From 1ca4e53795ea753632da12c643df43e07317d09e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 15 Jun 2023 14:19:06 +0000 Subject: [PATCH] AWS API Definitions Updated (#636) Co-authored-by: mattBrzezinski --- src/AWSServices.jl | 16 + src/services/acm_pca.jl | 15 +- src/services/amplifyuibuilder.jl | 139 ++- src/services/cloudtrail.jl | 76 +- src/services/codeguru_security.jl | 529 +++++++++ src/services/connect.jl | 133 +++ src/services/drs.jl | 340 ++++++ src/services/dynamodb.jl | 46 +- src/services/ec2.jl | 389 ++++--- src/services/fsx.jl | 39 +- src/services/lightsail.jl | 10 +- src/services/opensearch.jl | 1 + src/services/payment_cryptography.jl | 1022 +++++++++++++++++ src/services/payment_cryptography_data.jl | 897 +++++++++++++++ src/services/rekognition.jl | 408 +++++++ src/services/sagemaker.jl | 38 +- src/services/securityhub.jl | 249 +++++ src/services/service_catalog.jl | 48 +- src/services/simspaceweaver.jl | 6 +- src/services/timestream_write.jl | 9 +- src/services/verifiedpermissions.jl | 1245 +++++++++++++++++++++ src/services/wellarchitected.jl | 544 ++++++++- 22 files changed, 5922 insertions(+), 277 deletions(-) create mode 100644 src/services/codeguru_security.jl create mode 100644 src/services/payment_cryptography.jl create mode 100644 src/services/payment_cryptography_data.jl create mode 100644 src/services/verifiedpermissions.jl diff --git a/src/AWSServices.jl b/src/AWSServices.jl index 7c473bfbb9..6b7f6819c8 100644 --- a/src/AWSServices.jl +++ b/src/AWSServices.jl @@ -144,6 +144,9 @@ const codedeploy = AWS.JSONService( const codeguru_reviewer = AWS.RestJSONService( "codeguru-reviewer", "codeguru-reviewer", "2019-09-19" ) +const codeguru_security = AWS.RestJSONService( + "codeguru-security", "codeguru-security", "2018-05-10" +) const codeguruprofiler = AWS.RestJSONService( "codeguru-profiler", "codeguru-profiler", "2019-07-18" ) @@ -533,6 +536,16 @@ const organizations = AWS.JSONService( const osis = AWS.RestJSONService("osis", "osis", "2022-01-01") const outposts = AWS.RestJSONService("outposts", "outposts", "2019-12-03") const panorama = AWS.RestJSONService("panorama", "panorama", "2019-07-24") +const payment_cryptography = AWS.JSONService( + "payment-cryptography", + "controlplane.payment-cryptography", + "2021-09-14", + "1.0", + "PaymentCryptographyControlPlane", +) +const payment_cryptography_data = AWS.RestJSONService( + "payment-cryptography", "dataplane.payment-cryptography", "2022-02-03" +) const personalize = AWS.JSONService( "personalize", "personalize", "2018-05-22", "1.1", "AmazonPersonalize" ) @@ -717,6 +730,9 @@ const transfer = AWS.JSONService( const translate = AWS.JSONService( "translate", "translate", "2017-07-01", "1.1", "AWSShineFrontendService_20170701" ) +const verifiedpermissions = AWS.JSONService( + "verifiedpermissions", "verifiedpermissions", "2021-12-01", "1.0", "VerifiedPermissions" +) const voice_id = AWS.JSONService("voiceid", "voiceid", "2021-09-27", "1.0", "VoiceID") const vpc_lattice = AWS.RestJSONService("vpc-lattice", "vpc-lattice", "2022-11-30") const waf = AWS.JSONService("waf", "waf", "2015-08-24", "1.1", "AWSWAF_20150824") diff --git a/src/services/acm_pca.jl b/src/services/acm_pca.jl index c81b6d9a99..c9340eb0e2 100644 --- a/src/services/acm_pca.jl +++ b/src/services/acm_pca.jl @@ -40,12 +40,13 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificate authorities. - `"KeyStorageSecurityStandard"`: Specifies a cryptographic key management compliance - standard used for handling CA keys. Default: FIPS_140_2_LEVEL_3_OR_HIGHER Note: - FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in the following Regions: ap-northeast-3 - ap-southeast-3 When creating a CA in these Regions, you must provide - FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard. Failure to do - this results in an InvalidArgsException with the message, \"A certificate authority cannot - be created in this region with the specified security standard.\" + standard used for handling CA keys. Default: FIPS_140_2_LEVEL_3_OR_HIGHER Some Amazon Web + Services Regions do not support the default. When creating a CA in these Regions, you must + provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard. + Failure to do this results in an InvalidArgsException with the message, \"A certificate + authority cannot be created in this region with the specified security standard.\" For + information about security standard support in various Regions, see Storage and security + compliance of Amazon Web Services Private CA private keys. - `"RevocationConfiguration"`: Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. The default is for both certificate validation mechanisms to be @@ -839,7 +840,7 @@ the ARNs of the certificates that you issue by using Amazon Web Services Private - `signing_algorithm`: The name of the algorithm that will be used to sign the certificate to be issued. This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action. The specified signing - algorithm family (RSA or ECDSA) much match the algorithm family of the CA's secret key. + algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. - `validity`: Information describing the end of the validity period of the certificate. This parameter sets the “Not After” date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an diff --git a/src/services/amplifyuibuilder.jl b/src/services/amplifyuibuilder.jl index 0a289ffa76..b03c9dbd83 100644 --- a/src/services/amplifyuibuilder.jl +++ b/src/services/amplifyuibuilder.jl @@ -64,7 +64,7 @@ end create_form(app_id, environment_name, form_to_create) create_form(app_id, environment_name, form_to_create, params::Dict{String,<:Any}) -Creates a new form for an Amplify app. +Creates a new form for an Amplify. # Arguments - `app_id`: The unique ID of the Amplify app to associate with the form. @@ -430,6 +430,45 @@ function export_themes( ) end +""" + get_codegen_job(app_id, environment_name, id) + get_codegen_job(app_id, environment_name, id, params::Dict{String,<:Any}) + +Returns an existing code generation job. + +# Arguments +- `app_id`: The unique ID of the Amplify app associated with the code generation job. +- `environment_name`: The name of the backend environment that is a part of the Amplify app + associated with the code generation job. +- `id`: The unique ID of the code generation job. + +""" +function get_codegen_job( + appId, environmentName, id; aws_config::AbstractAWSConfig=global_aws_config() +) + return amplifyuibuilder( + "GET", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs/$(id)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_codegen_job( + appId, + environmentName, + id, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return amplifyuibuilder( + "GET", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs/$(id)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_component(app_id, environment_name, id) get_component(app_id, environment_name, id, params::Dict{String,<:Any}) @@ -580,6 +619,47 @@ function get_theme( ) end +""" + list_codegen_jobs(app_id, environment_name) + list_codegen_jobs(app_id, environment_name, params::Dict{String,<:Any}) + +Retrieves a list of code generation jobs for a specified Amplify app and backend +environment. + +# Arguments +- `app_id`: The unique ID for the Amplify app. +- `environment_name`: The name of the backend environment that is a part of the Amplify app. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of jobs to retrieve. +- `"nextToken"`: The token to request the next page of results. +""" +function list_codegen_jobs( + appId, environmentName; aws_config::AbstractAWSConfig=global_aws_config() +) + return amplifyuibuilder( + "GET", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_codegen_jobs( + appId, + environmentName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return amplifyuibuilder( + "GET", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ list_components(app_id, environment_name) list_components(app_id, environment_name, params::Dict{String,<:Any}) @@ -786,6 +866,63 @@ function refresh_token( ) end +""" + start_codegen_job(app_id, codegen_job_to_create, environment_name) + start_codegen_job(app_id, codegen_job_to_create, environment_name, params::Dict{String,<:Any}) + +Starts a code generation job for for a specified Amplify app and backend environment. + +# Arguments +- `app_id`: The unique ID for the Amplify app. +- `codegen_job_to_create`: The code generation job resource configuration. +- `environment_name`: The name of the backend environment that is a part of the Amplify app. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: The idempotency token used to ensure that the code generation job + request completes only once. +""" +function start_codegen_job( + appId, + codegenJobToCreate, + environmentName; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return amplifyuibuilder( + "POST", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs", + Dict{String,Any}( + "codegenJobToCreate" => codegenJobToCreate, "clientToken" => string(uuid4()) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function start_codegen_job( + appId, + codegenJobToCreate, + environmentName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return amplifyuibuilder( + "POST", + "/app/$(appId)/environment/$(environmentName)/codegen-jobs", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "codegenJobToCreate" => codegenJobToCreate, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ update_component(app_id, environment_name, id, updated_component) update_component(app_id, environment_name, id, updated_component, params::Dict{String,<:Any}) diff --git a/src/services/cloudtrail.jl b/src/services/cloudtrail.jl index 647af75b4d..c8ced3b70b 100644 --- a/src/services/cloudtrail.jl +++ b/src/services/cloudtrail.jl @@ -485,37 +485,32 @@ function deregister_organization_delegated_admin( end """ - describe_query(query_id) - describe_query(query_id, params::Dict{String,<:Any}) + describe_query() + describe_query(params::Dict{String,<:Any}) Returns metadata about a query, including query run time in milliseconds, number of events -scanned and matched, and query status. You must specify an ARN for EventDataStore, and a -value for QueryID. - -# Arguments -- `query_id`: The query ID. +scanned and matched, and query status. If the query results were delivered to an S3 bucket, +the response also provides the S3 URI and the delivery status. You must specify either a +QueryID or a QueryAlias. Specifying the QueryAlias parameter returns information about the +last query run for the alias. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"EventDataStore"`: The ARN (or the ID suffix of the ARN) of an event data store on which the specified query was run. +- `"QueryAlias"`: The alias that identifies a query template. +- `"QueryId"`: The query ID. """ -function describe_query(QueryId; aws_config::AbstractAWSConfig=global_aws_config()) +function describe_query(; aws_config::AbstractAWSConfig=global_aws_config()) return cloudtrail( - "DescribeQuery", - Dict{String,Any}("QueryId" => QueryId); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, + "DescribeQuery"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET ) end function describe_query( - QueryId, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() ) return cloudtrail( - "DescribeQuery", - Dict{String,Any}(mergewith(_merge, Dict{String,Any}("QueryId" => QueryId), params)); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, + "DescribeQuery", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET ) end @@ -751,7 +746,7 @@ end get_query_results(query_id, params::Dict{String,<:Any}) Gets event data results of a query. You must specify the QueryID value returned by the -StartQuery operation, and an ARN for EventDataStore. +StartQuery operation. # Arguments - `query_id`: The ID of the query for which you want to get results. @@ -1617,41 +1612,32 @@ function start_logging( end """ - start_query(query_statement) - start_query(query_statement, params::Dict{String,<:Any}) - -Starts a CloudTrail Lake query. The required QueryStatement parameter provides your SQL -query, enclosed in single quotation marks. Use the optional DeliveryS3Uri parameter to -deliver the query results to an S3 bucket. + start_query() + start_query(params::Dict{String,<:Any}) -# Arguments -- `query_statement`: The SQL code of your query. +Starts a CloudTrail Lake query. Use the QueryStatement parameter to provide your SQL query, +enclosed in single quotation marks. Use the optional DeliveryS3Uri parameter to deliver the +query results to an S3 bucket. StartQuery requires you specify either the QueryStatement +parameter, or a QueryAlias and any QueryParameters. In the current release, the QueryAlias +and QueryParameters parameters are used only for the queries that populate the CloudTrail +Lake dashboards. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"DeliveryS3Uri"`: The URI for the S3 bucket where CloudTrail delivers the query results. +- `"QueryAlias"`: The alias that identifies a query template. +- `"QueryParameters"`: The query parameters for the specified QueryAlias. +- `"QueryStatement"`: The SQL code of your query. """ -function start_query(QueryStatement; aws_config::AbstractAWSConfig=global_aws_config()) - return cloudtrail( - "StartQuery", - Dict{String,Any}("QueryStatement" => QueryStatement); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, - ) +function start_query(; aws_config::AbstractAWSConfig=global_aws_config()) + return cloudtrail("StartQuery"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET) end function start_query( - QueryStatement, - params::AbstractDict{String}; - aws_config::AbstractAWSConfig=global_aws_config(), + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() ) return cloudtrail( - "StartQuery", - Dict{String,Any}( - mergewith(_merge, Dict{String,Any}("QueryStatement" => QueryStatement), params) - ); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, + "StartQuery", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET ) end @@ -1807,9 +1793,9 @@ specified, or CloudTrail throws an error. RetentionPeriod is in days, and valid integers between 90 and 2557. By default, TerminationProtection is enabled. For event data stores for CloudTrail events, AdvancedEventSelectors includes or excludes management and data events in your event data store. For more information about AdvancedEventSelectors, -see PutEventSelectorsRequestAdvancedEventSelectors. For event data stores for Config -configuration items, Audit Manager evidence, or non-Amazon Web Services events, -AdvancedEventSelectors includes events of that type in your event data store. +see AdvancedEventSelectors. For event data stores for Config configuration items, Audit +Manager evidence, or non-Amazon Web Services events, AdvancedEventSelectors includes events +of that type in your event data store. # Arguments - `event_data_store`: The ARN (or the ID suffix of the ARN) of the event data store that diff --git a/src/services/codeguru_security.jl b/src/services/codeguru_security.jl new file mode 100644 index 0000000000..b90dacb3b9 --- /dev/null +++ b/src/services/codeguru_security.jl @@ -0,0 +1,529 @@ +# This file is auto-generated by AWSMetadata.jl +using AWS +using AWS.AWSServices: codeguru_security +using AWS.Compat +using AWS.UUIDs + +""" + batch_get_findings(finding_identifiers) + batch_get_findings(finding_identifiers, params::Dict{String,<:Any}) + +Returns a list of all requested findings. + +# Arguments +- `finding_identifiers`: A list of finding identifiers. Each identifier consists of a + scanName and a findingId. You retrieve the findingId when you call GetFindings. + +""" +function batch_get_findings( + findingIdentifiers; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "POST", + "/batchGetFindings", + Dict{String,Any}("findingIdentifiers" => findingIdentifiers); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function batch_get_findings( + findingIdentifiers, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "POST", + "/batchGetFindings", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("findingIdentifiers" => findingIdentifiers), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_scan(resource_id, scan_name) + create_scan(resource_id, scan_name, params::Dict{String,<:Any}) + +Use to create a scan using code uploaded to an S3 bucket. + +# Arguments +- `resource_id`: The identifier for an input resource used to create a scan. +- `scan_name`: The unique name that CodeGuru Security uses to track revisions across + multiple scans of the same resource. Only allowed for a STANDARD scan type. If not + specified, it will be auto generated. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"analysisType"`: The type of analysis you want CodeGuru Security to perform in the scan, + either Security or All. The Secuirty type only generates findings related to security. The + All type generates both security findings and quality findings. Defaults to Security type + if missing. +- `"clientToken"`: The idempotency token for the request. Amazon CodeGuru Security uses + this value to prevent the accidental creation of duplicate scans if there are failures and + retries. +- `"scanType"`: The type of scan, either Standard or Express. Defaults to Standard type if + missing. Express scans run on limited resources and use a limited set of detectors to + analyze your code in near-real time. Standard scans have standard resource limits and use + the full set of detectors to analyze your code. +- `"tags"`: An array of key-value pairs used to tag a scan. A tag is a custom attribute + label with two parts: A tag key. For example, CostCenter, Environment, or Secret. Tag + keys are case sensitive. An optional tag value field. For example, 111122223333, + Production, or a team name. Omitting the tag value is the same as using an empty string. + Tag values are case sensitive. +""" +function create_scan( + resourceId, scanName; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "POST", + "/scans", + Dict{String,Any}( + "resourceId" => resourceId, + "scanName" => scanName, + "clientToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_scan( + resourceId, + scanName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "POST", + "/scans", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "resourceId" => resourceId, + "scanName" => scanName, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_upload_url(scan_name) + create_upload_url(scan_name, params::Dict{String,<:Any}) + +Generates a pre-signed URL and request headers used to upload a code resource. You can +upload your code resource to the URL and add the request headers using any HTTP client. + +# Arguments +- `scan_name`: The name of the scan that will use the uploaded resource. CodeGuru Security + uses the unique scan name to track revisions across multiple scans of the same resource. + Use this scanName when you call CreateScan on the code resource you upload to this URL. + +""" +function create_upload_url(scanName; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "POST", + "/uploadUrl", + Dict{String,Any}("scanName" => scanName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_upload_url( + scanName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "POST", + "/uploadUrl", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("scanName" => scanName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_account_configuration() + get_account_configuration(params::Dict{String,<:Any}) + +Use to get account level configuration. + +""" +function get_account_configuration(; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "GET", + "/accountConfiguration/get"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_account_configuration( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "GET", + "/accountConfiguration/get", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_findings(scan_name) + get_findings(scan_name, params::Dict{String,<:Any}) + +Returns a list of all findings generated by a particular scan. + +# Arguments +- `scan_name`: The name of the scan you want to retrieve findings from. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of results to return in the response. Use this + parameter when paginating results. If additional results exist beyond the number you + specify, the nextToken element is returned in the response. Use nextToken in a subsequent + request to retrieve additional results. +- `"nextToken"`: A token to use for paginating results that are returned in the response. + Set the value of this parameter to null for the first request. For subsequent calls, use + the nextToken value returned from the previous request to continue listing results after + the first page. +- `"status"`: The status of the findings you want to get. Pass either Open, Closed, or All. +""" +function get_findings(scanName; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "GET", + "/findings/$(scanName)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_findings( + scanName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "GET", + "/findings/$(scanName)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_metrics_summary(date) + get_metrics_summary(date, params::Dict{String,<:Any}) + +Returns top level metrics about an account from a specified date, including number of open +findings, the categories with most findings, the scans with most open findings, and scans +with most open critical findings. + +# Arguments +- `date`: The date you want to retrieve summary metrics from, rounded to the nearest day. + The date must be within the past two years since metrics data is only stored for two years. + If a date outside of this range is passed, the response will be empty. + +""" +function get_metrics_summary(date; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "GET", + "/metrics/summary", + Dict{String,Any}("date" => date); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_metrics_summary( + date, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "GET", + "/metrics/summary", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("date" => date), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_scan(scan_name) + get_scan(scan_name, params::Dict{String,<:Any}) + +Returns details about a scan, including whether or not a scan has completed. + +# Arguments +- `scan_name`: The name of the scan you want to view details about. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"runId"`: UUID that identifies the individual scan run you want to view details about. + You retrieve this when you call the CreateScan operation. Defaults to the latest scan run + if missing. +""" +function get_scan(scanName; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "GET", "/scans/$(scanName)"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function get_scan( + scanName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "GET", + "/scans/$(scanName)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_findings_metrics(end_date, start_date) + list_findings_metrics(end_date, start_date, params::Dict{String,<:Any}) + +Returns metrics about all findings in an account within a specified time range. + +# Arguments +- `end_date`: The end date of the interval which you want to retrieve metrics from. +- `start_date`: The start date of the interval which you want to retrieve metrics from. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of results to return in the response. Use this + parameter when paginating results. If additional results exist beyond the number you + specify, the nextToken element is returned in the response. Use nextToken in a subsequent + request to retrieve additional results. +- `"nextToken"`: A token to use for paginating results that are returned in the response. + Set the value of this parameter to null for the first request. For subsequent calls, use + the nextToken value returned from the previous request to continue listing results after + the first page. +""" +function list_findings_metrics( + endDate, startDate; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "GET", + "/metrics/findings", + Dict{String,Any}("endDate" => endDate, "startDate" => startDate); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_findings_metrics( + endDate, + startDate, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "GET", + "/metrics/findings", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("endDate" => endDate, "startDate" => startDate), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_scans() + list_scans(params::Dict{String,<:Any}) + +Returns a list of all the scans in an account. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of results to return in the response. Use this + parameter when paginating results. If additional results exist beyond the number you + specify, the nextToken element is returned in the response. Use nextToken in a subsequent + request to retrieve additional results. +- `"nextToken"`: A token to use for paginating results that are returned in the response. + Set the value of this parameter to null for the first request. For subsequent calls, use + the nextToken value returned from the previous request to continue listing results after + the first page. +""" +function list_scans(; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "GET", "/scans"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_scans( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "GET", "/scans", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + +""" + list_tags_for_resource(resource_arn) + list_tags_for_resource(resource_arn, params::Dict{String,<:Any}) + +Returns a list of all tags associated with a scan. + +# Arguments +- `resource_arn`: The ARN of the ScanName object. You can retrieve this ARN by calling + ListScans or GetScan. + +""" +function list_tags_for_resource( + resourceArn; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "GET", + "/tags/$(resourceArn)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_tags_for_resource( + resourceArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "GET", + "/tags/$(resourceArn)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + tag_resource(resource_arn, tags) + tag_resource(resource_arn, tags, params::Dict{String,<:Any}) + +Use to add one or more tags to an existing scan. + +# Arguments +- `resource_arn`: The ARN of the ScanName object. You can retrieve this ARN by calling + ListScans or GetScan. +- `tags`: An array of key-value pairs used to tag an existing scan. A tag is a custom + attribute label with two parts: A tag key. For example, CostCenter, Environment, or + Secret. Tag keys are case sensitive. An optional tag value field. For example, + 111122223333, Production, or a team name. Omitting the tag value is the same as using an + empty string. Tag values are case sensitive. + +""" +function tag_resource(resourceArn, tags; aws_config::AbstractAWSConfig=global_aws_config()) + return codeguru_security( + "POST", + "/tags/$(resourceArn)", + Dict{String,Any}("tags" => tags); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function tag_resource( + resourceArn, + tags, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "POST", + "/tags/$(resourceArn)", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("tags" => tags), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + untag_resource(resource_arn, tag_keys) + untag_resource(resource_arn, tag_keys, params::Dict{String,<:Any}) + +Use to remove one or more tags from an existing scan. + +# Arguments +- `resource_arn`: The ARN of the ScanName object. You can retrieve this ARN by calling + ListScans or GetScan. +- `tag_keys`: A list of keys for each tag you want to remove from a scan. + +""" +function untag_resource( + resourceArn, tagKeys; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "DELETE", + "/tags/$(resourceArn)", + Dict{String,Any}("tagKeys" => tagKeys); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function untag_resource( + resourceArn, + tagKeys, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "DELETE", + "/tags/$(resourceArn)", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("tagKeys" => tagKeys), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_account_configuration(encryption_config) + update_account_configuration(encryption_config, params::Dict{String,<:Any}) + +Use to update account-level configuration with an encryption key. + +# Arguments +- `encryption_config`: The KMS key ARN you want to use for encryption. Defaults to + service-side encryption if missing. + +""" +function update_account_configuration( + encryptionConfig; aws_config::AbstractAWSConfig=global_aws_config() +) + return codeguru_security( + "PUT", + "/updateAccountConfiguration", + Dict{String,Any}("encryptionConfig" => encryptionConfig); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_account_configuration( + encryptionConfig, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return codeguru_security( + "PUT", + "/updateAccountConfiguration", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("encryptionConfig" => encryptionConfig), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end diff --git a/src/services/connect.jl b/src/services/connect.jl index 0a7e78cd4e..1af51b9c73 100644 --- a/src/services/connect.jl +++ b/src/services/connect.jl @@ -6168,6 +6168,94 @@ function search_available_phone_numbers( ) end +""" + search_hours_of_operations(instance_id) + search_hours_of_operations(instance_id, params::Dict{String,<:Any}) + +Searches the hours of operation in an Amazon Connect instance, with optional filtering. + +# Arguments +- `instance_id`: The identifier of the Amazon Connect instance. You can find the instance + ID in the Amazon Resource Name (ARN) of the instance. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of results to return per page. +- `"NextToken"`: The token for the next set of results. Use the value returned in the + previous response in the next request to retrieve the next set of results. +- `"SearchCriteria"`: The search criteria to be used to return hours of operations. +- `"SearchFilter"`: Filters to be applied to search results. +""" +function search_hours_of_operations( + InstanceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return connect( + "POST", + "/search-hours-of-operations", + Dict{String,Any}("InstanceId" => InstanceId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function search_hours_of_operations( + InstanceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return connect( + "POST", + "/search-hours-of-operations", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("InstanceId" => InstanceId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + search_prompts(instance_id) + search_prompts(instance_id, params::Dict{String,<:Any}) + +Searches prompts in an Amazon Connect instance, with optional filtering. + +# Arguments +- `instance_id`: The identifier of the Amazon Connect instance. You can find the instance + ID in the Amazon Resource Name (ARN) of the instance. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of results to return per page. +- `"NextToken"`: The token for the next set of results. Use the value returned in the + previous response in the next request to retrieve the next set of results. +- `"SearchCriteria"`: The search criteria to be used to return prompts. +- `"SearchFilter"`: Filters to be applied to search results. +""" +function search_prompts(InstanceId; aws_config::AbstractAWSConfig=global_aws_config()) + return connect( + "POST", + "/search-prompts", + Dict{String,Any}("InstanceId" => InstanceId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function search_prompts( + InstanceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return connect( + "POST", + "/search-prompts", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("InstanceId" => InstanceId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ search_queues(instance_id) search_queues(instance_id, params::Dict{String,<:Any}) @@ -6215,6 +6303,51 @@ function search_queues( ) end +""" + search_quick_connects(instance_id) + search_quick_connects(instance_id, params::Dict{String,<:Any}) + +Searches quick connects in an Amazon Connect instance, with optional filtering. + +# Arguments +- `instance_id`: The identifier of the Amazon Connect instance. You can find the instance + ID in the Amazon Resource Name (ARN) of the instance. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of results to return per page. +- `"NextToken"`: The token for the next set of results. Use the value returned in the + previous response in the next request to retrieve the next set of results. +- `"SearchCriteria"`: The search criteria to be used to return quick connects. +- `"SearchFilter"`: Filters to be applied to search results. +""" +function search_quick_connects( + InstanceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return connect( + "POST", + "/search-quick-connects", + Dict{String,Any}("InstanceId" => InstanceId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function search_quick_connects( + InstanceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return connect( + "POST", + "/search-quick-connects", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("InstanceId" => InstanceId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ search_routing_profiles(instance_id) search_routing_profiles(instance_id, params::Dict{String,<:Any}) diff --git a/src/services/drs.jl b/src/services/drs.jl index 50ea76d9de..dba20eceb0 100644 --- a/src/services/drs.jl +++ b/src/services/drs.jl @@ -4,6 +4,54 @@ using AWS.AWSServices: drs using AWS.Compat using AWS.UUIDs +""" + associate_source_network_stack(cfn_stack_name, source_network_id) + associate_source_network_stack(cfn_stack_name, source_network_id, params::Dict{String,<:Any}) + +Associate a Source Network to an existing CloudFormation Stack and modify launch templates +to use this network. Can be used for reverting to previously deployed CloudFormation stacks. + +# Arguments +- `cfn_stack_name`: CloudFormation template to associate with a Source Network. +- `source_network_id`: The Source Network ID to associate with CloudFormation template. + +""" +function associate_source_network_stack( + cfnStackName, sourceNetworkID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/AssociateSourceNetworkStack", + Dict{String,Any}( + "cfnStackName" => cfnStackName, "sourceNetworkID" => sourceNetworkID + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function associate_source_network_stack( + cfnStackName, + sourceNetworkID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/AssociateSourceNetworkStack", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "cfnStackName" => cfnStackName, "sourceNetworkID" => sourceNetworkID + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_extended_source_server(source_server_arn) create_extended_source_server(source_server_arn, params::Dict{String,<:Any}) @@ -58,6 +106,7 @@ Creates a new Launch Configuration Template. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"copyPrivateIp"`: Copy private IP. - `"copyTags"`: Copy tags. +- `"exportBucketArn"`: S3 bucket ARN to export Source Network templates. - `"launchDisposition"`: Launch disposition. - `"licensing"`: Licensing. - `"tags"`: Request to associate tags during creation of a Launch Configuration Template. @@ -201,6 +250,62 @@ function create_replication_configuration_template( ) end +""" + create_source_network(origin_account_id, origin_region, vpc_id) + create_source_network(origin_account_id, origin_region, vpc_id, params::Dict{String,<:Any}) + +Create a new Source Network resource for a provided VPC ID. + +# Arguments +- `origin_account_id`: Account containing the VPC to protect. +- `origin_region`: Region containing the VPC to protect. +- `vpc_id`: Which VPC ID to protect. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"tags"`: A set of tags to be associated with the Source Network resource. +""" +function create_source_network( + originAccountID, originRegion, vpcID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/CreateSourceNetwork", + Dict{String,Any}( + "originAccountID" => originAccountID, + "originRegion" => originRegion, + "vpcID" => vpcID, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_source_network( + originAccountID, + originRegion, + vpcID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/CreateSourceNetwork", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "originAccountID" => originAccountID, + "originRegion" => originRegion, + "vpcID" => vpcID, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_job(job_id) delete_job(job_id, params::Dict{String,<:Any}) @@ -364,6 +469,45 @@ function delete_replication_configuration_template( ) end +""" + delete_source_network(source_network_id) + delete_source_network(source_network_id, params::Dict{String,<:Any}) + +Delete Source Network resource. + +# Arguments +- `source_network_id`: ID of the Source Network to delete. + +""" +function delete_source_network( + sourceNetworkID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/DeleteSourceNetwork", + Dict{String,Any}("sourceNetworkID" => sourceNetworkID); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_source_network( + sourceNetworkID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/DeleteSourceNetwork", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("sourceNetworkID" => sourceNetworkID), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_source_server(source_server_id) delete_source_server(source_server_id, params::Dict{String,<:Any}) @@ -614,6 +758,38 @@ function describe_replication_configuration_templates( ) end +""" + describe_source_networks() + describe_source_networks(params::Dict{String,<:Any}) + +Lists all Source Networks or multiple Source Networks filtered by ID. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"filters"`: A set of filters by which to return Source Networks. +- `"maxResults"`: Maximum number of Source Networks to retrieve. +- `"nextToken"`: The token of the next Source Networks to retrieve. +""" +function describe_source_networks(; aws_config::AbstractAWSConfig=global_aws_config()) + return drs( + "POST", + "/DescribeSourceNetworks"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function describe_source_networks( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/DescribeSourceNetworks", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ describe_source_servers() describe_source_servers(params::Dict{String,<:Any}) @@ -740,6 +916,46 @@ function disconnect_source_server( ) end +""" + export_source_network_cfn_template(source_network_id) + export_source_network_cfn_template(source_network_id, params::Dict{String,<:Any}) + +Export the Source Network CloudFormation template to an S3 bucket. + +# Arguments +- `source_network_id`: The Source Network ID to export its CloudFormation template to an S3 + bucket. + +""" +function export_source_network_cfn_template( + sourceNetworkID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/ExportSourceNetworkCfnTemplate", + Dict{String,Any}("sourceNetworkID" => sourceNetworkID); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function export_source_network_cfn_template( + sourceNetworkID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/ExportSourceNetworkCfnTemplate", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("sourceNetworkID" => sourceNetworkID), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_failback_replication_configuration(recovery_instance_id) get_failback_replication_configuration(recovery_instance_id, params::Dict{String,<:Any}) @@ -1198,6 +1414,89 @@ function start_replication( ) end +""" + start_source_network_recovery(source_networks) + start_source_network_recovery(source_networks, params::Dict{String,<:Any}) + +Deploy VPC for the specified Source Network and modify launch templates to use this +network. The VPC will be deployed using a dedicated CloudFormation stack. + +# Arguments +- `source_networks`: The Source Networks that we want to start a Recovery Job for. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"deployAsNew"`: Don't update existing CloudFormation Stack, recover the network using a + new stack. +- `"tags"`: The tags to be associated with the Source Network recovery Job. +""" +function start_source_network_recovery( + sourceNetworks; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/StartSourceNetworkRecovery", + Dict{String,Any}("sourceNetworks" => sourceNetworks); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function start_source_network_recovery( + sourceNetworks, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/StartSourceNetworkRecovery", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("sourceNetworks" => sourceNetworks), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + start_source_network_replication(source_network_id) + start_source_network_replication(source_network_id, params::Dict{String,<:Any}) + +Starts replication for a Source Network. This action would make the Source Network +protected. + +# Arguments +- `source_network_id`: ID of the Source Network to replicate. + +""" +function start_source_network_replication( + sourceNetworkID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/StartSourceNetworkReplication", + Dict{String,Any}("sourceNetworkID" => sourceNetworkID); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function start_source_network_replication( + sourceNetworkID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/StartSourceNetworkReplication", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("sourceNetworkID" => sourceNetworkID), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ stop_failback(recovery_instance_id) stop_failback(recovery_instance_id, params::Dict{String,<:Any}) @@ -1274,6 +1573,46 @@ function stop_replication( ) end +""" + stop_source_network_replication(source_network_id) + stop_source_network_replication(source_network_id, params::Dict{String,<:Any}) + +Stops replication for a Source Network. This action would make the Source Network +unprotected. + +# Arguments +- `source_network_id`: ID of the Source Network to stop replication. + +""" +function stop_source_network_replication( + sourceNetworkID; aws_config::AbstractAWSConfig=global_aws_config() +) + return drs( + "POST", + "/StopSourceNetworkReplication", + Dict{String,Any}("sourceNetworkID" => sourceNetworkID); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function stop_source_network_replication( + sourceNetworkID, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return drs( + "POST", + "/StopSourceNetworkReplication", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("sourceNetworkID" => sourceNetworkID), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ tag_resource(resource_arn, tags) tag_resource(resource_arn, tags, params::Dict{String,<:Any}) @@ -1503,6 +1842,7 @@ Updates an existing Launch Configuration Template by ID. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"copyPrivateIp"`: Copy private IP. - `"copyTags"`: Copy tags. +- `"exportBucketArn"`: S3 bucket ARN to export Source Network templates. - `"launchDisposition"`: Launch disposition. - `"licensing"`: Licensing. - `"targetInstanceTypeRightSizingMethod"`: Target instance type right-sizing method. diff --git a/src/services/dynamodb.jl b/src/services/dynamodb.jl index a426ef86b6..dc524e7e66 100644 --- a/src/services/dynamodb.jl +++ b/src/services/dynamodb.jl @@ -57,29 +57,29 @@ The BatchGetItem operation returns the attributes of one or more items from one tables. You identify requested items by primary key. A single operation can retrieve up to 16 MB of data, which can contain as many as 100 items. BatchGetItem returns a partial result if the response size limit is exceeded, the table's provisioned throughput is -exceeded, or an internal processing failure occurs. If a partial result is returned, the -operation returns a value for UnprocessedKeys. You can use this value to retry the -operation starting with the next item to get. If you request more than 100 items, -BatchGetItem returns a ValidationException with the message \"Too many items requested for -the BatchGetItem call.\" For example, if you ask to retrieve 100 items, but each -individual item is 300 KB in size, the system returns 52 items (so as not to exceed the 16 -MB limit). It also returns an appropriate UnprocessedKeys value so you can get the next -page of results. If desired, your application can include its own logic to assemble the -pages of results into one dataset. If none of the items can be processed due to -insufficient provisioned throughput on all of the tables in the request, then BatchGetItem -returns a ProvisionedThroughputExceededException. If at least one of the items is -successfully processed, then BatchGetItem completes successfully, while returning the keys -of the unread items in UnprocessedKeys. If DynamoDB returns any unprocessed items, you -should retry the batch operation on those items. However, we strongly recommend that you -use an exponential backoff algorithm. If you retry the batch operation immediately, the -underlying read or write requests can still fail due to throttling on the individual -tables. If you delay the batch operation using exponential backoff, the individual requests -in the batch are much more likely to succeed. For more information, see Batch Operations -and Error Handling in the Amazon DynamoDB Developer Guide. By default, BatchGetItem -performs eventually consistent reads on every table in the request. If you want strongly -consistent reads instead, you can set ConsistentRead to true for any or all tables. In -order to minimize response latency, BatchGetItem may retrieve items in parallel. When -designing your application, keep in mind that DynamoDB does not return items in any +exceeded, more than 1MB per partition is requested, or an internal processing failure +occurs. If a partial result is returned, the operation returns a value for UnprocessedKeys. +You can use this value to retry the operation starting with the next item to get. If you +request more than 100 items, BatchGetItem returns a ValidationException with the message +\"Too many items requested for the BatchGetItem call.\" For example, if you ask to +retrieve 100 items, but each individual item is 300 KB in size, the system returns 52 items +(so as not to exceed the 16 MB limit). It also returns an appropriate UnprocessedKeys value +so you can get the next page of results. If desired, your application can include its own +logic to assemble the pages of results into one dataset. If none of the items can be +processed due to insufficient provisioned throughput on all of the tables in the request, +then BatchGetItem returns a ProvisionedThroughputExceededException. If at least one of the +items is successfully processed, then BatchGetItem completes successfully, while returning +the keys of the unread items in UnprocessedKeys. If DynamoDB returns any unprocessed +items, you should retry the batch operation on those items. However, we strongly recommend +that you use an exponential backoff algorithm. If you retry the batch operation +immediately, the underlying read or write requests can still fail due to throttling on the +individual tables. If you delay the batch operation using exponential backoff, the +individual requests in the batch are much more likely to succeed. For more information, see +Batch Operations and Error Handling in the Amazon DynamoDB Developer Guide. By default, +BatchGetItem performs eventually consistent reads on every table in the request. If you +want strongly consistent reads instead, you can set ConsistentRead to true for any or all +tables. In order to minimize response latency, BatchGetItem may retrieve items in parallel. +When designing your application, keep in mind that DynamoDB does not return items in any particular order. To help parse the response by item, include the primary key values for the items in your request in the ProjectionExpression parameter. If a requested item does not exist, it is not returned in the result. Requests for nonexistent items consume the diff --git a/src/services/ec2.jl b/src/services/ec2.jl index fa478ca600..2cd4b2809a 100644 --- a/src/services/ec2.jl +++ b/src/services/ec2.jl @@ -373,30 +373,22 @@ to a different Amazon Web Services account. You can allocate an Elastic IP addre address pool owned by Amazon Web Services or from an address pool created from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own IP addresses (BYOIP). For more information, see -Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide. -[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot -recover an Elastic IP address that you released after it is allocated to another Amazon Web -Services account. You cannot recover an Elastic IP address for EC2-Classic. To attempt to -recover an Elastic IP address that you released, specify it in this operation. An Elastic -IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can -allocate 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for -EC2-VPC per Region. For more information, see Elastic IP Addresses in the Amazon Elastic -Compute Cloud User Guide. You can allocate a carrier IP address which is a public IP -address from a telecommunication carrier, to a network interface which resides in a subnet -in a Wavelength Zone (for example an EC2 instance). We are retiring EC2-Classic. We -recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate -from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide. +Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide. If you +release an Elastic IP address, you might be able to recover it. You cannot recover an +Elastic IP address that you released after it is allocated to another Amazon Web Services +account. To attempt to recover an Elastic IP address that you released, specify it in this +operation. For more information, see Elastic IP Addresses in the Amazon Elastic Compute +Cloud User Guide. You can allocate a carrier IP address which is a public IP address from a +telecommunication carrier, to a network interface which resides in a subnet in a Wavelength +Zone (for example an EC2 instance). # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"Address"`: [EC2-VPC] The Elastic IP address to recover or an IPv4 address from an - address pool. +- `"Address"`: The Elastic IP address to recover or an IPv4 address from an address pool. - `"CustomerOwnedIpv4Pool"`: The ID of a customer-owned address pool. Use this parameter to let Amazon EC2 select an address from the address pool. Alternatively, specify a specific address from the address pool. -- `"Domain"`: Indicates whether the Elastic IP address is for use with instances in a VPC - or instances in EC2-Classic. Default: If the Region supports EC2-Classic, the default is - standard. Otherwise, the default is vpc. +- `"Domain"`: The network (vpc). - `"NetworkBorderGroup"`: A unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups. @@ -498,10 +490,12 @@ end allocate_ipam_pool_cidr(ipam_pool_id) allocate_ipam_pool_cidr(ipam_pool_id, params::Dict{String,<:Any}) -Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment from an IPAM -pool to another IPAM pool or to a resource. For more information, see Allocate CIDRs in the -Amazon VPC IPAM User Guide. This action creates an allocation with strong consistency. The -returned CIDR will not overlap with any other allocations from the same pool. +Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM pool locale. The +locale is the Amazon Web Services Region where this IPAM pool is available for allocations. +In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a +resource. For more information, see Allocate CIDRs in the Amazon VPC IPAM User Guide. This +action creates an allocation with strong consistency. The returned CIDR will not overlap +with any other allocations from the same pool. # Arguments - `ipam_pool_id`: The ID of the IPAM pool from which you would like to allocate a CIDR. @@ -804,51 +798,36 @@ end Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones) with an instance or a network interface. Before you can use an Elastic -IP address, you must allocate it to your account. An Elastic IP address is for use in -either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses -in the Amazon Elastic Compute Cloud User Guide. [EC2-Classic, VPC in an EC2-VPC-only -account] If the Elastic IP address is already associated with a different instance, it is -disassociated from that instance and associated with the specified instance. If you -associate an Elastic IP address with an instance that has an existing Elastic IP address, -the existing address is disassociated from the instance, but remains allocated to your -account. [VPC in an EC2-Classic account] If you don't specify a private IP address, the -Elastic IP address is associated with the primary IP address. If the Elastic IP address is -already associated with a different instance or a network interface, you get an error -unless you allow reassociation. You cannot associate an Elastic IP address with an instance -or network interface that has an existing Elastic IP address. [Subnets in Wavelength Zones] -You can associate an IP address from the telecommunication carrier to the instance or -network interface. You cannot associate an Elastic IP address with an interface in a -different network border group. This is an idempotent operation. If you perform the -operation more than once, Amazon EC2 doesn't return an error, and you may be charged for -each time the Elastic IP address is remapped to the same instance. For more information, -see the Elastic IP Addresses section of Amazon EC2 Pricing. We are retiring EC2-Classic. -We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate -from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide. +IP address, you must allocate it to your account. If the Elastic IP address is already +associated with a different instance, it is disassociated from that instance and associated +with the specified instance. If you associate an Elastic IP address with an instance that +has an existing Elastic IP address, the existing address is disassociated from the +instance, but remains allocated to your account. [Subnets in Wavelength Zones] You can +associate an IP address from the telecommunication carrier to the instance or network +interface. You cannot associate an Elastic IP address with an interface in a different +network border group. This is an idempotent operation. If you perform the operation more +than once, Amazon EC2 doesn't return an error, and you may be charged for each time the +Elastic IP address is remapped to the same instance. For more information, see the Elastic +IP Addresses section of Amazon EC2 Pricing. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"AllocationId"`: [EC2-VPC] The allocation ID. This is required for EC2-VPC. +- `"AllocationId"`: The allocation ID. This is required. - `"InstanceId"`: The ID of the instance. The instance must have exactly one attached - network interface. For EC2-VPC, you can specify either the instance ID or the network - interface ID, but not both. For EC2-Classic, you must specify an instance ID and the - instance must be in the running state. -- `"PublicIp"`: [EC2-Classic] The Elastic IP address to associate with the instance. This - is required for EC2-Classic. -- `"allowReassociation"`: [EC2-VPC] For a VPC in an EC2-Classic account, specify true to - allow an Elastic IP address that is already associated with an instance or network - interface to be reassociated with the specified instance or network interface. Otherwise, - the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, - therefore you can specify false to ensure the operation fails if the Elastic IP address is - already associated with another resource. + network interface. You can specify either the instance ID or the network interface ID, but + not both. +- `"PublicIp"`: Deprecated. +- `"allowReassociation"`: Reassociation is automatic, but you can specify false to ensure + the operation fails if the Elastic IP address is already associated with another resource. - `"dryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. -- `"networkInterfaceId"`: [EC2-VPC] The ID of the network interface. If the instance has - more than one network interface, you must specify a network interface ID. For EC2-VPC, you - can specify either the instance ID or the network interface ID, but not both. -- `"privateIpAddress"`: [EC2-VPC] The primary or secondary private IP address to associate - with the Elastic IP address. If no private IP address is specified, the Elastic IP address - is associated with the primary private IP address. +- `"networkInterfaceId"`: The ID of the network interface. If the instance has more than + one network interface, you must specify a network interface ID. You can specify either the + instance ID or the network interface ID, but not both. +- `"privateIpAddress"`: The primary or secondary private IP address to associate with the + Elastic IP address. If no private IP address is specified, the Elastic IP address is + associated with the primary private IP address. """ function associate_address(; aws_config::AbstractAWSConfig=global_aws_config()) return ec2("AssociateAddress"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET) @@ -4057,6 +4036,64 @@ function create_image( ) end +""" + create_instance_connect_endpoint(subnet_id) + create_instance_connect_endpoint(subnet_id, params::Dict{String,<:Any}) + +Creates an EC2 Instance Connect Endpoint. An EC2 Instance Connect Endpoint allows you to +connect to a resource, without requiring the resource to have a public IPv4 address. For +more information, see Connect to your resources without requiring a public IPv4 address +using EC2 Instance Connect Endpoint in the Amazon EC2 User Guide. + +# Arguments +- `subnet_id`: The ID of the subnet in which to create the EC2 Instance Connect Endpoint. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the + idempotency of the request. +- `"DryRun"`: Checks whether you have the required permissions for the action, without + actually making the request, and provides an error response. If you have the required + permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. +- `"PreserveClientIp"`: Indicates whether your client's IP address is preserved as the + source. The value is true or false. If true, your client's IP address is used when you + connect to a resource. If false, the elastic network interface IP address is used when + you connect to a resource. Default: true +- `"SecurityGroupId"`: One or more security groups to associate with the endpoint. If you + don't specify a security group, the default security group for your VPC will be associated + with the endpoint. +- `"TagSpecification"`: The tags to apply to the EC2 Instance Connect Endpoint during + creation. +""" +function create_instance_connect_endpoint( + SubnetId; aws_config::AbstractAWSConfig=global_aws_config() +) + return ec2( + "CreateInstanceConnectEndpoint", + Dict{String,Any}("SubnetId" => SubnetId, "ClientToken" => string(uuid4())); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_instance_connect_endpoint( + SubnetId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return ec2( + "CreateInstanceConnectEndpoint", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("SubnetId" => SubnetId, "ClientToken" => string(uuid4())), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_instance_event_window() create_instance_event_window(params::Dict{String,<:Any}) @@ -5243,7 +5280,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency. - `"InterfaceType"`: The type of network interface. The default is interface. The only - supported values are efa and trunk. + supported values are interface, efa, and trunk. - `"Ipv4Prefix"`: The IPv4 prefixes assigned to the network interface. You can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses. @@ -8436,6 +8473,50 @@ function delete_fpga_image( ) end +""" + delete_instance_connect_endpoint(instance_connect_endpoint_id) + delete_instance_connect_endpoint(instance_connect_endpoint_id, params::Dict{String,<:Any}) + +Deletes the specified EC2 Instance Connect Endpoint. + +# Arguments +- `instance_connect_endpoint_id`: The ID of the EC2 Instance Connect Endpoint to delete. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"DryRun"`: Checks whether you have the required permissions for the action, without + actually making the request, and provides an error response. If you have the required + permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. +""" +function delete_instance_connect_endpoint( + InstanceConnectEndpointId; aws_config::AbstractAWSConfig=global_aws_config() +) + return ec2( + "DeleteInstanceConnectEndpoint", + Dict{String,Any}("InstanceConnectEndpointId" => InstanceConnectEndpointId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_instance_connect_endpoint( + InstanceConnectEndpointId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return ec2( + "DeleteInstanceConnectEndpoint", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("InstanceConnectEndpointId" => InstanceConnectEndpointId), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_instance_event_window(instance_event_window_id) delete_instance_event_window(instance_event_window_id, params::Dict{String,<:Any}) @@ -11541,7 +11622,13 @@ end describe_address_transfers(params::Dict{String,<:Any}) Describes an Elastic IP address transfer. For more information, see Transfer Elastic IP -addresses in the Amazon Virtual Private Cloud User Guide. +addresses in the Amazon Virtual Private Cloud User Guide. When you transfer an Elastic IP +address, there is a two-step handshake between the source and transfer Amazon Web Services +accounts. When the source account starts the transfer, the transfer account has seven days +to accept the Elastic IP address transfer. During those seven days, the source account can +view the pending transfer by using this action. After seven days, the transfer expires and +ownership of the Elastic IP address returns to the source account. Accepted transfers are +visible to the source account for three days after the transfers have been accepted. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -11573,32 +11660,25 @@ end describe_addresses() describe_addresses(params::Dict{String,<:Any}) -Describes the specified Elastic IP addresses or all of your Elastic IP addresses. An -Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more -information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide. We -are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more -information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User -Guide. +Describes the specified Elastic IP addresses or all of your Elastic IP addresses. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"AllocationId"`: [EC2-VPC] Information about the allocation IDs. +- `"AllocationId"`: Information about the allocation IDs. - `"Filter"`: One or more filters. Filter names and values are case-sensitive. - allocation-id - [EC2-VPC] The allocation ID for the address. association-id - [EC2-VPC] - The association ID for the address. domain - Indicates whether the address is for use in - EC2-Classic (standard) or in a VPC (vpc). instance-id - The ID of the instance the - address is associated with, if any. network-border-group - A unique set of Availability - Zones, Local Zones, or Wavelength Zones from where Amazon Web Services advertises IP - addresses. network-interface-id - [EC2-VPC] The ID of the network interface that the - address is associated with, if any. network-interface-owner-id - The Amazon Web Services - account ID of the owner. private-ip-address - [EC2-VPC] The private IP address - associated with the Elastic IP address. public-ip - The Elastic IP address, or the - carrier IP address. tag:<key> - The key/value combination of a tag assigned to the - resource. Use the tag key in the filter name and the tag value as the filter value. For - example, to find all resources that have a tag with the key Owner and the value TeamA, - specify tag:Owner for the filter name and TeamA for the filter value. tag-key - The key - of a tag assigned to the resource. Use this filter to find all resources assigned a tag - with a specific key, regardless of the tag value. + allocation-id - The allocation ID for the address. association-id - The association ID + for the address. instance-id - The ID of the instance the address is associated with, if + any. network-border-group - A unique set of Availability Zones, Local Zones, or + Wavelength Zones from where Amazon Web Services advertises IP addresses. + network-interface-id - The ID of the network interface that the address is associated with, + if any. network-interface-owner-id - The Amazon Web Services account ID of the owner. + private-ip-address - The private IP address associated with the Elastic IP address. + public-ip - The Elastic IP address, or the carrier IP address. tag:<key> - The + key/value combination of a tag assigned to the resource. Use the tag key in the filter name + and the tag value as the filter value. For example, to find all resources that have a tag + with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for + the filter value. tag-key - The key of a tag assigned to the resource. Use this filter + to find all resources assigned a tag with a specific key, regardless of the tag value. - `"PublicIp"`: One or more Elastic IP addresses. Default: Describes all your Elastic IP addresses. - `"dryRun"`: Checks whether you have the required permissions for the action, without @@ -13479,6 +13559,58 @@ function describe_instance_attribute( ) end +""" + describe_instance_connect_endpoints() + describe_instance_connect_endpoints(params::Dict{String,<:Any}) + +Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance Connect +Endpoints. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"DryRun"`: Checks whether you have the required permissions for the action, without + actually making the request, and provides an error response. If you have the required + permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. +- `"Filter"`: One or more filters. instance-connect-endpoint-id - The ID of the EC2 + Instance Connect Endpoint. state - The state of the EC2 Instance Connect Endpoint + (create-in-progress | create-complete | create-failed | delete-in-progress | + delete-complete | delete-failed). subnet-id - The ID of the subnet in which the EC2 + Instance Connect Endpoint was created. tag:<key> - The key/value combination of a + tag assigned to the resource. Use the tag key in the filter name and the tag value as the + filter value. For example, to find all resources that have a tag with the key Owner and the + value TeamA, specify tag:Owner for the filter name and TeamA for the filter value. + tag-key - The key of a tag assigned to the resource. Use this filter to find all resources + assigned a tag with a specific key, regardless of the tag value. tag-value - The value + of a tag assigned to the resource. Use this filter to find all resources that have a tag + with a specific value, regardless of tag key. vpc-id - The ID of the VPC in which the + EC2 Instance Connect Endpoint was created. +- `"InstanceConnectEndpointId"`: One or more EC2 Instance Connect Endpoint IDs. +- `"MaxResults"`: The maximum number of items to return for this request. To get the next + page of items, make another request with the token returned in the output. For more + information, see Pagination. +- `"NextToken"`: The token returned from a previous paginated request. Pagination continues + from the end of the items returned by the previous request. +""" +function describe_instance_connect_endpoints(; + aws_config::AbstractAWSConfig=global_aws_config() +) + return ec2( + "DescribeInstanceConnectEndpoints"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function describe_instance_connect_endpoints( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return ec2( + "DescribeInstanceConnectEndpoints", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ describe_instance_credit_specifications() describe_instance_credit_specifications(params::Dict{String,<:Any}) @@ -14674,8 +14806,8 @@ end describe_moving_addresses() describe_moving_addresses(params::Dict{String,<:Any}) -Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, or that -are being restored to the EC2-Classic platform. This request does not return information + This action is deprecated. Describes your Elastic IP addresses that are being moved from +or being restored to the EC2-Classic platform. This request does not return information about any other Elastic IP addresses in your account. # Optional Parameters @@ -19047,17 +19179,13 @@ end disassociate_address(params::Dict{String,<:Any}) Disassociates an Elastic IP address from the instance or network interface it's associated -with. An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For -more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide. -We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For -more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud -User Guide. This is an idempotent operation. If you perform the operation more than once, -Amazon EC2 doesn't return an error. +with. This is an idempotent operation. If you perform the operation more than once, Amazon +EC2 doesn't return an error. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"AssociationId"`: [EC2-VPC] The association ID. Required for EC2-VPC. -- `"PublicIp"`: [EC2-Classic] The Elastic IP address. Required for EC2-Classic. +- `"AssociationId"`: The association ID. This parameter is required. +- `"PublicIp"`: Deprecated. - `"dryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. @@ -21452,9 +21580,11 @@ end get_ipam_pool_allocations(ipam_pool_id) get_ipam_pool_allocations(ipam_pool_id, params::Dict{String,<:Any}) -Get a list of all the CIDR allocations in an IPAM pool. If you use this action after -AllocateIpamPoolCidr or ReleaseIpamPoolAllocation, note that all EC2 API actions follow an -eventual consistency model. +Get a list of all the CIDR allocations in an IPAM pool. The Region you use should be the +IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is +available for allocations. If you use this action after AllocateIpamPoolCidr or +ReleaseIpamPoolAllocation, note that all EC2 API actions follow an eventual consistency +model. # Arguments - `ipam_pool_id`: The ID of the IPAM pool you want to see the allocations for. @@ -26791,14 +26921,12 @@ end move_address_to_vpc(public_ip) move_address_to_vpc(public_ip, params::Dict{String,<:Any}) -Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The -Elastic IP address must be allocated to your account for more than 24 hours, and it must -not be associated with an instance. After the Elastic IP address is moved, it is no longer -available for use in the EC2-Classic platform, unless you move it back using the -RestoreAddressToClassic request. You cannot move an Elastic IP address that was originally -allocated for use in the EC2-VPC platform to the EC2-Classic platform. We are retiring -EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, -see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide. + This action is deprecated. Moves an Elastic IP address from the EC2-Classic platform to +the EC2-VPC platform. The Elastic IP address must be allocated to your account for more +than 24 hours, and it must not be associated with an instance. After the Elastic IP address +is moved, it is no longer available for use in the EC2-Classic platform, unless you move it +back using the RestoreAddressToClassic request. You cannot move an Elastic IP address that +was originally allocated for use in the EC2-VPC platform to the EC2-Classic platform. # Arguments - `public_ip`: The Elastic IP address. @@ -27791,31 +27919,27 @@ end release_address() release_address(params::Dict{String,<:Any}) -Releases the specified Elastic IP address. [EC2-Classic, default VPC] Releasing an Elastic -IP address automatically disassociates it from any instance that it's associated with. To -disassociate an Elastic IP address without releasing it, use DisassociateAddress. We are -retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more -information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User -Guide. [Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic IP -address before you can release it. Otherwise, Amazon EC2 returns an error -(InvalidIPAddress.InUse). After releasing an Elastic IP address, it is released to the IP -address pool. Be sure to update your DNS records and any servers or devices that -communicate with the address. If you attempt to release an Elastic IP address that you -already released, you'll get an AuthFailure error if the address is already allocated to -another Amazon Web Services account. [EC2-VPC] After you release an Elastic IP address for -use in a VPC, you might be able to recover it. For more information, see AllocateAddress. -For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User -Guide. +Releases the specified Elastic IP address. [Default VPC] Releasing an Elastic IP address +automatically disassociates it from any instance that it's associated with. To disassociate +an Elastic IP address without releasing it, use DisassociateAddress. [Nondefault VPC] You +must use DisassociateAddress to disassociate the Elastic IP address before you can release +it. Otherwise, Amazon EC2 returns an error (InvalidIPAddress.InUse). After releasing an +Elastic IP address, it is released to the IP address pool. Be sure to update your DNS +records and any servers or devices that communicate with the address. If you attempt to +release an Elastic IP address that you already released, you'll get an AuthFailure error if +the address is already allocated to another Amazon Web Services account. After you release +an Elastic IP address, you might be able to recover it. For more information, see +AllocateAddress. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"AllocationId"`: [EC2-VPC] The allocation ID. Required for EC2-VPC. +- `"AllocationId"`: The allocation ID. This parameter is required. - `"NetworkBorderGroup"`: The set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses. If you provide an incorrect network border group, you receive an InvalidAddress.NotFound error. You cannot use a network border group with EC2 Classic. If you attempt this operation on EC2 classic, you receive an InvalidParameterCombination error. -- `"PublicIp"`: [EC2-Classic] The Elastic IP address. Required for EC2-Classic. +- `"PublicIp"`: Deprecated. - `"dryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. @@ -27871,11 +27995,12 @@ end release_ipam_pool_allocation(cidr, ipam_pool_allocation_id, ipam_pool_id) release_ipam_pool_allocation(cidr, ipam_pool_allocation_id, ipam_pool_id, params::Dict{String,<:Any}) -Release an allocation within an IPAM pool. You can only use this action to release manual -allocations. To remove an allocation for a resource without deleting the resource, set its -monitored state to false using ModifyIpamResourceCidr. For more information, see Release an -allocation in the Amazon VPC IPAM User Guide. All EC2 API actions follow an eventual -consistency model. +Release an allocation within an IPAM pool. The Region you use should be the IPAM pool +locale. The locale is the Amazon Web Services Region where this IPAM pool is available for +allocations. You can only use this action to release manual allocations. To remove an +allocation for a resource without deleting the resource, set its monitored state to false +using ModifyIpamResourceCidr. For more information, see Release an allocation in the Amazon +VPC IPAM User Guide. All EC2 API actions follow an eventual consistency model. # Arguments - `cidr`: The CIDR of the allocation you want to release. @@ -28863,12 +28988,10 @@ end restore_address_to_classic(public_ip) restore_address_to_classic(public_ip, params::Dict{String,<:Any}) -Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to -the EC2-Classic platform. You cannot move an Elastic IP address that was originally -allocated for use in EC2-VPC. The Elastic IP address must not be associated with an -instance or network interface. We are retiring EC2-Classic. We recommend that you migrate -from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in -the Amazon Elastic Compute Cloud User Guide. + This action is deprecated. Restores an Elastic IP address that was previously moved to +the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP +address that was originally allocated for use in EC2-VPC. The Elastic IP address must not +be associated with an instance or network interface. # Arguments - `public_ip`: The Elastic IP address. diff --git a/src/services/fsx.jl b/src/services/fsx.jl index 2191e4f3f6..6a2ee7dd4c 100644 --- a/src/services/fsx.jl +++ b/src/services/fsx.jl @@ -255,13 +255,14 @@ end Creates an Amazon FSx for Lustre data repository association (DRA). A data repository association is a link between a directory on the file system and an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository associations on a file system. Data -repository associations are supported for all file systems except for Scratch_1 deployment -type. Each data repository association must have a unique Amazon FSx file system directory -and a unique S3 bucket or prefix associated with it. You can configure a data repository -association for automatic import only, for automatic export only, or for both. To learn -more about linking a data repository to your file system, see Linking your file system to -an S3 bucket. CreateDataRepositoryAssociation isn't supported on Amazon File Cache -resources. To create a DRA on Amazon File Cache, use the CreateFileCache operation. +repository associations are supported on all FSx for Lustre 2.12 and newer file systems, +excluding scratch_1 deployment type. Each data repository association must have a unique +Amazon FSx file system directory and a unique S3 bucket or prefix associated with it. You +can configure a data repository association for automatic import only, for automatic export +only, or for both. To learn more about linking a data repository to your file system, see +Linking your file system to an S3 bucket. CreateDataRepositoryAssociation isn't supported +on Amazon File Cache resources. To create a DRA on Amazon File Cache, use the +CreateFileCache operation. # Arguments - `data_repository_path`: The path to the Amazon S3 data repository that will be linked to @@ -1054,7 +1055,8 @@ Deletes a data repository association on an Amazon FSx for Lustre file system. D data repository association unlinks the file system from the Amazon S3 bucket. When deleting a data repository association, you have the option of deleting the data in the file system that corresponds to the data repository association. Data repository -associations are supported for all file systems except for Scratch_1 deployment type. +associations are supported on all FSx for Lustre 2.12 and newer file systems, excluding +scratch_1 deployment type. # Arguments - `association_id`: The ID of the data repository association that you want to delete. @@ -1406,8 +1408,8 @@ end Returns the description of specific Amazon FSx for Lustre or Amazon File Cache data repository associations, if one or more AssociationIds values are provided in the request, or if filters are used in the request. Data repository associations are supported on Amazon -File Cache resources and all Amazon FSx for Lustre file systems excluding Scratch_1 -deployment types. You can use filters to narrow the response to include just data +File Cache resources and all FSx for Lustre 2.12 and newer file systems, excluding +scratch_1 deployment type. You can use filters to narrow the response to include just data repository associations for specific file systems (use the file-system-id filter with the ID of the file system) or caches (use the file-cache-id filter with the ID of the cache), or data repository associations for a specific repository type (use the @@ -2037,8 +2039,8 @@ end update_data_repository_association(association_id, params::Dict{String,<:Any}) Updates the configuration of an existing data repository association on an Amazon FSx for -Lustre file system. Data repository associations are supported for all file systems except -for Scratch_1 deployment type. +Lustre file system. Data repository associations are supported on all FSx for Lustre 2.12 +and newer file systems, excluding scratch_1 deployment type. # Arguments - `association_id`: The ID of the data repository association that you are updating. @@ -2169,8 +2171,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys the Command Line Interface (CLI) or an Amazon Web Services SDK. - `"LustreConfiguration"`: - `"OntapConfiguration"`: -- `"OpenZFSConfiguration"`: The configuration updates for an Amazon FSx for OpenZFS file - system. +- `"OpenZFSConfiguration"`: The configuration updates for an FSx for OpenZFS file system. - `"StorageCapacity"`: Use this parameter to increase the storage capacity of an FSx for Windows File Server, FSx for Lustre, FSx for OpenZFS, or FSx for ONTAP file system. Specifies the storage capacity target value, in GiB, to increase the storage capacity for @@ -2189,7 +2190,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys Windows file systems, the storage capacity target value must be at least 10 percent greater than the current storage capacity value. To increase storage capacity, the file system must have at least 16 MBps of throughput capacity. For more information, see Managing storage - capacity in the Amazon FSx for Windows File Server User Guide. For ONTAP file systems, the + capacity in the Amazon FSxfor Windows File Server User Guide. For ONTAP file systems, the storage capacity target value must be at least 10 percent greater than the current storage capacity value. For more information, see Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User Guide. @@ -2284,7 +2285,7 @@ end update_storage_virtual_machine(storage_virtual_machine_id) update_storage_virtual_machine(storage_virtual_machine_id, params::Dict{String,<:Any}) -Updates an Amazon FSx for ONTAP storage virtual machine (SVM). +Updates an FSx for ONTAP storage virtual machine (SVM). # Arguments - `storage_virtual_machine_id`: The ID of the SVM that you want to update, in the format @@ -2292,10 +2293,10 @@ Updates an Amazon FSx for ONTAP storage virtual machine (SVM). # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"ActiveDirectoryConfiguration"`: Updates the Microsoft Active Directory (AD) - configuration for an SVM that is joined to an AD. +- `"ActiveDirectoryConfiguration"`: Specifies updates to an SVM's Microsoft Active + Directory (AD) configuration. - `"ClientRequestToken"`: -- `"SvmAdminPassword"`: Enter a new SvmAdminPassword if you are updating it. +- `"SvmAdminPassword"`: Specifies a new SvmAdminPassword. """ function update_storage_virtual_machine( StorageVirtualMachineId; aws_config::AbstractAWSConfig=global_aws_config() diff --git a/src/services/lightsail.jl b/src/services/lightsail.jl index 0b241b725c..c5c80bee24 100644 --- a/src/services/lightsail.jl +++ b/src/services/lightsail.jl @@ -3529,7 +3529,7 @@ end get_certificates(params::Dict{String,<:Any}) Returns information about one or more Amazon Lightsail SSL/TLS certificates. To get a -summary of a certificate, ommit includeCertificateDetails from your request. The response +summary of a certificate, omit includeCertificateDetails from your request. The response will include only the certificate Amazon Resource Name (ARN), certificate name, domain name, and tags. @@ -3545,6 +3545,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"includeCertificateDetails"`: Indicates whether to include detailed information about the certificates in the response. When omitted, the response includes only the certificate names, Amazon Resource Names (ARNs), domain names, and tags. +- `"pageToken"`: The token to advance to the next page of results from your request. To get + a page token, perform an initial GetCertificates request. If your results are paginated, + the response will return a next page token that you can specify as the page token in a + subsequent request. """ function get_certificates(; aws_config::AbstractAWSConfig=global_aws_config()) return lightsail( @@ -3955,12 +3959,12 @@ will not generate for a resource that has been deleted. # Arguments - `end_time`: The cost estimate end time. Constraints: Specified in Coordinated Universal - Time (UTC). Specified in the Unix time format. For example, if you wish to use an end + Time (UTC). Specified in the Unix time format. For example, if you want to use an end time of October 1, 2018, at 9 PM UTC, specify 1538427600 as the end time. You can convert a human-friendly time to Unix time format using a converter like Epoch converter. - `resource_name`: The resource name. - `start_time`: The cost estimate start time. Constraints: Specified in Coordinated - Universal Time (UTC). Specified in the Unix time format. For example, if you wish to use + Universal Time (UTC). Specified in the Unix time format. For example, if you want to use a start time of October 1, 2018, at 8 PM UTC, specify 1538424000 as the start time. You can convert a human-friendly time to Unix time format using a converter like Epoch converter. diff --git a/src/services/opensearch.jl b/src/services/opensearch.jl index 582c2516a2..3fbe30f22a 100644 --- a/src/services/opensearch.jl +++ b/src/services/opensearch.jl @@ -298,6 +298,7 @@ OpenSearch Service. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ConnectionMode"`: The connection mode. +- `"ConnectionProperties"`: The ConnectionProperties for the outbound connection. """ function create_outbound_connection( ConnectionAlias, diff --git a/src/services/payment_cryptography.jl b/src/services/payment_cryptography.jl new file mode 100644 index 0000000000..46b98e4799 --- /dev/null +++ b/src/services/payment_cryptography.jl @@ -0,0 +1,1022 @@ +# This file is auto-generated by AWSMetadata.jl +using AWS +using AWS.AWSServices: payment_cryptography +using AWS.Compat +using AWS.UUIDs + +""" + create_alias(alias_name) + create_alias(alias_name, params::Dict{String,<:Any}) + +Creates an alias, or a friendly name, for an Amazon Web Services Payment Cryptography key. +You can use an alias to identify a key in the console and when you call cryptographic +operations such as EncryptData or DecryptData. You can associate the alias with any key in +the same Amazon Web Services Region. Each alias is associated with only one key at a time, +but a key can have multiple aliases. You can't create an alias without a key. The alias +must be unique in the account and Amazon Web Services Region, but you can create another +alias with the same name in a different Amazon Web Services Region. To change the key +that's associated with the alias, call UpdateAlias. To delete the alias, call DeleteAlias. +These operations don't affect the underlying key. To get the alias that you created, call +ListAliases. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: DeleteAlias GetAlias ListAliases +UpdateAlias + +# Arguments +- `alias_name`: A friendly name that you can use to refer a key. An alias must begin with + alias/ followed by a name, for example alias/ExampleAlias. It can contain only alphanumeric + characters, forward slashes (/), underscores (_), and dashes (-). Don't include + confidential or sensitive information in this field. This field may be displayed in + plaintext in CloudTrail logs and other output. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"KeyArn"`: The KeyARN of the key to associate with the alias. +""" +function create_alias(AliasName; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "CreateAlias", + Dict{String,Any}("AliasName" => AliasName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_alias( + AliasName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "CreateAlias", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("AliasName" => AliasName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_key(exportable, key_attributes) + create_key(exportable, key_attributes, params::Dict{String,<:Any}) + +Creates an Amazon Web Services Payment Cryptography key, a logical representation of a +cryptographic key, that is unique in your account and Amazon Web Services Region. You use +keys for cryptographic functions such as encryption and decryption. In addition to the key +material used in cryptographic operations, an Amazon Web Services Payment Cryptography key +includes metadata such as the key ARN, key usage, key origin, creation date, description, +and key state. When you create a key, you specify both immutable and mutable data about the +key. The immutable data contains key attributes that defines the scope and cryptographic +operations that you can perform using the key, for example key class (example: +SYMMETRIC_KEY), key algorithm (example: TDES_2KEY), key usage (example: +TR31_P0_PIN_ENCRYPTION_KEY) and key modes of use (example: Encrypt). For information about +valid combinations of key attributes, see Understanding key attributes in the Amazon Web +Services Payment Cryptography User Guide. The mutable data contained within a key includes +usage timestamp and key deletion timestamp and can be modified after creation. Amazon Web +Services Payment Cryptography binds key attributes to keys using key blocks when you store +or export them. Amazon Web Services Payment Cryptography stores the key contents wrapped +and never stores or transmits them in the clear. Cross-account use: This operation can't +be used across different Amazon Web Services accounts. Related operations: DeleteKey + GetKey ListKeys + +# Arguments +- `exportable`: Specifies whether the key is exportable from the service. +- `key_attributes`: The role of the key, the algorithm it supports, and the cryptographic + operations allowed with the key. This data is immutable after the key is created. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"Enabled"`: Specifies whether to enable the key. If the key is enabled, it is activated + for use within the service. If the key not enabled, then it is created but not activated. + The default value is enabled. +- `"KeyCheckValueAlgorithm"`: The algorithm that Amazon Web Services Payment Cryptography + uses to calculate the key check value (KCV) for DES and AES keys. For DES key, the KCV is + computed by encrypting 8 bytes, each with value '00', with the key to be checked and + retaining the 3 highest order bytes of the encrypted result. For AES key, the KCV is + computed by encrypting 8 bytes, each with value '01', with the key to be checked and + retaining the 3 highest order bytes of the encrypted result. +- `"Tags"`: The tags to attach to the key. Each tag consists of a tag key and a tag value. + Both the tag key and the tag value are required, but the tag value can be an empty (null) + string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key + with the same tag key. To use this parameter, you must have TagResource permission. Don't + include confidential or sensitive information in this field. This field may be displayed in + plaintext in CloudTrail logs and other output. Tagging or untagging an Amazon Web + Services Payment Cryptography key can allow or deny permission to the key. +""" +function create_key( + Exportable, KeyAttributes; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "CreateKey", + Dict{String,Any}("Exportable" => Exportable, "KeyAttributes" => KeyAttributes); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_key( + Exportable, + KeyAttributes, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "CreateKey", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "Exportable" => Exportable, "KeyAttributes" => KeyAttributes + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_alias(alias_name) + delete_alias(alias_name, params::Dict{String,<:Any}) + +Deletes the alias, but doesn't affect the underlying key. Each key can have multiple +aliases. To get the aliases of all keys, use the ListAliases operation. To change the alias +of a key, first use DeleteAlias to delete the current alias and then use CreateAlias to +create a new alias. To associate an existing alias with a different key, call UpdateAlias. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: CreateAlias GetAlias ListAliases UpdateAlias + + +# Arguments +- `alias_name`: A friendly name that you can use to refer Amazon Web Services Payment + Cryptography key. This value must begin with alias/ followed by a name, such as + alias/ExampleAlias. + +""" +function delete_alias(AliasName; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "DeleteAlias", + Dict{String,Any}("AliasName" => AliasName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_alias( + AliasName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "DeleteAlias", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("AliasName" => AliasName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_key(key_identifier) + delete_key(key_identifier, params::Dict{String,<:Any}) + +Deletes the key material and all metadata associated with Amazon Web Services Payment +Cryptography key. Key deletion is irreversible. After a key is deleted, you can't perform +cryptographic operations using the key. For example, you can't decrypt data that was +encrypted by a deleted Amazon Web Services Payment Cryptography key, and the data may +become unrecoverable. Because key deletion is destructive, Amazon Web Services Payment +Cryptography has a safety mechanism to prevent accidental deletion of a key. When you call +this operation, Amazon Web Services Payment Cryptography disables the specified key but +doesn't delete it until after a waiting period. The default waiting period is 7 days. To +set a different waiting period, set DeleteKeyInDays. During the waiting period, the +KeyState is DELETE_PENDING. After the key is deleted, the KeyState is DELETE_COMPLETE. If +you delete key material, you can use ImportKey to reimport the same key material into the +Amazon Web Services Payment Cryptography key. You should delete a key only when you are +sure that you don't need to use it anymore and no other parties are utilizing this key. If +you aren't sure, consider deactivating it instead by calling StopKeyUsage. Cross-account +use: This operation can't be used across different Amazon Web Services accounts. Related +operations: RestoreKey StartKeyUsage StopKeyUsage + +# Arguments +- `key_identifier`: The KeyARN of the key that is scheduled for deletion. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"DeleteKeyInDays"`: The waiting period for key deletion. The default value is seven days. +""" +function delete_key(KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "DeleteKey", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_key( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "DeleteKey", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + export_key(export_key_identifier, key_material) + export_key(export_key_identifier, key_material, params::Dict{String,<:Any}) + +Exports a key from Amazon Web Services Payment Cryptography using either ANSI X9 TR-34 or +TR-31 key export standard. Amazon Web Services Payment Cryptography simplifies main or root +key exchange process by eliminating the need of a paper-based key exchange process. It +takes a modern and secure approach based of the ANSI X9 TR-34 key exchange standard. You +can use ExportKey to export main or root keys such as KEK (Key Encryption Key), using +asymmetric key exchange technique following ANSI X9 TR-34 standard. The ANSI X9 TR-34 +standard uses asymmetric keys to establishes bi-directional trust between the two parties +exchanging keys. After which you can export working keys using the ANSI X9 TR-31 symmetric +key exchange standard as mandated by PCI PIN. Using this operation, you can share your +Amazon Web Services Payment Cryptography generated keys with other service partners to +perform cryptographic operations outside of Amazon Web Services Payment Cryptography +TR-34 key export Amazon Web Services Payment Cryptography uses TR-34 asymmetric key +exchange standard to export main keys such as KEK. In TR-34 terminology, the sending party +of the key is called Key Distribution Host (KDH) and the receiving party of the key is +called Key Receiving Host (KRH). In key export process, KDH is Amazon Web Services Payment +Cryptography which initiates key export. KRH is the user receiving the key. Before you +initiate TR-34 key export, you must obtain an export token by calling +GetParametersForExport. This operation also returns the signing key certificate that KDH +uses to sign the wrapped key to generate a TR-34 wrapped key block. The export token +expires after 7 days. Set the following parameters: +CertificateAuthorityPublicKeyIdentifier The KeyARN of the certificate chain that will sign +the wrapping key certificate. This must exist within Amazon Web Services Payment +Cryptography before you initiate TR-34 key export. If it does not exist, you can import it +by calling ImportKey for RootCertificatePublicKey. ExportToken Obtained from KDH by +calling GetParametersForExport. WrappingKeyCertificate Amazon Web Services Payment +Cryptography uses this to wrap the key under export. When this operation is successful, +Amazon Web Services Payment Cryptography returns the TR-34 wrapped key block. TR-31 key +export Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard +to export working keys. In TR-31, you must use a main key such as KEK to encrypt or wrap +the key under export. To establish a KEK, you can use CreateKey or ImportKey. When this +operation is successful, Amazon Web Services Payment Cryptography returns a TR-31 wrapped +key block. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: GetParametersForExport ImportKey + +# Arguments +- `export_key_identifier`: The KeyARN of the key under export from Amazon Web Services + Payment Cryptography. +- `key_material`: The key block format type, for example, TR-34 or TR-31, to use during key + material export. + +""" +function export_key( + ExportKeyIdentifier, KeyMaterial; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "ExportKey", + Dict{String,Any}( + "ExportKeyIdentifier" => ExportKeyIdentifier, "KeyMaterial" => KeyMaterial + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function export_key( + ExportKeyIdentifier, + KeyMaterial, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "ExportKey", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "ExportKeyIdentifier" => ExportKeyIdentifier, + "KeyMaterial" => KeyMaterial, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_alias(alias_name) + get_alias(alias_name, params::Dict{String,<:Any}) + +Gets the Amazon Web Services Payment Cryptography key associated with the alias. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: CreateAlias DeleteAlias ListAliases +UpdateAlias + +# Arguments +- `alias_name`: The alias of the Amazon Web Services Payment Cryptography key. + +""" +function get_alias(AliasName; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "GetAlias", + Dict{String,Any}("AliasName" => AliasName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_alias( + AliasName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "GetAlias", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("AliasName" => AliasName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_key(key_identifier) + get_key(key_identifier, params::Dict{String,<:Any}) + +Gets the key material for an Amazon Web Services Payment Cryptography key, including the +immutable and mutable data specified when the key was created. Cross-account use: This +operation can't be used across different Amazon Web Services accounts. Related operations: + CreateKey DeleteKey ListKeys + +# Arguments +- `key_identifier`: The KeyARN of the Amazon Web Services Payment Cryptography key. + +""" +function get_key(KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "GetKey", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_key( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "GetKey", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_parameters_for_export(key_material_type, signing_key_algorithm) + get_parameters_for_export(key_material_type, signing_key_algorithm, params::Dict{String,<:Any}) + +Gets the export token and the signing key certificate to initiate a TR-34 key export from +Amazon Web Services Payment Cryptography. The signing key certificate signs the wrapped key +under export within the TR-34 key payload. The export token and signing key certificate +must be in place and operational before calling ExportKey. The export token expires in 7 +days. You can use the same export token to export multiple keys from your service account. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: ExportKey GetParametersForImport + +# Arguments +- `key_material_type`: The key block format type (for example, TR-34 or TR-31) to use + during key material export. Export token is only required for a TR-34 key export, + TR34_KEY_BLOCK. Export token is not required for TR-31 key export. +- `signing_key_algorithm`: The signing key algorithm to generate a signing key certificate. + This certificate signs the wrapped key under export within the TR-34 key block cryptogram. + RSA_2048 is the only signing key algorithm allowed. + +""" +function get_parameters_for_export( + KeyMaterialType, SigningKeyAlgorithm; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "GetParametersForExport", + Dict{String,Any}( + "KeyMaterialType" => KeyMaterialType, + "SigningKeyAlgorithm" => SigningKeyAlgorithm, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_parameters_for_export( + KeyMaterialType, + SigningKeyAlgorithm, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "GetParametersForExport", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "KeyMaterialType" => KeyMaterialType, + "SigningKeyAlgorithm" => SigningKeyAlgorithm, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_parameters_for_import(key_material_type, wrapping_key_algorithm) + get_parameters_for_import(key_material_type, wrapping_key_algorithm, params::Dict{String,<:Any}) + +Gets the import token and the wrapping key certificate to initiate a TR-34 key import into +Amazon Web Services Payment Cryptography. The wrapping key certificate wraps the key under +import within the TR-34 key payload. The import token and wrapping key certificate must be +in place and operational before calling ImportKey. The import token expires in 7 days. The +same import token can be used to import multiple keys into your service account. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: GetParametersForExport ImportKey + +# Arguments +- `key_material_type`: The key block format type such as TR-34 or TR-31 to use during key + material import. Import token is only required for TR-34 key import TR34_KEY_BLOCK. Import + token is not required for TR-31 key import. +- `wrapping_key_algorithm`: The wrapping key algorithm to generate a wrapping key + certificate. This certificate wraps the key under import within the TR-34 key block + cryptogram. RSA_2048 is the only wrapping key algorithm allowed. + +""" +function get_parameters_for_import( + KeyMaterialType, WrappingKeyAlgorithm; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "GetParametersForImport", + Dict{String,Any}( + "KeyMaterialType" => KeyMaterialType, + "WrappingKeyAlgorithm" => WrappingKeyAlgorithm, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_parameters_for_import( + KeyMaterialType, + WrappingKeyAlgorithm, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "GetParametersForImport", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "KeyMaterialType" => KeyMaterialType, + "WrappingKeyAlgorithm" => WrappingKeyAlgorithm, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_public_key_certificate(key_identifier) + get_public_key_certificate(key_identifier, params::Dict{String,<:Any}) + +Gets the public key certificate of the asymmetric key pair that exists within Amazon Web +Services Payment Cryptography. Unlike the private key of an asymmetric key, which never +leaves Amazon Web Services Payment Cryptography unencrypted, callers with +GetPublicKeyCertificate permission can download the public key certificate of the +asymmetric key. You can share the public key certificate to allow others to encrypt +messages and verify signatures outside of Amazon Web Services Payment Cryptography +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. + +# Arguments +- `key_identifier`: The KeyARN of the asymmetric key pair. + +""" +function get_public_key_certificate( + KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "GetPublicKeyCertificate", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_public_key_certificate( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "GetPublicKeyCertificate", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + import_key(key_material) + import_key(key_material, params::Dict{String,<:Any}) + +Imports keys and public key certificates into Amazon Web Services Payment Cryptography. +Amazon Web Services Payment Cryptography simplifies main or root key exchange process by +eliminating the need of a paper-based key exchange process. It takes a modern and secure +approach based of the ANSI X9 TR-34 key exchange standard. You can use ImportKey to import +main or root keys such as KEK (Key Encryption Key) using asymmetric key exchange technique +following the ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to +establishes bi-directional trust between the two parties exchanging keys. After you have +imported a main or root key, you can import working keys to perform various cryptographic +operations within Amazon Web Services Payment Cryptography using the ANSI X9 TR-31 +symmetric key exchange standard as mandated by PCI PIN. You can also import a root public +key certificate, a self-signed certificate used to sign other public key certificates, or a +trusted public key certificate under an already established root public key certificate. +To import a public root key certificate Using this operation, you can import the public +component (in PEM cerificate format) of your private root key. You can use the imported +public root key certificate for digital signatures, for example signing wrapping key or +signing key in TR-34, within your Amazon Web Services Payment Cryptography account. Set +the following parameters: KeyMaterial: RootCertificatePublicKey KeyClass: PUBLIC_KEY + KeyModesOfUse: Verify KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE +PublicKeyCertificate: The certificate authority used to sign the root public key +certificate. To import a trusted public key certificate The root public key certificate +must be in place and operational before you import a trusted public key certificate. Set +the following parameters: KeyMaterial: TrustedCertificatePublicKey +CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey. +KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, +sign, or encrypt that you will allow the trusted public key certificate to perform. +PublicKeyCertificate: The certificate authority used to sign the trusted public key +certificate. Import main keys Amazon Web Services Payment Cryptography uses TR-34 +asymmetric key exchange standard to import main keys such as KEK. In TR-34 terminology, the +sending party of the key is called Key Distribution Host (KDH) and the receiving party of +the key is called Key Receiving Host (KRH). During the key import process, KDH is the user +who initiates the key import and KRH is Amazon Web Services Payment Cryptography who +receives the key. Before initiating TR-34 key import, you must obtain an import token by +calling GetParametersForImport. This operation also returns the wrapping key certificate +that KDH uses wrap key under import to generate a TR-34 wrapped key block. The import token +expires after 7 days. Set the following parameters: +CertificateAuthorityPublicKeyIdentifier: The KeyArn of the certificate chain that will sign +the signing key certificate and should exist within Amazon Web Services Payment +Cryptography before initiating TR-34 key import. If it does not exist, you can import it by +calling by calling ImportKey for RootCertificatePublicKey. ImportToken: Obtained from +KRH by calling GetParametersForImport. WrappedKeyBlock: The TR-34 wrapped key block from +KDH. It contains the KDH key under import, wrapped with KRH provided wrapping key +certificate and signed by the KDH private signing key. This TR-34 key block is generated by +the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography. + SigningKeyCertificate: The public component of the private key that signed the KDH TR-34 +wrapped key block. In PEM certificate format. TR-34 is intended primarily to exchange +3DES keys. Your ability to export AES-128 and larger AES keys may be dependent on your +source system. Import working keys Amazon Web Services Payment Cryptography uses TR-31 +symmetric key exchange standard to import working keys. A KEK must be established within +Amazon Web Services Payment Cryptography by using TR-34 key import. To initiate a TR-31 key +import, set the following parameters: WrappedKeyBlock: The key under import and +encrypted using KEK. The TR-31 key block generated by your HSM outside of Amazon Web +Services Payment Cryptography. WrappingKeyIdentifier: The KeyArn of the KEK that Amazon +Web Services Payment Cryptography uses to decrypt or unwrap the key under import. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: ExportKey GetParametersForImport + +# Arguments +- `key_material`: The key or public key certificate type to use during key material import, + for example TR-34 or RootCertificatePublicKey. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"Enabled"`: Specifies whether import key is enabled. +- `"KeyCheckValueAlgorithm"`: The algorithm that Amazon Web Services Payment Cryptography + uses to calculate the key check value (KCV) for DES and AES keys. For DES key, the KCV is + computed by encrypting 8 bytes, each with value '00', with the key to be checked and + retaining the 3 highest order bytes of the encrypted result. For AES key, the KCV is + computed by encrypting 8 bytes, each with value '01', with the key to be checked and + retaining the 3 highest order bytes of the encrypted result. +- `"Tags"`: The tags to attach to the key. Each tag consists of a tag key and a tag value. + Both the tag key and the tag value are required, but the tag value can be an empty (null) + string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key + with the same tag key. You can't have more than one tag on an Amazon Web Services Payment + Cryptography key with the same tag key. If you specify an existing tag key with a different + tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the + specified one. To use this parameter, you must have TagResource permission. Don't include + confidential or sensitive information in this field. This field may be displayed in + plaintext in CloudTrail logs and other output. Tagging or untagging an Amazon Web + Services Payment Cryptography key can allow or deny permission to the key. +""" +function import_key(KeyMaterial; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "ImportKey", + Dict{String,Any}("KeyMaterial" => KeyMaterial); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function import_key( + KeyMaterial, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "ImportKey", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyMaterial" => KeyMaterial), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_aliases() + list_aliases(params::Dict{String,<:Any}) + +Lists the aliases for all keys in the caller's Amazon Web Services account and Amazon Web +Services Region. You can filter the list of aliases. For more information, see Using +aliases in the Amazon Web Services Payment Cryptography User Guide. This is a paginated +operation, which means that each response might contain only a subset of all the aliases. +When the response contains only a subset of aliases, it includes a NextToken value. Use +this value in a subsequent ListAliases request to get more aliases. When you receive a +response with no NextToken (or an empty or null value), that means there are no more +aliases to get. Cross-account use: This operation can't be used across different Amazon +Web Services accounts. Related operations: CreateAlias DeleteAlias GetAlias + UpdateAlias + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: Use this parameter to specify the maximum number of items to return. When + this value is present, Amazon Web Services Payment Cryptography does not return more than + the specified number of items, but it might return fewer. This value is optional. If you + include a value, it must be between 1 and 100, inclusive. If you do not include a value, it + defaults to 50. +- `"NextToken"`: Use this parameter in a subsequent request after you receive a response + with truncated results. Set it to the value of NextToken from the truncated response you + just received. +""" +function list_aliases(; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "ListAliases"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_aliases( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "ListAliases", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + +""" + list_keys() + list_keys(params::Dict{String,<:Any}) + +Lists the keys in the caller's Amazon Web Services account and Amazon Web Services Region. +You can filter the list of keys. This is a paginated operation, which means that each +response might contain only a subset of all the keys. When the response contains only a +subset of keys, it includes a NextToken value. Use this value in a subsequent ListKeys +request to get more keys. When you receive a response with no NextToken (or an empty or +null value), that means there are no more keys to get. Cross-account use: This operation +can't be used across different Amazon Web Services accounts. Related operations: +CreateKey DeleteKey GetKey + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"KeyState"`: The key state of the keys you want to list. +- `"MaxResults"`: Use this parameter to specify the maximum number of items to return. When + this value is present, Amazon Web Services Payment Cryptography does not return more than + the specified number of items, but it might return fewer. +- `"NextToken"`: Use this parameter in a subsequent request after you receive a response + with truncated results. Set it to the value of NextToken from the truncated response you + just received. +""" +function list_keys(; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "ListKeys"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_keys( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "ListKeys", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + +""" + list_tags_for_resource(resource_arn) + list_tags_for_resource(resource_arn, params::Dict{String,<:Any}) + +Lists the tags for an Amazon Web Services resource. This is a paginated operation, which +means that each response might contain only a subset of all the tags. When the response +contains only a subset of tags, it includes a NextToken value. Use this value in a +subsequent ListTagsForResource request to get more tags. When you receive a response with +no NextToken (or an empty or null value), that means there are no more tags to get. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: TagResource UntagResource + +# Arguments +- `resource_arn`: The KeyARN of the key whose tags you are getting. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: Use this parameter to specify the maximum number of items to return. When + this value is present, Amazon Web Services Payment Cryptography does not return more than + the specified number of items, but it might return fewer. +- `"NextToken"`: Use this parameter in a subsequent request after you receive a response + with truncated results. Set it to the value of NextToken from the truncated response you + just received. +""" +function list_tags_for_resource( + ResourceArn; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "ListTagsForResource", + Dict{String,Any}("ResourceArn" => ResourceArn); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_tags_for_resource( + ResourceArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "ListTagsForResource", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("ResourceArn" => ResourceArn), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + restore_key(key_identifier) + restore_key(key_identifier, params::Dict{String,<:Any}) + +Cancels a scheduled key deletion during the waiting period. Use this operation to restore a +Key that is scheduled for deletion. During the waiting period, the KeyState is +DELETE_PENDING and deletePendingTimestamp contains the date and time after which the Key +will be deleted. After Key is restored, the KeyState is CREATE_COMPLETE, and the value for +deletePendingTimestamp is removed. Cross-account use: This operation can't be used across +different Amazon Web Services accounts. Related operations: DeleteKey +StartKeyUsage StopKeyUsage + +# Arguments +- `key_identifier`: The KeyARN of the key to be restored within Amazon Web Services Payment + Cryptography. + +""" +function restore_key(KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "RestoreKey", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function restore_key( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "RestoreKey", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + start_key_usage(key_identifier) + start_key_usage(key_identifier, params::Dict{String,<:Any}) + +Enables an Amazon Web Services Payment Cryptography key, which makes it active for +cryptographic operations within Amazon Web Services Payment Cryptography Cross-account +use: This operation can't be used across different Amazon Web Services accounts. Related +operations: StopKeyUsage + +# Arguments +- `key_identifier`: The KeyArn of the key. + +""" +function start_key_usage(KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "StartKeyUsage", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function start_key_usage( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "StartKeyUsage", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + stop_key_usage(key_identifier) + stop_key_usage(key_identifier, params::Dict{String,<:Any}) + +Disables an Amazon Web Services Payment Cryptography key, which makes it inactive within +Amazon Web Services Payment Cryptography. You can use this operation instead of DeleteKey +to deactivate a key. You can enable the key in the future by calling StartKeyUsage. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: DeleteKey StartKeyUsage + +# Arguments +- `key_identifier`: The KeyArn of the key. + +""" +function stop_key_usage(KeyIdentifier; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "StopKeyUsage", + Dict{String,Any}("KeyIdentifier" => KeyIdentifier); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function stop_key_usage( + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "StopKeyUsage", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("KeyIdentifier" => KeyIdentifier), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + tag_resource(resource_arn, tags) + tag_resource(resource_arn, tags, params::Dict{String,<:Any}) + +Adds or edits tags on an Amazon Web Services Payment Cryptography key. Tagging or +untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to +the key. Each tag consists of a tag key and a tag value, both of which are case-sensitive +strings. The tag value can be an empty (null) string. To add a tag, specify a new tag key +and a tag value. To edit a tag, specify an existing tag key and a new tag value. You can +also add tags to an Amazon Web Services Payment Cryptography key when you create it with +CreateKey. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: ListTagsForResource UntagResource + +# Arguments +- `resource_arn`: The KeyARN of the key whose tags are being updated. +- `tags`: One or more tags. Each tag consists of a tag key and a tag value. The tag value + can be an empty (null) string. You can't have more than one tag on an Amazon Web Services + Payment Cryptography key with the same tag key. If you specify an existing tag key with a + different tag value, Amazon Web Services Payment Cryptography replaces the current tag + value with the new one. Don't include confidential or sensitive information in this field. + This field may be displayed in plaintext in CloudTrail logs and other output. To use this + parameter, you must have TagResource permission in an IAM policy. Don't include + confidential or sensitive information in this field. This field may be displayed in + plaintext in CloudTrail logs and other output. + +""" +function tag_resource(ResourceArn, Tags; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "TagResource", + Dict{String,Any}("ResourceArn" => ResourceArn, "Tags" => Tags); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function tag_resource( + ResourceArn, + Tags, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "TagResource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("ResourceArn" => ResourceArn, "Tags" => Tags), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + untag_resource(resource_arn, tag_keys) + untag_resource(resource_arn, tag_keys, params::Dict{String,<:Any}) + +Deletes a tag from an Amazon Web Services Payment Cryptography key. Tagging or untagging +an Amazon Web Services Payment Cryptography key can allow or deny permission to the key. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: ListTagsForResource TagResource + +# Arguments +- `resource_arn`: The KeyARN of the key whose tags are being removed. +- `tag_keys`: One or more tag keys. Don't include the tag values. If the Amazon Web + Services Payment Cryptography key doesn't have the specified tag key, Amazon Web Services + Payment Cryptography doesn't throw an exception or return a response. To confirm that the + operation succeeded, use the ListTagsForResource operation. + +""" +function untag_resource( + ResourceArn, TagKeys; aws_config::AbstractAWSConfig=global_aws_config() +) + return payment_cryptography( + "UntagResource", + Dict{String,Any}("ResourceArn" => ResourceArn, "TagKeys" => TagKeys); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function untag_resource( + ResourceArn, + TagKeys, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "UntagResource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("ResourceArn" => ResourceArn, "TagKeys" => TagKeys), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_alias(alias_name) + update_alias(alias_name, params::Dict{String,<:Any}) + +Associates an existing Amazon Web Services Payment Cryptography alias with a different key. +Each alias is associated with only one Amazon Web Services Payment Cryptography key at a +time, although a key can have multiple aliases. The alias and the Amazon Web Services +Payment Cryptography key must be in the same Amazon Web Services account and Amazon Web +Services Region Cross-account use: This operation can't be used across different Amazon +Web Services accounts. Related operations: CreateAlias DeleteAlias GetAlias + ListAliases + +# Arguments +- `alias_name`: The alias whose associated key is changing. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"KeyArn"`: The KeyARN for the key that you are updating or removing from the alias. +""" +function update_alias(AliasName; aws_config::AbstractAWSConfig=global_aws_config()) + return payment_cryptography( + "UpdateAlias", + Dict{String,Any}("AliasName" => AliasName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_alias( + AliasName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography( + "UpdateAlias", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("AliasName" => AliasName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end diff --git a/src/services/payment_cryptography_data.jl b/src/services/payment_cryptography_data.jl new file mode 100644 index 0000000000..2f5103a507 --- /dev/null +++ b/src/services/payment_cryptography_data.jl @@ -0,0 +1,897 @@ +# This file is auto-generated by AWSMetadata.jl +using AWS +using AWS.AWSServices: payment_cryptography_data +using AWS.Compat +using AWS.UUIDs + +""" + decrypt_data(cipher_text, decryption_attributes, key_identifier) + decrypt_data(cipher_text, decryption_attributes, key_identifier, params::Dict{String,<:Any}) + +Decrypts ciphertext data to plaintext using symmetric, asymmetric, or DUKPT data encryption +key. For more information, see Decrypt data in the Amazon Web Services Payment Cryptography +User Guide. You can use an encryption key generated within Amazon Web Services Payment +Cryptography, or you can import your own encryption key by calling ImportKey. For this +operation, the key must have KeyModesOfUse set to Decrypt. In asymmetric decryption, Amazon +Web Services Payment Cryptography decrypts the ciphertext using the private component of +the asymmetric encryption key pair. For data encryption outside of Amazon Web Services +Payment Cryptography, you can export the public component of the asymmetric key pair by +calling GetPublicCertificate. For symmetric and DUKPT decryption, Amazon Web Services +Payment Cryptography supports TDES and AES algorithms. For asymmetric decryption, Amazon +Web Services Payment Cryptography supports RSA. When you use DUKPT, for TDES algorithm, the +ciphertext data length must be a multiple of 16 bytes. For AES algorithm, the ciphertext +data length must be a multiple of 32 bytes. For information about valid keys for this +operation, see Understanding key attributes and Key types for specific data operations in +the Amazon Web Services Payment Cryptography User Guide. Cross-account use: This +operation can't be used across different Amazon Web Services accounts. Related operations: + EncryptData GetPublicCertificate ImportKey + +# Arguments +- `cipher_text`: The ciphertext to decrypt. +- `decryption_attributes`: The encryption key type and attributes for ciphertext decryption. +- `key_identifier`: The keyARN of the encryption key that Amazon Web Services Payment + Cryptography uses for ciphertext decryption. + +""" +function decrypt_data( + CipherText, + DecryptionAttributes, + KeyIdentifier; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(KeyIdentifier)/decrypt", + Dict{String,Any}( + "CipherText" => CipherText, "DecryptionAttributes" => DecryptionAttributes + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function decrypt_data( + CipherText, + DecryptionAttributes, + KeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(KeyIdentifier)/decrypt", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CipherText" => CipherText, + "DecryptionAttributes" => DecryptionAttributes, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + encrypt_data(encryption_attributes, key_identifier, plain_text) + encrypt_data(encryption_attributes, key_identifier, plain_text, params::Dict{String,<:Any}) + +Encrypts plaintext data to ciphertext using symmetric, asymmetric, or DUKPT data encryption +key. For more information, see Encrypt data in the Amazon Web Services Payment Cryptography +User Guide. You can generate an encryption key within Amazon Web Services Payment +Cryptography by calling CreateKey. You can import your own encryption key by calling +ImportKey. For this operation, the key must have KeyModesOfUse set to Encrypt. In +asymmetric encryption, plaintext is encrypted using public component. You can import the +public component of an asymmetric key pair created outside Amazon Web Services Payment +Cryptography by calling ImportKey). for symmetric and DUKPT encryption, Amazon Web +Services Payment Cryptography supports TDES and AES algorithms. For asymmetric encryption, +Amazon Web Services Payment Cryptography supports RSA. To encrypt using DUKPT, you must +already have a DUKPT key in your account with KeyModesOfUse set to DeriveKey, or you can +generate a new DUKPT key by calling CreateKey. For information about valid keys for this +operation, see Understanding key attributes and Key types for specific data operations in +the Amazon Web Services Payment Cryptography User Guide. Cross-account use: This operation +can't be used across different Amazon Web Services accounts. Related operations: +DecryptData GetPublicCertificate ImportKey ReEncryptData + +# Arguments +- `encryption_attributes`: The encryption key type and attributes for plaintext encryption. +- `key_identifier`: The keyARN of the encryption key that Amazon Web Services Payment + Cryptography uses for plaintext encryption. +- `plain_text`: The plaintext to be encrypted. + +""" +function encrypt_data( + EncryptionAttributes, + KeyIdentifier, + PlainText; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(KeyIdentifier)/encrypt", + Dict{String,Any}( + "EncryptionAttributes" => EncryptionAttributes, "PlainText" => PlainText + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function encrypt_data( + EncryptionAttributes, + KeyIdentifier, + PlainText, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(KeyIdentifier)/encrypt", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "EncryptionAttributes" => EncryptionAttributes, "PlainText" => PlainText + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + generate_card_validation_data(generation_attributes, key_identifier, primary_account_number) + generate_card_validation_data(generation_attributes, key_identifier, primary_account_number, params::Dict{String,<:Any}) + +Generates card-related validation data using algorithms such as Card Verification Values +(CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2), or Card Security Codes (CSC). +For more information, see Generate card data in the Amazon Web Services Payment +Cryptography User Guide. This operation generates a CVV or CSC value that is printed on a +payment credit or debit card during card production. The CVV or CSC, PAN (Primary Account +Number) and expiration date of the card are required to check its validity during +transaction processing. To begin this operation, a CVK (Card Verification Key) encryption +key is required. You can use CreateKey or ImportKey to establish a CVK within Amazon Web +Services Payment Cryptography. The KeyModesOfUse should be set to Generate and Verify for a +CVK encryption key. For information about valid keys for this operation, see Understanding +key attributes and Key types for specific data operations in the Amazon Web Services +Payment Cryptography User Guide. Cross-account use: This operation can't be used across +different Amazon Web Services accounts. Related operations: ImportKey +VerifyCardValidationData + +# Arguments +- `generation_attributes`: The algorithm for generating CVV or CSC values for the card + within Amazon Web Services Payment Cryptography. +- `key_identifier`: The keyARN of the CVK encryption key that Amazon Web Services Payment + Cryptography uses to generate card data. +- `primary_account_number`: The Primary Account Number (PAN), a unique identifier for a + payment credit or debit card that associates the card with a specific account holder. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ValidationDataLength"`: The length of the CVV or CSC to be generated. The default value + is 3. +""" +function generate_card_validation_data( + GenerationAttributes, + KeyIdentifier, + PrimaryAccountNumber; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cardvalidationdata/generate", + Dict{String,Any}( + "GenerationAttributes" => GenerationAttributes, + "KeyIdentifier" => KeyIdentifier, + "PrimaryAccountNumber" => PrimaryAccountNumber, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function generate_card_validation_data( + GenerationAttributes, + KeyIdentifier, + PrimaryAccountNumber, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cardvalidationdata/generate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "GenerationAttributes" => GenerationAttributes, + "KeyIdentifier" => KeyIdentifier, + "PrimaryAccountNumber" => PrimaryAccountNumber, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + generate_mac(generation_attributes, key_identifier, message_data) + generate_mac(generation_attributes, key_identifier, message_data, params::Dict{String,<:Any}) + +Generates a Message Authentication Code (MAC) cryptogram within Amazon Web Services Payment +Cryptography. You can use this operation when keys won't be shared but mutual data is +present on both ends for validation. In this case, known data values are used to generate a +MAC on both ends for comparision without sending or receiving data in ciphertext or +plaintext. You can use this operation to generate a DUPKT, HMAC or EMV MAC by setting +generation attributes and algorithm to the associated values. The MAC generation encryption +key must have valid values for KeyUsage such as TR31_M7_HMAC_KEY for HMAC generation, and +they key must have KeyModesOfUse set to Generate and Verify. For information about valid +keys for this operation, see Understanding key attributes and Key types for specific data +operations in the Amazon Web Services Payment Cryptography User Guide. Cross-account use: +This operation can't be used across different Amazon Web Services accounts. Related +operations: VerifyMac + +# Arguments +- `generation_attributes`: The attributes and data values to use for MAC generation within + Amazon Web Services Payment Cryptography. +- `key_identifier`: The keyARN of the MAC generation encryption key. +- `message_data`: The data for which a MAC is under generation. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MacLength"`: The length of a MAC under generation. +""" +function generate_mac( + GenerationAttributes, + KeyIdentifier, + MessageData; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/mac/generate", + Dict{String,Any}( + "GenerationAttributes" => GenerationAttributes, + "KeyIdentifier" => KeyIdentifier, + "MessageData" => MessageData, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function generate_mac( + GenerationAttributes, + KeyIdentifier, + MessageData, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/mac/generate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "GenerationAttributes" => GenerationAttributes, + "KeyIdentifier" => KeyIdentifier, + "MessageData" => MessageData, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + generate_pin_data(encryption_key_identifier, generation_attributes, generation_key_identifier, pin_block_format, primary_account_number) + generate_pin_data(encryption_key_identifier, generation_attributes, generation_key_identifier, pin_block_format, primary_account_number, params::Dict{String,<:Any}) + +Generates pin-related data such as PIN, PIN Verification Value (PVV), PIN Block, and PIN +Offset during new card issuance or reissuance. For more information, see Generate PIN data +in the Amazon Web Services Payment Cryptography User Guide. PIN data is never transmitted +in clear to or from Amazon Web Services Payment Cryptography. This operation generates PIN, +PVV, or PIN Offset and then encrypts it using Pin Encryption Key (PEK) to create an +EncryptedPinBlock for transmission from Amazon Web Services Payment Cryptography. This +operation uses a separate Pin Verification Key (PVK) for VISA PVV generation. For +information about valid keys for this operation, see Understanding key attributes and Key +types for specific data operations in the Amazon Web Services Payment Cryptography User +Guide. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: GenerateCardValidationData TranslatePinData + VerifyPinData + +# Arguments +- `encryption_key_identifier`: The keyARN of the PEK that Amazon Web Services Payment + Cryptography uses to encrypt the PIN Block. +- `generation_attributes`: The attributes and values to use for PIN, PVV, or PIN Offset + generation. +- `generation_key_identifier`: The keyARN of the PEK that Amazon Web Services Payment + Cryptography uses for pin data generation. +- `pin_block_format`: The PIN encoding format for pin data generation as specified in ISO + 9564. Amazon Web Services Payment Cryptography supports ISO_Format_0 and ISO_Format_3. The + ISO_Format_0 PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block + formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits + in length. The ISO_Format_3 PIN block format is the same as ISO_Format_0 except that the + fill digits are random values from 10 to 15. +- `primary_account_number`: The Primary Account Number (PAN), a unique identifier for a + payment credit or debit card that associates the card with a specific account holder. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"PinDataLength"`: The length of PIN under generation. +""" +function generate_pin_data( + EncryptionKeyIdentifier, + GenerationAttributes, + GenerationKeyIdentifier, + PinBlockFormat, + PrimaryAccountNumber; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/generate", + Dict{String,Any}( + "EncryptionKeyIdentifier" => EncryptionKeyIdentifier, + "GenerationAttributes" => GenerationAttributes, + "GenerationKeyIdentifier" => GenerationKeyIdentifier, + "PinBlockFormat" => PinBlockFormat, + "PrimaryAccountNumber" => PrimaryAccountNumber, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function generate_pin_data( + EncryptionKeyIdentifier, + GenerationAttributes, + GenerationKeyIdentifier, + PinBlockFormat, + PrimaryAccountNumber, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/generate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "EncryptionKeyIdentifier" => EncryptionKeyIdentifier, + "GenerationAttributes" => GenerationAttributes, + "GenerationKeyIdentifier" => GenerationKeyIdentifier, + "PinBlockFormat" => PinBlockFormat, + "PrimaryAccountNumber" => PrimaryAccountNumber, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + re_encrypt_data(cipher_text, incoming_encryption_attributes, incoming_key_identifier, outgoing_encryption_attributes, outgoing_key_identifier) + re_encrypt_data(cipher_text, incoming_encryption_attributes, incoming_key_identifier, outgoing_encryption_attributes, outgoing_key_identifier, params::Dict{String,<:Any}) + +Re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys. You can +either generate an encryption key within Amazon Web Services Payment Cryptography by +calling CreateKey or import your own encryption key by calling ImportKey. The KeyArn for +use with this operation must be in a compatible key state with KeyModesOfUse set to +Encrypt. In asymmetric encryption, ciphertext is encrypted using public component (imported +by calling ImportKey) of the asymmetric key pair created outside of Amazon Web Services +Payment Cryptography. For symmetric and DUKPT encryption, Amazon Web Services Payment +Cryptography supports TDES and AES algorithms. For asymmetric encryption, Amazon Web +Services Payment Cryptography supports RSA. To encrypt using DUKPT, a DUKPT key must +already exist within your account with KeyModesOfUse set to DeriveKey or a new DUKPT can be +generated by calling CreateKey. For information about valid keys for this operation, see +Understanding key attributes and Key types for specific data operations in the Amazon Web +Services Payment Cryptography User Guide. Cross-account use: This operation can't be used +across different Amazon Web Services accounts. Related operations: DecryptData +EncryptData GetPublicCertificate ImportKey + +# Arguments +- `cipher_text`: Ciphertext to be encrypted. The minimum allowed length is 16 bytes and + maximum allowed length is 4096 bytes. +- `incoming_encryption_attributes`: The attributes and values for incoming ciphertext. +- `incoming_key_identifier`: The keyARN of the encryption key of incoming ciphertext data. +- `outgoing_encryption_attributes`: The attributes and values for outgoing ciphertext data + after encryption by Amazon Web Services Payment Cryptography. +- `outgoing_key_identifier`: The keyARN of the encryption key of outgoing ciphertext data + after encryption by Amazon Web Services Payment Cryptography. + +""" +function re_encrypt_data( + CipherText, + IncomingEncryptionAttributes, + IncomingKeyIdentifier, + OutgoingEncryptionAttributes, + OutgoingKeyIdentifier; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(IncomingKeyIdentifier)/reencrypt", + Dict{String,Any}( + "CipherText" => CipherText, + "IncomingEncryptionAttributes" => IncomingEncryptionAttributes, + "OutgoingEncryptionAttributes" => OutgoingEncryptionAttributes, + "OutgoingKeyIdentifier" => OutgoingKeyIdentifier, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function re_encrypt_data( + CipherText, + IncomingEncryptionAttributes, + IncomingKeyIdentifier, + OutgoingEncryptionAttributes, + OutgoingKeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/keys/$(IncomingKeyIdentifier)/reencrypt", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CipherText" => CipherText, + "IncomingEncryptionAttributes" => IncomingEncryptionAttributes, + "OutgoingEncryptionAttributes" => OutgoingEncryptionAttributes, + "OutgoingKeyIdentifier" => OutgoingKeyIdentifier, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + translate_pin_data(encrypted_pin_block, incoming_key_identifier, incoming_translation_attributes, outgoing_key_identifier, outgoing_translation_attributes) + translate_pin_data(encrypted_pin_block, incoming_key_identifier, incoming_translation_attributes, outgoing_key_identifier, outgoing_translation_attributes, params::Dict{String,<:Any}) + +Translates encrypted PIN block from and to ISO 9564 formats 0,1,3,4. For more information, +see Translate PIN data in the Amazon Web Services Payment Cryptography User Guide. PIN +block translation involves changing the encrytion of PIN block from one encryption key to +another encryption key and changing PIN block format from one to another without PIN block +data leaving Amazon Web Services Payment Cryptography. The encryption key transformation +can be from PEK (Pin Encryption Key) to BDK (Base Derivation Key) for DUKPT or from BDK for +DUKPT to PEK. Amazon Web Services Payment Cryptography supports TDES and AES key derivation +type for DUKPT tranlations. You can use this operation for P2PE (Point to Point Encryption) +use cases where the encryption keys should change but the processing system either does not +need to, or is not permitted to, decrypt the data. The allowed combinations of PIN block +format translations are guided by PCI. It is important to note that not all encrypted PIN +block formats (example, format 1) require PAN (Primary Account Number) as input. And as +such, PIN block format that requires PAN (example, formats 0,3,4) cannot be translated to a +format (format 1) that does not require a PAN for generation. For information about valid +keys for this operation, see Understanding key attributes and Key types for specific data +operations in the Amazon Web Services Payment Cryptography User Guide. At this time, +Amazon Web Services Payment Cryptography does not support translations to PIN format 4. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: GeneratePinData VerifyPinData + +# Arguments +- `encrypted_pin_block`: The encrypted PIN block data that Amazon Web Services Payment + Cryptography translates. +- `incoming_key_identifier`: The keyARN of the encryption key under which incoming PIN + block data is encrypted. This key type can be PEK or BDK. +- `incoming_translation_attributes`: The format of the incoming PIN block data for + tranlation within Amazon Web Services Payment Cryptography. +- `outgoing_key_identifier`: The keyARN of the encryption key for encrypting outgoing PIN + block data. This key type can be PEK or BDK. +- `outgoing_translation_attributes`: The format of the outgoing PIN block data after + tranlation by Amazon Web Services Payment Cryptography. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"IncomingDukptAttributes"`: The attributes and values to use for incoming DUKPT + encryption key for PIN block tranlation. +- `"OutgoingDukptAttributes"`: The attributes and values to use for outgoing DUKPT + encryption key after PIN block translation. +""" +function translate_pin_data( + EncryptedPinBlock, + IncomingKeyIdentifier, + IncomingTranslationAttributes, + OutgoingKeyIdentifier, + OutgoingTranslationAttributes; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/translate", + Dict{String,Any}( + "EncryptedPinBlock" => EncryptedPinBlock, + "IncomingKeyIdentifier" => IncomingKeyIdentifier, + "IncomingTranslationAttributes" => IncomingTranslationAttributes, + "OutgoingKeyIdentifier" => OutgoingKeyIdentifier, + "OutgoingTranslationAttributes" => OutgoingTranslationAttributes, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function translate_pin_data( + EncryptedPinBlock, + IncomingKeyIdentifier, + IncomingTranslationAttributes, + OutgoingKeyIdentifier, + OutgoingTranslationAttributes, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/translate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "EncryptedPinBlock" => EncryptedPinBlock, + "IncomingKeyIdentifier" => IncomingKeyIdentifier, + "IncomingTranslationAttributes" => IncomingTranslationAttributes, + "OutgoingKeyIdentifier" => OutgoingKeyIdentifier, + "OutgoingTranslationAttributes" => OutgoingTranslationAttributes, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + verify_auth_request_cryptogram(auth_request_cryptogram, key_identifier, major_key_derivation_mode, session_key_derivation_attributes, transaction_data) + verify_auth_request_cryptogram(auth_request_cryptogram, key_identifier, major_key_derivation_mode, session_key_derivation_attributes, transaction_data, params::Dict{String,<:Any}) + +Verifies Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization. +For more information, see Verify auth request cryptogram in the Amazon Web Services Payment +Cryptography User Guide. ARQC generation is done outside of Amazon Web Services Payment +Cryptography and is typically generated on a point of sale terminal for an EMV chip card to +obtain payment authorization during transaction time. For ARQC verification, you must first +import the ARQC generated outside of Amazon Web Services Payment Cryptography by calling +ImportKey. This operation uses the imported ARQC and an major encryption key (DUKPT) +created by calling CreateKey to either provide a boolean ARQC verification result or +provide an APRC (Authorization Response Cryptogram) response using Method 1 or Method 2. +The ARPC_METHOD_1 uses AuthResponseCode to generate ARPC and ARPC_METHOD_2 uses +CardStatusUpdate to generate ARPC. For information about valid keys for this operation, +see Understanding key attributes and Key types for specific data operations in the Amazon +Web Services Payment Cryptography User Guide. Cross-account use: This operation can't be +used across different Amazon Web Services accounts. Related operations: +VerifyCardValidationData VerifyPinData + +# Arguments +- `auth_request_cryptogram`: The auth request cryptogram imported into Amazon Web Services + Payment Cryptography for ARQC verification using a major encryption key and transaction + data. +- `key_identifier`: The keyARN of the major encryption key that Amazon Web Services Payment + Cryptography uses for ARQC verification. +- `major_key_derivation_mode`: The method to use when deriving the major encryption key for + ARQC verification within Amazon Web Services Payment Cryptography. The same key derivation + mode was used for ARQC generation outside of Amazon Web Services Payment Cryptography. +- `session_key_derivation_attributes`: The attributes and values to use for deriving a + session key for ARQC verification within Amazon Web Services Payment Cryptography. The same + attributes were used for ARQC generation outside of Amazon Web Services Payment + Cryptography. +- `transaction_data`: The transaction data that Amazon Web Services Payment Cryptography + uses for ARQC verification. The same transaction is used for ARQC generation outside of + Amazon Web Services Payment Cryptography. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"AuthResponseAttributes"`: The attributes and values for auth request cryptogram + verification. These parameters are required in case using ARPC Method 1 or Method 2 for + ARQC verification. +""" +function verify_auth_request_cryptogram( + AuthRequestCryptogram, + KeyIdentifier, + MajorKeyDerivationMode, + SessionKeyDerivationAttributes, + TransactionData; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cryptogram/verify", + Dict{String,Any}( + "AuthRequestCryptogram" => AuthRequestCryptogram, + "KeyIdentifier" => KeyIdentifier, + "MajorKeyDerivationMode" => MajorKeyDerivationMode, + "SessionKeyDerivationAttributes" => SessionKeyDerivationAttributes, + "TransactionData" => TransactionData, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function verify_auth_request_cryptogram( + AuthRequestCryptogram, + KeyIdentifier, + MajorKeyDerivationMode, + SessionKeyDerivationAttributes, + TransactionData, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cryptogram/verify", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "AuthRequestCryptogram" => AuthRequestCryptogram, + "KeyIdentifier" => KeyIdentifier, + "MajorKeyDerivationMode" => MajorKeyDerivationMode, + "SessionKeyDerivationAttributes" => SessionKeyDerivationAttributes, + "TransactionData" => TransactionData, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + verify_card_validation_data(key_identifier, primary_account_number, validation_data, verification_attributes) + verify_card_validation_data(key_identifier, primary_account_number, validation_data, verification_attributes, params::Dict{String,<:Any}) + +Verifies card-related validation data using algorithms such as Card Verification Values +(CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes (CSC). +For more information, see Verify card data in the Amazon Web Services Payment Cryptography +User Guide. This operation validates the CVV or CSC codes that is printed on a payment +credit or debit card during card payment transaction. The input values are typically +provided as part of an inbound transaction to an issuer or supporting platform partner. +Amazon Web Services Payment Cryptography uses CVV or CSC, PAN (Primary Account Number) and +expiration date of the card to check its validity during transaction processing. In this +operation, the CVK (Card Verification Key) encryption key for use with card data +verification is same as the one in used for GenerateCardValidationData. For information +about valid keys for this operation, see Understanding key attributes and Key types for +specific data operations in the Amazon Web Services Payment Cryptography User Guide. +Cross-account use: This operation can't be used across different Amazon Web Services +accounts. Related operations: GenerateCardValidationData +VerifyAuthRequestCryptogram VerifyPinData + +# Arguments +- `key_identifier`: The keyARN of the CVK encryption key that Amazon Web Services Payment + Cryptography uses to verify card data. +- `primary_account_number`: The Primary Account Number (PAN), a unique identifier for a + payment credit or debit card that associates the card with a specific account holder. +- `validation_data`: The CVV or CSC value for use for card data verification within Amazon + Web Services Payment Cryptography. +- `verification_attributes`: The algorithm to use for verification of card data within + Amazon Web Services Payment Cryptography. + +""" +function verify_card_validation_data( + KeyIdentifier, + PrimaryAccountNumber, + ValidationData, + VerificationAttributes; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cardvalidationdata/verify", + Dict{String,Any}( + "KeyIdentifier" => KeyIdentifier, + "PrimaryAccountNumber" => PrimaryAccountNumber, + "ValidationData" => ValidationData, + "VerificationAttributes" => VerificationAttributes, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function verify_card_validation_data( + KeyIdentifier, + PrimaryAccountNumber, + ValidationData, + VerificationAttributes, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/cardvalidationdata/verify", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "KeyIdentifier" => KeyIdentifier, + "PrimaryAccountNumber" => PrimaryAccountNumber, + "ValidationData" => ValidationData, + "VerificationAttributes" => VerificationAttributes, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + verify_mac(key_identifier, mac, message_data, verification_attributes) + verify_mac(key_identifier, mac, message_data, verification_attributes, params::Dict{String,<:Any}) + +Verifies a Message Authentication Code (MAC). You can use this operation when keys won't +be shared but mutual data is present on both ends for validation. In this case, known data +values are used to generate a MAC on both ends for verification without sending or +receiving data in ciphertext or plaintext. You can use this operation to verify a DUPKT, +HMAC or EMV MAC by setting generation attributes and algorithm to the associated values. +Use the same encryption key for MAC verification as you use for GenerateMac. For +information about valid keys for this operation, see Understanding key attributes and Key +types for specific data operations in the Amazon Web Services Payment Cryptography User +Guide. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: GenerateMac + +# Arguments +- `key_identifier`: The keyARN of the encryption key that Amazon Web Services Payment + Cryptography uses to verify MAC data. +- `mac`: The MAC being verified. +- `message_data`: The data on for which MAC is under verification. +- `verification_attributes`: The attributes and data values to use for MAC verification + within Amazon Web Services Payment Cryptography. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MacLength"`: The length of the MAC. +""" +function verify_mac( + KeyIdentifier, + Mac, + MessageData, + VerificationAttributes; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/mac/verify", + Dict{String,Any}( + "KeyIdentifier" => KeyIdentifier, + "Mac" => Mac, + "MessageData" => MessageData, + "VerificationAttributes" => VerificationAttributes, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function verify_mac( + KeyIdentifier, + Mac, + MessageData, + VerificationAttributes, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/mac/verify", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "KeyIdentifier" => KeyIdentifier, + "Mac" => Mac, + "MessageData" => MessageData, + "VerificationAttributes" => VerificationAttributes, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + verify_pin_data(encrypted_pin_block, encryption_key_identifier, pin_block_format, primary_account_number, verification_attributes, verification_key_identifier) + verify_pin_data(encrypted_pin_block, encryption_key_identifier, pin_block_format, primary_account_number, verification_attributes, verification_key_identifier, params::Dict{String,<:Any}) + +Verifies pin-related data such as PIN and PIN Offset using algorithms including VISA PVV +and IBM3624. For more information, see Verify PIN data in the Amazon Web Services Payment +Cryptography User Guide. This operation verifies PIN data for user payment card. A card +holder PIN data is never transmitted in clear to or from Amazon Web Services Payment +Cryptography. This operation uses PIN Verification Key (PVK) for PIN or PIN Offset +generation and then encrypts it using PIN Encryption Key (PEK) to create an +EncryptedPinBlock for transmission from Amazon Web Services Payment Cryptography. For +information about valid keys for this operation, see Understanding key attributes and Key +types for specific data operations in the Amazon Web Services Payment Cryptography User +Guide. Cross-account use: This operation can't be used across different Amazon Web +Services accounts. Related operations: GeneratePinData TranslatePinData + +# Arguments +- `encrypted_pin_block`: The encrypted PIN block data that Amazon Web Services Payment + Cryptography verifies. +- `encryption_key_identifier`: The keyARN of the encryption key under which the PIN block + data is encrypted. This key type can be PEK or BDK. +- `pin_block_format`: The PIN encoding format for pin data generation as specified in ISO + 9564. Amazon Web Services Payment Cryptography supports ISO_Format_0 and ISO_Format_3. The + ISO_Format_0 PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block + formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits + in length. The ISO_Format_3 PIN block format is the same as ISO_Format_0 except that the + fill digits are random values from 10 to 15. +- `primary_account_number`: The Primary Account Number (PAN), a unique identifier for a + payment credit or debit card that associates the card with a specific account holder. +- `verification_attributes`: The attributes and values for PIN data verification. +- `verification_key_identifier`: The keyARN of the PIN verification key. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"DukptAttributes"`: The attributes and values for the DUKPT encrypted PIN block data. +- `"PinDataLength"`: The length of PIN being verified. +""" +function verify_pin_data( + EncryptedPinBlock, + EncryptionKeyIdentifier, + PinBlockFormat, + PrimaryAccountNumber, + VerificationAttributes, + VerificationKeyIdentifier; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/verify", + Dict{String,Any}( + "EncryptedPinBlock" => EncryptedPinBlock, + "EncryptionKeyIdentifier" => EncryptionKeyIdentifier, + "PinBlockFormat" => PinBlockFormat, + "PrimaryAccountNumber" => PrimaryAccountNumber, + "VerificationAttributes" => VerificationAttributes, + "VerificationKeyIdentifier" => VerificationKeyIdentifier, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function verify_pin_data( + EncryptedPinBlock, + EncryptionKeyIdentifier, + PinBlockFormat, + PrimaryAccountNumber, + VerificationAttributes, + VerificationKeyIdentifier, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return payment_cryptography_data( + "POST", + "/pindata/verify", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "EncryptedPinBlock" => EncryptedPinBlock, + "EncryptionKeyIdentifier" => EncryptionKeyIdentifier, + "PinBlockFormat" => PinBlockFormat, + "PrimaryAccountNumber" => PrimaryAccountNumber, + "VerificationAttributes" => VerificationAttributes, + "VerificationKeyIdentifier" => VerificationKeyIdentifier, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end diff --git a/src/services/rekognition.jl b/src/services/rekognition.jl index 755532f9ef..45aa33aced 100644 --- a/src/services/rekognition.jl +++ b/src/services/rekognition.jl @@ -4,6 +4,83 @@ using AWS.AWSServices: rekognition using AWS.Compat using AWS.UUIDs +""" + associate_faces(collection_id, face_ids, user_id) + associate_faces(collection_id, face_ids, user_id, params::Dict{String,<:Any}) + +Associates one or more faces with an existing UserID. Takes an array of FaceIds. Each +FaceId that are present in the FaceIds list is associated with the provided UserID. The +maximum number of total FaceIds per UserID is 100. The UserMatchThreshold parameter +specifies the minimum user match confidence required for the face to be associated with a +UserID that has at least one FaceID already associated. This ensures that the FaceIds are +associated with the right UserID. The value ranges from 0-100 and default value is 75. If +successful, an array of AssociatedFace objects containing the associated FaceIds is +returned. If a given face is already associated with the given UserID, it will be ignored +and will not be returned in the response. If a given face is already associated to a +different UserID, isn't found in the collection, doesn’t meet the UserMatchThreshold, or +there are already 100 faces associated with the UserID, it will be returned as part of an +array of UnsuccessfulFaceAssociations. The UserStatus reflects the status of an operation +which updates a UserID representation with a list of given faces. The UserStatus can be: +ACTIVE - All associations or disassociations of FaceID(s) for a UserID are complete. +CREATED - A UserID has been created, but has no FaceID(s) associated with it. UPDATING - +A UserID is being updated and there are current associations or disassociations of +FaceID(s) taking place. + +# Arguments +- `collection_id`: The ID of an existing collection containing the UserID. +- `face_ids`: An array of FaceIDs to associate with the UserID. +- `user_id`: The ID for the existing UserID. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientRequestToken"`: Idempotent token used to identify the request to AssociateFaces. + If you use the same token with multiple AssociateFaces requests, the same response is + returned. Use ClientRequestToken to prevent the same request from being processed more than + once. +- `"UserMatchThreshold"`: An optional value specifying the minimum confidence in the UserID + match to return. The default value is 75. +""" +function associate_faces( + CollectionId, FaceIds, UserId; aws_config::AbstractAWSConfig=global_aws_config() +) + return rekognition( + "AssociateFaces", + Dict{String,Any}( + "CollectionId" => CollectionId, + "FaceIds" => FaceIds, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function associate_faces( + CollectionId, + FaceIds, + UserId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "AssociateFaces", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CollectionId" => CollectionId, + "FaceIds" => FaceIds, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ compare_faces(source_image, target_image) compare_faces(source_image, target_image, params::Dict{String,<:Any}) @@ -584,6 +661,68 @@ function create_stream_processor( ) end +""" + create_user(collection_id, user_id) + create_user(collection_id, user_id, params::Dict{String,<:Any}) + +Creates a new User within a collection specified by CollectionId. Takes UserId as a +parameter, which is a user provided ID which should be unique within the collection. The +provided UserId will alias the system generated UUID to make the UserId more user friendly. + Uses a ClientToken, an idempotency token that ensures a call to CreateUser completes only +once. If the value is not supplied, the AWS SDK generates an idempotency token for the +requests. This prevents retries after a network error results from making multiple +CreateUser calls. + +# Arguments +- `collection_id`: The ID of an existing collection to which the new UserID needs to be + created. +- `user_id`: ID for the UserID to be created. This ID needs to be unique within the + collection. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientRequestToken"`: Idempotent token used to identify the request to CreateUser. If + you use the same token with multiple CreateUser requests, the same response is returned. + Use ClientRequestToken to prevent the same request from being processed more than once. +""" +function create_user( + CollectionId, UserId; aws_config::AbstractAWSConfig=global_aws_config() +) + return rekognition( + "CreateUser", + Dict{String,Any}( + "CollectionId" => CollectionId, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_user( + CollectionId, + UserId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "CreateUser", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CollectionId" => CollectionId, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_collection(collection_id) delete_collection(collection_id, params::Dict{String,<:Any}) @@ -862,6 +1001,65 @@ function delete_stream_processor( ) end +""" + delete_user(collection_id, user_id) + delete_user(collection_id, user_id, params::Dict{String,<:Any}) + +Deletes the specified UserID within the collection. Faces that are associated with the +UserID are disassociated from the UserID before deleting the specified UserID. If the +specified Collection or UserID is already deleted or not found, a ResourceNotFoundException +will be thrown. If the action is successful with a 200 response, an empty HTTP body is +returned. + +# Arguments +- `collection_id`: The ID of an existing collection from which the UserID needs to be + deleted. +- `user_id`: ID for the UserID to be deleted. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientRequestToken"`: Idempotent token used to identify the request to DeleteUser. If + you use the same token with multiple DeleteUser requests, the same response is returned. + Use ClientRequestToken to prevent the same request from being processed more than once. +""" +function delete_user( + CollectionId, UserId; aws_config::AbstractAWSConfig=global_aws_config() +) + return rekognition( + "DeleteUser", + Dict{String,Any}( + "CollectionId" => CollectionId, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_user( + CollectionId, + UserId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "DeleteUser", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CollectionId" => CollectionId, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ describe_collection(collection_id) describe_collection(collection_id, params::Dict{String,<:Any}) @@ -1438,6 +1636,71 @@ function detect_text( ) end +""" + disassociate_faces(collection_id, face_ids, user_id) + disassociate_faces(collection_id, face_ids, user_id, params::Dict{String,<:Any}) + +Removes the association between a Face supplied in an array of FaceIds and the User. If the +User is not present already, then a ResourceNotFound exception is thrown. If successful, an +array of faces that are disassociated from the User is returned. If a given face is already +disassociated from the given UserID, it will be ignored and not be returned in the +response. If a given face is already associated with a different User or not found in the +collection it will be returned as part of UnsuccessfulDisassociations. You can remove 1 - +100 face IDs from a user at one time. + +# Arguments +- `collection_id`: The ID of an existing collection containing the UserID. +- `face_ids`: An array of face IDs to disassociate from the UserID. +- `user_id`: ID for the existing UserID. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientRequestToken"`: Idempotent token used to identify the request to + DisassociateFaces. If you use the same token with multiple DisassociateFaces requests, the + same response is returned. Use ClientRequestToken to prevent the same request from being + processed more than once. +""" +function disassociate_faces( + CollectionId, FaceIds, UserId; aws_config::AbstractAWSConfig=global_aws_config() +) + return rekognition( + "DisassociateFaces", + Dict{String,Any}( + "CollectionId" => CollectionId, + "FaceIds" => FaceIds, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function disassociate_faces( + CollectionId, + FaceIds, + UserId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "DisassociateFaces", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "CollectionId" => CollectionId, + "FaceIds" => FaceIds, + "UserId" => UserId, + "ClientRequestToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ distribute_dataset_entries(datasets) distribute_dataset_entries(datasets, params::Dict{String,<:Any}) @@ -2328,10 +2591,12 @@ rekognition:ListFaces action. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"FaceIds"`: An array of face IDs to match when listing faces in a collection. - `"MaxResults"`: Maximum number of faces to return. - `"NextToken"`: If the previous response was incomplete (because there is more data to retrieve), Amazon Rekognition returns a pagination token in the response. You can use this pagination token to retrieve the next set of faces. +- `"UserId"`: An array of user IDs to match when listing faces in a collection. """ function list_faces(CollectionId; aws_config::AbstractAWSConfig=global_aws_config()) return rekognition( @@ -2470,6 +2735,47 @@ function list_tags_for_resource( ) end +""" + list_users(collection_id) + list_users(collection_id, params::Dict{String,<:Any}) + +Returns metadata of the User such as UserID in the specified collection. Anonymous User (to +reserve faces without any identity) is not returned as part of this request. The results +are sorted by system generated primary key ID. If the response is truncated, NextToken is +returned in the response that can be used in the subsequent request to retrieve the next +set of identities. + +# Arguments +- `collection_id`: The ID of an existing collection. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: Maximum number of UsersID to return. +- `"NextToken"`: Pagingation token to receive the next set of UsersID. +""" +function list_users(CollectionId; aws_config::AbstractAWSConfig=global_aws_config()) + return rekognition( + "ListUsers", + Dict{String,Any}("CollectionId" => CollectionId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_users( + CollectionId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "ListUsers", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("CollectionId" => CollectionId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ put_project_policy(policy_document, policy_name, project_arn) put_project_policy(policy_document, policy_name, project_arn, params::Dict{String,<:Any}) @@ -2738,6 +3044,108 @@ function search_faces_by_image( ) end +""" + search_users(collection_id) + search_users(collection_id, params::Dict{String,<:Any}) + +Searches for UserIDs within a collection based on a FaceId or UserId. This API can be used +to find the closest UserID (with a highest similarity) to associate a face. The request +must be provided with either FaceId or UserId. The operation returns an array of UserID +that match the FaceId or UserId, ordered by similarity score with the highest similarity +first. + +# Arguments +- `collection_id`: The ID of an existing collection containing the UserID, used with a + UserId or FaceId. If a FaceId is provided, UserId isn’t required to be present in the + Collection. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"FaceId"`: ID for the existing face. +- `"MaxUsers"`: Maximum number of identities to return. +- `"UserId"`: ID for the existing User. +- `"UserMatchThreshold"`: Optional value that specifies the minimum confidence in the + matched UserID to return. Default value of 80. +""" +function search_users(CollectionId; aws_config::AbstractAWSConfig=global_aws_config()) + return rekognition( + "SearchUsers", + Dict{String,Any}("CollectionId" => CollectionId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function search_users( + CollectionId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "SearchUsers", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("CollectionId" => CollectionId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + search_users_by_image(collection_id, image) + search_users_by_image(collection_id, image, params::Dict{String,<:Any}) + +Searches for UserIDs using a supplied image. It first detects the largest face in the +image, and then searches a specified collection for matching UserIDs. The operation +returns an array of UserIDs that match the face in the supplied image, ordered by +similarity score with the highest similarity first. It also returns a bounding box for the +face found in the input image. Information about faces detected in the supplied image, but +not used for the search, is returned in an array of UnsearchedFace objects. If no valid +face is detected in the image, the response will contain an empty UserMatches list and no +SearchedFace object. + +# Arguments +- `collection_id`: The ID of an existing collection containing the UserID. +- `image`: + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxUsers"`: Maximum number of UserIDs to return. +- `"QualityFilter"`: A filter that specifies a quality bar for how much filtering is done + to identify faces. Filtered faces aren't searched for in the collection. The default value + is NONE. +- `"UserMatchThreshold"`: Specifies the minimum confidence in the UserID match to return. + Default value is 80. +""" +function search_users_by_image( + CollectionId, Image; aws_config::AbstractAWSConfig=global_aws_config() +) + return rekognition( + "SearchUsersByImage", + Dict{String,Any}("CollectionId" => CollectionId, "Image" => Image); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function search_users_by_image( + CollectionId, + Image, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return rekognition( + "SearchUsersByImage", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("CollectionId" => CollectionId, "Image" => Image), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ start_celebrity_recognition(video) start_celebrity_recognition(video, params::Dict{String,<:Any}) diff --git a/src/services/sagemaker.jl b/src/services/sagemaker.jl index 8d66599398..80526ac426 100644 --- a/src/services/sagemaker.jl +++ b/src/services/sagemaker.jl @@ -7719,7 +7719,7 @@ end Describes the details of a pipeline. # Arguments -- `pipeline_name`: The name of the pipeline to describe. +- `pipeline_name`: The name or Amazon Resource Name (ARN) of the pipeline to describe. """ function describe_pipeline(PipelineName; aws_config::AbstractAWSConfig=global_aws_config()) @@ -8760,8 +8760,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys specified time. - `"CreationTimeBefore"`: A filter that returns only AppImageConfigs created on or before the specified time. -- `"MaxResults"`: The maximum number of AppImageConfigs to return in the response. The - default value is 10. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"ModifiedTimeAfter"`: A filter that returns only AppImageConfigs modified on or after the specified time. - `"ModifiedTimeBefore"`: A filter that returns only AppImageConfigs modified on or before @@ -8798,7 +8800,10 @@ Lists apps. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"DomainIdEquals"`: A parameter to search for the domain ID. -- `"MaxResults"`: Returns a list up to a specified limit. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"NextToken"`: If the previous response was truncated, you will receive this token. Use it in your next request to receive the next set of results. - `"SortBy"`: The parameter by which to sort the results. The default is CreationTime. @@ -9200,7 +9205,10 @@ Lists the domains. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"MaxResults"`: Returns a list up to a specified limit. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"NextToken"`: If the previous response was truncated, you will receive this token. Use it in your next request to receive the next set of results. """ @@ -10773,7 +10781,7 @@ end Gets a list of the pipeline executions. # Arguments -- `pipeline_name`: The name of the pipeline. +- `pipeline_name`: The name or Amazon Resource Name (ARN) of the pipeline. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -10971,7 +10979,10 @@ Lists spaces. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"DomainIdEquals"`: A parameter to search for the Domain ID. -- `"MaxResults"`: Returns a list up to a specified limit. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"NextToken"`: If the previous response was truncated, you will receive this token. Use it in your next request to receive the next set of results. - `"SortBy"`: The parameter by which to sort the results. The default is CreationTime. @@ -11057,8 +11068,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys after the specified time. - `"CreationTimeBefore"`: A filter that returns only Lifecycle Configurations created on or before the specified time. -- `"MaxResults"`: The maximum number of Studio Lifecycle Configurations to return in the - response. The default value is 10. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"ModifiedTimeAfter"`: A filter that returns only Lifecycle Configurations modified after the specified time. - `"ModifiedTimeBefore"`: A filter that returns only Lifecycle Configurations modified @@ -11391,7 +11404,10 @@ Lists user profiles. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"DomainIdEquals"`: A parameter by which to filter the results. -- `"MaxResults"`: Returns a list up to a specified limit. +- `"MaxResults"`: The total number of items to return in the response. If the total number + of items available is more than the value specified, a NextToken is provided in the + response. To resume pagination, provide the NextToken value in the as part of a subsequent + call. The default value is 10. - `"NextToken"`: If the previous response was truncated, you will receive this token. Use it in your next request to receive the next set of results. - `"SortBy"`: The parameter by which to sort the results. The default is CreationTime. @@ -12028,7 +12044,7 @@ Starts a pipeline execution. # Arguments - `client_request_token`: A unique, case-sensitive identifier that you provide to ensure the idempotency of the operation. An idempotent operation completes no more than once. -- `pipeline_name`: The name of the pipeline. +- `pipeline_name`: The name or Amazon Resource Name (ARN) of the pipeline. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: diff --git a/src/services/securityhub.jl b/src/services/securityhub.jl index aa7f67f9e0..804614c910 100644 --- a/src/services/securityhub.jl +++ b/src/services/securityhub.jl @@ -112,6 +112,48 @@ function accept_invitation( ) end +""" + batch_delete_automation_rules(automation_rules_arns) + batch_delete_automation_rules(automation_rules_arns, params::Dict{String,<:Any}) + + Deletes one or more automation rules. + +# Arguments +- `automation_rules_arns`: A list of Amazon Resource Names (ARNs) for the rules that are + to be deleted. + +""" +function batch_delete_automation_rules( + AutomationRulesArns; aws_config::AbstractAWSConfig=global_aws_config() +) + return securityhub( + "POST", + "/automationrules/delete", + Dict{String,Any}("AutomationRulesArns" => AutomationRulesArns); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function batch_delete_automation_rules( + AutomationRulesArns, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return securityhub( + "POST", + "/automationrules/delete", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("AutomationRulesArns" => AutomationRulesArns), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ batch_disable_standards(standards_subscription_arns) batch_disable_standards(standards_subscription_arns, params::Dict{String,<:Any}) @@ -199,6 +241,48 @@ function batch_enable_standards( ) end +""" + batch_get_automation_rules(automation_rules_arns) + batch_get_automation_rules(automation_rules_arns, params::Dict{String,<:Any}) + + Retrieves a list of details for automation rules based on rule Amazon Resource Names +(ARNs). + +# Arguments +- `automation_rules_arns`: A list of rule ARNs to get details for. + +""" +function batch_get_automation_rules( + AutomationRulesArns; aws_config::AbstractAWSConfig=global_aws_config() +) + return securityhub( + "POST", + "/automationrules/get", + Dict{String,Any}("AutomationRulesArns" => AutomationRulesArns); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function batch_get_automation_rules( + AutomationRulesArns, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return securityhub( + "POST", + "/automationrules/get", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("AutomationRulesArns" => AutomationRulesArns), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ batch_get_security_controls(security_control_ids) batch_get_security_controls(security_control_ids, params::Dict{String,<:Any}) @@ -343,6 +427,53 @@ function batch_import_findings( ) end +""" + batch_update_automation_rules(update_automation_rules_request_items) + batch_update_automation_rules(update_automation_rules_request_items, params::Dict{String,<:Any}) + + Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input +parameters. + +# Arguments +- `update_automation_rules_request_items`: An array of ARNs for the rules that are to be + updated. Optionally, you can also include RuleStatus and RuleOrder. + +""" +function batch_update_automation_rules( + UpdateAutomationRulesRequestItems; aws_config::AbstractAWSConfig=global_aws_config() +) + return securityhub( + "PATCH", + "/automationrules/update", + Dict{String,Any}( + "UpdateAutomationRulesRequestItems" => UpdateAutomationRulesRequestItems + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function batch_update_automation_rules( + UpdateAutomationRulesRequestItems, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return securityhub( + "PATCH", + "/automationrules/update", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "UpdateAutomationRulesRequestItems" => UpdateAutomationRulesRequestItems + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ batch_update_findings(finding_identifiers) batch_update_findings(finding_identifiers, params::Dict{String,<:Any}) @@ -512,6 +643,90 @@ function create_action_target( ) end +""" + create_automation_rule(actions, criteria, description, rule_name, rule_order) + create_automation_rule(actions, criteria, description, rule_name, rule_order, params::Dict{String,<:Any}) + + Creates an automation rule based on input parameters. + +# Arguments +- `actions`: One or more actions to update finding fields if a finding matches the + conditions specified in Criteria. +- `criteria`: A set of ASFF finding field attributes and corresponding expected values + that Security Hub uses to filter findings. If a finding matches the conditions specified in + this parameter, Security Hub applies the rule action to the finding. +- `description`: A description of the rule. +- `rule_name`: The name of the rule. +- `rule_order`: An integer ranging from 1 to 1000 that represents the order in which the + rule action is applied to findings. Security Hub applies rules with lower values for this + parameter first. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"IsTerminal"`: Specifies whether a rule is the last to be applied with respect to a + finding that matches the rule criteria. This is useful when a finding matches the criteria + for multiple rules, and each rule has different actions. If the value of this field is set + to true for a rule, Security Hub applies the rule action to a finding that matches the rule + criteria and won't evaluate other rules for the finding. The default value of this field is + false. +- `"RuleStatus"`: Whether the rule is active after it is created. If this parameter is + equal to Enabled, Security Hub will apply the rule to findings and finding updates after + the rule is created. To change the value of this parameter after creating a rule, use + BatchUpdateAutomationRules. +- `"Tags"`: User-defined tags that help you label the purpose of a rule. +""" +function create_automation_rule( + Actions, + Criteria, + Description, + RuleName, + RuleOrder; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return securityhub( + "POST", + "/automationrules/create", + Dict{String,Any}( + "Actions" => Actions, + "Criteria" => Criteria, + "Description" => Description, + "RuleName" => RuleName, + "RuleOrder" => RuleOrder, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_automation_rule( + Actions, + Criteria, + Description, + RuleName, + RuleOrder, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return securityhub( + "POST", + "/automationrules/create", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "Actions" => Actions, + "Criteria" => Criteria, + "Description" => Description, + "RuleName" => RuleName, + "RuleOrder" => RuleOrder, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_finding_aggregator(region_linking_mode) create_finding_aggregator(region_linking_mode, params::Dict{String,<:Any}) @@ -1837,6 +2052,40 @@ function invite_members( ) end +""" + list_automation_rules() + list_automation_rules(params::Dict{String,<:Any}) + + A list of automation rules and their metadata for the calling account. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of rules to return in the response. This currently + ranges from 1 to 100. +- `"NextToken"`: A token to specify where to start paginating the response. This is the + NextToken from a previously truncated response. On your first call to the + ListAutomationRules API, set the value of this parameter to NULL. +""" +function list_automation_rules(; aws_config::AbstractAWSConfig=global_aws_config()) + return securityhub( + "GET", + "/automationrules/list"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_automation_rules( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return securityhub( + "GET", + "/automationrules/list", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ list_enabled_products_for_import() list_enabled_products_for_import(params::Dict{String,<:Any}) diff --git a/src/services/service_catalog.jl b/src/services/service_catalog.jl index 5e285c3080..ff11d74d31 100644 --- a/src/services/service_catalog.jl +++ b/src/services/service_catalog.jl @@ -109,33 +109,33 @@ recipient account before it can be associated. # Arguments - `portfolio_id`: The portfolio identifier. -- `principal_arn`: The ARN of the principal (user, role, or group). The supported value is - a fully defined IAM ARN if the PrincipalType is IAM. If the PrincipalType is IAM_PATTERN, - the supported value is an IAM ARN without an AccountID in the following format: - arn:partition:iam:::resource-type/resource-id The resource-id can be either of the - following: Fully formed, for example arn:aws:iam:::role/resource-name or +- `principal_arn`: The ARN of the principal (user, role, or group). If the PrincipalType is + IAM, the supported value is a fully defined IAM Amazon Resource Name (ARN). If the + PrincipalType is IAM_PATTERN, the supported value is an IAM ARN without an AccountID in the + following format: arn:partition:iam:::resource-type/resource-id The ARN resource-id can + be either: A fully formed resource-id. For example, arn:aws:iam:::role/resource-name or arn:aws:iam:::role/resource-path/resource-name A wildcard ARN. The wildcard ARN accepts - IAM_PATTERN values with a \"*\" or \"?\" in the resource-id segment of the ARN, for example + IAM_PATTERN values with a \"*\" or \"?\" in the resource-id segment of the ARN. For example arn:partition:service:::resource-type/resource-path/resource-name. The new symbols are - exclusive to the resource-path and resource-name and cannot be used to replace the - resource-type or other ARN values. Examples of an acceptable wildcard ARN: - arn:aws:iam:::role/ResourceName_* arn:aws:iam:::role/*/ResourceName_? Examples of an - unacceptable wildcard ARN: arn:aws:iam:::*/ResourceName You can associate multiple - IAM_PATTERNs even if the account has no principal with that name. The ARN path and - principal name allow unlimited wildcard characters. The \"?\" wildcard character matches - zero or one of any character. This is similar to \".?\" in regular regex context. The - \"*\" wildcard character matches any number of any characters. This is similar \".*\" in - regular regex context. In the IAM Principal ARNs format + exclusive to the resource-path and resource-name and cannot replace the resource-type or + other ARN values. The ARN path and principal name allow unlimited wildcard characters. + Examples of an acceptable wildcard ARN: arn:aws:iam:::role/ResourceName_* + arn:aws:iam:::role/*/ResourceName_? Examples of an unacceptable wildcard ARN: + arn:aws:iam:::*/ResourceName You can associate multiple IAM_PATTERNs even if the account + has no principal with that name. The \"?\" wildcard character matches zero or one of any + character. This is similar to \".?\" in regular regex context. The \"*\" wildcard character + matches any number of any characters. This is similar to \".*\" in regular regex context. + In the IAM Principal ARN format (arn:partition:iam:::resource-type/resource-path/resource-name), valid resource-type values - include user/, group/, or role/. The \"?\" and \"*\" are allowed only after the - resource-type, in the resource-id segment. You can use special characters anywhere within - the resource-id. The \"*\" also matches the \"/\" character, allowing paths to be formed - within the resource-id. For example, arn:aws:iam:::role/*/ResourceName_? matches both - arn:aws:iam:::role/pathA/pathB/ResourceName_1 and arn:aws:iam:::role/pathA/ResourceName_1. - + include user/, group/, or role/. The \"?\" and \"*\" characters are allowed only after the + resource-type in the resource-id segment. You can use special characters anywhere within + the resource-id. The \"*\" character also matches the \"/\" character, allowing paths to + be formed within the resource-id. For example, arn:aws:iam:::role/*/ResourceName_? matches + both arn:aws:iam:::role/pathA/pathB/ResourceName_1 and + arn:aws:iam:::role/pathA/ResourceName_1. - `principal_type`: The principal type. The supported value is IAM if you use a fully - defined ARN, or IAM_PATTERN if you use an ARN with no accountID, with or without wildcard - characters. + defined Amazon Resource Name (ARN), or IAM_PATTERN if you use an ARN with no accountID, + with or without wildcard characters. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -1709,6 +1709,8 @@ the specified product. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"AcceptLanguage"`: The language code. jp - Japanese zh - Chinese +- `"IncludeProvisioningArtifactParameters"`: Indicates if the API call response does or + does not include additional details about the provisioning parameters. - `"ProductId"`: The product identifier. - `"ProductName"`: The product name. - `"ProvisioningArtifactId"`: The identifier of the provisioning artifact. diff --git a/src/services/simspaceweaver.jl b/src/services/simspaceweaver.jl index 0b89860404..ec8766f24a 100644 --- a/src/services/simspaceweaver.jl +++ b/src/services/simspaceweaver.jl @@ -24,7 +24,8 @@ the 2-digit seconds # Arguments - `destination`: The Amazon S3 bucket and optional folder (object key prefix) where - SimSpace Weaver creates the snapshot file. + SimSpace Weaver creates the snapshot file. The Amazon S3 bucket must be in the same Amazon + Web Services Region as the simulation. - `simulation`: The name of the simulation. """ @@ -471,7 +472,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"SnapshotS3Location"`: The location of the snapshot .zip file in Amazon Simple Storage Service (Amazon S3). For more information about Amazon S3, see the Amazon Simple Storage Service User Guide . Provide a SnapshotS3Location to start your simulation from a snapshot. - If you provide a SnapshotS3Location then you can't provide a SchemaS3Location. + The Amazon S3 bucket must be in the same Amazon Web Services Region as the simulation. If + you provide a SnapshotS3Location then you can't provide a SchemaS3Location. - `"Tags"`: A list of tags for the simulation. For more information about tags, see Tagging Amazon Web Services resources in the Amazon Web Services General Reference. """ diff --git a/src/services/timestream_write.jl b/src/services/timestream_write.jl index 5256be309a..4841733e01 100644 --- a/src/services/timestream_write.jl +++ b/src/services/timestream_write.jl @@ -11,9 +11,10 @@ using AWS.UUIDs Creates a new Timestream batch load task. A batch load task processes data from a CSV source in an S3 location and writes to a Timestream table. A mapping from source to target is defined in a batch load task. Errors and events are written to a report at an S3 -location. For the report, if the KMS key is not specified, the batch load task will be -encrypted with a Timestream managed KMS key located in your account. For more information, -see Amazon Web Services managed keys. Service quotas apply. For details, see code sample. +location. For the report, if the KMS key is not specified, the report will be encrypted +with an S3 managed key when SSE_S3 is the option. Otherwise an error is thrown. For more +information, see Amazon Web Services managed keys. Service quotas apply. For details, see +code sample. # Arguments - `data_source_configuration`: Defines configuration details about the data source for a @@ -137,6 +138,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys magnetic store writes. - `"RetentionProperties"`: The duration for which your time-series data must be stored in the memory store and the magnetic store. +- `"Schema"`: The schema of the table. - `"Tags"`: A list of key-value pairs to label the table. """ function create_table( @@ -696,6 +698,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys magnetic store writes. - `"RetentionProperties"`: The retention duration of the memory store and the magnetic store. +- `"Schema"`: The schema of the table. """ function update_table( DatabaseName, TableName; aws_config::AbstractAWSConfig=global_aws_config() diff --git a/src/services/verifiedpermissions.jl b/src/services/verifiedpermissions.jl new file mode 100644 index 0000000000..af1304036f --- /dev/null +++ b/src/services/verifiedpermissions.jl @@ -0,0 +1,1245 @@ +# This file is auto-generated by AWSMetadata.jl +using AWS +using AWS.AWSServices: verifiedpermissions +using AWS.Compat +using AWS.UUIDs + +""" + create_identity_source(configuration, policy_store_id) + create_identity_source(configuration, policy_store_id, params::Dict{String,<:Any}) + +Creates a reference to an Amazon Cognito user pool as an external identity provider (IdP). +After you create an identity source, you can use the identities provided by the IdP as +proxies for the principal in authorization queries that use the IsAuthorizedWithToken +operation. These identities take the form of tokens that contain claims about the user, +such as IDs, attributes and group memberships. Amazon Cognito provides both identity tokens +and access tokens, and Verified Permissions can use either or both. Any combination of +identity and access tokens results in the same Cedar principal. Verified Permissions +automatically translates the information about the identities into the standard Cedar +attributes that can be evaluated by your policies. Because the Amazon Cognito identity and +access tokens can contain different information, the tokens you choose to use determine +which principal attributes are available to access when evaluating Cedar policies. If you +delete a Amazon Cognito user pool or user, tokens from that deleted pool or that deleted +user continue to be usable until they expire. To reference a user from this identity +source in your Cedar policies, use the following syntax. +IdentityType::\"<CognitoUserPoolIdentifier>|<CognitoClientId> Where +IdentityType is the string that you provide to the PrincipalEntityType parameter for this +operation. The CognitoUserPoolId and CognitoClientId are defined by the Amazon Cognito user +pool. + +# Arguments +- `configuration`: Specifies the details required to communicate with the identity provider + (IdP) associated with this identity source. At this time, the only valid member of this + structure is a Amazon Cognito user pool configuration. You must specify a UserPoolArn, and + optionally, a ClientId. +- `policy_store_id`: Specifies the ID of the policy store in which you want to store this + identity source. Only policies and requests made using this policy store can reference + identities from the identity provider configured in the new identity source. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: Specifies a unique, case-sensitive ID that you provide to ensure the + idempotency of the request. This lets you safely retry the request without accidentally + performing the same operation a second time. Passing the same value to a later call to an + operation requires that you also pass the same value for all other parameters. We recommend + that you use a UUID type of value.. If you don't provide this value, then Amazon Web + Services generates a random one for you. If you retry the operation with the same + ClientToken, but with different parameters, the retry fails with an + IdempotentParameterMismatch error. +- `"principalEntityType"`: Specifies the namespace and data type of the principals + generated for identities authenticated by the new identity source. +""" +function create_identity_source( + configuration, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "CreateIdentitySource", + Dict{String,Any}( + "configuration" => configuration, + "policyStoreId" => policyStoreId, + "clientToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_identity_source( + configuration, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "CreateIdentitySource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "configuration" => configuration, + "policyStoreId" => policyStoreId, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_policy(definition, policy_store_id) + create_policy(definition, policy_store_id, params::Dict{String,<:Any}) + +Creates a Cedar policy and saves it in the specified policy store. You can create either a +static policy or a policy linked to a policy template. To create a static policy, provide +the Cedar policy text in the StaticPolicy section of the PolicyDefinition. To create a +policy that is dynamically linked to a policy template, specify the policy template ID and +the principal and resource to associate with this policy in the templateLinked section of +the PolicyDefinition. If the policy template is ever updated, any policies linked to the +policy template automatically use the updated template. Creating a policy causes it to +be validated against the schema in the policy store. If the policy doesn't pass validation, +the operation fails and the policy isn't stored. + +# Arguments +- `definition`: A structure that specifies the policy type and content to use for the new + policy. You must include either a static or a templateLinked element. The policy content + must be written in the Cedar policy language. +- `policy_store_id`: Specifies the PolicyStoreId of the policy store you want to store the + policy in. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: Specifies a unique, case-sensitive ID that you provide to ensure the + idempotency of the request. This lets you safely retry the request without accidentally + performing the same operation a second time. Passing the same value to a later call to an + operation requires that you also pass the same value for all other parameters. We recommend + that you use a UUID type of value.. If you don't provide this value, then Amazon Web + Services generates a random one for you. If you retry the operation with the same + ClientToken, but with different parameters, the retry fails with an + IdempotentParameterMismatch error. +""" +function create_policy( + definition, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "CreatePolicy", + Dict{String,Any}( + "definition" => definition, + "policyStoreId" => policyStoreId, + "clientToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_policy( + definition, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "CreatePolicy", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "definition" => definition, + "policyStoreId" => policyStoreId, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_policy_store(validation_settings) + create_policy_store(validation_settings, params::Dict{String,<:Any}) + +Creates a policy store. A policy store is a container for policy resources. + +# Arguments +- `validation_settings`: Specifies the validation setting for this policy store. Currently, + the only valid and required value is Mode. We recommend that you turn on STRICT mode only + after you define a schema. If a schema doesn't exist, then STRICT mode causes any policy to + fail validation, and Verified Permissions rejects the policy. You can turn off validation + by using the UpdatePolicyStore. Then, when you have a schema defined, use UpdatePolicyStore + again to turn validation back on. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: Specifies a unique, case-sensitive ID that you provide to ensure the + idempotency of the request. This lets you safely retry the request without accidentally + performing the same operation a second time. Passing the same value to a later call to an + operation requires that you also pass the same value for all other parameters. We recommend + that you use a UUID type of value.. If you don't provide this value, then Amazon Web + Services generates a random one for you. If you retry the operation with the same + ClientToken, but with different parameters, the retry fails with an + IdempotentParameterMismatch error. +""" +function create_policy_store( + validationSettings; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "CreatePolicyStore", + Dict{String,Any}( + "validationSettings" => validationSettings, "clientToken" => string(uuid4()) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_policy_store( + validationSettings, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "CreatePolicyStore", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "validationSettings" => validationSettings, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_policy_template(policy_store_id, statement) + create_policy_template(policy_store_id, statement, params::Dict{String,<:Any}) + +Creates a policy template. A template can use placeholders for the principal and resource. +A template must be instantiated into a policy by associating it with specific principals +and resources to use for the placeholders. That instantiated policy can then be considered +in authorization decisions. The instantiated policy works identically to any other policy, +except that it is dynamically linked to the template. If the template changes, then any +policies that are linked to that template are immediately updated as well. + +# Arguments +- `policy_store_id`: The ID of the policy store in which to create the policy template. +- `statement`: Specifies the content that you want to use for the new policy template, + written in the Cedar policy language. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: Specifies a unique, case-sensitive ID that you provide to ensure the + idempotency of the request. This lets you safely retry the request without accidentally + performing the same operation a second time. Passing the same value to a later call to an + operation requires that you also pass the same value for all other parameters. We recommend + that you use a UUID type of value.. If you don't provide this value, then Amazon Web + Services generates a random one for you. If you retry the operation with the same + ClientToken, but with different parameters, the retry fails with an + IdempotentParameterMismatch error. +- `"description"`: Specifies a description for the policy template. +""" +function create_policy_template( + policyStoreId, statement; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "CreatePolicyTemplate", + Dict{String,Any}( + "policyStoreId" => policyStoreId, + "statement" => statement, + "clientToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_policy_template( + policyStoreId, + statement, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "CreatePolicyTemplate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "policyStoreId" => policyStoreId, + "statement" => statement, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_identity_source(identity_source_id, policy_store_id) + delete_identity_source(identity_source_id, policy_store_id, params::Dict{String,<:Any}) + +Deletes an identity source that references an identity provider (IdP) such as Amazon +Cognito. After you delete the identity source, you can no longer use tokens for identities +from that identity source to represent principals in authorization queries made using +IsAuthorizedWithToken. operations. + +# Arguments +- `identity_source_id`: Specifies the ID of the identity source that you want to delete. +- `policy_store_id`: Specifies the ID of the policy store that contains the identity source + that you want to delete. + +""" +function delete_identity_source( + identitySourceId, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "DeleteIdentitySource", + Dict{String,Any}( + "identitySourceId" => identitySourceId, "policyStoreId" => policyStoreId + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_identity_source( + identitySourceId, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "DeleteIdentitySource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "identitySourceId" => identitySourceId, "policyStoreId" => policyStoreId + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_policy(policy_id, policy_store_id) + delete_policy(policy_id, policy_store_id, params::Dict{String,<:Any}) + +Deletes the specified policy from the policy store. This operation is idempotent; if you +specify a policy that doesn't exist, the request response returns a successful HTTP 200 +status code. + +# Arguments +- `policy_id`: Specifies the ID of the policy that you want to delete. +- `policy_store_id`: Specifies the ID of the policy store that contains the policy that you + want to delete. + +""" +function delete_policy( + policyId, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "DeletePolicy", + Dict{String,Any}("policyId" => policyId, "policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_policy( + policyId, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "DeletePolicy", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("policyId" => policyId, "policyStoreId" => policyStoreId), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_policy_store(policy_store_id) + delete_policy_store(policy_store_id, params::Dict{String,<:Any}) + +Deletes the specified policy store. This operation is idempotent. If you specify a policy +store that does not exist, the request response will still return a successful HTTP 200 +status code. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that you want to delete. + +""" +function delete_policy_store( + policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "DeletePolicyStore", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_policy_store( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "DeletePolicyStore", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_policy_template(policy_store_id, policy_template_id) + delete_policy_template(policy_store_id, policy_template_id, params::Dict{String,<:Any}) + +Deletes the specified policy template from the policy store. This operation also deletes +any policies that were created from the specified policy template. Those policies are +immediately removed from all future API responses, and are asynchronously deleted from the +policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the policy template + that you want to delete. +- `policy_template_id`: Specifies the ID of the policy template that you want to delete. + +""" +function delete_policy_template( + policyStoreId, policyTemplateId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "DeletePolicyTemplate", + Dict{String,Any}( + "policyStoreId" => policyStoreId, "policyTemplateId" => policyTemplateId + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_policy_template( + policyStoreId, + policyTemplateId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "DeletePolicyTemplate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "policyStoreId" => policyStoreId, "policyTemplateId" => policyTemplateId + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_identity_source(identity_source_id, policy_store_id) + get_identity_source(identity_source_id, policy_store_id, params::Dict{String,<:Any}) + +Retrieves the details about the specified identity source. + +# Arguments +- `identity_source_id`: Specifies the ID of the identity source you want information about. +- `policy_store_id`: Specifies the ID of the policy store that contains the identity source + you want information about. + +""" +function get_identity_source( + identitySourceId, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "GetIdentitySource", + Dict{String,Any}( + "identitySourceId" => identitySourceId, "policyStoreId" => policyStoreId + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_identity_source( + identitySourceId, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "GetIdentitySource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "identitySourceId" => identitySourceId, "policyStoreId" => policyStoreId + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_policy(policy_id, policy_store_id) + get_policy(policy_id, policy_store_id, params::Dict{String,<:Any}) + +Retrieves information about the specified policy. + +# Arguments +- `policy_id`: Specifies the ID of the policy you want information about. +- `policy_store_id`: Specifies the ID of the policy store that contains the policy that you + want information about. + +""" +function get_policy( + policyId, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "GetPolicy", + Dict{String,Any}("policyId" => policyId, "policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_policy( + policyId, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "GetPolicy", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("policyId" => policyId, "policyStoreId" => policyStoreId), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_policy_store(policy_store_id) + get_policy_store(policy_store_id, params::Dict{String,<:Any}) + +Retrieves details about a policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that you want information about. + +""" +function get_policy_store(policyStoreId; aws_config::AbstractAWSConfig=global_aws_config()) + return verifiedpermissions( + "GetPolicyStore", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_policy_store( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "GetPolicyStore", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_policy_template(policy_store_id, policy_template_id) + get_policy_template(policy_store_id, policy_template_id, params::Dict{String,<:Any}) + +Retrieve the details for the specified policy template in the specified policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the policy template + that you want information about. +- `policy_template_id`: Specifies the ID of the policy template that you want information + about. + +""" +function get_policy_template( + policyStoreId, policyTemplateId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "GetPolicyTemplate", + Dict{String,Any}( + "policyStoreId" => policyStoreId, "policyTemplateId" => policyTemplateId + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_policy_template( + policyStoreId, + policyTemplateId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "GetPolicyTemplate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "policyStoreId" => policyStoreId, "policyTemplateId" => policyTemplateId + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_schema(policy_store_id) + get_schema(policy_store_id, params::Dict{String,<:Any}) + +Retrieve the details for the specified schema in the specified policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the schema. + +""" +function get_schema(policyStoreId; aws_config::AbstractAWSConfig=global_aws_config()) + return verifiedpermissions( + "GetSchema", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_schema( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "GetSchema", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + is_authorized(policy_store_id) + is_authorized(policy_store_id, params::Dict{String,<:Any}) + +Makes an authorization decision about a service request described in the parameters. The +information in the parameters can also define additional context that Verified Permissions +can include in the evaluation. The request is evaluated against all matching policies in +the specified policy store. The result of the decision is either Allow or Deny, along with +a list of the policies that resulted in the decision. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store. Policies in this policy store + will be used to make an authorization decision for the input. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"action"`: Specifies the requested action to be authorized. For example, is the + principal authorized to perform this action on the resource? +- `"context"`: Specifies additional context that can be used to make more granular + authorization decisions. +- `"entities"`: Specifies the list of entities and their associated attributes that + Verified Permissions can examine when evaluating the policies. +- `"principal"`: Specifies the principal for which the authorization decision is to be made. +- `"resource"`: Specifies the resource for which the authorization decision is to be made. +""" +function is_authorized(policyStoreId; aws_config::AbstractAWSConfig=global_aws_config()) + return verifiedpermissions( + "IsAuthorized", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function is_authorized( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "IsAuthorized", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + is_authorized_with_token(policy_store_id) + is_authorized_with_token(policy_store_id, params::Dict{String,<:Any}) + +Makes an authorization decision about a service request described in the parameters. The +principal in this request comes from an external identity source. The information in the +parameters can also define additional context that Verified Permissions can include in the +evaluation. The request is evaluated against all matching policies in the specified policy +store. The result of the decision is either Allow or Deny, along with a list of the +policies that resulted in the decision. If you delete a Amazon Cognito user pool or user, +tokens from that deleted pool or that deleted user continue to be usable until they expire. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store. Policies in this policy store + will be used to make an authorization decision for the input. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"accessToken"`: Specifies an access token for the principal to be authorized. This token + is provided to you by the identity provider (IdP) associated with the specified identity + source. You must specify either an AccessToken or an IdentityToken, but not both. +- `"action"`: Specifies the requested action to be authorized. Is the specified principal + authorized to perform this action on the specified resource. +- `"context"`: Specifies additional context that can be used to make more granular + authorization decisions. +- `"entities"`: Specifies the list of entities and their associated attributes that + Verified Permissions can examine when evaluating the policies. +- `"identityToken"`: Specifies an identity token for the principal to be authorized. This + token is provided to you by the identity provider (IdP) associated with the specified + identity source. You must specify either an AccessToken or an IdentityToken, but not both. +- `"resource"`: Specifies the resource for which the authorization decision is made. For + example, is the principal allowed to perform the action on the resource? +""" +function is_authorized_with_token( + policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "IsAuthorizedWithToken", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function is_authorized_with_token( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "IsAuthorizedWithToken", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_identity_sources(policy_store_id) + list_identity_sources(policy_store_id, params::Dict{String,<:Any}) + +Returns a paginated list of all of the identity sources defined in the specified policy +store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the identity + sources that you want to list. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"filters"`: Specifies characteristics of an identity source that you can use to limit + the output to matching identity sources. +- `"maxResults"`: Specifies the total number of results that you want included on each page + of the response. If you do not include this parameter, it defaults to a value that is + specific to the operation. If additional items exist beyond the number you specify, the + NextToken response element is returned with a value (not null). Include the specified value + as the NextToken request parameter in the next call to the operation to get the next part + of the results. Note that the service might return fewer results than the maximum even when + there are more results available. You should check NextToken after every operation to + ensure that you receive all of the results. +- `"nextToken"`: Specifies that you want to receive the next page of results. Valid only if + you received a NextToken response in the previous request. If you did, it indicates that + more output is available. Set this parameter to the value provided by the previous call's + NextToken response to request the next page of results. +""" +function list_identity_sources( + policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "ListIdentitySources", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_identity_sources( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "ListIdentitySources", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_policies(policy_store_id) + list_policies(policy_store_id, params::Dict{String,<:Any}) + +Returns a paginated list of all policies stored in the specified policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store you want to list policies from. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"filter"`: Specifies a filter that limits the response to only policies that match the + specified criteria. For example, you list only the policies that reference a specified + principal. +- `"maxResults"`: Specifies the total number of results that you want included on each page + of the response. If you do not include this parameter, it defaults to a value that is + specific to the operation. If additional items exist beyond the number you specify, the + NextToken response element is returned with a value (not null). Include the specified value + as the NextToken request parameter in the next call to the operation to get the next part + of the results. Note that the service might return fewer results than the maximum even when + there are more results available. You should check NextToken after every operation to + ensure that you receive all of the results. +- `"nextToken"`: Specifies that you want to receive the next page of results. Valid only if + you received a NextToken response in the previous request. If you did, it indicates that + more output is available. Set this parameter to the value provided by the previous call's + NextToken response to request the next page of results. +""" +function list_policies(policyStoreId; aws_config::AbstractAWSConfig=global_aws_config()) + return verifiedpermissions( + "ListPolicies", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_policies( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "ListPolicies", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_policy_stores() + list_policy_stores(params::Dict{String,<:Any}) + +Returns a paginated list of all policy stores in the calling Amazon Web Services account. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: Specifies the total number of results that you want included on each page + of the response. If you do not include this parameter, it defaults to a value that is + specific to the operation. If additional items exist beyond the number you specify, the + NextToken response element is returned with a value (not null). Include the specified value + as the NextToken request parameter in the next call to the operation to get the next part + of the results. Note that the service might return fewer results than the maximum even when + there are more results available. You should check NextToken after every operation to + ensure that you receive all of the results. +- `"nextToken"`: Specifies that you want to receive the next page of results. Valid only if + you received a NextToken response in the previous request. If you did, it indicates that + more output is available. Set this parameter to the value provided by the previous call's + NextToken response to request the next page of results. +""" +function list_policy_stores(; aws_config::AbstractAWSConfig=global_aws_config()) + return verifiedpermissions( + "ListPolicyStores"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_policy_stores( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "ListPolicyStores", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + +""" + list_policy_templates(policy_store_id) + list_policy_templates(policy_store_id, params::Dict{String,<:Any}) + +Returns a paginated list of all policy templates in the specified policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the policy + templates you want to list. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: Specifies the total number of results that you want included on each page + of the response. If you do not include this parameter, it defaults to a value that is + specific to the operation. If additional items exist beyond the number you specify, the + NextToken response element is returned with a value (not null). Include the specified value + as the NextToken request parameter in the next call to the operation to get the next part + of the results. Note that the service might return fewer results than the maximum even when + there are more results available. You should check NextToken after every operation to + ensure that you receive all of the results. +- `"nextToken"`: Specifies that you want to receive the next page of results. Valid only if + you received a NextToken response in the previous request. If you did, it indicates that + more output is available. Set this parameter to the value provided by the previous call's + NextToken response to request the next page of results. +""" +function list_policy_templates( + policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "ListPolicyTemplates", + Dict{String,Any}("policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_policy_templates( + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "ListPolicyTemplates", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("policyStoreId" => policyStoreId), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + put_schema(definition, policy_store_id) + put_schema(definition, policy_store_id, params::Dict{String,<:Any}) + +Creates or updates the policy schema in the specified policy store. The schema is used to +validate any Cedar policies and policy templates submitted to the policy store. Any changes +to the schema validate only policies and templates submitted after the schema change. +Existing policies and templates are not re-evaluated against the changed schema. If you +later update a policy, then it is evaluated against the new schema at that time. + +# Arguments +- `definition`: Specifies the definition of the schema to be stored. The schema definition + must be written in Cedar schema JSON. +- `policy_store_id`: Specifies the ID of the policy store in which to place the schema. + +""" +function put_schema( + definition, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "PutSchema", + Dict{String,Any}("definition" => definition, "policyStoreId" => policyStoreId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function put_schema( + definition, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "PutSchema", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "definition" => definition, "policyStoreId" => policyStoreId + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_identity_source(identity_source_id, policy_store_id, update_configuration) + update_identity_source(identity_source_id, policy_store_id, update_configuration, params::Dict{String,<:Any}) + +Updates the specified identity source to use a new identity provider (IdP) source, or to +change the mapping of identities from the IdP to a different principal entity type. + +# Arguments +- `identity_source_id`: Specifies the ID of the identity source that you want to update. +- `policy_store_id`: Specifies the ID of the policy store that contains the identity source + that you want to update. +- `update_configuration`: Specifies the details required to communicate with the identity + provider (IdP) associated with this identity source. At this time, the only valid member + of this structure is a Amazon Cognito user pool configuration. You must specify a + userPoolArn, and optionally, a ClientId. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"principalEntityType"`: Specifies the data type of principals generated for identities + authenticated by the identity source. +""" +function update_identity_source( + identitySourceId, + policyStoreId, + updateConfiguration; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdateIdentitySource", + Dict{String,Any}( + "identitySourceId" => identitySourceId, + "policyStoreId" => policyStoreId, + "updateConfiguration" => updateConfiguration, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_identity_source( + identitySourceId, + policyStoreId, + updateConfiguration, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdateIdentitySource", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "identitySourceId" => identitySourceId, + "policyStoreId" => policyStoreId, + "updateConfiguration" => updateConfiguration, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_policy(definition, policy_id, policy_store_id) + update_policy(definition, policy_id, policy_store_id, params::Dict{String,<:Any}) + +Modifies a Cedar static policy in the specified policy store. You can change only certain +elements of the UpdatePolicyDefinition parameter. You can directly update only static +policies. To change a template-linked policy, you must update the template instead, using +UpdatePolicyTemplate. If policy validation is enabled in the policy store, then updating a +static policy causes Verified Permissions to validate the policy against the schema in the +policy store. If the updated static policy doesn't pass validation, the operation fails and +the update isn't stored. + +# Arguments +- `definition`: Specifies the updated policy content that you want to replace on the + specified policy. The content must be valid Cedar policy language text. You can change only + the following elements from the policy definition: The action referenced by the policy. + Any conditional clauses, such as when or unless clauses. You can't change the following + elements: Changing from static to templateLinked. Changing the effect of the policy + from permit or forbid. The principal referenced by the policy. The resource referenced + by the policy. +- `policy_id`: Specifies the ID of the policy that you want to update. To find this value, + you can use ListPolicies. +- `policy_store_id`: Specifies the ID of the policy store that contains the policy that you + want to update. + +""" +function update_policy( + definition, policyId, policyStoreId; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "UpdatePolicy", + Dict{String,Any}( + "definition" => definition, + "policyId" => policyId, + "policyStoreId" => policyStoreId, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_policy( + definition, + policyId, + policyStoreId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdatePolicy", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "definition" => definition, + "policyId" => policyId, + "policyStoreId" => policyStoreId, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_policy_store(policy_store_id, validation_settings) + update_policy_store(policy_store_id, validation_settings, params::Dict{String,<:Any}) + +Modifies the validation setting for a policy store. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that you want to update +- `validation_settings`: A structure that defines the validation settings that want to + enable for the policy store. + +""" +function update_policy_store( + policyStoreId, validationSettings; aws_config::AbstractAWSConfig=global_aws_config() +) + return verifiedpermissions( + "UpdatePolicyStore", + Dict{String,Any}( + "policyStoreId" => policyStoreId, "validationSettings" => validationSettings + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_policy_store( + policyStoreId, + validationSettings, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdatePolicyStore", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "policyStoreId" => policyStoreId, + "validationSettings" => validationSettings, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_policy_template(policy_store_id, policy_template_id, statement) + update_policy_template(policy_store_id, policy_template_id, statement, params::Dict{String,<:Any}) + +Updates the specified policy template. You can update only the description and the some +elements of the policyBody. Changes you make to the policy template content are +immediately reflected in authorization decisions that involve all template-linked policies +instantiated from this template. + +# Arguments +- `policy_store_id`: Specifies the ID of the policy store that contains the policy template + that you want to update. +- `policy_template_id`: Specifies the ID of the policy template that you want to update. +- `statement`: Specifies new statement content written in Cedar policy language to replace + the current body of the policy template. You can change only the following elements of the + policy body: The action referenced by the policy template. Any conditional clauses, + such as when or unless clauses. You can't change the following elements: The effect + (permit or forbid) of the policy template. The principal referenced by the policy + template. The resource referenced by the policy template. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"description"`: Specifies a new description to apply to the policy template. +""" +function update_policy_template( + policyStoreId, + policyTemplateId, + statement; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdatePolicyTemplate", + Dict{String,Any}( + "policyStoreId" => policyStoreId, + "policyTemplateId" => policyTemplateId, + "statement" => statement, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_policy_template( + policyStoreId, + policyTemplateId, + statement, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return verifiedpermissions( + "UpdatePolicyTemplate", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "policyStoreId" => policyStoreId, + "policyTemplateId" => policyTemplateId, + "statement" => statement, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end diff --git a/src/services/wellarchitected.jl b/src/services/wellarchitected.jl index d2215ad0a7..df0409f481 100644 --- a/src/services/wellarchitected.jl +++ b/src/services/wellarchitected.jl @@ -48,6 +48,45 @@ function associate_lenses( ) end +""" + associate_profiles(profile_arns, workload_id) + associate_profiles(profile_arns, workload_id, params::Dict{String,<:Any}) + +Associate a profile with a workload. + +# Arguments +- `profile_arns`: The list of profile ARNs to associate with the workload. +- `workload_id`: + +""" +function associate_profiles( + ProfileArns, WorkloadId; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "PATCH", + "/workloads/$(WorkloadId)/associateProfiles", + Dict{String,Any}("ProfileArns" => ProfileArns); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function associate_profiles( + ProfileArns, + WorkloadId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "PATCH", + "/workloads/$(WorkloadId)/associateProfiles", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("ProfileArns" => ProfileArns), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_lens_share(client_request_token, lens_alias, shared_with) create_lens_share(client_request_token, lens_alias, shared_with, params::Dict{String,<:Any}) @@ -222,6 +261,122 @@ function create_milestone( ) end +""" + create_profile(client_request_token, profile_description, profile_name, profile_questions) + create_profile(client_request_token, profile_description, profile_name, profile_questions, params::Dict{String,<:Any}) + +Create a profile. + +# Arguments +- `client_request_token`: +- `profile_description`: The profile description. +- `profile_name`: Name of the profile. +- `profile_questions`: The profile questions. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"Tags"`: The tags assigned to the profile. +""" +function create_profile( + ClientRequestToken, + ProfileDescription, + ProfileName, + ProfileQuestions; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "POST", + "/profiles", + Dict{String,Any}( + "ClientRequestToken" => ClientRequestToken, + "ProfileDescription" => ProfileDescription, + "ProfileName" => ProfileName, + "ProfileQuestions" => ProfileQuestions, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_profile( + ClientRequestToken, + ProfileDescription, + ProfileName, + ProfileQuestions, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "POST", + "/profiles", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "ClientRequestToken" => ClientRequestToken, + "ProfileDescription" => ProfileDescription, + "ProfileName" => ProfileName, + "ProfileQuestions" => ProfileQuestions, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_profile_share(client_request_token, profile_arn, shared_with) + create_profile_share(client_request_token, profile_arn, shared_with, params::Dict{String,<:Any}) + +Create a profile share. + +# Arguments +- `client_request_token`: +- `profile_arn`: The profile ARN. +- `shared_with`: + +""" +function create_profile_share( + ClientRequestToken, + ProfileArn, + SharedWith; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "POST", + "/profiles/$(ProfileArn)/shares", + Dict{String,Any}( + "ClientRequestToken" => ClientRequestToken, "SharedWith" => SharedWith + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_profile_share( + ClientRequestToken, + ProfileArn, + SharedWith, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "POST", + "/profiles/$(ProfileArn)/shares", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "ClientRequestToken" => ClientRequestToken, "SharedWith" => SharedWith + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_workload(client_request_token, description, environment, lenses, workload_name) create_workload(client_request_token, description, environment, lenses, workload_name, params::Dict{String,<:Any}) @@ -254,6 +409,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"NonAwsRegions"`: - `"Notes"`: - `"PillarPriorities"`: +- `"ProfileArns"`: The list of profile ARNs associated with the workload. - `"ReviewOwner"`: - `"Tags"`: The tags to be associated with the workload. """ @@ -485,6 +641,97 @@ function delete_lens_share( ) end +""" + delete_profile(client_request_token, profile_arn) + delete_profile(client_request_token, profile_arn, params::Dict{String,<:Any}) + +Delete a profile. Disclaimer By sharing your profile with other Amazon Web Services +accounts, you acknowledge that Amazon Web Services will make your profile available to +those other accounts. Those other accounts may continue to access and use your shared +profile even if you delete the profile from your own Amazon Web Services account or +terminate your Amazon Web Services account. + +# Arguments +- `client_request_token`: +- `profile_arn`: The profile ARN. + +""" +function delete_profile( + ClientRequestToken, ProfileArn; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "DELETE", + "/profiles/$(ProfileArn)", + Dict{String,Any}("ClientRequestToken" => ClientRequestToken); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_profile( + ClientRequestToken, + ProfileArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "DELETE", + "/profiles/$(ProfileArn)", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("ClientRequestToken" => ClientRequestToken), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_profile_share(client_request_token, profile_arn, share_id) + delete_profile_share(client_request_token, profile_arn, share_id, params::Dict{String,<:Any}) + +Delete a profile share. + +# Arguments +- `client_request_token`: +- `profile_arn`: The profile ARN. +- `share_id`: + +""" +function delete_profile_share( + ClientRequestToken, + ProfileArn, + ShareId; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "DELETE", + "/profiles/$(ProfileArn)/shares/$(ShareId)", + Dict{String,Any}("ClientRequestToken" => ClientRequestToken); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_profile_share( + ClientRequestToken, + ProfileArn, + ShareId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "DELETE", + "/profiles/$(ProfileArn)/shares/$(ShareId)", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("ClientRequestToken" => ClientRequestToken), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_workload(client_request_token, workload_id) delete_workload(client_request_token, workload_id, params::Dict{String,<:Any}) @@ -613,6 +860,45 @@ function disassociate_lenses( ) end +""" + disassociate_profiles(profile_arns, workload_id) + disassociate_profiles(profile_arns, workload_id, params::Dict{String,<:Any}) + +Disassociate a profile from a workload. + +# Arguments +- `profile_arns`: The list of profile ARNs to disassociate from the workload. +- `workload_id`: + +""" +function disassociate_profiles( + ProfileArns, WorkloadId; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "PATCH", + "/workloads/$(WorkloadId)/disassociateProfiles", + Dict{String,Any}("ProfileArns" => ProfileArns); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function disassociate_profiles( + ProfileArns, + WorkloadId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "PATCH", + "/workloads/$(WorkloadId)/disassociateProfiles", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("ProfileArns" => ProfileArns), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ export_lens(lens_alias) export_lens(lens_alias, params::Dict{String,<:Any}) @@ -922,6 +1208,65 @@ function get_milestone( ) end +""" + get_profile(profile_arn) + get_profile(profile_arn, params::Dict{String,<:Any}) + +Get profile information. + +# Arguments +- `profile_arn`: The profile ARN. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ProfileVersion"`: The profile version. +""" +function get_profile(ProfileArn; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "GET", + "/profiles/$(ProfileArn)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_profile( + ProfileArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "GET", + "/profiles/$(ProfileArn)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + get_profile_template() + get_profile_template(params::Dict{String,<:Any}) + +Get profile template. + +""" +function get_profile_template(; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "GET", "/profileTemplate"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function get_profile_template( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "GET", + "/profileTemplate", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_workload(workload_id) get_workload(workload_id, params::Dict{String,<:Any}) @@ -1032,6 +1377,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"MilestoneNumber"`: - `"NextToken"`: - `"PillarId"`: +- `"QuestionPriority"`: The priority of the question. """ function list_answers( LensAlias, WorkloadId; aws_config::AbstractAWSConfig=global_aws_config() @@ -1210,6 +1556,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"MilestoneNumber"`: - `"NextToken"`: - `"PillarId"`: +- `"QuestionPriority"`: The priority of the question. """ function list_lens_review_improvements( LensAlias, WorkloadId; aws_config::AbstractAWSConfig=global_aws_config() @@ -1404,6 +1751,107 @@ function list_notifications( ) end +""" + list_profile_notifications() + list_profile_notifications(params::Dict{String,<:Any}) + +List profile notifications. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: +- `"NextToken"`: +- `"WorkloadId"`: +""" +function list_profile_notifications(; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "GET", + "/profileNotifications/"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_profile_notifications( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "GET", + "/profileNotifications/", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_profile_shares(profile_arn) + list_profile_shares(profile_arn, params::Dict{String,<:Any}) + +List profile shares. + +# Arguments +- `profile_arn`: The profile ARN. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of results to return for this request. +- `"NextToken"`: +- `"SharedWithPrefix"`: The Amazon Web Services account ID, IAM role, organization ID, or + organizational unit (OU) ID with which the profile is shared. +- `"Status"`: +""" +function list_profile_shares(ProfileArn; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "GET", + "/profiles/$(ProfileArn)/shares"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_profile_shares( + ProfileArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "GET", + "/profiles/$(ProfileArn)/shares", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_profiles() + list_profiles(params::Dict{String,<:Any}) + +List profiles. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: +- `"NextToken"`: +- `"ProfileNamePrefix"`: Prefix for profile name. +- `"ProfileOwnerType"`: Profile owner type. +""" +function list_profiles(; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "GET", "/profileSummaries"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_profiles( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "GET", + "/profileSummaries", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ list_share_invitations() list_share_invitations(params::Dict{String,<:Any}) @@ -1416,6 +1864,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys in the results. - `"MaxResults"`: The maximum number of results to return for this request. - `"NextToken"`: +- `"ProfileNamePrefix"`: Profile name prefix. - `"ShareResourceType"`: The type of share invitations to be returned. - `"WorkloadNamePrefix"`: """ @@ -1440,8 +1889,8 @@ end list_tags_for_resource(workload_arn) list_tags_for_resource(workload_arn, params::Dict{String,<:Any}) -List the tags for a resource. The WorkloadArn parameter can be either a workload ARN or a -custom lens ARN. +List the tags for a resource. The WorkloadArn parameter can be a workload ARN, a custom +lens ARN, or a profile ARN. # Arguments - `workload_arn`: @@ -1546,8 +1995,8 @@ end tag_resource(tags, workload_arn) tag_resource(tags, workload_arn, params::Dict{String,<:Any}) -Adds one or more tags to the specified resource. The WorkloadArn parameter can be either a -workload ARN or a custom lens ARN. +Adds one or more tags to the specified resource. The WorkloadArn parameter can be a +workload ARN, a custom lens ARN, or a profile ARN. # Arguments - `tags`: The tags for the resource. @@ -1582,9 +2031,9 @@ end untag_resource(workload_arn, tag_keys) untag_resource(workload_arn, tag_keys, params::Dict{String,<:Any}) -Deletes specified tags from a resource. The WorkloadArn parameter can be either a workload -ARN or a custom lens ARN. To specify multiple tags, use separate tagKeys parameters, for -example: DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2 +Deletes specified tags from a resource. The WorkloadArn parameter can be a workload ARN, a +custom lens ARN, or a profile ARN. To specify multiple tags, use separate tagKeys +parameters, for example: DELETE /tags/WorkloadArn?tagKeys=key1&tagKeys=key2 # Arguments - `workload_arn`: @@ -1733,6 +2182,42 @@ function update_lens_review( ) end +""" + update_profile(profile_arn) + update_profile(profile_arn, params::Dict{String,<:Any}) + +Update a profile. + +# Arguments +- `profile_arn`: The profile ARN. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ProfileDescription"`: The profile description. +- `"ProfileQuestions"`: Profile questions. +""" +function update_profile(ProfileArn; aws_config::AbstractAWSConfig=global_aws_config()) + return wellarchitected( + "PATCH", + "/profiles/$(ProfileArn)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_profile( + ProfileArn, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "PATCH", + "/profiles/$(ProfileArn)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ update_share_invitation(share_invitation_action, share_invitation_id) update_share_invitation(share_invitation_action, share_invitation_id, params::Dict{String,<:Any}) @@ -1918,3 +2403,48 @@ function upgrade_lens_review( feature_set=SERVICE_FEATURE_SET, ) end + +""" + upgrade_profile_version(profile_arn, workload_id) + upgrade_profile_version(profile_arn, workload_id, params::Dict{String,<:Any}) + +Upgrade a profile. + +# Arguments +- `profile_arn`: The profile ARN. +- `workload_id`: + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ClientRequestToken"`: +- `"MilestoneName"`: +""" +function upgrade_profile_version( + ProfileArn, WorkloadId; aws_config::AbstractAWSConfig=global_aws_config() +) + return wellarchitected( + "PUT", + "/workloads/$(WorkloadId)/profiles/$(ProfileArn)/upgrade", + Dict{String,Any}("ClientRequestToken" => string(uuid4())); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function upgrade_profile_version( + ProfileArn, + WorkloadId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return wellarchitected( + "PUT", + "/workloads/$(WorkloadId)/profiles/$(ProfileArn)/upgrade", + Dict{String,Any}( + mergewith( + _merge, Dict{String,Any}("ClientRequestToken" => string(uuid4())), params + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end