstimationMode" type:"structure"` - // The resource’s CPU utilization threshold preferences, such as threshold + // The resource’s CPU and memory utilization preferences, such as threshold // and headroom, that are used to generate rightsizing recommendations. // // This preference is only available for the Amazon EC2 instance resource type. @@ -7429,7 +7436,7 @@ type GetEffectiveRecommendationPreferencesOutput struct { // actions. PreferredResources []*EffectivePreferredResource `locationName:"preferredResources" type:"list"` - // The resource’s CPU utilization threshold preferences, such as threshold + // The resource’s CPU and memory utilization preferences, such as threshold // and headroom, that were used to generate rightsizing recommendations. It // considers all applicable preferences that you set at the resource, account, // and organization level. @@ -10798,15 +10805,24 @@ type PutRecommendationPreferencesInput struct { // level only for standalone instances. Scope *Scope `locationName:"scope" type:"structure"` - // The preference to control the resource’s CPU utilization thresholds - threshold - // and headroom. When this preference isn't specified, we use the following - // default values: + // The preference to control the resource’s CPU utilization threshold, CPU + // utilization headroom, and memory utilization headroom. When this preference + // isn't specified, we use the following default values. + // + // CPU utilization: // // * P99_5 for threshold // - // * PERCENT_17 for headroom + // * PERCENT_20 for headroom + // + // Memory utilization: // - // You can only set this preference for the Amazon EC2 instance resource type. + // * PERCENT_20 for headroom + // + // * You can only set CPU and memory utilization preferences for the Amazon + // EC2 instance resource type. + // + // * The threshold setting isn’t available for memory utilization. UtilizationPreferences []*UtilizationPreference `locationName:"utilizationPreferences" type:"list"` } @@ -11160,8 +11176,9 @@ type RecommendationPreferencesDetail struct { // in the Compute Optimizer User Guide. Scope *Scope `locationName:"scope" type:"structure"` - // The preference to control the resource’s CPU utilization thresholds - threshold - // and headroom. If the preference isn’t set, this object is null. + // The preference to control the resource’s CPU utilization threshold, CPU + // utilization headroom, and memory utilization headroom. If the preference + // isn’t set, this object is null. // // This preference is only available for the Amazon EC2 instance resource type. UtilizationPreferences []*UtilizationPreference `locationName:"utilizationPreferences" type:"list"` @@ -12308,8 +12325,6 @@ type UtilizationPreference struct { _ struct{} `type:"structure"` // The name of the resource utilization metric name to customize. - // - // Compute Optimizer only supports CpuUtilization. MetricName *string `locationName:"metricName" type:"string" enum:"CustomizableMetricName"` // The parameters to set when customizing the resource utilization thresholds. @@ -12735,6 +12750,9 @@ const ( // CustomizableMetricHeadroomPercent20 is a CustomizableMetricHeadroom enum value CustomizableMetricHeadroomPercent20 = "PERCENT_20" + // CustomizableMetricHeadroomPercent10 is a CustomizableMetricHeadroom enum value + CustomizableMetricHeadroomPercent10 = "PERCENT_10" + // CustomizableMetricHeadroomPercent0 is a CustomizableMetricHeadroom enum value CustomizableMetricHeadroomPercent0 = "PERCENT_0" ) @@ -12744,6 +12762,7 @@ func CustomizableMetricHeadroom_Values() []string { return []string{ CustomizableMetricHeadroomPercent30, CustomizableMetricHeadroomPercent20, + CustomizableMetricHeadroomPercent10, CustomizableMetricHeadroomPercent0, } } @@ -12751,12 +12770,16 @@ func CustomizableMetricHeadroom_Values() []string { const ( // CustomizableMetricNameCpuUtilization is a CustomizableMetricName enum value CustomizableMetricNameCpuUtilization = "CpuUtilization" + + // CustomizableMetricNameMemoryUtilization is a CustomizableMetricName enum value + CustomizableMetricNameMemoryUtilization = "MemoryUtilization" ) // CustomizableMetricName_Values returns all elements of the CustomizableMetricName enum func CustomizableMetricName_Values() []string { return []string{ CustomizableMetricNameCpuUtilization, + CustomizableMetricNameMemoryUtilization, } } diff --git a/service/ec2/api.go b/service/ec2/api.go index 5cf95524083..1caf98b95f1 100644 --- a/service/ec2/api.go +++ b/service/ec2/api.go @@ -195850,6 +195850,15 @@ const ( // InstanceTypeR7izMetal32xl is a InstanceType enum value InstanceTypeR7izMetal32xl = "r7iz.metal-32xl" + + // InstanceTypeC7gdMetal is a InstanceType enum value + InstanceTypeC7gdMetal = "c7gd.metal" + + // InstanceTypeM7gdMetal is a InstanceType enum value + InstanceTypeM7gdMetal = "m7gd.metal" + + // InstanceTypeR7gdMetal is a InstanceType enum value + InstanceTypeR7gdMetal = "r7gd.metal" ) // InstanceType_Values returns all elements of the InstanceType enum @@ -196638,6 +196647,9 @@ func InstanceType_Values() []string { InstanceTypeR7iMetal48xl, InstanceTypeR7izMetal16xl, InstanceTypeR7izMetal32xl, + InstanceTypeC7gdMetal, + InstanceTypeM7gdMetal, + InstanceTypeR7gdMetal, } } diff --git a/service/eks/api.go b/service/eks/api.go index 6c7ac3068d2..f520331d2f0 100644 --- a/service/eks/api.go +++ b/service/eks/api.go @@ -19826,6 +19826,12 @@ const ( // NodegroupIssueCodeAutoScalingGroupInstanceRefreshActive is a NodegroupIssueCode enum value NodegroupIssueCodeAutoScalingGroupInstanceRefreshActive = "AutoScalingGroupInstanceRefreshActive" + + // NodegroupIssueCodeKubernetesLabelInvalid is a NodegroupIssueCode enum value + NodegroupIssueCodeKubernetesLabelInvalid = "KubernetesLabelInvalid" + + // NodegroupIssueCodeEc2launchTemplateVersionMaxLimitExceeded is a NodegroupIssueCode enum value + NodegroupIssueCodeEc2launchTemplateVersionMaxLimitExceeded = "Ec2LaunchTemplateVersionMaxLimitExceeded" ) // NodegroupIssueCode_Values returns all elements of the NodegroupIssueCode enum @@ -19864,6 +19870,8 @@ func NodegroupIssueCode_Values() []string { NodegroupIssueCodeLimitExceeded, NodegroupIssueCodeUnknown, NodegroupIssueCodeAutoScalingGroupInstanceRefreshActive, + NodegroupIssueCodeKubernetesLabelInvalid, + NodegroupIssueCodeEc2launchTemplateVersionMaxLimitExceeded, } } diff --git a/service/guardduty/api.go b/service/guardduty/api.go index 269d6d0775a..4739085a551 100644 --- a/service/guardduty/api.go +++ b/service/guardduty/api.go @@ -606,18 +606,20 @@ func (c *GuardDuty) CreateMembersRequest(input *CreateMembersInput) (req *reques // For more information about the existing auto-enable settings for your organization, // see DescribeOrganizationConfiguration (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DescribeOrganizationConfiguration.html). // -// If you are adding accounts by invitation, before using InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html), -// use CreateMembers after GuardDuty has been enabled in potential member accounts. -// -// If you disassociate a member from a GuardDuty delegated administrator, the -// member account details obtained from this API, including the associated email -// addresses, will be retained. This is done so that the delegated administrator -// can invoke the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) +// If you disassociate a member account that was added by invitation, the member +// account details obtained from this API, including the associated email addresses, +// will be retained. This is done so that the delegated administrator can invoke +// the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) // API without the need to invoke the CreateMembers API again. To remove the // details associated with a member account, the delegated administrator must // invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) // API. // +// When the member accounts added through Organizations are later disassociated, +// you (administrator) can't invite them by calling the InviteMembers API. You +// can create an association with these member accounts again only by calling +// the CreateMembers API. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -2290,6 +2292,20 @@ func (c *GuardDuty) DisassociateMembersRequest(input *DisassociateMembersInput) // to ALL, you'll receive an error if you attempt to disassociate a member account // before removing them from your organization. // +// If you disassociate a member account that was added by invitation, the member +// account details obtained from this API, including the associated email addresses, +// will be retained. This is done so that the delegated administrator can invoke +// the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) +// API without the need to invoke the CreateMembers API again. To remove the +// details associated with a member account, the delegated administrator must +// invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) +// API. +// +// When the member accounts added through Organizations are later disassociated, +// you (administrator) can't invite them by calling the InviteMembers API. You +// can create an association with these member accounts again only by calling +// the CreateMembers API. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -3894,6 +3910,20 @@ func (c *GuardDuty) InviteMembersRequest(input *InviteMembersInput) (req *reques // again. To remove the details associated with a member account, you must also // invoke DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html). // +// If you disassociate a member account that was added by invitation, the member +// account details obtained from this API, including the associated email addresses, +// will be retained. This is done so that the delegated administrator can invoke +// the InviteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_InviteMembers.html) +// API without the need to invoke the CreateMembers API again. To remove the +// details associated with a member account, the delegated administrator must +// invoke the DeleteMembers (https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DeleteMembers.html) +// API. +// +// When the member accounts added through Organizations are later disassociated, +// you (administrator) can't invite them by calling the InviteMembers API. You +// can create an association with these member accounts again only by calling +// the CreateMembers API. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -8544,11 +8574,6 @@ func (s *Country) SetCountryName(v string) *Country { return s } -// This API is also used when you use GuardDuty Runtime Monitoring for your -// Amazon EC2 instances (currently in preview release) and is subject to change. -// The use of this API is subject to Section 2 of the Amazon Web Services Service -// Terms (http://aws.amazon.com/service-terms/) ("Betas and Previews"). -// // Contains information about the Amazon EC2 instance runtime coverage details. type CoverageEc2InstanceDetails struct { _ struct{} `type:"structure"` @@ -8964,12 +8989,6 @@ func (s *CoverageResource) SetUpdatedAt(v time.Time) *CoverageResource { type CoverageResourceDetails struct { _ struct{} `type:"structure"` - // - // This API is also used when you use GuardDuty Runtime Monitoring for your - // Amazon EC2 instances (currently in preview release) and is subject to change. - // The use of this API is subject to Section 2 of the Amazon Web Services Service - // Terms (http://aws.amazon.com/service-terms/) ("Betas and Previews"). - // // Information about the Amazon EC2 instance assessed for runtime coverage. Ec2InstanceDetails *CoverageEc2InstanceDetails `locationName:"ec2InstanceDetails" type:"structure"` @@ -12466,8 +12485,9 @@ type DnsRequestAction struct { // The domain information for the DNS query. Domain *string `locationName:"domain" type:"string"` - // The second and top level domain involved in the activity that prompted GuardDuty - // to generate this finding. + // The second and top level domain involved in the activity that potentially + // prompted GuardDuty to generate this finding. For a list of top-level and + // second-level domains, see public suffix list (https://publicsuffix.org/). DomainWithSuffix *string `locationName:"domainWithSuffix" type:"string"` // The network connection protocol observed in the activity that prompted GuardDuty @@ -21254,6 +21274,9 @@ type RuntimeContext struct { // the address family AF_INET is used for IP version of 4 protocol. AddressFamily *string `locationName:"addressFamily" type:"string"` + // Example of the command line involved in the suspicious activity. + CommandLineExample *string `locationName:"commandLineExample" type:"string"` + // Represents the type of mounted fileSystem. FileSystemType *string `locationName:"fileSystemType" type:"string"` @@ -21307,6 +21330,9 @@ type RuntimeContext struct { // The path to the script that was executed. ScriptPath *string `locationName:"scriptPath" type:"string"` + // Name of the security service that has been potentially disabled. + ServiceName *string `locationName:"serviceName" type:"string"` + // The path to the modified shell history file. ShellHistoryFilePath *string `locationName:"shellHistoryFilePath" type:"string"` @@ -21316,6 +21342,16 @@ type RuntimeContext struct { // Information about the process that had its memory overwritten by the current // process. TargetProcess *ProcessDetails `locationName:"targetProcess" type:"structure"` + + // The suspicious file path for which the threat intelligence details were found. + ThreatFilePath *string `locationName:"threatFilePath" type:"string"` + + // Category that the tool belongs to. Some of the examples are Backdoor Tool, + // Pentest Tool, Network Scanner, and Network Sniffer. + ToolCategory *string `locationName:"toolCategory" type:"string"` + + // Name of the potentially suspicious tool. + ToolName *string `locationName:"toolName" type:"string"` } // String returns the string representation. @@ -21342,6 +21378,12 @@ func (s *RuntimeContext) SetAddressFamily(v string) *RuntimeContext { return s } +// SetCommandLineExample sets the CommandLineExample field's value. +func (s *RuntimeContext) SetCommandLineExample(v string) *RuntimeContext { + s.CommandLineExample = &v + return s +} + // SetFileSystemType sets the FileSystemType field's value. func (s *RuntimeContext) SetFileSystemType(v string) *RuntimeContext { s.FileSystemType = &v @@ -21438,6 +21480,12 @@ func (s *RuntimeContext) SetScriptPath(v string) *RuntimeContext { return s } +// SetServiceName sets the ServiceName field's value. +func (s *RuntimeContext) SetServiceName(v string) *RuntimeContext { + s.ServiceName = &v + return s +} + // SetShellHistoryFilePath sets the ShellHistoryFilePath field's value. func (s *RuntimeContext) SetShellHistoryFilePath(v string) *RuntimeContext { s.ShellHistoryFilePath = &v @@ -21456,6 +21504,24 @@ func (s *RuntimeContext) SetTargetProcess(v *ProcessDetails) *RuntimeContext { return s } +// SetThreatFilePath sets the ThreatFilePath field's value. +func (s *RuntimeContext) SetThreatFilePath(v string) *RuntimeContext { + s.ThreatFilePath = &v + return s +} + +// SetToolCategory sets the ToolCategory field's value. +func (s *RuntimeContext) SetToolCategory(v string) *RuntimeContext { + s.ToolCategory = &v + return s +} + +// SetToolName sets the ToolName field's value. +func (s *RuntimeContext) SetToolName(v string) *RuntimeContext { + s.ToolName = &v + return s +} + // Information about the process and any required context values for a specific // finding. type RuntimeDetails struct { @@ -23159,6 +23225,9 @@ func (s *ThreatDetectedByName) SetUniqueThreatNameCount(v int64) *ThreatDetected type ThreatIntelligenceDetail struct { _ struct{} `type:"structure"` + // SHA256 of the file that generated the finding. + ThreatFileSha256 *string `locationName:"threatFileSha256" type:"string"` + // The name of the threat intelligence list that triggered the finding. ThreatListName *string `locationName:"threatListName" type:"string"` @@ -23185,6 +23254,12 @@ func (s ThreatIntelligenceDetail) GoString() string { return s.String() } +// SetThreatFileSha256 sets the ThreatFileSha256 field's value. +func (s *ThreatIntelligenceDetail) SetThreatFileSha256(v string) *ThreatIntelligenceDetail { + s.ThreatFileSha256 = &v + return s +} + // SetThreatListName sets the ThreatListName field's value. func (s *ThreatIntelligenceDetail) SetThreatListName(v string) *ThreatIntelligenceDetail { s.ThreatListName = &v @@ -25652,6 +25727,9 @@ const ( // FeatureAdditionalConfigurationEcsFargateAgentManagement is a FeatureAdditionalConfiguration enum value FeatureAdditionalConfigurationEcsFargateAgentManagement = "ECS_FARGATE_AGENT_MANAGEMENT" + + // FeatureAdditionalConfigurationEc2AgentManagement is a FeatureAdditionalConfiguration enum value + FeatureAdditionalConfigurationEc2AgentManagement = "EC2_AGENT_MANAGEMENT" ) // FeatureAdditionalConfiguration_Values returns all elements of the FeatureAdditionalConfiguration enum @@ -25659,6 +25737,7 @@ func FeatureAdditionalConfiguration_Values() []string { return []string{ FeatureAdditionalConfigurationEksAddonManagement, FeatureAdditionalConfigurationEcsFargateAgentManagement, + FeatureAdditionalConfigurationEc2AgentManagement, } } @@ -25940,6 +26019,9 @@ const ( // OrgFeatureAdditionalConfigurationEcsFargateAgentManagement is a OrgFeatureAdditionalConfiguration enum value OrgFeatureAdditionalConfigurationEcsFargateAgentManagement = "ECS_FARGATE_AGENT_MANAGEMENT" + + // OrgFeatureAdditionalConfigurationEc2AgentManagement is a OrgFeatureAdditionalConfiguration enum value + OrgFeatureAdditionalConfigurationEc2AgentManagement = "EC2_AGENT_MANAGEMENT" ) // OrgFeatureAdditionalConfiguration_Values returns all elements of the OrgFeatureAdditionalConfiguration enum @@ -25947,6 +26029,7 @@ func OrgFeatureAdditionalConfiguration_Values() []string { return []string{ OrgFeatureAdditionalConfigurationEksAddonManagement, OrgFeatureAdditionalConfigurationEcsFargateAgentManagement, + OrgFeatureAdditionalConfigurationEc2AgentManagement, } } diff --git a/service/oam/api.go b/service/oam/api.go index 434daeccee8..ea0eed6a685 100644 --- a/service/oam/api.go +++ b/service/oam/api.go @@ -3942,6 +3942,9 @@ const ( // ResourceTypeAwsApplicationInsightsApplication is a ResourceType enum value ResourceTypeAwsApplicationInsightsApplication = "AWS::ApplicationInsights::Application" + + // ResourceTypeAwsInternetMonitorMonitor is a ResourceType enum value + ResourceTypeAwsInternetMonitorMonitor = "AWS::InternetMonitor::Monitor" ) // ResourceType_Values returns all elements of the ResourceType enum @@ -3951,5 +3954,6 @@ func ResourceType_Values() []string { ResourceTypeAwsLogsLogGroup, ResourceTypeAwsXrayTrace, ResourceTypeAwsApplicationInsightsApplication, + ResourceTypeAwsInternetMonitorMonitor, } } diff --git a/service/quicksight/api.go b/service/quicksight/api.go index 57fe31c1ed6..86221a6ce69 100644 --- a/service/quicksight/api.go +++ b/service/quicksight/api.go @@ -18137,8 +18137,10 @@ func (c *QuickSight) UpdateIpRestrictionRequest(input *UpdateIpRestrictionInput) // UpdateIpRestriction API operation for Amazon QuickSight. // -// Updates the content and status of IP rules. To use this operation, you must -// provide the entire map of rules. You can use the DescribeIpRestriction operation +// Updates the content and status of IP rules. Traffic from a source is allowed +// when the source satisfies either the IpRestrictionRule, VpcIdRestrictionRule, +// or VpcEndpointIdRestrictionRule. To use this operation, you must provide +// the entire map of rules. You can use the DescribeIpRestriction operation // to get the current rule map. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -41125,7 +41127,8 @@ func (s *DatasetMetadata) SetNamedEntities(v []*TopicNamedEntity) *DatasetMetada return s } -// A dataset parameter. +// A parameter that is created in a dataset. The parameter can be a string, +// integer, decimal, or datetime data type. type DatasetParameter struct { _ struct{} `type:"structure"` @@ -50267,6 +50270,12 @@ type DescribeIpRestrictionOutput struct { // The HTTP status of the request. Status *int64 `location:"statusCode" type:"integer"` + + // A map of allowed VPC endpoint IDs and their rule descriptions. + VpcEndpointIdRestrictionRuleMap map[string]*string `type:"map"` + + // A map of allowed VPC IDs and their rule descriptions. + VpcIdRestrictionRuleMap map[string]*string `type:"map"` } // String returns the string representation. @@ -50317,6 +50326,18 @@ func (s *DescribeIpRestrictionOutput) SetStatus(v int64) *DescribeIpRestrictionO return s } +// SetVpcEndpointIdRestrictionRuleMap sets the VpcEndpointIdRestrictionRuleMap field's value. +func (s *DescribeIpRestrictionOutput) SetVpcEndpointIdRestrictionRuleMap(v map[string]*string) *DescribeIpRestrictionOutput { + s.VpcEndpointIdRestrictionRuleMap = v + return s +} + +// SetVpcIdRestrictionRuleMap sets the VpcIdRestrictionRuleMap field's value. +func (s *DescribeIpRestrictionOutput) SetVpcIdRestrictionRuleMap(v map[string]*string) *DescribeIpRestrictionOutput { + s.VpcIdRestrictionRuleMap = v + return s +} + type DescribeNamespaceInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -58926,7 +58947,10 @@ type GenerateEmbedUrlForAnonymousUserInput struct { // If you choose Dashboard embedding experience, pass the list of dashboard // ARNs in the account that you want the user to be able to view. // - // Currently, you can pass up to 25 dashboard ARNs in each API call. + // If you want to make changes to the theme of your embedded content, pass a + // list of theme ARNs that the anonymous users need access to. + // + // Currently, you can pass up to 25 theme ARNs in each API call. // // AuthorizedResourceArns is a required field AuthorizedResourceArns []*string `type:"list" required:"true"` @@ -100612,6 +100636,13 @@ type UpdateIpRestrictionInput struct { // A map that describes the updated IP rules with CIDR ranges and descriptions. IpRestrictionRuleMap map[string]*string `type:"map"` + + // A map of allowed VPC endpoint IDs and their corresponding rule descriptions. + VpcEndpointIdRestrictionRuleMap map[string]*string `type:"map"` + + // A map of VPC IDs and their corresponding rules. When you configure this parameter, + // traffic from all VPC endpoints that are present in the specified VPC is allowed. + VpcIdRestrictionRuleMap map[string]*string `type:"map"` } // String returns the string representation. @@ -100666,6 +100697,18 @@ func (s *UpdateIpRestrictionInput) SetIpRestrictionRuleMap(v map[string]*string) return s } +// SetVpcEndpointIdRestrictionRuleMap sets the VpcEndpointIdRestrictionRuleMap field's value. +func (s *UpdateIpRestrictionInput) SetVpcEndpointIdRestrictionRuleMap(v map[string]*string) *UpdateIpRestrictionInput { + s.VpcEndpointIdRestrictionRuleMap = v + return s +} + +// SetVpcIdRestrictionRuleMap sets the VpcIdRestrictionRuleMap field's value. +func (s *UpdateIpRestrictionInput) SetVpcIdRestrictionRuleMap(v map[string]*string) *UpdateIpRestrictionInput { + s.VpcIdRestrictionRuleMap = v + return s +} + type UpdateIpRestrictionOutput struct { _ struct{} `type:"structure"` @@ -107467,6 +107510,8 @@ func DataSourceType_Values() []string { } } +// The value type of the parameter. The value type is used to validate the parameter +// before it is evaluated. const ( // DatasetParameterValueTypeMultiValued is a DatasetParameterValueType enum value DatasetParameterValueTypeMultiValued = "MULTI_VALUED"