From ad1d57951275225580f8e5e7d4d955099c8c406a Mon Sep 17 00:00:00 2001 From: mattBrzezinski Date: Wed, 13 Oct 2021 06:13:08 +0000 Subject: [PATCH] AWS API Definitions Updated --- src/AWSExceptions.jl | 2 +- src/AWSServices.jl | 1 + src/services/backup.jl | 111 +++++ src/services/chime.jl | 47 +- src/services/ec2.jl | 232 +++++----- src/services/ecs.jl | 9 +- src/services/elastic_load_balancing_v2.jl | 3 + src/services/firehose.jl | 2 + src/services/frauddetector.jl | 458 ++++++++++++++++++- src/services/fsx.jl | 9 + src/services/grafana.jl | 532 ++++++++++++++++++++++ src/services/kendra.jl | 80 ++-- src/services/lex_models_v2.jl | 4 +- src/services/lex_runtime_v2.jl | 21 +- src/services/mediaconvert.jl | 85 ++++ src/services/medialive.jl | 30 +- src/services/mediatailor.jl | 187 ++++++++ src/services/sagemaker.jl | 13 +- src/services/secrets_manager.jl | 459 ++++++------------- src/services/securityhub.jl | 18 +- src/utilities/request.jl | 14 +- test/AWS.jl | 8 +- test/AWSCredentials.jl | 8 +- 23 files changed, 1772 insertions(+), 561 deletions(-) create mode 100644 src/services/grafana.jl diff --git a/src/AWSExceptions.jl b/src/AWSExceptions.jl index a3c657a536..cdea521335 100644 --- a/src/AWSExceptions.jl +++ b/src/AWSExceptions.jl @@ -89,7 +89,7 @@ function AWSException(e::HTTP.StatusError, body::AbstractString) elseif parse(Int, HTTP.header(e.response, "Content-Length", "0")) > 0 # Should only occur streaming a response and error handling is improperly configured @error "Internal Error: provided body is empty while the reported content-length " * - "is non-zero" + "is non-zero" end # There are times when Errors or Error are returned back diff --git a/src/AWSServices.jl b/src/AWSServices.jl index d6e65e8b0d..f71bede2f6 100644 --- a/src/AWSServices.jl +++ b/src/AWSServices.jl @@ -276,6 +276,7 @@ const global_accelerator = AWS.JSONService( "GlobalAccelerator_V20180706", ) const glue = AWS.JSONService("glue", "glue", "2017-03-31", "1.1", "AWSGlue") +const grafana = AWS.RestJSONService("grafana", "grafana", "2020-08-18") const greengrass = AWS.RestJSONService("greengrass", "greengrass", "2017-06-07") const greengrassv2 = AWS.RestJSONService("greengrass", "greengrass", "2020-11-30") const groundstation = AWS.RestJSONService("groundstation", "groundstation", "2019-05-23") diff --git a/src/services/backup.jl b/src/services/backup.jl index d62bc8bc4d..cae7591d6c 100644 --- a/src/services/backup.jl +++ b/src/services/backup.jl @@ -446,6 +446,43 @@ function delete_backup_vault_access_policy( ) end +""" + delete_backup_vault_lock_configuration(backup_vault_name) + delete_backup_vault_lock_configuration(backup_vault_name, params::Dict{String,<:Any}) + +Deletes Backup Vault Lock from a backup vault specified by a backup vault name. If the +Vault Lock configuration is immutable, then you cannot delete Vault Lock using API +operations, and you will receive an InvalidRequestException if you attempt to do so. For +more information, see Vault Lock in the Backup Developer Guide. + +# Arguments +- `backup_vault_name`: The name of the backup vault from which to delete Backup Vault Lock. + +""" +function delete_backup_vault_lock_configuration( + backupVaultName; aws_config::AbstractAWSConfig=global_aws_config() +) + return backup( + "DELETE", + "/backup-vaults/$(backupVaultName)/vault-lock"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_backup_vault_lock_configuration( + backupVaultName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return backup( + "DELETE", + "/backup-vaults/$(backupVaultName)/vault-lock", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_backup_vault_notifications(backup_vault_name) delete_backup_vault_notifications(backup_vault_name, params::Dict{String,<:Any}) @@ -1934,6 +1971,80 @@ function put_backup_vault_access_policy( ) end +""" + put_backup_vault_lock_configuration(backup_vault_name) + put_backup_vault_lock_configuration(backup_vault_name, params::Dict{String,<:Any}) + +Applies Backup Vault Lock to a backup vault, preventing attempts to delete any recovery +point stored in or created in a backup vault. Vault Lock also prevents attempts to update +the lifecycle policy that controls the retention period of any recovery point currently +stored in a backup vault. If specified, Vault Lock enforces a minimum and maximum retention +period for future backup and copy jobs that target a backup vault. + +# Arguments +- `backup_vault_name`: The Backup Vault Lock configuration that specifies the name of the + backup vault it protects. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ChangeableForDays"`: The Backup Vault Lock configuration that specifies the number of + days before the lock date. For example, setting ChangeableForDays to 30 on Jan. 1, 2022 at + 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC. Backup enforces a 72-hour + cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you + must set ChangeableForDays to 3 or greater. Before the lock date, you can delete Vault Lock + from the vault using DeleteBackupVaultLockConfiguration or change the Vault Lock + configuration using PutBackupVaultLockConfiguration. On and after the lock date, the Vault + Lock becomes immutable and cannot be changed or deleted. If this parameter is not + specified, you can delete Vault Lock from the vault using + DeleteBackupVaultLockConfiguration or change the Vault Lock configuration using + PutBackupVaultLockConfiguration at any time. +- `"MaxRetentionDays"`: The Backup Vault Lock configuration that specifies the maximum + retention period that the vault retains its recovery points. This setting can be useful if, + for example, your organization's policies require you to destroy certain data after + retaining it for four years (1460 days). If this parameter is not included, Vault Lock does + not enforce a maximum retention period on the recovery points in the vault. If this + parameter is included without a value, Vault Lock will not enforce a maximum retention + period. If this parameter is specified, any backup or copy job to the vault must have a + lifecycle policy with a retention period equal to or shorter than the maximum retention + period. If the job's retention period is longer than that maximum retention period, then + the vault fails the backup or copy job, and you should either modify your lifecycle + settings or use a different vault. Recovery points already saved in the vault prior to + Vault Lock are not affected. +- `"MinRetentionDays"`: The Backup Vault Lock configuration that specifies the minimum + retention period that the vault retains its recovery points. This setting can be useful if, + for example, your organization's policies require you to retain certain data for at least + seven years (2555 days). If this parameter is not specified, Vault Lock will not enforce a + minimum retention period. If this parameter is specified, any backup or copy job to the + vault must have a lifecycle policy with a retention period equal to or longer than the + minimum retention period. If the job's retention period is shorter than that minimum + retention period, then the vault fails that backup or copy job, and you should either + modify your lifecycle settings or use a different vault. Recovery points already saved in + the vault prior to Vault Lock are not affected. +""" +function put_backup_vault_lock_configuration( + backupVaultName; aws_config::AbstractAWSConfig=global_aws_config() +) + return backup( + "PUT", + "/backup-vaults/$(backupVaultName)/vault-lock"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function put_backup_vault_lock_configuration( + backupVaultName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return backup( + "PUT", + "/backup-vaults/$(backupVaultName)/vault-lock", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ put_backup_vault_notifications(backup_vault_events, snstopic_arn, backup_vault_name) put_backup_vault_notifications(backup_vault_events, snstopic_arn, backup_vault_name, params::Dict{String,<:Any}) diff --git a/src/services/chime.jl b/src/services/chime.jl index dc3ad03321..3e4bec59ba 100644 --- a/src/services/chime.jl +++ b/src/services/chime.jl @@ -1060,6 +1060,8 @@ Creates a media capture pipeline. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"ChimeSdkMeetingConfiguration"`: The configuration for a specified media capture + pipeline. SourceType must be ChimeSdkMeeting. - `"ClientRequestToken"`: The token assigned to the client making the pipeline request. """ function create_media_capture_pipeline( @@ -7116,50 +7118,25 @@ function update_channel_read_marker( end """ - update_global_settings(business_calling, voice_connector) - update_global_settings(business_calling, voice_connector, params::Dict{String,<:Any}) + update_global_settings() + update_global_settings(params::Dict{String,<:Any}) Updates global settings for the administrator's AWS account, such as Amazon Chime Business Calling and Amazon Chime Voice Connector settings. -# Arguments -- `business_calling`: The Amazon Chime Business Calling settings. -- `voice_connector`: The Amazon Chime Voice Connector settings. - +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"BusinessCalling"`: The Amazon Chime Business Calling settings. +- `"VoiceConnector"`: The Amazon Chime Voice Connector settings. """ -function update_global_settings( - BusinessCalling, VoiceConnector; aws_config::AbstractAWSConfig=global_aws_config() -) - return chime( - "PUT", - "/settings", - Dict{String,Any}( - "BusinessCalling" => BusinessCalling, "VoiceConnector" => VoiceConnector - ); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, - ) +function update_global_settings(; aws_config::AbstractAWSConfig=global_aws_config()) + return chime("PUT", "/settings"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET) end function update_global_settings( - BusinessCalling, - VoiceConnector, - params::AbstractDict{String}; - aws_config::AbstractAWSConfig=global_aws_config(), + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() ) return chime( - "PUT", - "/settings", - Dict{String,Any}( - mergewith( - _merge, - Dict{String,Any}( - "BusinessCalling" => BusinessCalling, "VoiceConnector" => VoiceConnector - ), - params, - ), - ); - aws_config=aws_config, - feature_set=SERVICE_FEATURE_SET, + "PUT", "/settings", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET ) end diff --git a/src/services/ec2.jl b/src/services/ec2.jl index 9ac3c4d22c..cfd17e0da7 100644 --- a/src/services/ec2.jl +++ b/src/services/ec2.jl @@ -342,11 +342,11 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys or instances in EC2-Classic. Default: If the Region supports EC2-Classic, the default is standard. Otherwise, the default is vpc. - `"NetworkBorderGroup"`: A unique set of Availability Zones, Local Zones, or Wavelength - Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to - this location. IP addresses cannot move between network border groups. Use - DescribeAvailabilityZones to view the network border groups. You cannot use a network - border group with EC2 Classic. If you attempt this operation on EC2 classic, you will - receive an InvalidParameterCombination error. For more information, see Error Codes. + Zones from which Amazon Web Services advertises IP addresses. Use this parameter to limit + the IP address to this location. IP addresses cannot move between network border groups. + Use DescribeAvailabilityZones to view the network border groups. You cannot use a network + border group with EC2 Classic. If you attempt this operation on EC2 Classic, you receive an + InvalidParameterCombination error. - `"PublicIpv4Pool"`: The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool. To specify a specific address from the address pool, use the Address parameter instead. @@ -2239,7 +2239,7 @@ Copies the specified Amazon FPGA Image (AFI) to the current Region. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see Ensuring Idempotency. + idempotency of the request. For more information, see Ensuring idempotency. - `"Description"`: The description for the new AFI. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required @@ -3287,8 +3287,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys should appear. For a list of available fields, see Flow log records. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must specify at least one field. Specify the fields using the {field-id} format, - separated by spaces. For the CLI, use single quotation marks (' ') to surround the - parameter value. + separated by spaces. For the CLI, surround this parameter value with single quotes on Linux + or double quotes on Windows. - `"LogGroupName"`: The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn or LogGroupName. @@ -3345,8 +3345,8 @@ end Creates an Amazon FPGA Image (AFI) from the specified design checkpoint (DCP). The create operation is asynchronous. To verify that the AFI is ready for use, check the output logs. An AFI contains the FPGA bitstream that is ready to download to an FPGA. You can securely -deploy an AFI on multiple FPGA-accelerated instances. For more information, see the AWS -FPGA Hardware Development Kit. +deploy an AFI on multiple FPGA-accelerated instances. For more information, see the Amazon +Web Services FPGA Hardware Development Kit. # Arguments - `input_storage_location`: The location of the encrypted design checkpoint in Amazon S3. @@ -3653,7 +3653,7 @@ end Creates a launch template. A launch template contains the parameters to launch an instance. When you launch an instance using RunInstances, you can specify a launch template instead of providing the launch parameters in the request. For more information, see Launching an -instance from a launch templatein the Amazon Elastic Compute Cloud User Guide. +instance from a launch template in the Amazon Elastic Compute Cloud User Guide. # Arguments - `launch_template_data`: The information for the launch template. @@ -5179,7 +5179,7 @@ ModifyTrafficMirrorFilterNetworkServices to mirror supported network services. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"Description"`: The description of the Traffic Mirror filter. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required @@ -5211,23 +5211,23 @@ end create_traffic_mirror_filter_rule(destination_cidr_block, rule_action, rule_number, source_cidr_block, traffic_direction, traffic_mirror_filter_id) create_traffic_mirror_filter_rule(destination_cidr_block, rule_action, rule_number, source_cidr_block, traffic_direction, traffic_mirror_filter_id, params::Dict{String,<:Any}) -Creates a Traffic Mirror filter rule. A Traffic Mirror rule defines the Traffic Mirror +Creates a Traffic Mirror filter rule. A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror. You need the Traffic Mirror filter ID when you create the rule. # Arguments - `destination_cidr_block`: The destination CIDR block to assign to the Traffic Mirror rule. -- `rule_action`: The action to take (accept | reject) on the filtered traffic. +- `rule_action`: The action to take on the filtered traffic. - `rule_number`: The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number. - `source_cidr_block`: The source CIDR block to assign to the Traffic Mirror rule. -- `traffic_direction`: The type of traffic (ingress | egress). +- `traffic_direction`: The type of traffic. - `traffic_mirror_filter_id`: The ID of the filter that this rule is associated with. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"Description"`: The description of the Traffic Mirror rule. - `"DestinationPortRange"`: The destination port range. - `"DryRun"`: Checks whether you have the required permissions for the action, without @@ -5317,7 +5317,7 @@ specify the traffic to mirror. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"Description"`: The description of the Traffic Mirror session. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required @@ -5395,7 +5395,7 @@ CreateTrafficMirrorSession. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"Description"`: The description of the Traffic Mirror target. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required @@ -6118,18 +6118,19 @@ end create_vpc_endpoint(service_name, vpc_id, params::Dict{String,<:Any}) Creates a VPC endpoint for a specified service. An endpoint enables you to create a private -connection between your VPC and the service. The service may be provided by AWS, an AWS -Marketplace Partner, or another AWS account. For more information, see VPC Endpoints in the -Amazon Virtual Private Cloud User Guide. A gateway endpoint serves as a target for a route -in your route table for traffic destined for the AWS service. You can specify an endpoint -policy to attach to the endpoint, which will control access to the service from your VPC. -You can also specify the VPC route tables that use the endpoint. An interface endpoint is a -network interface in your subnet that serves as an endpoint for communicating with the -specified service. You can specify the subnets in which to create an endpoint, and the -security groups to associate with the endpoint network interface. A GatewayLoadBalancer -endpoint is a network interface in your subnet that serves an endpoint for communicating -with a Gateway Load Balancer that you've configured as a VPC endpoint service. Use -DescribeVpcEndpointServices to get a list of supported services. +connection between your VPC and the service. The service may be provided by Amazon Web +Services, an Amazon Web Services Marketplace Partner, or another Amazon Web Services +account. For more information, see VPC Endpoints in the Amazon Virtual Private Cloud User +Guide. A gateway endpoint serves as a target for a route in your route table for traffic +destined for the Amazon Web Service. You can specify an endpoint policy to attach to the +endpoint, which will control access to the service from your VPC. You can also specify the +VPC route tables that use the endpoint. An interface endpoint is a network interface in +your subnet that serves as an endpoint for communicating with the specified service. You +can specify the subnets in which to create an endpoint, and the security groups to +associate with the endpoint network interface. A GatewayLoadBalancer endpoint is a network +interface in your subnet that serves an endpoint for communicating with a Gateway Load +Balancer that you've configured as a VPC endpoint service. Use DescribeVpcEndpointServices +to get a list of supported services. # Arguments - `service_name`: The service name. To get a list of available services, use the @@ -6139,7 +6140,7 @@ DescribeVpcEndpointServices to get a list of supported services. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. @@ -6213,7 +6214,7 @@ interface endpoints only. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"ConnectionEvents"`: One or more endpoint events for which to receive notifications. Valid values are Accept, Connect, Delete, and Reject. - `"DryRun"`: Checks whether you have the required permissions for the action, without @@ -6260,15 +6261,15 @@ end create_vpc_endpoint_service_configuration() create_vpc_endpoint_service_configuration(params::Dict{String,<:Any}) -Creates a VPC endpoint service configuration to which service consumers (AWS accounts, IAM -users, and IAM roles) can connect. To create an endpoint service configuration, you must -first create one of the following for your service: A Network Load Balancer. Service -consumers connect to your service using an interface endpoint. A Gateway Load Balancer. -Service consumers connect to your service using a Gateway Load Balancer endpoint. For -more information, see VPC Endpoint Services in the Amazon Virtual Private Cloud User Guide. - If you set the private DNS name, you must prove that you own the private DNS domain name. -For more information, see VPC Endpoint Service Private DNS Name Verification in the Amazon -Virtual Private Cloud User Guide. +Creates a VPC endpoint service configuration to which service consumers (Amazon Web +Services accounts, IAM users, and IAM roles) can connect. To create an endpoint service +configuration, you must first create one of the following for your service: A Network +Load Balancer. Service consumers connect to your service using an interface endpoint. A +Gateway Load Balancer. Service consumers connect to your service using a Gateway Load +Balancer endpoint. For more information, see VPC Endpoint Services in the Amazon Virtual +Private Cloud User Guide. If you set the private DNS name, you must prove that you own the +private DNS domain name. For more information, see VPC Endpoint Service Private DNS Name +Verification in the Amazon Virtual Private Cloud User Guide. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -6276,7 +6277,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys endpoint to your service must be accepted. To accept a request, use AcceptVpcEndpointConnections. - `"ClientToken"`: Unique, case-sensitive identifier that you provide to ensure the - idempotency of the request. For more information, see How to Ensure Idempotency. + idempotency of the request. For more information, see How to ensure idempotency. - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. @@ -9350,8 +9351,8 @@ end Describes the Availability Zones, Local Zones, and Wavelength Zones that are available to you. If there is an event impacting a zone, you can use this request to view the state and any provided messages for that zone. For more information about Availability Zones, Local -Zones, and Wavelength Zones, see Regions, Zones and Outposts in the Amazon Elastic Compute -Cloud User Guide. +Zones, and Wavelength Zones, see Regions and zones in the Amazon Elastic Compute Cloud User +Guide. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -10262,8 +10263,8 @@ end Describes the events for the specified EC2 Fleet during the specified time. EC2 Fleet events are delayed by up to 30 seconds before they can be described. This ensures that you can query by the last evaluated time and not miss a recorded event. EC2 Fleet events are -available for 48 hours. For more information, see Monitoring your EC2 Fleet in the Amazon -EC2 User Guide. +available for 48 hours. For more information, see Monitor fleet events using Amazon +EventBridge in the Amazon EC2 User Guide. # Arguments - `fleet_id`: The ID of the EC2 Fleet. @@ -10481,8 +10482,8 @@ end describe_fpga_images(params::Dict{String,<:Any}) Describes the Amazon FPGA Images (AFIs) available to you. These include public AFIs, -private AFIs that you own, and AFIs owned by other AWS accounts for which you have load -permissions. +private AFIs that you own, and AFIs owned by other Amazon Web Services accounts for which +you have load permissions. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -10491,21 +10492,22 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. - `"Filter"`: The filters. create-time - The creation time of the AFI. fpga-image-id - The FPGA image identifier (AFI ID). fpga-image-global-id - The global FPGA image - identifier (AGFI ID). name - The name of the AFI. owner-id - The AWS account ID of - the AFI owner. product-code - The product code. shell-version - The version of the - AWS Shell that was used to create the bitstream. state - The state of the AFI (pending | - failed | available | unavailable). tag:<key> - The key/value combination of a tag - assigned to the resource. Use the tag key in the filter name and the tag value as the - filter value. For example, to find all resources that have a tag with the key Owner and the - value TeamA, specify tag:Owner for the filter name and TeamA for the filter value. - tag-key - The key of a tag assigned to the resource. Use this filter to find all resources - assigned a tag with a specific key, regardless of the tag value. update-time - The time - of the most recent update. + identifier (AGFI ID). name - The name of the AFI. owner-id - The Amazon Web Services + account ID of the AFI owner. product-code - The product code. shell-version - The + version of the Amazon Web Services Shell that was used to create the bitstream. state - + The state of the AFI (pending | failed | available | unavailable). tag:<key> - The + key/value combination of a tag assigned to the resource. Use the tag key in the filter name + and the tag value as the filter value. For example, to find all resources that have a tag + with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for + the filter value. tag-key - The key of a tag assigned to the resource. Use this filter + to find all resources assigned a tag with a specific key, regardless of the tag value. + update-time - The time of the most recent update. - `"FpgaImageId"`: The AFI IDs. - `"MaxResults"`: The maximum number of results to return in a single call. - `"NextToken"`: The token to retrieve the next page of results. -- `"Owner"`: Filters the AFI by owner. Specify an AWS account ID, self (owner is the sender - of the request), or an AWS owner alias (valid values are amazon | aws-marketplace). +- `"Owner"`: Filters the AFI by owner. Specify an Amazon Web Services account ID, self + (owner is the sender of the request), or an Amazon Web Services owner alias (valid values + are amazon | aws-marketplace). """ function describe_fpga_images(; aws_config::AbstractAWSConfig=global_aws_config()) return ec2("DescribeFpgaImages"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET) @@ -10699,10 +10701,10 @@ network-interface-attachment | prefix-list | reservation | route-table | route-table-association | security-group | snapshot | subnet | subnet-cidr-block-association | volume | vpc | vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway. These settings apply to the IAM -user who makes the request; they do not apply to the entire AWS account. By default, an IAM -user defaults to the same settings as the root user, unless they explicitly override the -settings by running the ModifyIdFormat command. Resources created with longer IDs are -visible to all IAM users, regardless of these settings and provided that they have +user who makes the request; they do not apply to the entire Amazon Web Services account. By +default, an IAM user defaults to the same settings as the root user, unless they explicitly +override the settings by running the ModifyIdFormat command. Resources created with longer +IDs are visible to all IAM users, regardless of these settings and provided that they have permission to use the relevant Describe command for the resource type. # Optional Parameters @@ -11318,14 +11320,16 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys instance-storage-info.disk.count - The number of local disks. instance-storage-info.disk.size-in-gb - The storage size of each instance storage disk, in GB. instance-storage-info.disk.type - The storage technology for the local instance - storage disks (hdd | ssd). instance-storage-info.nvme-support - Indicates whether - non-volatile memory express (NVMe) is supported for instance store (required | supported) | - unsupported). instance-storage-info.total-size-in-gb - The total amount of storage - available from all local instance storage, in GB. instance-storage-supported - Indicates - whether the instance type has local instance storage (true | false). instance-type - The - instance type (for example c5.2xlarge or c5*). memory-info.size-in-mib - The memory - size. network-info.efa-info.maximum-efa-interfaces - The maximum number of Elastic - Fabric Adapters (EFAs) per instance. network-info.efa-supported - Indicates whether the + storage disks (hdd | ssd). instance-storage-info.encryption-supported - Indicates + whether data is encrypted at rest (required | unsupported). + instance-storage-info.nvme-support - Indicates whether non-volatile memory express (NVMe) + is supported for instance store (required | supported | unsupported). + instance-storage-info.total-size-in-gb - The total amount of storage available from all + local instance storage, in GB. instance-storage-supported - Indicates whether the + instance type has local instance storage (true | false). instance-type - The instance + type (for example c5.2xlarge or c5*). memory-info.size-in-mib - The memory size. + network-info.efa-info.maximum-efa-interfaces - The maximum number of Elastic Fabric + Adapters (EFAs) per instance. network-info.efa-supported - Indicates whether the instance type supports Elastic Fabric Adapter (EFA) (true | false). network-info.ena-support - Indicates whether Elastic Network Adapter (ENA) is supported or required (required | supported | unsupported). @@ -12555,9 +12559,9 @@ end describe_regions(params::Dict{String,<:Any}) Describes the Regions that are enabled for your account, or all Regions. For a list of the -Regions supported by Amazon EC2, see Regions and Endpoints. For information about enabling -and disabling Regions for your account, see Managing AWS Regions in the AWS General -Reference. +Regions supported by Amazon EC2, see Amazon Elastic Compute Cloud endpoints and quotas. +For information about enabling and disabling Regions for your account, see Managing Amazon +Web Services Regions in the Amazon Web Services General Reference. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -13409,7 +13413,8 @@ end Describes the events for the specified Spot Fleet request during the specified time. Spot Fleet events are delayed by up to 30 seconds before they can be described. This ensures that you can query by the last evaluated time and not miss a recorded event. Spot Fleet -events are available for 48 hours. +events are available for 48 hours. For more information, see Monitor fleet events using +Amazon EventBridge in the Amazon EC2 User Guide for Linux Instances. # Arguments - `spot_fleet_request_id`: The ID of the Spot Fleet request. @@ -14745,8 +14750,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. - `"Filter"`: One or more filters. service-id - The ID of the service. - vpc-endpoint-owner - The AWS account number of the owner of the endpoint. - vpc-endpoint-state - The state of the endpoint (pendingAcceptance | pending | available | + vpc-endpoint-owner - The ID of the Amazon Web Services account ID that owns the endpoint. + vpc-endpoint-state - The state of the endpoint (pendingAcceptance | pending | available | deleting | deleted | rejected | failed). vpc-endpoint-id - The ID of the endpoint. - `"MaxResults"`: The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with @@ -17936,8 +17941,8 @@ end get_vpn_connection_device_sample_configuration(vpn_connection_device_type_id, vpn_connection_id) get_vpn_connection_device_sample_configuration(vpn_connection_device_type_id, vpn_connection_id, params::Dict{String,<:Any}) -Download an AWS-provided sample configuration file to be used with the customer gateway -device specified for your Site-to-Site VPN connection. +Download an Amazon Web Services-provided sample configuration file to be used with the +customer gateway device specified for your Site-to-Site VPN connection. # Arguments - `vpn_connection_device_type_id`: Device identifier provided by the @@ -18151,8 +18156,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"Platform"`: The operating system of the virtual machine. Valid values: Windows | Linux - `"RoleName"`: The name of the role to use when not using the default role, 'vmimport'. - `"TagSpecification"`: The tags to apply to the import image task during creation. -- `"UsageOperation"`: The usage operation value. For more information, see AMI billing - information fields in the Amazon Elastic Compute Cloud User Guide. +- `"UsageOperation"`: The usage operation value. For more information, see Licensing + options in the VM Import/Export User Guide. """ function import_image(; aws_config::AbstractAWSConfig=global_aws_config()) return ec2("ImportImage"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET) @@ -18433,8 +18438,8 @@ Changes the opt-in status of the Local Zone and Wavelength Zone group for your a - `group_name`: The name of the Availability Zone group, Local Zone group, or Wavelength Zone group. - `opt_in_status`: Indicates whether you are opted in to the Local Zone group or Wavelength - Zone group. The only valid value is opted-in. You must contact AWS Support to opt out of a - Local Zone group, or Wavelength Zone group. + Zone group. The only valid value is opted-in. You must contact Amazon Web Services Support + to opt out of a Local Zone or Wavelength Zone group. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -18865,8 +18870,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys removed. This parameter is valid only when modifying the productCodes attribute. - `"UserGroup"`: The user groups. This parameter is valid only when modifying the loadPermission attribute. -- `"UserId"`: The AWS account IDs. This parameter is valid only when modifying the - loadPermission attribute. +- `"UserId"`: The Amazon Web Services account IDs. This parameter is valid only when + modifying the loadPermission attribute. """ function modify_fpga_image_attribute( FpgaImageId; aws_config::AbstractAWSConfig=global_aws_config() @@ -18958,13 +18963,13 @@ network-acl | network-acl-association | network-interface | network-interface-at prefix-list | route-table | route-table-association | security-group | subnet | subnet-cidr-block-association | vpc | vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway. This setting applies to the IAM user -who makes the request; it does not apply to the entire AWS account. By default, an IAM user -defaults to the same settings as the root user. If you're using this action as the root -user, then these settings apply to the entire account, unless an IAM user explicitly -overrides these settings for themselves. For more information, see Resource IDs in the -Amazon Elastic Compute Cloud User Guide. Resources created with longer IDs are visible to -all IAM roles and users, regardless of these settings and provided that they have -permission to use the relevant Describe command for the resource type. +who makes the request; it does not apply to the entire Amazon Web Services account. By +default, an IAM user defaults to the same settings as the root user. If you're using this +action as the root user, then these settings apply to the entire account, unless an IAM +user explicitly overrides these settings for themselves. For more information, see Resource +IDs in the Amazon Elastic Compute Cloud User Guide. Resources created with longer IDs are +visible to all IAM roles and users, regardless of these settings and provided that they +have permission to use the relevant Describe command for the resource type. # Arguments - `resource`: The type of resource: bundle | conversion-task | customer-gateway | @@ -20010,8 +20015,7 @@ are not eligible for Traffic Mirror. Use AddNetworkServices to add network servi Traffic Mirror filter. When a network service is added to the Traffic Mirror filter, all traffic related to that network service will be mirrored. When you no longer want to mirror network services, use RemoveNetworkServices to remove the network services from the Traffic -Mirror filter. For information about filter rule properties, see Network Services in the -Traffic Mirroring User Guide . +Mirror filter. # Arguments - `traffic_mirror_filter_id`: The ID of the Traffic Mirror filter. @@ -20084,7 +20088,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys by rule number. - `"SourceCidrBlock"`: The source CIDR block to assign to the Traffic Mirror rule. - `"SourcePortRange"`: The port range to assign to the Traffic Mirror rule. -- `"TrafficDirection"`: The type of traffic (ingress | egress) to assign to the rule. +- `"TrafficDirection"`: The type of traffic to assign to the rule. """ function modify_traffic_mirror_filter_rule( TrafficMirrorFilterRuleId; aws_config::AbstractAWSConfig=global_aws_config() @@ -20661,10 +20665,11 @@ end modify_vpc_endpoint_service_permissions(service_id, params::Dict{String,<:Any}) Modifies the permissions for your VPC endpoint service. You can add or remove permissions -for service consumers (IAM users, IAM roles, and AWS accounts) to connect to your endpoint -service. If you grant permissions to all principals, the service is public. Any users who -know the name of a public service can send a request to attach an endpoint. If the service -does not require manual approval, attachments are automatically approved. +for service consumers (IAM users, IAM roles, and Amazon Web Services accounts) to connect +to your endpoint service. If you grant permissions to all principals, the service is +public. Any users who know the name of a public service can send a request to attach an +endpoint. If the service does not require manual approval, attachments are automatically +approved. # Arguments - `service_id`: The ID of the service. @@ -21869,11 +21874,10 @@ able to recover it. For more information, see AllocateAddress. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"AllocationId"`: [EC2-VPC] The allocation ID. Required for EC2-VPC. - `"NetworkBorderGroup"`: The set of Availability Zones, Local Zones, or Wavelength Zones - from which AWS advertises IP addresses. If you provide an incorrect network border group, - you will receive an InvalidAddress.NotFound error. For more information, see Error Codes. - You cannot use a network border group with EC2 Classic. If you attempt this operation on - EC2 classic, you will receive an InvalidParameterCombination error. For more information, - see Error Codes. + from which Amazon Web Services advertises IP addresses. If you provide an incorrect network + border group, you receive an InvalidAddress.NotFound error. You cannot use a network border + group with EC2 Classic. If you attempt this operation on EC2 classic, you receive an + InvalidParameterCombination error. - `"PublicIp"`: [EC2-Classic] The Elastic IP address. Required for EC2-Classic. - `"dryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required @@ -23339,13 +23343,12 @@ function run_scheduled_instances( end """ - search_local_gateway_routes(filter, local_gateway_route_table_id) - search_local_gateway_routes(filter, local_gateway_route_table_id, params::Dict{String,<:Any}) + search_local_gateway_routes(local_gateway_route_table_id) + search_local_gateway_routes(local_gateway_route_table_id, params::Dict{String,<:Any}) Searches for routes in the specified local gateway route table. # Arguments -- `filter`: One or more filters. - `local_gateway_route_table_id`: The ID of the local gateway route table. # Optional Parameters @@ -23353,24 +23356,22 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"DryRun"`: Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation. +- `"Filter"`: One or more filters. - `"MaxResults"`: The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned nextToken value. - `"NextToken"`: The token for the next page of results. """ function search_local_gateway_routes( - Filter, LocalGatewayRouteTableId; aws_config::AbstractAWSConfig=global_aws_config() + LocalGatewayRouteTableId; aws_config::AbstractAWSConfig=global_aws_config() ) return ec2( "SearchLocalGatewayRoutes", - Dict{String,Any}( - "Filter" => Filter, "LocalGatewayRouteTableId" => LocalGatewayRouteTableId - ); + Dict{String,Any}("LocalGatewayRouteTableId" => LocalGatewayRouteTableId); aws_config=aws_config, feature_set=SERVICE_FEATURE_SET, ) end function search_local_gateway_routes( - Filter, LocalGatewayRouteTableId, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config(), @@ -23380,10 +23381,7 @@ function search_local_gateway_routes( Dict{String,Any}( mergewith( _merge, - Dict{String,Any}( - "Filter" => Filter, - "LocalGatewayRouteTableId" => LocalGatewayRouteTableId, - ), + Dict{String,Any}("LocalGatewayRouteTableId" => LocalGatewayRouteTableId), params, ), ); diff --git a/src/services/ecs.jl b/src/services/ecs.jl index 5844ecd9e7..7342f63e0c 100644 --- a/src/services/ecs.jl +++ b/src/services/ecs.jl @@ -308,7 +308,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"propagateTags"`: Specifies whether to propagate the tags from the task definition or the service to the tasks in the service. If no value is specified, the tags are not propagated. Tags can only be propagated to the tasks within the service during service - creation. To add tags to a task after service creation, use the TagResource API action. + creation. To add tags to a task after service creation or task creation, use the + TagResource API action. - `"role"`: The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition does not use the @@ -2164,7 +2165,11 @@ time. # Arguments - `task_definition`: The family and revision (family:revision) or full ARN of the task - definition to run. If a revision is not specified, the latest ACTIVE revision is used. + definition to run. If a revision is not specified, the latest ACTIVE revision is used. The + full ARN value must match the value that you specified ias the Resource of the IAM + principal's permissions policy. For example, if the Resource is + arn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName:*, the taskDefinition ARN + value must be arn:aws:ecs:us-east-1:111122223333:task-definition/TaskFamilyName. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: diff --git a/src/services/elastic_load_balancing_v2.jl b/src/services/elastic_load_balancing_v2.jl index ce8d0e8b0e..ef9e518a0b 100644 --- a/src/services/elastic_load_balancing_v2.jl +++ b/src/services/elastic_load_balancing_v2.jl @@ -352,6 +352,9 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys before considering an unhealthy target healthy. For target groups with a protocol of HTTP or HTTPS, the default is 5. For target groups with a protocol of TCP, TLS, or GENEVE, the default is 3. If the target type is lambda, the default is 5. +- `"IpAddressType"`: The type of IP address used for this target group. The possible values + are ipv4 and ipv6. This is an optional parameter. If not specified, the IP address type + defaults to ipv4. - `"Matcher"`: [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. - `"Port"`: The port on which the targets receive traffic. This port is used unless you diff --git a/src/services/firehose.jl b/src/services/firehose.jl index 2169314928..2626a76b79 100644 --- a/src/services/firehose.jl +++ b/src/services/firehose.jl @@ -60,6 +60,7 @@ Firehose Developer Guide. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"AmazonopensearchserviceDestinationConfiguration"`: - `"DeliveryStreamEncryptionConfigurationInput"`: Used to specify the type and Amazon Resource Name (ARN) of the KMS key needed for Server-Side Encryption (SSE). - `"DeliveryStreamType"`: The delivery stream type. This parameter can be one of the @@ -706,6 +707,7 @@ version ID to set CurrentDeliveryStreamVersionId in the next call. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"AmazonopensearchserviceDestinationUpdate"`: - `"ElasticsearchDestinationUpdate"`: Describes an update for a destination in Amazon ES. - `"ExtendedS3DestinationUpdate"`: Describes an update for a destination in Amazon S3. - `"HttpEndpointDestinationUpdate"`: Describes an update to the specified HTTP endpoint diff --git a/src/services/frauddetector.jl b/src/services/frauddetector.jl index 0d798f6c93..4b57d10b2b 100644 --- a/src/services/frauddetector.jl +++ b/src/services/frauddetector.jl @@ -73,6 +73,36 @@ function batch_get_variable( ) end +""" + cancel_batch_import_job(job_id) + cancel_batch_import_job(job_id, params::Dict{String,<:Any}) + + Cancels an in-progress batch import job. + +# Arguments +- `job_id`: The ID of an in-progress batch import job to cancel. Amazon Fraud Detector + will throw an error if the batch import job is in FAILED, CANCELED, or COMPLETED state. + +""" +function cancel_batch_import_job(jobId; aws_config::AbstractAWSConfig=global_aws_config()) + return frauddetector( + "CancelBatchImportJob", + Dict{String,Any}("jobId" => jobId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function cancel_batch_import_job( + jobId, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "CancelBatchImportJob", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("jobId" => jobId), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ cancel_batch_prediction_job(job_id) cancel_batch_prediction_job(job_id, params::Dict{String,<:Any}) @@ -104,6 +134,75 @@ function cancel_batch_prediction_job( ) end +""" + create_batch_import_job(event_type_name, iam_role_arn, input_path, job_id, output_path) + create_batch_import_job(event_type_name, iam_role_arn, input_path, job_id, output_path, params::Dict{String,<:Any}) + +Creates a batch import job. + +# Arguments +- `event_type_name`: The name of the event type. +- `iam_role_arn`: The ARN of the IAM role created for Amazon S3 bucket that holds your data + file. The IAM role must have read and write permissions to both input and output S3 buckets. +- `input_path`: The URI that points to the Amazon S3 location of your data file. +- `job_id`: The ID of the batch import job. The ID cannot be of a past job, unless the job + exists in CREATE_FAILED state. +- `output_path`: The URI that points to the Amazon S3 location for storing your results. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"tags"`: A collection of key-value pairs associated with this request. +""" +function create_batch_import_job( + eventTypeName, + iamRoleArn, + inputPath, + jobId, + outputPath; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "CreateBatchImportJob", + Dict{String,Any}( + "eventTypeName" => eventTypeName, + "iamRoleArn" => iamRoleArn, + "inputPath" => inputPath, + "jobId" => jobId, + "outputPath" => outputPath, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_batch_import_job( + eventTypeName, + iamRoleArn, + inputPath, + jobId, + outputPath, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "CreateBatchImportJob", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "eventTypeName" => eventTypeName, + "iamRoleArn" => iamRoleArn, + "inputPath" => inputPath, + "jobId" => jobId, + "outputPath" => outputPath, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_batch_prediction_job(detector_name, event_type_name, iam_role_arn, input_path, job_id, output_path) create_batch_prediction_job(detector_name, event_type_name, iam_role_arn, input_path, job_id, output_path, params::Dict{String,<:Any}) @@ -299,8 +398,10 @@ Creates a version of the model using the specified model type and model id. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"externalEventsDetail"`: Details for the external events data used for model version +- `"externalEventsDetail"`: Details of the external events data used for model version training. Required if trainingDataSource is EXTERNAL_EVENTS. +- `"ingestedEventsDetail"`: Details of the ingested events data used for model version + training. Required if trainingDataSource is INGESTED_EVENTS. - `"tags"`: A collection of key and value pairs. """ function create_model_version( @@ -487,6 +588,35 @@ function create_variable( ) end +""" + delete_batch_import_job(job_id) + delete_batch_import_job(job_id, params::Dict{String,<:Any}) + +Deletes data that was batch imported to Amazon Fraud Detector. + +# Arguments +- `job_id`: The ID of the batch import job to delete. + +""" +function delete_batch_import_job(jobId; aws_config::AbstractAWSConfig=global_aws_config()) + return frauddetector( + "DeleteBatchImportJob", + Dict{String,Any}("jobId" => jobId); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_batch_import_job( + jobId, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "DeleteBatchImportJob", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("jobId" => jobId), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_batch_prediction_job(job_id) delete_batch_prediction_job(job_id, params::Dict{String,<:Any}) @@ -643,6 +773,10 @@ deletes that event and the event data is no longer stored in Amazon Fraud Detect - `event_id`: The ID of the event to delete. - `event_type_name`: The name of the event type. +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"deleteAuditHistory"`: Specifies whether or not to delete any predictions associated + with the event. """ function delete_event( eventId, eventTypeName; aws_config::AbstractAWSConfig=global_aws_config() @@ -679,8 +813,8 @@ end delete_event_type(name, params::Dict{String,<:Any}) Deletes an event type. You cannot delete an event type that is used in a detector or a -model. When you delete an entity type, Amazon Fraud Detector permanently deletes that -entity type and the data is no longer stored in Amazon Fraud Detector. +model. When you delete an event type, Amazon Fraud Detector permanently deletes that event +type and the data is no longer stored in Amazon Fraud Detector. # Arguments - `name`: The name of the event type to delete. @@ -705,6 +839,41 @@ function delete_event_type( ) end +""" + delete_events_by_event_type(event_type_name) + delete_events_by_event_type(event_type_name, params::Dict{String,<:Any}) + +Deletes all events of a particular event type. + +# Arguments +- `event_type_name`: The name of the event type. + +""" +function delete_events_by_event_type( + eventTypeName; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "DeleteEventsByEventType", + Dict{String,Any}("eventTypeName" => eventTypeName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_events_by_event_type( + eventTypeName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "DeleteEventsByEventType", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("eventTypeName" => eventTypeName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_external_model(model_endpoint) delete_external_model(model_endpoint, params::Dict{String,<:Any}) @@ -1036,6 +1205,35 @@ function describe_model_versions( ) end +""" + get_batch_import_jobs() + get_batch_import_jobs(params::Dict{String,<:Any}) + +Gets all batch import jobs or a specific job of the specified ID. This is a paginated API. +If you provide a null maxResults, this action retrieves a maximum of 50 records per page. +If you provide a maxResults, the value must be between 1 and 50. To get the next page +results, provide the pagination token from the GetBatchImportJobsResponse as part of your +request. A null pagination token fetches the records from the beginning. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"jobId"`: The ID of the batch import job to get. +- `"maxResults"`: The maximum number of objects to return for request. +- `"nextToken"`: The next token from the previous request. +""" +function get_batch_import_jobs(; aws_config::AbstractAWSConfig=global_aws_config()) + return frauddetector( + "GetBatchImportJobs"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function get_batch_import_jobs( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "GetBatchImportJobs", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + """ get_batch_prediction_jobs() get_batch_prediction_jobs(params::Dict{String,<:Any}) @@ -1068,6 +1266,41 @@ function get_batch_prediction_jobs( ) end +""" + get_delete_events_by_event_type_status(event_type_name) + get_delete_events_by_event_type_status(event_type_name, params::Dict{String,<:Any}) + +Retrieves the status of a DeleteEventsByEventType action. + +# Arguments +- `event_type_name`: Name of event type for which to get the deletion status. + +""" +function get_delete_events_by_event_type_status( + eventTypeName; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "GetDeleteEventsByEventTypeStatus", + Dict{String,Any}("eventTypeName" => eventTypeName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_delete_events_by_event_type_status( + eventTypeName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "GetDeleteEventsByEventTypeStatus", + Dict{String,Any}( + mergewith(_merge, Dict{String,Any}("eventTypeName" => eventTypeName), params) + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_detector_version(detector_id, detector_version_id) get_detector_version(detector_id, detector_version_id, params::Dict{String,<:Any}) @@ -1171,6 +1404,48 @@ function get_entity_types( ) end +""" + get_event(event_id, event_type_name) + get_event(event_id, event_type_name, params::Dict{String,<:Any}) + +Retrieves details of events stored with Amazon Fraud Detector. This action does not +retrieve prediction results. + +# Arguments +- `event_id`: The ID of the event to retrieve. +- `event_type_name`: The event type of the event to retrieve. + +""" +function get_event( + eventId, eventTypeName; aws_config::AbstractAWSConfig=global_aws_config() +) + return frauddetector( + "GetEvent", + Dict{String,Any}("eventId" => eventId, "eventTypeName" => eventTypeName); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_event( + eventId, + eventTypeName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "GetEvent", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("eventId" => eventId, "eventTypeName" => eventTypeName), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_event_prediction(detector_id, entities, event_id, event_timestamp, event_type_name, event_variables) get_event_prediction(detector_id, entities, event_id, event_timestamp, event_type_name, event_variables, params::Dict{String,<:Any}) @@ -1184,23 +1459,22 @@ detector’s (ACTIVE) version is used. entity ID representing who performed the event. If an entity id is not available, use \"UNKNOWN.\" - `event_id`: The unique ID used to identify the event. -- `event_timestamp`: Timestamp that defines when the event under evaluation occurred. +- `event_timestamp`: Timestamp that defines when the event under evaluation occurred. The + timestamp must be specified using ISO 8601 standard in UTC. - `event_type_name`: The event type associated with the detector specified for the prediction. - `event_variables`: Names of the event type's variables you defined in Amazon Fraud Detector to represent data elements and their corresponding values for the event you are - sending for evaluation. You must provide at least one eventVariable If detectorVersion - is associated with a modelVersion, you must provide at least one associated eventVariable - To ensure highest possible fraud prediction and to simplify your data preparation, Amazon - Fraud Detector will replace all missing variables or values as follows: For Amazon Fraud - Detector trained models: If a null value is provided explicitly for a variable or if a - variable is missing, model will replace the null value or the missing variable (no variable - name in the eventVariables map) with calculated default mean/medians for numeric variables - and with special values for categorical variables. For External models ( for example, - imported SageMaker): If a null value is provided explicitly for a variable, the model and - rules will use “null” as the value. If a variable is not provided (no variable name in - the eventVariables map), model and rules will use the default value that is provided for - the variable. + sending for evaluation. You must provide at least one eventVariable To ensure most + accurate fraud prediction and to simplify your data preparation, Amazon Fraud Detector will + replace all missing variables or values as follows: For Amazon Fraud Detector trained + models: If a null value is provided explicitly for a variable or if a variable is missing, + model will replace the null value or the missing variable (no variable name in the + eventVariables map) with calculated default mean/medians for numeric variables and with + special values for categorical variables. For imported SageMaker models: If a null value + is provided explicitly for a variable, the model and rules will use “null” as the + value. If a variable is not provided (no variable name in the eventVariables map), model + and rules will use the default value that is provided for the variable. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -1324,8 +1598,8 @@ end get_kmsencryption_key() get_kmsencryption_key(params::Dict{String,<:Any}) -Gets the encryption key if a Key Management Service (KMS) customer master key (CMK) has -been specified to be used to encrypt content in Amazon Fraud Detector. +Gets the encryption key if a KMS key has been specified to be used to encrypt content in +Amazon Fraud Detector. """ function get_kmsencryption_key(; aws_config::AbstractAWSConfig=global_aws_config()) @@ -1707,6 +1981,7 @@ transactions, account registrations, and authentications. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"description"`: The description of the event type. +- `"eventIngestion"`: Specifies if ingenstion is enabled or disabled. - `"labels"`: The event type labels. - `"tags"`: A collection of key and value pairs. """ @@ -1825,8 +2100,7 @@ end put_kmsencryption_key(kms_encryption_key_arn) put_kmsencryption_key(kms_encryption_key_arn, params::Dict{String,<:Any}) -Specifies the Key Management Service (KMS) customer master key (CMK) to be used to encrypt -content in Amazon Fraud Detector. +Specifies the KMS key to be used to encrypt content in Amazon Fraud Detector. # Arguments - `kms_encryption_key_arn`: The KMS encryption key ARN. @@ -1929,6 +2203,81 @@ function put_outcome( ) end +""" + send_event(entities, event_id, event_timestamp, event_type_name, event_variables) + send_event(entities, event_id, event_timestamp, event_type_name, event_variables, params::Dict{String,<:Any}) + +Stores events in Amazon Fraud Detector without generating fraud predictions for those +events. For example, you can use SendEvent to upload a historical dataset, which you can +then later use to train a model. + +# Arguments +- `entities`: An array of entities. +- `event_id`: The event ID to upload. +- `event_timestamp`: The timestamp that defines when the event under evaluation occurred. + The timestamp must be specified using ISO 8601 standard in UTC. +- `event_type_name`: The event type name of the event. +- `event_variables`: Names of the event type's variables you defined in Amazon Fraud + Detector to represent data elements and their corresponding values for the event you are + sending for evaluation. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"assignedLabel"`: The label to associate with the event. Required if specifying + labelTimestamp. +- `"labelTimestamp"`: The timestamp associated with the label. Required if specifying + assignedLabel. +""" +function send_event( + entities, + eventId, + eventTimestamp, + eventTypeName, + eventVariables; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "SendEvent", + Dict{String,Any}( + "entities" => entities, + "eventId" => eventId, + "eventTimestamp" => eventTimestamp, + "eventTypeName" => eventTypeName, + "eventVariables" => eventVariables, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function send_event( + entities, + eventId, + eventTimestamp, + eventTypeName, + eventVariables, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "SendEvent", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "entities" => entities, + "eventId" => eventId, + "eventTimestamp" => eventTimestamp, + "eventTypeName" => eventTypeName, + "eventVariables" => eventVariables, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ tag_resource(resource_arn, tags) tag_resource(resource_arn, tags, params::Dict{String,<:Any}) @@ -2189,11 +2538,71 @@ function update_detector_version_status( ) end +""" + update_event_label(assigned_label, event_id, event_type_name, label_timestamp) + update_event_label(assigned_label, event_id, event_type_name, label_timestamp, params::Dict{String,<:Any}) + +Updates the specified event with a new label. + +# Arguments +- `assigned_label`: The new label to assign to the event. +- `event_id`: The ID of the event associated with the label to update. +- `event_type_name`: The event type of the event associated with the label to update. +- `label_timestamp`: The timestamp associated with the label. The timestamp must be + specified using ISO 8601 standard in UTC. + +""" +function update_event_label( + assignedLabel, + eventId, + eventTypeName, + labelTimestamp; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "UpdateEventLabel", + Dict{String,Any}( + "assignedLabel" => assignedLabel, + "eventId" => eventId, + "eventTypeName" => eventTypeName, + "labelTimestamp" => labelTimestamp, + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_event_label( + assignedLabel, + eventId, + eventTypeName, + labelTimestamp, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return frauddetector( + "UpdateEventLabel", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "assignedLabel" => assignedLabel, + "eventId" => eventId, + "eventTypeName" => eventTypeName, + "labelTimestamp" => labelTimestamp, + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ update_model(model_id, model_type) update_model(model_id, model_type, params::Dict{String,<:Any}) -Updates a model. You can update the description attribute using this action. +Updates model description. # Arguments - `model_id`: The model ID. @@ -2247,7 +2656,10 @@ creates and trains a new minor version of the model, for example version 1.01, 1 # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"externalEventsDetail"`: The event details. +- `"externalEventsDetail"`: The details of the external events data used for training the + model version. Required if trainingDataSource is EXTERNAL_EVENTS. +- `"ingestedEventsDetail"`: The details of the ingested event used for training the model + version. Required if your trainingDataSource is INGESTED_EVENTS. - `"tags"`: A collection of key and value pairs. """ function update_model_version( @@ -2297,7 +2709,7 @@ end update_model_version_status(model_id, model_type, model_version_number, status, params::Dict{String,<:Any}) Updates the status of a model version. You can perform the following status updates: -Change the TRAINING_COMPLETE status to ACTIVE. Change ACTIVEto INACTIVE. +Change the TRAINING_COMPLETE status to ACTIVE. Change ACTIVE to INACTIVE. # Arguments - `model_id`: The model ID of the model version to update. diff --git a/src/services/fsx.jl b/src/services/fsx.jl index b9719acbca..4f2072d8c6 100644 --- a/src/services/fsx.jl +++ b/src/services/fsx.jl @@ -366,6 +366,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"ClientRequestToken"`: A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent creation. This string is automatically filled on your behalf when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. +- `"FileSystemTypeVersion"`: Sets the version of the Amazon FSx for Lustre file system + you're creating. Valid values are 2.10 and 2.12. Set the value to 2.10 to create a Lustre + 2.10 file system. Set the value to 2.12 to create a Lustre 2.12 file system. Default + value is 2.10. - `"KmsKeyId"`: - `"LustreConfiguration"`: - `"OntapConfiguration"`: @@ -467,6 +471,11 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"ClientRequestToken"`: A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent creation. This string is automatically filled on your behalf when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. +- `"FileSystemTypeVersion"`: Sets the version for the Amazon FSx for Lustre file system + you're creating from a backup. Valid values are 2.10 and 2.12. You don't need to specify + FileSystemTypeVersion because it will be applied using the backup's FileSystemTypeVersion + setting. If you choose to specify FileSystemTypeVersion when creating from backup, the + value must match the backup's FileSystemTypeVersion setting. - `"KmsKeyId"`: - `"LustreConfiguration"`: - `"SecurityGroupIds"`: A list of IDs for the security groups that apply to the specified diff --git a/src/services/grafana.jl b/src/services/grafana.jl new file mode 100644 index 0000000000..0c6b545b1e --- /dev/null +++ b/src/services/grafana.jl @@ -0,0 +1,532 @@ +# This file is auto-generated by AWSMetadata.jl +using AWS +using AWS.AWSServices: grafana +using AWS.Compat +using AWS.UUIDs + +""" + associate_license(license_type, workspace_id) + associate_license(license_type, workspace_id, params::Dict{String,<:Any}) + +Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise incurs +additional fees. For more information, see Upgrade a workspace to Grafana Enterprise. + +# Arguments +- `license_type`: The type of license to associate with the workspace. +- `workspace_id`: The ID of the workspace to associate the license with. + +""" +function associate_license( + licenseType, workspaceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "POST", + "/workspaces/$(workspaceId)/licenses/$(licenseType)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function associate_license( + licenseType, + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "POST", + "/workspaces/$(workspaceId)/licenses/$(licenseType)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + create_workspace(account_access_type, authentication_providers, permission_type) + create_workspace(account_access_type, authentication_providers, permission_type, params::Dict{String,<:Any}) + +Creates a workspace. In a workspace, you can create Grafana dashboards and visualizations +to analyze your metrics, logs, and traces. You don't have to build, package, or deploy any +hardware to run the Grafana server. Don't use CreateWorkspace to modify an existing +workspace. Instead, use UpdateWorkspace. + +# Arguments +- `account_access_type`: Specifies whether the workspace can access Amazon Web Services + resources in this Amazon Web Services account only, or whether it can also access Amazon + Web Services resources in other accounts in the same organization. If you specify + ORGANIZATION, you must specify which organizational units the workspace can access in the + workspaceOrganizationalUnits parameter. +- `authentication_providers`: Specifies whether this workspace uses SAML 2.0, Amazon Web + Services Single Sign On, or both to authenticate users for using the Grafana console within + a workspace. For more information, see User authentication in Amazon Managed Grafana. +- `permission_type`: If you specify Service Managed, Amazon Managed Grafana automatically + creates the IAM roles and provisions the permissions that the workspace needs to use Amazon + Web Services data sources and notification channels. If you specify CUSTOMER_MANAGED, you + will manage those roles and permissions yourself. If you are creating this workspace in a + member account of an organization that is not a delegated administrator account, and you + want the workspace to access data sources in other Amazon Web Services accounts in the + organization, you must choose CUSTOMER_MANAGED. For more information, see Amazon Managed + Grafana permissions and policies for Amazon Web Services data sources and notification + channels + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: A unique, case-sensitive, user-provided identifier to ensure the + idempotency of the request. +- `"organizationRoleName"`: The name of an IAM role that already exists to use with + Organizations to access Amazon Web Services data sources and notification channels in other + accounts in an organization. +- `"stackSetName"`: The name of the CloudFormation stack set to use to generate IAM roles + to be used for this workspace. +- `"workspaceDataSources"`: Specify the Amazon Web Services data sources that you want to + be queried in this workspace. Specifying these data sources here enables Amazon Managed + Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data + from these sources. You must still add them as data sources in the Grafana console in the + workspace. If you don't specify a data source here, you can still add it as a data source + in the workspace console later. However, you will then have to manually configure + permissions for it. +- `"workspaceDescription"`: A description for the workspace. This is used only to help you + identify this workspace. +- `"workspaceName"`: The name for the workspace. It does not have to be unique. +- `"workspaceNotificationDestinations"`: Specify the Amazon Web Services notification + channels that you plan to use in this workspace. Specifying these data sources here enables + Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed + Grafana to use these channels. +- `"workspaceOrganizationalUnits"`: Specifies the organizational units that this workspace + is allowed to use data sources from, if this workspace is in an account that is part of an + organization. +- `"workspaceRoleArn"`: The workspace needs an IAM role that grants permissions to the + Amazon Web Services resources that the workspace will view data from. If you already have a + role that you want to use, specify it here. If you omit this field and you specify some + Amazon Web Services resources in workspaceDataSources or workspaceNotificationDestinations, + a new IAM role with the necessary permissions is automatically created. +""" +function create_workspace( + accountAccessType, + authenticationProviders, + permissionType; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "POST", + "/workspaces", + Dict{String,Any}( + "accountAccessType" => accountAccessType, + "authenticationProviders" => authenticationProviders, + "permissionType" => permissionType, + "clientToken" => string(uuid4()), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_workspace( + accountAccessType, + authenticationProviders, + permissionType, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "POST", + "/workspaces", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}( + "accountAccessType" => accountAccessType, + "authenticationProviders" => authenticationProviders, + "permissionType" => permissionType, + "clientToken" => string(uuid4()), + ), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + delete_workspace(workspace_id) + delete_workspace(workspace_id, params::Dict{String,<:Any}) + +Deletes an Amazon Managed Grafana workspace. + +# Arguments +- `workspace_id`: The ID of the workspace to delete. + +""" +function delete_workspace(workspaceId; aws_config::AbstractAWSConfig=global_aws_config()) + return grafana( + "DELETE", + "/workspaces/$(workspaceId)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_workspace( + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "DELETE", + "/workspaces/$(workspaceId)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + describe_workspace(workspace_id) + describe_workspace(workspace_id, params::Dict{String,<:Any}) + +Displays information about one Amazon Managed Grafana workspace. + +# Arguments +- `workspace_id`: The ID of the workspace to display information about. + +""" +function describe_workspace(workspaceId; aws_config::AbstractAWSConfig=global_aws_config()) + return grafana( + "GET", + "/workspaces/$(workspaceId)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function describe_workspace( + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "GET", + "/workspaces/$(workspaceId)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + describe_workspace_authentication(workspace_id) + describe_workspace_authentication(workspace_id, params::Dict{String,<:Any}) + +Displays information about the authentication methods used in one Amazon Managed Grafana +workspace. + +# Arguments +- `workspace_id`: The ID of the workspace to return authentication information about. + +""" +function describe_workspace_authentication( + workspaceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "GET", + "/workspaces/$(workspaceId)/authentication"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function describe_workspace_authentication( + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "GET", + "/workspaces/$(workspaceId)/authentication", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + disassociate_license(license_type, workspace_id) + disassociate_license(license_type, workspace_id, params::Dict{String,<:Any}) + +Removes the Grafana Enterprise license from a workspace. + +# Arguments +- `license_type`: The type of license to remove from the workspace. +- `workspace_id`: The ID of the workspace to remove the Grafana Enterprise license from. + +""" +function disassociate_license( + licenseType, workspaceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "DELETE", + "/workspaces/$(workspaceId)/licenses/$(licenseType)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function disassociate_license( + licenseType, + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "DELETE", + "/workspaces/$(workspaceId)/licenses/$(licenseType)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_permissions(workspace_id) + list_permissions(workspace_id, params::Dict{String,<:Any}) + +Lists the users and groups who have the Grafana Admin and Editor roles in this workspace. +If you use this operation without specifying userId or groupId, the operation returns the +roles of all users and groups. If you specify a userId or a groupId, only the roles for +that user or group are returned. If you do this, you can specify only one userId or one +groupId. + +# Arguments +- `workspace_id`: The ID of the workspace to list permissions for. This parameter is + required. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"groupId"`: (Optional) Limits the results to only the group that matches this ID. +- `"maxResults"`: The maximum number of results to include in the response. +- `"nextToken"`: The token to use when requesting the next set of results. You received + this token from a previous ListPermissions operation. +- `"userId"`: (Optional) Limits the results to only the user that matches this ID. +- `"userType"`: (Optional) If you specify SSO_USER, then only the permissions of Amazon Web + Services SSO users are returned. If you specify SSO_GROUP, only the permissions of Amazon + Web Services SSO groups are returned. +""" +function list_permissions(workspaceId; aws_config::AbstractAWSConfig=global_aws_config()) + return grafana( + "GET", + "/workspaces/$(workspaceId)/permissions"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_permissions( + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "GET", + "/workspaces/$(workspaceId)/permissions", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + list_workspaces() + list_workspaces(params::Dict{String,<:Any}) + +Returns a list of Amazon Managed Grafana workspaces in the account, with some information +about each workspace. For more complete information about one workspace, use +DescribeWorkspace. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of workspaces to include in the results. +- `"nextToken"`: The token for the next set of workspaces to return. (You receive this + token from a previous ListWorkspaces operation.) +""" +function list_workspaces(; aws_config::AbstractAWSConfig=global_aws_config()) + return grafana( + "GET", "/workspaces"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function list_workspaces( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "GET", "/workspaces", params; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end + +""" + update_permissions(update_instruction_batch, workspace_id) + update_permissions(update_instruction_batch, workspace_id, params::Dict{String,<:Any}) + +Updates which users in a workspace have the Grafana Admin or Editor roles. + +# Arguments +- `update_instruction_batch`: An array of structures that contain the permission updates to + make. +- `workspace_id`: The ID of the workspace to update. + +""" +function update_permissions( + updateInstructionBatch, workspaceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "PATCH", + "/workspaces/$(workspaceId)/permissions", + Dict{String,Any}("updateInstructionBatch" => updateInstructionBatch); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_permissions( + updateInstructionBatch, + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "PATCH", + "/workspaces/$(workspaceId)/permissions", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("updateInstructionBatch" => updateInstructionBatch), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_workspace(workspace_id) + update_workspace(workspace_id, params::Dict{String,<:Any}) + +Modifies an existing Amazon Managed Grafana workspace. If you use this operation and omit +any optional parameters, the existing values of those parameters are not changed. To modify +the user authentication methods that the workspace uses, such as SAML or Amazon Web +Services SSO, use UpdateWorkspaceAuthentication. To modify which users in the workspace +have the Admin and Editor Grafana roles, use UpdatePermissions. + +# Arguments +- `workspace_id`: The ID of the workspace to update. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"accountAccessType"`: Specifies whether the workspace can access Amazon Web Services + resources in this Amazon Web Services account only, or whether it can also access Amazon + Web Services resources in other accounts in the same organization. If you specify + ORGANIZATION, you must specify which organizational units the workspace can access in the + workspaceOrganizationalUnits parameter. +- `"organizationRoleName"`: The name of an IAM role that already exists to use to access + resources through Organizations. +- `"permissionType"`: If you specify Service Managed, Amazon Managed Grafana automatically + creates the IAM roles and provisions the permissions that the workspace needs to use Amazon + Web Services data sources and notification channels. If you specify CUSTOMER_MANAGED, you + will manage those roles and permissions yourself. If you are creating this workspace in a + member account of an organization and that account is not a delegated administrator + account, and you want the workspace to access data sources in other Amazon Web Services + accounts in the organization, you must choose CUSTOMER_MANAGED. For more information, see + Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and + notification channels +- `"stackSetName"`: The name of the CloudFormation stack set to use to generate IAM roles + to be used for this workspace. +- `"workspaceDataSources"`: Specify the Amazon Web Services data sources that you want to + be queried in this workspace. Specifying these data sources here enables Amazon Managed + Grafana to create IAM roles and permissions that allow Amazon Managed Grafana to read data + from these sources. You must still add them as data sources in the Grafana console in the + workspace. If you don't specify a data source here, you can still add it as a data source + later in the workspace console. However, you will then have to manually configure + permissions for it. +- `"workspaceDescription"`: A description for the workspace. This is used only to help you + identify this workspace. +- `"workspaceName"`: A new name for the workspace to update. +- `"workspaceNotificationDestinations"`: Specify the Amazon Web Services notification + channels that you plan to use in this workspace. Specifying these data sources here enables + Amazon Managed Grafana to create IAM roles and permissions that allow Amazon Managed + Grafana to use these channels. +- `"workspaceOrganizationalUnits"`: Specifies the organizational units that this workspace + is allowed to use data sources from, if this workspace is in an account that is part of an + organization. +- `"workspaceRoleArn"`: The workspace needs an IAM role that grants permissions to the + Amazon Web Services resources that the workspace will view data from. If you already have a + role that you want to use, specify it here. If you omit this field and you specify some + Amazon Web Services resources in workspaceDataSources or workspaceNotificationDestinations, + a new IAM role with the necessary permissions is automatically created. +""" +function update_workspace(workspaceId; aws_config::AbstractAWSConfig=global_aws_config()) + return grafana( + "PUT", + "/workspaces/$(workspaceId)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_workspace( + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "PUT", + "/workspaces/$(workspaceId)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + +""" + update_workspace_authentication(authentication_providers, workspace_id) + update_workspace_authentication(authentication_providers, workspace_id, params::Dict{String,<:Any}) + +Use this operation to define the identity provider (IdP) that this workspace authenticates +users from, using SAML. You can also map SAML assertion attributes to workspace user +information and define which groups in the assertion attribute are to have the Admin and +Editor roles in the workspace. + +# Arguments +- `authentication_providers`: Specifies whether this workspace uses SAML 2.0, Amazon Web + Services Single Sign On, or both to authenticate users for using the Grafana console within + a workspace. For more information, see User authentication in Amazon Managed Grafana. +- `workspace_id`: The ID of the workspace to update the authentication for. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"samlConfiguration"`: If the workspace uses SAML, use this structure to map SAML + assertion attributes to workspace user information and define which groups in the assertion + attribute are to have the Admin and Editor roles in the workspace. +""" +function update_workspace_authentication( + authenticationProviders, workspaceId; aws_config::AbstractAWSConfig=global_aws_config() +) + return grafana( + "POST", + "/workspaces/$(workspaceId)/authentication", + Dict{String,Any}("authenticationProviders" => authenticationProviders); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function update_workspace_authentication( + authenticationProviders, + workspaceId, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return grafana( + "POST", + "/workspaces/$(workspaceId)/authentication", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("authenticationProviders" => authenticationProviders), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end diff --git a/src/services/kendra.jl b/src/services/kendra.jl index 327d21d327..4995f295f4 100644 --- a/src/services/kendra.jl +++ b/src/services/kendra.jl @@ -199,11 +199,11 @@ end create_data_source(index_id, name, type) create_data_source(index_id, name, type, params::Dict{String,<:Any}) -Creates a data source that you use to with an Amazon Kendra index. You specify a name, -data source connector type and description for your data source. You also specify -configuration information such as document metadata (author, source URI, and so on) and -user context information. CreateDataSource is a synchronous operation. The operation -returns 200 if the data source was successfully created. Otherwise, an exception is raised. +Creates a data source that you want to use with an Amazon Kendra index. You specify a +name, data source connector type and description for your data source. You also specify +configuration information for the data source connector. CreateDataSource is a synchronous +operation. The operation returns 200 if the data source was successfully created. +Otherwise, an exception is raised. # Arguments - `index_id`: The identifier of the index that should be associated with this data source. @@ -221,6 +221,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys CUSTOM. If you do, you receive a ValidationException exception. The Configuration parameter is required for all other data sources. - `"Description"`: A description for the data source. +- `"LanguageCode"`: The code for a language. This allows you to support a language for all + documents when creating the data source. English is supported by default. For more + information on supported languages, including their codes, see Adding documents in + languages other than English. - `"RoleArn"`: The Amazon Resource Name (ARN) of a role with permission to access the data source. For more information, see IAM Roles for Amazon Kendra. You can't specify the RoleArn parameter when the Type parameter is set to CUSTOM. If you do, you receive a @@ -297,6 +301,9 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes. The format must match the format of the file stored in the S3 bucket identified in the S3Path parameter. For more information, see Adding questions and answers. +- `"LanguageCode"`: The code for a language. This allows you to support a language for the + FAQ document. English is supported by default. For more information on supported languages, + including their codes, see Adding documents in languages other than English. - `"Tags"`: A list of key-value pairs that identify the FAQ. You can use the tags to identify and organize your resources and to control access to resources. """ @@ -378,10 +385,14 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"Tags"`: A list of key-value pairs that identify the index. You can use the tags to identify and organize your resources and to control access to resources. - `"UserContextPolicy"`: The user context policy. ATTRIBUTE_FILTER All indexed content is - searchable and displayable for all users. If there is an access control list, it is - ignored. You can filter on user and group attributes. USER_TOKEN Enables SSO and - token-based user access control. All documents with no access control and all documents - accessible to the user will be searchable and displayable. + searchable and displayable for all users. If you want to filter search results on user + context, you can use the attribute filters of _user_id and _group_ids or you can provide + user and group information in UserContext. USER_TOKEN Enables token-based user access + control to filter search results on user context. All documents with no access control and + all documents accessible to the user will be searchable and displayable. +- `"UserGroupResolutionConfiguration"`: Enables fetching access levels of groups and users + from an AWS Single Sign-On identity source. To configure this, see + UserGroupResolutionConfiguration. - `"UserTokenConfigurations"`: The user token configuration. """ function create_index(Name, RoleArn; aws_config::AbstractAWSConfig=global_aws_config()) @@ -510,7 +521,7 @@ Creates a thesaurus for an index. The thesaurus contains a list of synonyms in S Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"ClientToken"`: A token that you provide to identify the request to create a thesaurus. Multiple calls to the CreateThesaurus operation with the same client token will create only - one index. + one thesaurus. - `"Description"`: The description for the new thesaurus. - `"Tags"`: A list of key-value pairs that identify the thesaurus. You can use the tags to identify and organize your resources and to control access to resources. @@ -1123,8 +1134,9 @@ Gets statistics about synchronizing Amazon Kendra with a data source. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"MaxResults"`: The maximum number of synchronization jobs to return in the response. If there are fewer results in the list, this response contains only the actual results. -- `"NextToken"`: If the result of the previous request to GetDataSourceSyncJobHistory was - truncated, include the NextToken to fetch the next set of jobs. +- `"NextToken"`: If the previous response was incomplete (because there is more data to + retrieve), Amazon Kendra returns a pagination token in the response. You can use this + pagination token to retrieve the next set of jobs. - `"StartTimeFilter"`: When specified, the synchronization jobs returned in the list are limited to jobs between the specified dates. - `"StatusFilter"`: When specified, only returns synchronization jobs with the Status field @@ -1204,8 +1216,9 @@ Gets a list of FAQ lists associated with an index. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"MaxResults"`: The maximum number of FAQs to return in the response. If there are fewer results in the list, this response contains only the actual results. -- `"NextToken"`: If the result of the previous request to ListFaqs was truncated, include - the NextToken to fetch the next set of FAQs. +- `"NextToken"`: If the previous response was incomplete (because there is more data to + retrieve), Amazon Kendra returns a pagination token in the response. You can use this + pagination token to retrieve the next set of FAQs. """ function list_faqs(IndexId; aws_config::AbstractAWSConfig=global_aws_config()) return kendra( @@ -1243,9 +1256,12 @@ identifier. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"DataSourceId"`: The identifier of the data source for getting a list of groups mapped to users before a given ordering timestamp identifier. -- `"MaxResults"`: The maximum results shown for a list of groups that are mapped to users - before a given ordering or timestamp identifier. -- `"NextToken"`: The next items in the list of groups that go beyond the maximum. +- `"MaxResults"`: The maximum number of returned groups that are mapped to users before a + given ordering or timestamp identifier. +- `"NextToken"`: If the previous response was incomplete (because there is more data to + retrieve), Amazon Kendra returns a pagination token in the response. You can use this + pagination token to retrieve the next set of groups that are mapped to users before a given + ordering or timestamp identifier. """ function list_groups_older_than_ordering_id( IndexId, OrderingId; aws_config::AbstractAWSConfig=global_aws_config() @@ -1417,15 +1433,16 @@ end put_principal_mapping(group_id, group_members, index_id) put_principal_mapping(group_id, group_members, index_id, params::Dict{String,<:Any}) -Maps users to their groups. You can also map sub groups to groups. For example, the group -\"Company Intellectual Property Teams\" includes sub groups \"Research\" and -\"Engineering\". These sub groups include their own list of users or people who work in -these teams. Only users who work in research and engineering, and therefore belong in the -intellectual property group, can see top-secret company documents in their search results. -You map users to their groups when you want to filter search results for different users -based on their group’s access to documents. For more information on filtering search -results for different users, see Filtering on user context. If more than five PUT actions -for a group are currently processing, a validation exception is thrown. +Maps users to their groups so that you only need to provide the user ID when you issue the +query. You can also map sub groups to groups. For example, the group \"Company Intellectual +Property Teams\" includes sub groups \"Research\" and \"Engineering\". These sub groups +include their own list of users or people who work in these teams. Only users who work in +research and engineering, and therefore belong in the intellectual property group, can see +top-secret company documents in their search results. You map users to their groups when +you want to filter search results for different users based on their group’s access to +documents. For more information on filtering search results for different users, see +Filtering on user context. If more than five PUT actions for a group are currently +processing, a validation exception is thrown. # Arguments - `group_id`: The identifier of the group you want to map its users to. @@ -1551,7 +1568,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys of ties in sorting the results, the results are sorted by relevance. If you don't provide sorting configuration, the results are sorted by the relevance that Amazon Kendra determines for the result. -- `"UserContext"`: The user context token. +- `"UserContext"`: The user context token or user and group information. - `"VisitorId"`: Provides an identifier for a specific user. The VisitorId should be a unique identifier, such as a GUID. Don't use personally identifiable information, such as the user's email address, as the VisitorId. @@ -1803,6 +1820,10 @@ Updates an existing Amazon Kendra data source. Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"Configuration"`: - `"Description"`: The new description for the data source. +- `"LanguageCode"`: The code for a language. This allows you to support a language for all + documents when updating the data source. English is supported by default. For more + information on supported languages, including their codes, see Adding documents in + languages other than English. - `"Name"`: The name of the data source to update. The name of the data source can't be updated. To rename a data source you must delete the data source and re-create it. - `"RoleArn"`: The Amazon Resource Name (ARN) of the new role to use when the data source @@ -1853,7 +1874,10 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"Name"`: The name of the index to update. - `"RoleArn"`: A new IAM role that gives Amazon Kendra permission to access your Amazon CloudWatch logs. -- `"UserContextPolicy"`: The user user token context policy. +- `"UserContextPolicy"`: The user context policy. +- `"UserGroupResolutionConfiguration"`: Enables fetching access levels of groups and users + from an AWS Single Sign-On identity source. To configure this, see + UserGroupResolutionConfiguration. - `"UserTokenConfigurations"`: The user token configuration. """ function update_index(Id; aws_config::AbstractAWSConfig=global_aws_config()) diff --git a/src/services/lex_models_v2.jl b/src/services/lex_models_v2.jl index 9d0e0199cf..f6286ba486 100644 --- a/src/services/lex_models_v2.jl +++ b/src/services/lex_models_v2.jl @@ -204,7 +204,7 @@ locale to a bot before you can add intents and slot types to the bot. configured for the bot. For example, suppose a bot is configured with the confidence threshold of 0.80 and the AMAZON.FallbackIntent. Amazon Lex returns three alternative intents with the following confidence scores: IntentA (0.70), IntentB (0.60), IntentC - (0.50). The response from the PostText operation would be: AMAZON.FallbackIntent + (0.50). The response from the RecognizeText operation would be: AMAZON.FallbackIntent IntentA IntentB IntentC # Optional Parameters @@ -2018,7 +2018,7 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys and one string to filter on. - `"maxResults"`: The maximum number of exports to return in each page of results. If there are fewer results than the max page size, only the actual number of results are returned. -- `"nextToken"`: If the response from the ListExports operation contans more results that +- `"nextToken"`: If the response from the ListExports operation contains more results that specified in the maxResults parameter, a token is returned in the response. Use that token in the nextToken parameter to return the next page of results. - `"sortBy"`: Determines the field that the list of exports is sorted by. You can sort by diff --git a/src/services/lex_runtime_v2.jl b/src/services/lex_runtime_v2.jl index 514af08581..8fc61776e8 100644 --- a/src/services/lex_runtime_v2.jl +++ b/src/services/lex_runtime_v2.jl @@ -173,7 +173,16 @@ end Sends user input to Amazon Lex V2. Client applications use this API to send requests to Amazon Lex V2 at runtime. Amazon Lex V2 then interprets the user input using the machine learning model that it build for the bot. In response, Amazon Lex V2 returns the next -message to convey to the user and an optional response card to display. +message to convey to the user and an optional response card to display. If the optional +post-fulfillment response is specified, the messages are returned as follows. For more +information, see PostFulfillmentStatusSpecification. Success message - Returned if the +Lambda function completes successfully and the intent state is fulfilled or ready +fulfillment if the message is present. Failed message - The failed message is returned +if the Lambda function throws an exception or if the Lambda function returns a failed +intent state without a message. Timeout message - If you don't configure a timeout +message and a timeout, and the Lambda function doesn't return within 30 seconds, the +timeout message is returned. If you configure a timeout, the timeout message is returned +when the period times out. For more information, see Completion message. # Arguments - `bot_alias_id`: The alias identifier in use for the bot that processes the request. @@ -236,7 +245,15 @@ and then base64 encoded by Amazon Lex V2. Before you can use these fields, you m and decompress them. inputTranscript interpretations messages requestAttributes sessionState The example contains a Java application that compresses and encodes a Java object to send to Amazon Lex V2, and a second that decodes and decompresses a response from -Amazon Lex V2. +Amazon Lex V2. If the optional post-fulfillment response is specified, the messages are +returned as follows. For more information, see PostFulfillmentStatusSpecification. +Success message - Returned if the Lambda function completes successfully and the intent +state is fulfilled or ready fulfillment if the message is present. Failed message - The +failed message is returned if the Lambda function throws an exception or if the Lambda +function returns a failed intent state without a message. Timeout message - If you don't +configure a timeout message and a timeout, and the Lambda function doesn't return within 30 +seconds, the timeout message is returned. If you configure a timeout, the timeout message +is returned when the period times out. For more information, see Completion message. # Arguments - `content-_type`: Indicates the format for audio input or that the content is text. The diff --git a/src/services/mediaconvert.jl b/src/services/mediaconvert.jl index da95d8dede..c0157419e3 100644 --- a/src/services/mediaconvert.jl +++ b/src/services/mediaconvert.jl @@ -346,6 +346,33 @@ function delete_job_template( ) end +""" + delete_policy() + delete_policy(params::Dict{String,<:Any}) + +Permanently delete a policy that you created. + +""" +function delete_policy(; aws_config::AbstractAWSConfig=global_aws_config()) + return mediaconvert( + "DELETE", + "/2017-08-29/policy"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_policy( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediaconvert( + "DELETE", + "/2017-08-29/policy", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_preset(name) delete_preset(name, params::Dict{String,<:Any}) @@ -536,6 +563,30 @@ function get_job_template( ) end +""" + get_policy() + get_policy(params::Dict{String,<:Any}) + +Retrieve the JSON for your policy. + +""" +function get_policy(; aws_config::AbstractAWSConfig=global_aws_config()) + return mediaconvert( + "GET", "/2017-08-29/policy"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function get_policy( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediaconvert( + "GET", + "/2017-08-29/policy", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ get_preset(name) get_preset(name, params::Dict{String,<:Any}) @@ -782,6 +833,40 @@ function list_tags_for_resource( ) end +""" + put_policy(policy) + put_policy(policy, params::Dict{String,<:Any}) + +Create or change your policy. For more information about policies, see the user guide at +http://docs.aws.amazon.com/mediaconvert/latest/ug/what-is.html + +# Arguments +- `policy`: A policy configures behavior that you allow or disallow for your account. For + information about MediaConvert policies, see the user guide at + http://docs.aws.amazon.com/mediaconvert/latest/ug/what-is.html + +""" +function put_policy(policy; aws_config::AbstractAWSConfig=global_aws_config()) + return mediaconvert( + "PUT", + "/2017-08-29/policy", + Dict{String,Any}("policy" => policy); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function put_policy( + policy, params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediaconvert( + "PUT", + "/2017-08-29/policy", + Dict{String,Any}(mergewith(_merge, Dict{String,Any}("policy" => policy), params)); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ tag_resource(arn, tags) tag_resource(arn, tags, params::Dict{String,<:Any}) diff --git a/src/services/medialive.jl b/src/services/medialive.jl index 221a107d55..b5ffb60146 100644 --- a/src/services/medialive.jl +++ b/src/services/medialive.jl @@ -197,6 +197,34 @@ function cancel_input_device_transfer( ) end +""" + claim_device() + claim_device(params::Dict{String,<:Any}) + +Send a request to claim an AWS Elemental device that you have purchased from a third-party +vendor. After the request succeeds, you will own the device. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"id"`: The id of the device you want to claim. +""" +function claim_device(; aws_config::AbstractAWSConfig=global_aws_config()) + return medialive( + "POST", "/prod/claimDevice"; aws_config=aws_config, feature_set=SERVICE_FEATURE_SET + ) +end +function claim_device( + params::AbstractDict{String}; aws_config::AbstractAWSConfig=global_aws_config() +) + return medialive( + "POST", + "/prod/claimDevice", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_channel() create_channel(params::Dict{String,<:Any}) @@ -221,7 +249,7 @@ creating multiple resources. - `"roleArn"`: An optional Amazon Resource Name (ARN) of the role to assume when running the Channel. - `"tags"`: A collection of key-value pairs. -- `"vpc"`: Settings for VPC output +- `"vpc"`: Settings for the VPC outputs """ function create_channel(; aws_config::AbstractAWSConfig=global_aws_config()) return medialive( diff --git a/src/services/mediatailor.jl b/src/services/mediatailor.jl index c91775ad40..37a7b91ce6 100644 --- a/src/services/mediatailor.jl +++ b/src/services/mediatailor.jl @@ -113,6 +113,69 @@ function create_channel( ) end +""" + create_prefetch_schedule(consumption, name, playback_configuration_name, retrieval) + create_prefetch_schedule(consumption, name, playback_configuration_name, retrieval, params::Dict{String,<:Any}) + +Creates a new prefetch schedule for the specified playback configuration. + +# Arguments +- `consumption`: The configuration settings for MediaTailor's consumption of the prefetched + ads from the ad decision server. Each consumption configuration contains an end time and an + optional start time that define the consumption window. Prefetch schedules automatically + expire no earlier than seven days after the end time. +- `name`: The identifier for the playback configuration. +- `playback_configuration_name`: The name of the playback configuration. +- `retrieval`: The configuration settings for retrieval of prefetched ads from the ad + decision server. Only one set of prefetched ads will be retrieved and subsequently consumed + for each ad break. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"StreamId"`: An optional stream identifier that MediaTailor uses to prefetch ads for + multiple streams that use the same playback configuration. If StreamId is specified, + MediaTailor returns all of the prefetch schedules with an exact match on StreamId. If not + specified, MediaTailor returns all of the prefetch schedules for the playback + configuration, regardless of StreamId. +""" +function create_prefetch_schedule( + Consumption, + Name, + PlaybackConfigurationName, + Retrieval; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return mediatailor( + "POST", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)", + Dict{String,Any}("Consumption" => Consumption, "Retrieval" => Retrieval); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function create_prefetch_schedule( + Consumption, + Name, + PlaybackConfigurationName, + Retrieval, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return mediatailor( + "POST", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)", + Dict{String,Any}( + mergewith( + _merge, + Dict{String,Any}("Consumption" => Consumption, "Retrieval" => Retrieval), + params, + ), + ); + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ create_program(schedule_configuration, source_location_name, vod_source_name, channel_name, program_name) create_program(schedule_configuration, source_location_name, vod_source_name, channel_name, program_name, params::Dict{String,<:Any}) @@ -376,6 +439,44 @@ function delete_playback_configuration( ) end +""" + delete_prefetch_schedule(name, playback_configuration_name) + delete_prefetch_schedule(name, playback_configuration_name, params::Dict{String,<:Any}) + +Deletes a prefetch schedule for a specific playback configuration. If you call +DeletePrefetchSchedule on an expired prefetch schedule, MediaTailor returns an HTTP 404 +status code. + +# Arguments +- `name`: The identifier for the playback configuration. +- `playback_configuration_name`: The name of the playback configuration. + +""" +function delete_prefetch_schedule( + Name, PlaybackConfigurationName; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediatailor( + "DELETE", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function delete_prefetch_schedule( + Name, + PlaybackConfigurationName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return mediatailor( + "DELETE", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ delete_program(channel_name, program_name) delete_program(channel_name, program_name, params::Dict{String,<:Any}) @@ -724,6 +825,44 @@ function get_playback_configuration( ) end +""" + get_prefetch_schedule(name, playback_configuration_name) + get_prefetch_schedule(name, playback_configuration_name, params::Dict{String,<:Any}) + +Returns information about the prefetch schedule for a specific playback configuration. If +you call GetPrefetchSchedule on an expired prefetch schedule, MediaTailor returns an HTTP +404 status code. + +# Arguments +- `name`: The identifier for the playback configuration. +- `playback_configuration_name`: The name of the playback configuration. + +""" +function get_prefetch_schedule( + Name, PlaybackConfigurationName; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediatailor( + "GET", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function get_prefetch_schedule( + Name, + PlaybackConfigurationName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return mediatailor( + "GET", + "/prefetchSchedule/$(PlaybackConfigurationName)/$(Name)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ list_alerts(resource_arn) list_alerts(resource_arn, params::Dict{String,<:Any}) @@ -827,6 +966,54 @@ function list_playback_configurations( ) end +""" + list_prefetch_schedules(playback_configuration_name) + list_prefetch_schedules(playback_configuration_name, params::Dict{String,<:Any}) + +Creates a new prefetch schedule. + +# Arguments +- `playback_configuration_name`: The name of the playback configuration. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"MaxResults"`: The maximum number of prefetch schedules that you want MediaTailor to + return in response to the current request. If the playback configuration has more than + MaxResults prefetch schedules, use the value of NextToken in the response to get the next + page of results. +- `"NextToken"`: (Optional) If the playback configuration has more than MaxResults prefetch + schedules, use NextToken to get the second and subsequent pages of results. For the first + ListPrefetchSchedulesRequest request, omit this value. For the second and subsequent + requests, get the value of NextToken from the previous response and specify that value for + NextToken in the request. If the previous response didn't include a NextToken element, + there are no more prefetch schedules to get. +- `"StreamId"`: An optional filtering parameter whereby MediaTailor filters the prefetch + schedules to include only specific streams. +""" +function list_prefetch_schedules( + PlaybackConfigurationName; aws_config::AbstractAWSConfig=global_aws_config() +) + return mediatailor( + "POST", + "/prefetchSchedule/$(PlaybackConfigurationName)"; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end +function list_prefetch_schedules( + PlaybackConfigurationName, + params::AbstractDict{String}; + aws_config::AbstractAWSConfig=global_aws_config(), +) + return mediatailor( + "POST", + "/prefetchSchedule/$(PlaybackConfigurationName)", + params; + aws_config=aws_config, + feature_set=SERVICE_FEATURE_SET, + ) +end + """ list_source_locations() list_source_locations(params::Dict{String,<:Any}) diff --git a/src/services/sagemaker.jl b/src/services/sagemaker.jl index 0b7b2bd73d..5a0a92a567 100644 --- a/src/services/sagemaker.jl +++ b/src/services/sagemaker.jl @@ -1106,14 +1106,14 @@ Services Region in the Amazon Web Services Identity and Access Management User G add the IAM role policies for using this API operation, go to the IAM console, and choose Roles in the left navigation pane. Search the IAM role that you want to grant access to use the CreateEndpoint and CreateEndpointConfig API operations, add the following policies to -the role. Option 1: For a full Amazon SageMaker access, search and attach the +the role. Option 1: For a full SageMaker access, search and attach the AmazonSageMakerFullAccess policy. Option 2: For granting a limited access to an IAM role, paste the following Action elements manually into the JSON file of the IAM role: \"Action\": [\"sagemaker:CreateEndpoint\", \"sagemaker:CreateEndpointConfig\"] \"Resource\": [ \"arn:aws:sagemaker:region:account-id:endpoint/endpointName\" \"arn:aws:sagemaker:region:account-id:endpoint-config/endpointConfigName\" ] For more -information, see Amazon SageMaker API Permissions: Actions, Permissions, and Resources -Reference. +information, see SageMaker API Permissions: Actions, Permissions, and Resources Reference. + # Arguments - `endpoint_config_name`: The name of an endpoint configuration. For more information, see @@ -1360,8 +1360,11 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys - `"OfflineStoreConfig"`: Use this to configure an OfflineFeatureStore. This parameter allows you to specify: The Amazon Simple Storage Service (Amazon S3) location of an OfflineStore. A configuration for an Amazon Web Services Glue or Amazon Web Services Hive - data cataolgue. An KMS encryption key to encrypt the Amazon S3 location used for - OfflineStore. To learn more about this parameter, see OfflineStoreConfig. + data catalog. An KMS encryption key to encrypt the Amazon S3 location used for + OfflineStore. If KMS encryption key is not specified, by default we encrypt all data at + rest using Amazon Web Services KMS key. By defining your bucket-level key for SSE, you can + reduce Amazon Web Services KMS requests costs by up to 99 percent. To learn more about + this parameter, see OfflineStoreConfig. - `"OnlineStoreConfig"`: You can turn the OnlineStore on or off by specifying True for the EnableOnlineStore flag in OnlineStoreConfig; the default value is False. You can also include an Amazon Web Services KMS key ID (KMSKeyId) for at-rest encryption of the diff --git a/src/services/secrets_manager.jl b/src/services/secrets_manager.jl index 2edb98df17..124c081edd 100644 --- a/src/services/secrets_manager.jl +++ b/src/services/secrets_manager.jl @@ -29,20 +29,8 @@ list all of the versions currently associated with a secret, use ListSecretVersi # Arguments - `secret_id`: Specifies the secret to cancel a rotation request. You can specify either - the Amazon Resource Name (ARN) or the friendly name of the secret. If you specify an ARN, - we generally recommend that you specify a complete ARN. You can specify a partial ARN - too—for example, if you don’t include the final hyphen and six random characters that - Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match - can work as long as it uniquely matches only one secret. However, if your secret has a name - that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen - and six characters to the ARN) and you try to use that as a partial ARN, then those - characters cause Secrets Manager to assume that you’re specifying a complete ARN. This - confusion can cause unexpected results. To avoid this situation, we recommend that you - don’t create secret names ending with a hyphen followed by six characters. If you specify - an incomplete ARN without the random suffix, and instead provide the 'friendly name', you - must not include the random suffix. If you do include the random suffix added by Secrets - Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, - depending on your permissions. + the Amazon Resource Name (ARN) or the friendly name of the secret. For an ARN, we recommend + that you specify a complete ARN rather than a partial ARN. """ function cancel_rotate_secret(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) @@ -174,11 +162,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the Lambda rotation function knows how to parse. For storing multiple values, we recommend that you use a JSON text string argument and specify key/value pairs. - For information on how to format a JSON parameter for the various command line tool - environments, see Using JSON for Parameters in the CLI User Guide. For example: - {\"username\":\"bob\",\"password\":\"abc123xyz456\"} If your command-line tool or SDK - requires quotation marks around the parameter, you should use single quotes to avoid - confusion with the double quotes required in the JSON text. + For more information, see Specifying parameter values for the Amazon Web Services CLI in + the Amazon Web Services CLI User Guide. - `"Tags"`: (Optional) Specifies a list of user-defined tags that are attached to the secret. Each tag is a \"Key\" and \"Value\" pair of strings. This operation only appends tags to the existing list of tags. To remove tags, you must use UntagResource. Secrets @@ -242,19 +227,8 @@ ListSecrets. # Arguments - `secret_id`: Specifies the secret that you want to delete the attached resource-based policy for. You can specify either the Amazon Resource Name (ARN) or the friendly name of - the secret. If you specify an ARN, we generally recommend that you specify a complete ARN. - You can specify a partial ARN too—for example, if you don’t include the final hyphen - and six random characters that Secrets Manager adds at the end of the ARN when you created - the secret. A partial ARN match can work as long as it uniquely matches only one secret. - However, if your secret has a name that ends in a hyphen followed by six characters (before - Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a - partial ARN, then those characters cause Secrets Manager to assume that you’re specifying - a complete ARN. This confusion can cause unexpected results. To avoid this situation, we - recommend that you don’t create secret names ending with a hyphen followed by six - characters. If you specify an incomplete ARN without the random suffix, and instead provide - the 'friendly name', you must not include the random suffix. If you do include the random - suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an - AccessDeniedException error, depending on your permissions. + the secret. For an ARN, we recommend that you specify a complete ARN rather than a partial + ARN. """ function delete_resource_policy(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) @@ -306,20 +280,8 @@ window has expired, use RestoreSecret. # Arguments - `secret_id`: Specifies the secret to delete. You can specify either the Amazon Resource - Name (ARN) or the friendly name of the secret. If you specify an ARN, we generally - recommend that you specify a complete ARN. You can specify a partial ARN too—for example, - if you don’t include the final hyphen and six random characters that Secrets Manager adds - at the end of the ARN when you created the secret. A partial ARN match can work as long as - it uniquely matches only one secret. However, if your secret has a name that ends in a - hyphen followed by six characters (before Secrets Manager adds the hyphen and six - characters to the ARN) and you try to use that as a partial ARN, then those characters - cause Secrets Manager to assume that you’re specifying a complete ARN. This confusion can - cause unexpected results. To avoid this situation, we recommend that you don’t create - secret names ending with a hyphen followed by six characters. If you specify an incomplete - ARN without the random suffix, and instead provide the 'friendly name', you must not - include the random suffix. If you do include the random suffix added by Secrets Manager, - you receive either a ResourceNotFoundException or an AccessDeniedException error, depending - on your permissions. + Name (ARN) or the friendly name of the secret. For an ARN, we recommend that you specify a + complete ARN rather than a partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -377,20 +339,8 @@ the Amazon Web Services account, use ListSecrets. # Arguments - `secret_id`: The identifier of the secret whose details you want to retrieve. You can - specify either the Amazon Resource Name (ARN) or the friendly name of the secret. If you - specify an ARN, we generally recommend that you specify a complete ARN. You can specify a - partial ARN too—for example, if you don’t include the final hyphen and six random - characters that Secrets Manager adds at the end of the ARN when you created the secret. A - partial ARN match can work as long as it uniquely matches only one secret. However, if your - secret has a name that ends in a hyphen followed by six characters (before Secrets Manager - adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, - then those characters cause Secrets Manager to assume that you’re specifying a complete - ARN. This confusion can cause unexpected results. To avoid this situation, we recommend - that you don’t create secret names ending with a hyphen followed by six characters. If - you specify an incomplete ARN without the random suffix, and instead provide the 'friendly - name', you must not include the random suffix. If you do include the random suffix added by - Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException - error, depending on your permissions. + specify either the Amazon Resource Name (ARN) or the friendly name of the secret. For an + ARN, we recommend that you specify a complete ARN rather than a partial ARN. """ function describe_secret(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) @@ -483,19 +433,8 @@ ListSecrets. # Arguments - `secret_id`: Specifies the secret that you want to retrieve the attached resource-based policy for. You can specify either the Amazon Resource Name (ARN) or the friendly name of - the secret. If you specify an ARN, we generally recommend that you specify a complete ARN. - You can specify a partial ARN too—for example, if you don’t include the final hyphen - and six random characters that Secrets Manager adds at the end of the ARN when you created - the secret. A partial ARN match can work as long as it uniquely matches only one secret. - However, if your secret has a name that ends in a hyphen followed by six characters (before - Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a - partial ARN, then those characters cause Secrets Manager to assume that you’re specifying - a complete ARN. This confusion can cause unexpected results. To avoid this situation, we - recommend that you don’t create secret names ending with a hyphen followed by six - characters. If you specify an incomplete ARN without the random suffix, and instead provide - the 'friendly name', you must not include the random suffix. If you do include the random - suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an - AccessDeniedException error, depending on your permissions. + the secret. For an ARN, we recommend that you specify a complete ARN rather than a partial + ARN. """ function get_resource_policy(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) @@ -536,20 +475,8 @@ non-encrypted details for the secret, use DescribeSecret. # Arguments - `secret_id`: Specifies the secret containing the version that you want to retrieve. You - can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. If - you specify an ARN, we generally recommend that you specify a complete ARN. You can specify - a partial ARN too—for example, if you don’t include the final hyphen and six random - characters that Secrets Manager adds at the end of the ARN when you created the secret. A - partial ARN match can work as long as it uniquely matches only one secret. However, if your - secret has a name that ends in a hyphen followed by six characters (before Secrets Manager - adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, - then those characters cause Secrets Manager to assume that you’re specifying a complete - ARN. This confusion can cause unexpected results. To avoid this situation, we recommend - that you don’t create secret names ending with a hyphen followed by six characters. If - you specify an incomplete ARN without the random suffix, and instead provide the 'friendly - name', you must not include the random suffix. If you do include the random suffix added by - Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException - error, depending on your permissions. + can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. For + an ARN, we recommend that you specify a complete ARN rather than a partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -605,20 +532,8 @@ account, use ListSecrets. # Arguments - `secret_id`: The identifier for the secret containing the versions you want to list. You - can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. If - you specify an ARN, we generally recommend that you specify a complete ARN. You can specify - a partial ARN too—for example, if you don’t include the final hyphen and six random - characters that Secrets Manager adds at the end of the ARN when you created the secret. A - partial ARN match can work as long as it uniquely matches only one secret. However, if your - secret has a name that ends in a hyphen followed by six characters (before Secrets Manager - adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, - then those characters cause Secrets Manager to assume that you’re specifying a complete - ARN. This confusion can cause unexpected results. To avoid this situation, we recommend - that you don’t create secret names ending with a hyphen followed by six characters. If - you specify an incomplete ARN without the random suffix, and instead provide the 'friendly - name', you must not include the random suffix. If you do include the random suffix added by - Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException - error, depending on your permissions. + can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. For + an ARN, we recommend that you specify a complete ARN rather than a partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -734,20 +649,8 @@ use ListSecrets. format a JSON parameter for the various command line tool environments, see Using JSON for Parameters in the CLI User Guide. - `secret_id`: Specifies the secret that you want to attach the resource-based policy. You - can specify either the ARN or the friendly name of the secret. If you specify an ARN, we - generally recommend that you specify a complete ARN. You can specify a partial ARN - too—for example, if you don’t include the final hyphen and six random characters that - Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match - can work as long as it uniquely matches only one secret. However, if your secret has a name - that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen - and six characters to the ARN) and you try to use that as a partial ARN, then those - characters cause Secrets Manager to assume that you’re specifying a complete ARN. This - confusion can cause unexpected results. To avoid this situation, we recommend that you - don’t create secret names ending with a hyphen followed by six characters. If you specify - an incomplete ARN without the random suffix, and instead provide the 'friendly name', you - must not include the random suffix. If you do include the random suffix added by Secrets - Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, - depending on your permissions. + can specify either the ARN or the friendly name of the secret. For an ARN, we recommend + that you specify a complete ARN rather than a partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -793,60 +696,53 @@ end Stores a new encrypted secret value in the specified secret. To do this, the operation creates a new version and attaches it to the secret. The version can contain a new SecretString value or a new SecretBinary value. You can also specify the staging labels -that are initially attached to the new version. The Secrets Manager console uses only the -SecretString field. To add binary data to a secret with the SecretBinary field you must use -the Amazon Web Services CLI or one of the Amazon Web Services SDKs. If this operation -creates the first version for the secret then Secrets Manager automatically attaches the -staging label AWSCURRENT to the new version. If you do not specify a value for -VersionStages then Secrets Manager automatically moves the staging label AWSCURRENT to this -new version. If this operation moves the staging label AWSCURRENT from another version to -this version, then Secrets Manager also automatically moves the staging label AWSPREVIOUS -to the version that AWSCURRENT was removed from. This operation is idempotent. If a -version with a VersionId with the same value as the ClientRequestToken parameter already -exists and you specify the same secret data, the operation succeeds but does nothing. -However, if the secret data is different, then the operation fails because you cannot -modify an existing version; you can only create new ones. If you call an operation to -encrypt or decrypt the SecretString or SecretBinary for a secret in the same account as the -calling user and that secret doesn't specify a Amazon Web Services KMS encryption key, -Secrets Manager uses the account's default Amazon Web Services managed customer master key -(CMK) with the alias aws/secretsmanager. If this key doesn't already exist in your account -then Secrets Manager creates it for you automatically. All users and roles in the same -Amazon Web Services account automatically have access to use the default CMK. Note that if -an Secrets Manager API call results in Amazon Web Services creating the account's Amazon -Web Services-managed CMK, it can result in a one-time significant delay in returning the -result. If the secret resides in a different Amazon Web Services account from the -credentials calling an API that requires encryption or decryption of the secret value then -you must create and use a custom Amazon Web Services KMS CMK because you can't access the -default CMK for the account using credentials from a different Amazon Web Services account. -Store the ARN of the CMK in the secret when you create the secret or when you update it by -including it in the KMSKeyId. If you call an API that must encrypt or decrypt SecretString -or SecretBinary using credentials from a different account then the Amazon Web Services KMS -key policy must grant cross-account access to that other account's user or role for both -the kms:GenerateDataKey and kms:Decrypt operations. Minimum permissions To run this -command, you must have the following permissions: secretsmanager:PutSecretValue -kms:GenerateDataKey - needed only if you use a customer-managed Amazon Web Services KMS key -to encrypt the secret. You do not need this permission to use the account's default Amazon -Web Services managed CMK for Secrets Manager. Related operations To retrieve the -encrypted value you store in the version of a secret, use GetSecretValue. To create a -secret, use CreateSecret. To get the details for a secret, use DescribeSecret. To list -the versions attached to a secret, use ListSecretVersionIds. +that are initially attached to the new version. We recommend you avoid calling +PutSecretValue at a sustained rate of more than once every 10 minutes. When you update the +secret value, Secrets Manager creates a new version of the secret. Secrets Manager removes +outdated versions when there are more than 100, but it does not remove versions created +less than 24 hours ago. If you call PutSecretValue more than once every 10 minutes, you +create more versions than Secrets Manager removes, and you will reach the quota for secret +versions. If this operation creates the first version for the secret then Secrets Manager +automatically attaches the staging label AWSCURRENT to the new version. If you do not +specify a value for VersionStages then Secrets Manager automatically moves the staging +label AWSCURRENT to this new version. If this operation moves the staging label +AWSCURRENT from another version to this version, then Secrets Manager also automatically +moves the staging label AWSPREVIOUS to the version that AWSCURRENT was removed from. This +operation is idempotent. If a version with a VersionId with the same value as the +ClientRequestToken parameter already exists and you specify the same secret data, the +operation succeeds but does nothing. However, if the secret data is different, then the +operation fails because you cannot modify an existing version; you can only create new +ones. If you call an operation to encrypt or decrypt the SecretString or SecretBinary +for a secret in the same account as the calling user and that secret doesn't specify a +Amazon Web Services KMS encryption key, Secrets Manager uses the account's default Amazon +Web Services managed customer master key (CMK) with the alias aws/secretsmanager. If this +key doesn't already exist in your account then Secrets Manager creates it for you +automatically. All users and roles in the same Amazon Web Services account automatically +have access to use the default CMK. Note that if an Secrets Manager API call results in +Amazon Web Services creating the account's Amazon Web Services-managed CMK, it can result +in a one-time significant delay in returning the result. If the secret resides in a +different Amazon Web Services account from the credentials calling an API that requires +encryption or decryption of the secret value then you must create and use a custom Amazon +Web Services KMS CMK because you can't access the default CMK for the account using +credentials from a different Amazon Web Services account. Store the ARN of the CMK in the +secret when you create the secret or when you update it by including it in the KMSKeyId. If +you call an API that must encrypt or decrypt SecretString or SecretBinary using credentials +from a different account then the Amazon Web Services KMS key policy must grant +cross-account access to that other account's user or role for both the kms:GenerateDataKey +and kms:Decrypt operations. Minimum permissions To run this command, you must have the +following permissions: secretsmanager:PutSecretValue kms:GenerateDataKey - needed only +if you use a customer-managed Amazon Web Services KMS key to encrypt the secret. You do not +need this permission to use the account's default Amazon Web Services managed CMK for +Secrets Manager. Related operations To retrieve the encrypted value you store in the +version of a secret, use GetSecretValue. To create a secret, use CreateSecret. To get +the details for a secret, use DescribeSecret. To list the versions attached to a secret, +use ListSecretVersionIds. # Arguments - `secret_id`: Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must - already exist. If you specify an ARN, we generally recommend that you specify a complete - ARN. You can specify a partial ARN too—for example, if you don’t include the final - hyphen and six random characters that Secrets Manager adds at the end of the ARN when you - created the secret. A partial ARN match can work as long as it uniquely matches only one - secret. However, if your secret has a name that ends in a hyphen followed by six characters - (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use - that as a partial ARN, then those characters cause Secrets Manager to assume that you’re - specifying a complete ARN. This confusion can cause unexpected results. To avoid this - situation, we recommend that you don’t create secret names ending with a hyphen followed - by six characters. If you specify an incomplete ARN without the random suffix, and instead - provide the 'friendly name', you must not include the random suffix. If you do include the - random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or - an AccessDeniedException error, depending on your permissions. + already exist. For an ARN, we recommend that you specify a complete ARN rather than a + partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -880,11 +776,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse. For storing multiple values, we recommend that you use a JSON text string argument and specify - key/value pairs. For information on how to format a JSON parameter for the various command - line tool environments, see Using JSON for Parameters in the CLI User Guide. For example: - [{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}] If your command-line tool or SDK - requires quotation marks around the parameter, you should use single quotes to avoid - confusion with the double quotes required in the JSON text. + key/value pairs. For more information, see Specifying parameter values for the Amazon Web + Services CLI in the Amazon Web Services CLI User Guide. - `"VersionStages"`: (Optional) Specifies a list of staging labels that are attached to this version of the secret. These staging labels are used to track the versions through the rotation process by the Lambda rotation function. A staging label must be unique to a @@ -1028,19 +921,7 @@ operations To delete a secret, use DeleteSecret. # Arguments - `secret_id`: Specifies the secret that you want to restore from a previously scheduled deletion. You can specify either the Amazon Resource Name (ARN) or the friendly name of the - secret. If you specify an ARN, we generally recommend that you specify a complete ARN. You - can specify a partial ARN too—for example, if you don’t include the final hyphen and - six random characters that Secrets Manager adds at the end of the ARN when you created the - secret. A partial ARN match can work as long as it uniquely matches only one secret. - However, if your secret has a name that ends in a hyphen followed by six characters (before - Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a - partial ARN, then those characters cause Secrets Manager to assume that you’re specifying - a complete ARN. This confusion can cause unexpected results. To avoid this situation, we - recommend that you don’t create secret names ending with a hyphen followed by six - characters. If you specify an incomplete ARN without the random suffix, and instead provide - the 'friendly name', you must not include the random suffix. If you do include the random - suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an - AccessDeniedException error, depending on your permissions. + secret. For an ARN, we recommend that you specify a complete ARN rather than a partial ARN. """ function restore_secret(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) @@ -1102,20 +983,8 @@ staging labels from a version of a secret, use UpdateSecretVersionStage. # Arguments - `secret_id`: Specifies the secret that you want to rotate. You can specify either the - Amazon Resource Name (ARN) or the friendly name of the secret. If you specify an ARN, we - generally recommend that you specify a complete ARN. You can specify a partial ARN - too—for example, if you don’t include the final hyphen and six random characters that - Secrets Manager adds at the end of the ARN when you created the secret. A partial ARN match - can work as long as it uniquely matches only one secret. However, if your secret has a name - that ends in a hyphen followed by six characters (before Secrets Manager adds the hyphen - and six characters to the ARN) and you try to use that as a partial ARN, then those - characters cause Secrets Manager to assume that you’re specifying a complete ARN. This - confusion can cause unexpected results. To avoid this situation, we recommend that you - don’t create secret names ending with a hyphen followed by six characters. If you specify - an incomplete ARN without the random suffix, and instead provide the 'friendly name', you - must not include the random suffix. If you do include the random suffix added by Secrets - Manager, you receive either a ResourceNotFoundException or an AccessDeniedException error, - depending on your permissions. + Amazon Resource Name (ARN) or the friendly name of the secret. For an ARN, we recommend + that you specify a complete ARN rather than a partial ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -1226,25 +1095,13 @@ view the list of tags attached to a secret, use DescribeSecret. # Arguments - `secret_id`: The identifier for the secret that you want to attach tags to. You can - specify either the Amazon Resource Name (ARN) or the friendly name of the secret. If you - specify an ARN, we generally recommend that you specify a complete ARN. You can specify a - partial ARN too—for example, if you don’t include the final hyphen and six random - characters that Secrets Manager adds at the end of the ARN when you created the secret. A - partial ARN match can work as long as it uniquely matches only one secret. However, if your - secret has a name that ends in a hyphen followed by six characters (before Secrets Manager - adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, - then those characters cause Secrets Manager to assume that you’re specifying a complete - ARN. This confusion can cause unexpected results. To avoid this situation, we recommend - that you don’t create secret names ending with a hyphen followed by six characters. If - you specify an incomplete ARN without the random suffix, and instead provide the 'friendly - name', you must not include the random suffix. If you do include the random suffix added by - Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException - error, depending on your permissions. + specify either the Amazon Resource Name (ARN) or the friendly name of the secret. For an + ARN, we recommend that you specify a complete ARN rather than a partial ARN. - `tags`: The tags to attach to the secret. Each element in the list consists of a Key and - a Value. This parameter to the API requires a JSON text string argument. For information on - how to format a JSON parameter for the various command line tool environments, see Using - JSON for Parameters in the CLI User Guide. For the CLI, you can also use the syntax: --Tags - Key=\"Key1\",Value=\"Value1\" Key=\"Key2\",Value=\"Value2\"[,…] + a Value. This parameter to the API requires a JSON text string argument. For storing + multiple values, we recommend that you use a JSON text string argument and specify + key/value pairs. For more information, see Specifying parameter values for the Amazon Web + Services CLI in the Amazon Web Services CLI User Guide. """ function tag_resource(SecretId, Tags; aws_config::AbstractAWSConfig=global_aws_config()) @@ -1289,25 +1146,14 @@ attached to a secret, use DescribeSecret. # Arguments - `secret_id`: The identifier for the secret that you want to remove tags from. You can - specify either the Amazon Resource Name (ARN) or the friendly name of the secret. If you - specify an ARN, we generally recommend that you specify a complete ARN. You can specify a - partial ARN too—for example, if you don’t include the final hyphen and six random - characters that Secrets Manager adds at the end of the ARN when you created the secret. A - partial ARN match can work as long as it uniquely matches only one secret. However, if your - secret has a name that ends in a hyphen followed by six characters (before Secrets Manager - adds the hyphen and six characters to the ARN) and you try to use that as a partial ARN, - then those characters cause Secrets Manager to assume that you’re specifying a complete - ARN. This confusion can cause unexpected results. To avoid this situation, we recommend - that you don’t create secret names ending with a hyphen followed by six characters. If - you specify an incomplete ARN without the random suffix, and instead provide the 'friendly - name', you must not include the random suffix. If you do include the random suffix added by - Secrets Manager, you receive either a ResourceNotFoundException or an AccessDeniedException - error, depending on your permissions. + specify either the Amazon Resource Name (ARN) or the friendly name of the secret. For an + ARN, we recommend that you specify a complete ARN rather than a partial ARN. - `tag_keys`: A list of tag key names to remove from the secret. You don't specify the value. Both the key and its associated value are removed. This parameter to the API - requires a JSON text string argument. For information on how to format a JSON parameter for - the various command line tool environments, see Using JSON for Parameters in the CLI User - Guide. + requires a JSON text string argument. For storing multiple values, we recommend that you + use a JSON text string argument and specify key/value pairs. For more information, see + Specifying parameter values for the Amazon Web Services CLI in the Amazon Web Services CLI + User Guide. """ function untag_resource( @@ -1344,60 +1190,54 @@ end update_secret(secret_id) update_secret(secret_id, params::Dict{String,<:Any}) -Modifies many of the details of the specified secret. If you include a ClientRequestToken -and either SecretString or SecretBinary then it also creates a new version attached to the -secret. To modify the rotation configuration of a secret, use RotateSecret instead. The -Secrets Manager console uses only the SecretString parameter and therefore limits you to -encrypting and storing only a text string. To encrypt and store binary data as part of the -version of a secret, you must use either the Amazon Web Services CLI or one of the Amazon -Web Services SDKs. If a version with a VersionId with the same value as the -ClientRequestToken parameter already exists, the operation results in an error. You cannot -modify an existing version, you can only create a new version. If you include -SecretString or SecretBinary to create a new secret version, Secrets Manager automatically -attaches the staging label AWSCURRENT to the new version. If you call an operation to -encrypt or decrypt the SecretString or SecretBinary for a secret in the same account as the -calling user and that secret doesn't specify a Amazon Web Services KMS encryption key, -Secrets Manager uses the account's default Amazon Web Services managed customer master key -(CMK) with the alias aws/secretsmanager. If this key doesn't already exist in your account -then Secrets Manager creates it for you automatically. All users and roles in the same -Amazon Web Services account automatically have access to use the default CMK. Note that if -an Secrets Manager API call results in Amazon Web Services creating the account's Amazon -Web Services-managed CMK, it can result in a one-time significant delay in returning the -result. If the secret resides in a different Amazon Web Services account from the -credentials calling an API that requires encryption or decryption of the secret value then -you must create and use a custom Amazon Web Services KMS CMK because you can't access the -default CMK for the account using credentials from a different Amazon Web Services account. -Store the ARN of the CMK in the secret when you create the secret or when you update it by -including it in the KMSKeyId. If you call an API that must encrypt or decrypt SecretString -or SecretBinary using credentials from a different account then the Amazon Web Services KMS -key policy must grant cross-account access to that other account's user or role for both -the kms:GenerateDataKey and kms:Decrypt operations. Minimum permissions To run this -command, you must have the following permissions: secretsmanager:UpdateSecret -kms:GenerateDataKey - needed only if you use a custom Amazon Web Services KMS key to -encrypt the secret. You do not need this permission to use the account's Amazon Web -Services managed CMK for Secrets Manager. kms:Decrypt - needed only if you use a custom -Amazon Web Services KMS key to encrypt the secret. You do not need this permission to use -the account's Amazon Web Services managed CMK for Secrets Manager. Related operations -To create a new secret, use CreateSecret. To add only a new version to an existing -secret, use PutSecretValue. To get the details for a secret, use DescribeSecret. To -list the versions contained in a secret, use ListSecretVersionIds. +Modifies many of the details of the specified secret. To change the secret value, you can +also use PutSecretValue. To change the rotation configuration of a secret, use RotateSecret +instead. We recommend you avoid calling UpdateSecret at a sustained rate of more than once +every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager +creates a new version of the secret. Secrets Manager removes outdated versions when there +are more than 100, but it does not remove versions created less than 24 hours ago. If you +update the secret value more than once every 10 minutes, you create more versions than +Secrets Manager removes, and you will reach the quota for secret versions. The Secrets +Manager console uses only the SecretString parameter and therefore limits you to encrypting +and storing only a text string. To encrypt and store binary data as part of the version of +a secret, you must use either the Amazon Web Services CLI or one of the Amazon Web Services +SDKs. If a version with a VersionId with the same value as the ClientRequestToken +parameter already exists, the operation results in an error. You cannot modify an existing +version, you can only create a new version. If you include SecretString or SecretBinary +to create a new secret version, Secrets Manager automatically attaches the staging label +AWSCURRENT to the new version. If you call an operation to encrypt or decrypt the +SecretString or SecretBinary for a secret in the same account as the calling user and that +secret doesn't specify a Amazon Web Services KMS encryption key, Secrets Manager uses the +account's default Amazon Web Services managed customer master key (CMK) with the alias +aws/secretsmanager. If this key doesn't already exist in your account then Secrets Manager +creates it for you automatically. All users and roles in the same Amazon Web Services +account automatically have access to use the default CMK. Note that if an Secrets Manager +API call results in Amazon Web Services creating the account's Amazon Web Services-managed +CMK, it can result in a one-time significant delay in returning the result. If the secret +resides in a different Amazon Web Services account from the credentials calling an API that +requires encryption or decryption of the secret value then you must create and use a custom +Amazon Web Services KMS CMK because you can't access the default CMK for the account using +credentials from a different Amazon Web Services account. Store the ARN of the CMK in the +secret when you create the secret or when you update it by including it in the KMSKeyId. If +you call an API that must encrypt or decrypt SecretString or SecretBinary using credentials +from a different account then the Amazon Web Services KMS key policy must grant +cross-account access to that other account's user or role for both the kms:GenerateDataKey +and kms:Decrypt operations. Minimum permissions To run this command, you must have the +following permissions: secretsmanager:UpdateSecret kms:GenerateDataKey - needed only if +you use a custom Amazon Web Services KMS key to encrypt the secret. You do not need this +permission to use the account's Amazon Web Services managed CMK for Secrets Manager. +kms:Decrypt - needed only if you use a custom Amazon Web Services KMS key to encrypt the +secret. You do not need this permission to use the account's Amazon Web Services managed +CMK for Secrets Manager. Related operations To create a new secret, use CreateSecret. + To add only a new version to an existing secret, use PutSecretValue. To get the details +for a secret, use DescribeSecret. To list the versions contained in a secret, use +ListSecretVersionIds. # Arguments - `secret_id`: Specifies the secret that you want to modify or to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of - the secret. If you specify an ARN, we generally recommend that you specify a complete ARN. - You can specify a partial ARN too—for example, if you don’t include the final hyphen - and six random characters that Secrets Manager adds at the end of the ARN when you created - the secret. A partial ARN match can work as long as it uniquely matches only one secret. - However, if your secret has a name that ends in a hyphen followed by six characters (before - Secrets Manager adds the hyphen and six characters to the ARN) and you try to use that as a - partial ARN, then those characters cause Secrets Manager to assume that you’re specifying - a complete ARN. This confusion can cause unexpected results. To avoid this situation, we - recommend that you don’t create secret names ending with a hyphen followed by six - characters. If you specify an incomplete ARN without the random suffix, and instead provide - the 'friendly name', you must not include the random suffix. If you do include the random - suffix added by Secrets Manager, you receive either a ResourceNotFoundException or an - AccessDeniedException error, depending on your permissions. + the secret. For an ARN, we recommend that you specify a complete ARN rather than a partial + ARN. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -1422,12 +1262,15 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys the VersionId of the new version. - `"Description"`: (Optional) Specifies an updated user-provided description of the secret. - `"KmsKeyId"`: (Optional) Specifies an updated ARN or alias of the Amazon Web Services KMS - customer master key (CMK) to be used to encrypt the protected text in new versions of this - secret. You can only use the account's default CMK to encrypt and decrypt if you call this - operation using credentials from the same account that owns the secret. If the secret is in - a different account, then you must create a custom CMK and provide the ARN of that CMK in - this field. The user making the call must have permissions to both the secret and the CMK - in their respective accounts. + customer master key (CMK) that Secrets Manager uses to encrypt the protected text in new + versions of this secret as well as any existing versions of this secret that have the + staging labels AWSCURRENT, AWSPENDING, or AWSPREVIOUS. For more information about staging + labels, see Staging Labels in the Amazon Web Services Secrets Manager User Guide. You can + only use the account's default CMK to encrypt and decrypt if you call this operation using + credentials from the same account that owns the secret. If the secret is in a different + account, then you must create a custom CMK and provide the ARN of that CMK in this field. + The user making the call must have permissions to both the secret and the CMK in their + respective accounts. - `"SecretBinary"`: (Optional) Specifies updated binary data that you want to encrypt and store in the new version of the secret. To use this parameter in the command-line tools, we recommend that you store your binary data in a file and then use the appropriate technique @@ -1441,14 +1284,8 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys SecretString parameter. The Secrets Manager console stores the information as a JSON structure of key/value pairs that the default Lambda rotation function knows how to parse. For storing multiple values, we recommend that you use a JSON text string argument and - specify key/value pairs. For information on how to format a JSON parameter for the various - command line tool environments, see Using JSON for Parameters in the CLI User Guide. For - example: [{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}] If your command-line - tool or SDK requires quotation marks around the parameter, you should use single quotes to - avoid confusion with the double quotes required in the JSON text. You can also 'escape' the - double quote character in the embedded JSON text by prefacing each with a backslash. For - example, the following string is surrounded by double-quotes. All of the embedded double - quotes are escaped: \"[{\"username\":\"bob\"},{\"password\":\"abc123xyz456\"}]\" + specify key/value pairs. For more information, see Specifying parameter values for the + Amazon Web Services CLI in the Amazon Web Services CLI User Guide. """ function update_secret(SecretId; aws_config::AbstractAWSConfig=global_aws_config()) return secrets_manager( @@ -1503,19 +1340,8 @@ examine the SecretVersionsToStages response value. # Arguments - `secret_id`: Specifies the secret with the version with the list of staging labels you want to modify. You can specify either the Amazon Resource Name (ARN) or the friendly name - of the secret. If you specify an ARN, we generally recommend that you specify a complete - ARN. You can specify a partial ARN too—for example, if you don’t include the final - hyphen and six random characters that Secrets Manager adds at the end of the ARN when you - created the secret. A partial ARN match can work as long as it uniquely matches only one - secret. However, if your secret has a name that ends in a hyphen followed by six characters - (before Secrets Manager adds the hyphen and six characters to the ARN) and you try to use - that as a partial ARN, then those characters cause Secrets Manager to assume that you’re - specifying a complete ARN. This confusion can cause unexpected results. To avoid this - situation, we recommend that you don’t create secret names ending with a hyphen followed - by six characters. If you specify an incomplete ARN without the random suffix, and instead - provide the 'friendly name', you must not include the random suffix. If you do include the - random suffix added by Secrets Manager, you receive either a ResourceNotFoundException or - an AccessDeniedException error, depending on your permissions. + of the secret. For an ARN, we recommend that you specify a complete ARN rather than a + partial ARN. - `version_stage`: The staging label to add to this version. # Optional Parameters @@ -1586,19 +1412,8 @@ secretsmanager:PutResourcePolicy secretsmanager:ValidateResourcePolicy Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"SecretId"`: (Optional) The identifier of the secret with the resource-based policy you want to validate. You can specify either the Amazon Resource Name (ARN) or the friendly - name of the secret. If you specify an ARN, we generally recommend that you specify a - complete ARN. You can specify a partial ARN too—for example, if you don’t include the - final hyphen and six random characters that Secrets Manager adds at the end of the ARN when - you created the secret. A partial ARN match can work as long as it uniquely matches only - one secret. However, if your secret has a name that ends in a hyphen followed by six - characters (before Secrets Manager adds the hyphen and six characters to the ARN) and you - try to use that as a partial ARN, then those characters cause Secrets Manager to assume - that you’re specifying a complete ARN. This confusion can cause unexpected results. To - avoid this situation, we recommend that you don’t create secret names ending with a - hyphen followed by six characters. If you specify an incomplete ARN without the random - suffix, and instead provide the 'friendly name', you must not include the random suffix. If - you do include the random suffix added by Secrets Manager, you receive either a - ResourceNotFoundException or an AccessDeniedException error, depending on your permissions. + name of the secret. For an ARN, we recommend that you specify a complete ARN rather than a + partial ARN. """ function validate_resource_policy( ResourcePolicy; aws_config::AbstractAWSConfig=global_aws_config() diff --git a/src/services/securityhub.jl b/src/services/securityhub.jl index efd198259b..3a91ff2656 100644 --- a/src/services/securityhub.jl +++ b/src/services/securityhub.jl @@ -438,14 +438,16 @@ create the account association and then send an invitation to the member account the invitation, you use the InviteMembers operation. If the account owner accepts the invitation, the account becomes a member account in Security Hub. Accounts that are managed using Organizations do not receive an invitation. They automatically become a member -account in Security Hub, and Security Hub is automatically enabled for those accounts. Note -that Security Hub cannot be enabled automatically for the organization management account. -The organization management account must enable Security Hub before the administrator -account enables it as a member account. A permissions policy is added that permits the -administrator account to view the findings generated in the member account. When Security -Hub is enabled in a member account, the member account findings are also visible to the -administrator account. To remove the association between the administrator and member -accounts, use the DisassociateFromMasterAccount or DisassociateMembers operation. +account in Security Hub. If the organization account does not have Security Hub enabled, +then Security Hub and the default standards are automatically enabled. Note that Security +Hub cannot be enabled automatically for the organization management account. The +organization management account must enable Security Hub before the administrator account +enables it as a member account. For organization accounts that already have Security Hub +enabled, Security Hub does not make any other changes to those accounts. It does not change +their enabled standards or controls. A permissions policy is added that permits the +administrator account to view the findings generated in the member account. To remove the +association between the administrator and member accounts, use the +DisassociateFromMasterAccount or DisassociateMembers operation. # Arguments - `account_details`: The list of accounts to associate with the Security Hub administrator diff --git a/src/utilities/request.jl b/src/utilities/request.jl index 17a3e42e2c..96c4bfa09b 100644 --- a/src/utilities/request.jl +++ b/src/utilities/request.jl @@ -102,7 +102,7 @@ function submit_request(aws::AbstractAWSConfig, request::Request; return_headers end @retry if :message in fieldnames(typeof(e)) && - occursin("Signature expired", e.message) + occursin("Signature expired", e.message) end # Handle ExpiredToken... @@ -127,8 +127,8 @@ function submit_request(aws::AbstractAWSConfig, request::Request; return_headers end if e isa AWSException && - occursin("Missing Authentication Token", e.message) && - aws.credentials === nothing + occursin("Missing Authentication Token", e.message) && + aws.credentials === nothing return throw( NoCredentials( "You're attempting to perform a request without credentials set." @@ -187,10 +187,10 @@ function _http_request(http_backend::HTTPBackend, request::Request, response_str # caught and wrapped in an HTTP.IOError # https://github.com/JuliaWeb/HTTP.jl/issues/382 @delay_retry if isa(e, Sockets.DNSError) || - isa(e, HTTP.ParseError) || - isa(e, HTTP.IOError) || - isa(e, Base.IOError) || - (isa(e, HTTP.StatusError) && _http_status(e) >= 500) + isa(e, HTTP.ParseError) || + isa(e, HTTP.IOError) || + isa(e, Base.IOError) || + (isa(e, HTTP.StatusError) && _http_status(e) >= 500) end end end diff --git a/test/AWS.jl b/test/AWS.jl index 38395333c6..e89e5531c4 100644 --- a/test/AWS.jl +++ b/test/AWS.jl @@ -105,11 +105,11 @@ end @test length(authorization_header) == 4 @test authorization_header[1] == "AWS4-HMAC-SHA256" @test authorization_header[2] == - "Credential=$access_key/$date/us-east-1/$(request.service)/aws4_request," + "Credential=$access_key/$date/us-east-1/$(request.service)/aws4_request," @test authorization_header[3] == - "SignedHeaders=content-md5;content-type;host;user-agent;x-amz-content-sha256;x-amz-date," + "SignedHeaders=content-md5;content-type;host;user-agent;x-amz-content-sha256;x-amz-date," @test authorization_header[4] == - "Signature=0f292eaf0b66cf353bafcb1b9b6d90ee27064236a60f17f6fc5bd7d40173a0be" + "Signature=0f292eaf0b66cf353bafcb1b9b6d90ee27064236a60f17f6fc5bd7d40173a0be" end end @@ -357,7 +357,7 @@ end request.http_options = Dict(:pipeline_limit => 20) @test AWS._http_request(request.backend, request, io) == Dict(:pipeline_limit => 20) @test AWS._http_request(custom_backend, request, io) == - Dict(:pipeline_limit => 20, :connection_limit => 5) + Dict(:pipeline_limit => 20, :connection_limit => 5) # per-request options override backend options: custom_backend = AWS.HTTPBackend(Dict(:pipeline_limit => 5)) diff --git a/test/AWSCredentials.jl b/test/AWSCredentials.jl index a05a6bbc8b..94744ff819 100644 --- a/test/AWSCredentials.jl +++ b/test/AWSCredentials.jl @@ -396,7 +396,7 @@ end return HTTP.Response(test_values["Security-Credentials"]) elseif url == "http://169.254.169.254/latest/meta-data/iam/security-credentials/$security_credentials" || - url == "http://169.254.170.2$uri" + url == "http://169.254.170.2$uri" my_dict = JSON.json(test_values) response = HTTP.Response(my_dict) return response @@ -711,7 +711,7 @@ end withenv("AWS_DEFAULT_REGION" => nothing) do @test aws_get_region(; config=ini, profile="test") == "ap-northeast-1" @test aws_get_region(; config=config_file, profile="test") == - "ap-northeast-1" + "ap-northeast-1" end withenv( @@ -727,7 +727,7 @@ end withenv("AWS_DEFAULT_REGION" => nothing) do @test aws_get_region(; config=ini, profile="unknown") == AWS.DEFAULT_REGION @test aws_get_region(; config=config_file, profile="unknown") == - AWS.DEFAULT_REGION + AWS.DEFAULT_REGION end withenv( @@ -743,7 +743,7 @@ end default = nothing withenv("AWS_DEFAULT_REGION" => nothing) do @test aws_get_region(; config=ini, profile="unknown", default=default) === - default + default @test aws_get_region(; config=config_file, profile="unknown", default=default ) === default