diff options
author | Ricardo Wurmus <rekado@elephly.net> | 2019-06-29 01:51:57 +0200 |
---|---|---|
committer | Ricardo Wurmus <rekado@elephly.net> | 2019-07-25 00:20:57 +0200 |
commit | c9e1ea1d8cf2daab752b6073eeab5a328d7964ec (patch) | |
tree | 8458bc2f29f088cb651fb06b3f30785811d338ac |
Initial commit.
-rw-r--r-- | .gitignore | 11 | ||||
-rw-r--r-- | COPYING | 674 | ||||
-rw-r--r-- | Makefile.am | 41 | ||||
-rw-r--r-- | aws/api/README | 4 | ||||
-rw-r--r-- | aws/api/cloudfront-2019-03-26.normal.json | 5679 | ||||
-rw-r--r-- | aws/api/ec2-2016-11-15.normal.json | 32928 | ||||
-rw-r--r-- | aws/api/s3-2006-03-01.normal.json | 9222 | ||||
-rw-r--r-- | aws/base.scm | 150 | ||||
-rw-r--r-- | aws/request.scm | 238 | ||||
-rw-r--r-- | aws/utils/json.scm | 382 | ||||
-rwxr-xr-x | bootstrap | 2 | ||||
-rw-r--r-- | configure.ac | 15 | ||||
-rw-r--r-- | guix.scm | 3 | ||||
-rw-r--r-- | language/aws/spec.scm | 218 | ||||
-rw-r--r-- | pre-inst-env.in | 10 |
15 files changed, 49577 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bee3d6a --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +Makefile +Makefile.in +autom4te.cache/ +build-aux/ +config.cache +config.log +config.status +configure +pre-inst-env +*.go +upstream-json-specs @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + <program> Copyright (C) <year> <name of author> + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +<http://www.gnu.org/licenses/>. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +<http://www.gnu.org/philosophy/why-not-lgpl.html>. diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 0000000..a497b4d --- /dev/null +++ b/Makefile.am @@ -0,0 +1,41 @@ +GOBJECTS = $(GUILE_SOURCES:%.scm=%.go) $(JSON_SOURCES:.normal.json=.go) + +nobase_mod_DATA = $(SOURCES) $(NOCOMP_SOURCES) +nobase_go_DATA = $(GOBJECTS) + +# Make sure source files are installed first, so that the mtime of +# installed compiled files is greater than that of installed source +# files. See +# <http://lists.gnu.org/archive/html/guile-devel/2010-07/msg00125.html> +# for details. +guile_install_go_files = install-nobase_goDATA +$(guile_install_go_files): install-nobase_modDATA + +CLEANFILES = $(GOBJECTS) +EXTRA_DIST = $(SOURCES) $(NOCOMP_SOURCES) +GUILE_WARNINGS = -Wunbound-variable -Warity-mismatch -Wformat +SUFFIXES = .scm .go +.scm.go: + $(AM_V_GEN)$(top_builddir)/pre-inst-env $(GUILE_TOOLS) compile $(GUILE_WARNINGS) -o "$@" "$<" + +moddir=$(prefix)/share/guile/site/$(GUILE_EFFECTIVE_VERSION) +godir=$(libdir)/guile/$(GUILE_EFFECTIVE_VERSION)/ccache + +GUILE_SOURCES = \ + aws/base.scm \ + aws/request.scm \ + aws/utils/json.scm \ + language/aws/spec.scm + +JSON_SOURCES = \ + aws/api/cloudfront-2019-03-26.normal.json \ + aws/api/ec2-2016-11-15.normal.json \ + aws/api/s3-2006-03-01.normal.json + +$(JSON_SOURCES:.normal.json=.go): %.go: %.normal.json aws/base.scm language/aws/spec.scm + $(AM_V_GEN)$(top_builddir)/pre-inst-env $(GUILE_TOOLS) \ + compile $(GUILE_WARNINGS) -O1 --from=aws \ + -o "$@" "$<" + + +SOURCES = $(GUILE_SOURCES) $(JSON_SOURCES) diff --git a/aws/api/README b/aws/api/README new file mode 100644 index 0000000..115e80b --- /dev/null +++ b/aws/api/README @@ -0,0 +1,4 @@ +These JSON files are unmodified copies taken from v2.484.0 of the AWS +SDK for JavaScript: https://github.com/aws/aws-sdk-js/tree/master/apis + +They are covered under the Apache 2.0 license. diff --git a/aws/api/cloudfront-2019-03-26.normal.json b/aws/api/cloudfront-2019-03-26.normal.json new file mode 100644 index 0000000..ab547c7 --- /dev/null +++ b/aws/api/cloudfront-2019-03-26.normal.json @@ -0,0 +1,5679 @@ +{ + "version": "2.0", + "metadata": { + "apiVersion": "2019-03-26", + "endpointPrefix": "cloudfront", + "globalEndpoint": "cloudfront.amazonaws.com", + "protocol": "rest-xml", + "serviceAbbreviation": "CloudFront", + "serviceFullName": "Amazon CloudFront", + "serviceId": "CloudFront", + "signatureVersion": "v4", + "uid": "cloudfront-2019-03-26" + }, + "operations": { + "CreateCloudFrontOriginAccessIdentity": { + "name": "CreateCloudFrontOriginAccessIdentity2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront", + "responseCode": 201 + }, + "input": { + "shape": "CreateCloudFrontOriginAccessIdentityRequest" + }, + "output": { + "shape": "CreateCloudFrontOriginAccessIdentityResult" + }, + "errors": [ + { + "shape": "CloudFrontOriginAccessIdentityAlreadyExists" + }, + { + "shape": "MissingBody" + }, + { + "shape": "TooManyCloudFrontOriginAccessIdentities" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InconsistentQuantities" + } + ], + "documentation": "<p>Creates a new origin access identity. If you're using Amazon S3 for your origin, you can use an origin access identity to require users to access your content using a CloudFront URL instead of the Amazon S3 URL. For more information about how to use origin access identities, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CreateDistribution": { + "name": "CreateDistribution2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/distribution", + "responseCode": 201 + }, + "input": { + "shape": "CreateDistributionRequest" + }, + "output": { + "shape": "CreateDistributionResult" + }, + "errors": [ + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "DistributionAlreadyExists" + }, + { + "shape": "InvalidOrigin" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "InvalidViewerCertificate" + }, + { + "shape": "InvalidMinimumProtocolVersion" + }, + { + "shape": "MissingBody" + }, + { + "shape": "TooManyDistributionCNAMEs" + }, + { + "shape": "TooManyDistributions" + }, + { + "shape": "InvalidDefaultRootObject" + }, + { + "shape": "InvalidRelativePath" + }, + { + "shape": "InvalidErrorCode" + }, + { + "shape": "InvalidResponseCode" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidRequiredProtocol" + }, + { + "shape": "NoSuchOrigin" + }, + { + "shape": "TooManyOrigins" + }, + { + "shape": "TooManyOriginGroupsPerDistribution" + }, + { + "shape": "TooManyCacheBehaviors" + }, + { + "shape": "TooManyCookieNamesInWhiteList" + }, + { + "shape": "InvalidForwardCookies" + }, + { + "shape": "TooManyHeadersInForwardedValues" + }, + { + "shape": "InvalidHeadersForS3Origin" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "TooManyCertificates" + }, + { + "shape": "InvalidLocationCode" + }, + { + "shape": "InvalidGeoRestrictionParameter" + }, + { + "shape": "InvalidProtocolSettings" + }, + { + "shape": "InvalidTTLOrder" + }, + { + "shape": "InvalidWebACLId" + }, + { + "shape": "TooManyOriginCustomHeaders" + }, + { + "shape": "TooManyQueryStringParameters" + }, + { + "shape": "InvalidQueryStringParameters" + }, + { + "shape": "TooManyDistributionsWithLambdaAssociations" + }, + { + "shape": "TooManyLambdaFunctionAssociations" + }, + { + "shape": "InvalidLambdaFunctionAssociation" + }, + { + "shape": "InvalidOriginReadTimeout" + }, + { + "shape": "InvalidOriginKeepaliveTimeout" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + }, + { + "shape": "IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior" + }, + { + "shape": "TooManyDistributionsAssociatedToFieldLevelEncryptionConfig" + } + ], + "documentation": "<p>Creates a new web distribution. You create a CloudFront distribution to tell CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery. Send a <code>POST</code> request to the <code>/<i>CloudFront API version</i>/distribution</code>/<code>distribution ID</code> resource.</p> <important> <p>When you update a distribution, there are more required fields than when you create a distribution. When you update your distribution by using <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html\">UpdateDistribution</a>, follow the steps included in the documentation to get the current configuration and then make your updates. This helps to make sure that you include all of the required fields. To view a summary, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-overview-required-fields.html\">Required Fields for Create Distribution and Update Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> </important>" + }, + "CreateDistributionWithTags": { + "name": "CreateDistributionWithTags2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/distribution?WithTags", + "responseCode": 201 + }, + "input": { + "shape": "CreateDistributionWithTagsRequest" + }, + "output": { + "shape": "CreateDistributionWithTagsResult" + }, + "errors": [ + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "DistributionAlreadyExists" + }, + { + "shape": "InvalidOrigin" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "InvalidViewerCertificate" + }, + { + "shape": "InvalidMinimumProtocolVersion" + }, + { + "shape": "MissingBody" + }, + { + "shape": "TooManyDistributionCNAMEs" + }, + { + "shape": "TooManyDistributions" + }, + { + "shape": "InvalidDefaultRootObject" + }, + { + "shape": "InvalidRelativePath" + }, + { + "shape": "InvalidErrorCode" + }, + { + "shape": "InvalidResponseCode" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidRequiredProtocol" + }, + { + "shape": "NoSuchOrigin" + }, + { + "shape": "TooManyOrigins" + }, + { + "shape": "TooManyOriginGroupsPerDistribution" + }, + { + "shape": "TooManyCacheBehaviors" + }, + { + "shape": "TooManyCookieNamesInWhiteList" + }, + { + "shape": "InvalidForwardCookies" + }, + { + "shape": "TooManyHeadersInForwardedValues" + }, + { + "shape": "InvalidHeadersForS3Origin" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "TooManyCertificates" + }, + { + "shape": "InvalidLocationCode" + }, + { + "shape": "InvalidGeoRestrictionParameter" + }, + { + "shape": "InvalidProtocolSettings" + }, + { + "shape": "InvalidTTLOrder" + }, + { + "shape": "InvalidWebACLId" + }, + { + "shape": "TooManyOriginCustomHeaders" + }, + { + "shape": "InvalidTagging" + }, + { + "shape": "TooManyQueryStringParameters" + }, + { + "shape": "InvalidQueryStringParameters" + }, + { + "shape": "TooManyDistributionsWithLambdaAssociations" + }, + { + "shape": "TooManyLambdaFunctionAssociations" + }, + { + "shape": "InvalidLambdaFunctionAssociation" + }, + { + "shape": "InvalidOriginReadTimeout" + }, + { + "shape": "InvalidOriginKeepaliveTimeout" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + }, + { + "shape": "IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior" + }, + { + "shape": "TooManyDistributionsAssociatedToFieldLevelEncryptionConfig" + } + ], + "documentation": "<p>Create a new distribution with tags.</p>" + }, + "CreateFieldLevelEncryptionConfig": { + "name": "CreateFieldLevelEncryptionConfig2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/field-level-encryption", + "responseCode": 201 + }, + "input": { + "shape": "CreateFieldLevelEncryptionConfigRequest" + }, + "output": { + "shape": "CreateFieldLevelEncryptionConfigResult" + }, + "errors": [ + { + "shape": "InconsistentQuantities" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + }, + { + "shape": "FieldLevelEncryptionConfigAlreadyExists" + }, + { + "shape": "TooManyFieldLevelEncryptionConfigs" + }, + { + "shape": "TooManyFieldLevelEncryptionQueryArgProfiles" + }, + { + "shape": "TooManyFieldLevelEncryptionContentTypeProfiles" + }, + { + "shape": "QueryArgProfileEmpty" + } + ], + "documentation": "<p>Create a new field-level encryption configuration.</p>" + }, + "CreateFieldLevelEncryptionProfile": { + "name": "CreateFieldLevelEncryptionProfile2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/field-level-encryption-profile", + "responseCode": 201 + }, + "input": { + "shape": "CreateFieldLevelEncryptionProfileRequest" + }, + "output": { + "shape": "CreateFieldLevelEncryptionProfileResult" + }, + "errors": [ + { + "shape": "InconsistentQuantities" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "NoSuchPublicKey" + }, + { + "shape": "FieldLevelEncryptionProfileAlreadyExists" + }, + { + "shape": "FieldLevelEncryptionProfileSizeExceeded" + }, + { + "shape": "TooManyFieldLevelEncryptionProfiles" + }, + { + "shape": "TooManyFieldLevelEncryptionEncryptionEntities" + }, + { + "shape": "TooManyFieldLevelEncryptionFieldPatterns" + } + ], + "documentation": "<p>Create a field-level encryption profile.</p>" + }, + "CreateInvalidation": { + "name": "CreateInvalidation2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/distribution/{DistributionId}/invalidation", + "responseCode": 201 + }, + "input": { + "shape": "CreateInvalidationRequest" + }, + "output": { + "shape": "CreateInvalidationResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "MissingBody" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "NoSuchDistribution" + }, + { + "shape": "BatchTooLarge" + }, + { + "shape": "TooManyInvalidationsInProgress" + }, + { + "shape": "InconsistentQuantities" + } + ], + "documentation": "<p>Create a new invalidation. </p>" + }, + "CreatePublicKey": { + "name": "CreatePublicKey2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/public-key", + "responseCode": 201 + }, + "input": { + "shape": "CreatePublicKeyRequest" + }, + "output": { + "shape": "CreatePublicKeyResult" + }, + "errors": [ + { + "shape": "PublicKeyAlreadyExists" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "TooManyPublicKeys" + } + ], + "documentation": "<p>Add a new public key to CloudFront to use, for example, for field-level encryption. You can add a maximum of 10 public keys with one AWS account.</p>" + }, + "CreateStreamingDistribution": { + "name": "CreateStreamingDistribution2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/streaming-distribution", + "responseCode": 201 + }, + "input": { + "shape": "CreateStreamingDistributionRequest" + }, + "output": { + "shape": "CreateStreamingDistributionResult" + }, + "errors": [ + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "StreamingDistributionAlreadyExists" + }, + { + "shape": "InvalidOrigin" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "MissingBody" + }, + { + "shape": "TooManyStreamingDistributionCNAMEs" + }, + { + "shape": "TooManyStreamingDistributions" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InconsistentQuantities" + } + ], + "documentation": "<p>Creates a new RTMP distribution. An RTMP distribution is similar to a web distribution, but an RTMP distribution streams media files using the Adobe Real-Time Messaging Protocol (RTMP) instead of serving files using HTTP. </p> <p>To create a new distribution, submit a <code>POST</code> request to the <i>CloudFront API version</i>/distribution resource. The request body must include a document with a <i>StreamingDistributionConfig</i> element. The response echoes the <code>StreamingDistributionConfig</code> element and returns other information about the RTMP distribution.</p> <p>To get the status of your request, use the <i>GET StreamingDistribution</i> API action. When the value of <code>Enabled</code> is <code>true</code> and the value of <code>Status</code> is <code>Deployed</code>, your distribution is ready. A distribution usually deploys in less than 15 minutes.</p> <p>For more information about web distributions, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-rtmp.html\">Working with RTMP Distributions</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <important> <p>Beginning with the 2012-05-05 version of the CloudFront API, we made substantial changes to the format of the XML document that you include in the request body when you create or update a web distribution or an RTMP distribution, and when you invalidate objects. With previous versions of the API, we discovered that it was too easy to accidentally delete one or more values for an element that accepts multiple values, for example, CNAMEs and trusted signers. Our changes for the 2012-05-05 release are intended to prevent these accidental deletions and to notify you when there's a mismatch between the number of values you say you're specifying in the <code>Quantity</code> element and the number of values specified.</p> </important>" + }, + "CreateStreamingDistributionWithTags": { + "name": "CreateStreamingDistributionWithTags2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/streaming-distribution?WithTags", + "responseCode": 201 + }, + "input": { + "shape": "CreateStreamingDistributionWithTagsRequest" + }, + "output": { + "shape": "CreateStreamingDistributionWithTagsResult" + }, + "errors": [ + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "StreamingDistributionAlreadyExists" + }, + { + "shape": "InvalidOrigin" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "MissingBody" + }, + { + "shape": "TooManyStreamingDistributionCNAMEs" + }, + { + "shape": "TooManyStreamingDistributions" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "InvalidTagging" + } + ], + "documentation": "<p>Create a new streaming distribution with tags.</p>" + }, + "DeleteCloudFrontOriginAccessIdentity": { + "name": "DeleteCloudFrontOriginAccessIdentity2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteCloudFrontOriginAccessIdentityRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchCloudFrontOriginAccessIdentity" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "CloudFrontOriginAccessIdentityInUse" + } + ], + "documentation": "<p>Delete an origin access identity. </p>" + }, + "DeleteDistribution": { + "name": "DeleteDistribution2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/distribution/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteDistributionRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "DistributionNotDisabled" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchDistribution" + }, + { + "shape": "PreconditionFailed" + } + ], + "documentation": "<p>Delete a distribution. </p>" + }, + "DeleteFieldLevelEncryptionConfig": { + "name": "DeleteFieldLevelEncryptionConfig2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/field-level-encryption/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteFieldLevelEncryptionConfigRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "FieldLevelEncryptionConfigInUse" + } + ], + "documentation": "<p>Remove a field-level encryption configuration.</p>" + }, + "DeleteFieldLevelEncryptionProfile": { + "name": "DeleteFieldLevelEncryptionProfile2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/field-level-encryption-profile/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteFieldLevelEncryptionProfileRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "FieldLevelEncryptionProfileInUse" + } + ], + "documentation": "<p>Remove a field-level encryption profile.</p>" + }, + "DeletePublicKey": { + "name": "DeletePublicKey2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/public-key/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeletePublicKeyRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "PublicKeyInUse" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchPublicKey" + }, + { + "shape": "PreconditionFailed" + } + ], + "documentation": "<p>Remove a public key you previously added to CloudFront.</p>" + }, + "DeleteStreamingDistribution": { + "name": "DeleteStreamingDistribution2019_03_26", + "http": { + "method": "DELETE", + "requestUri": "/2019-03-26/streaming-distribution/{Id}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteStreamingDistributionRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "StreamingDistributionNotDisabled" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchStreamingDistribution" + }, + { + "shape": "PreconditionFailed" + } + ], + "documentation": "<p>Delete a streaming distribution. To delete an RTMP distribution using the CloudFront API, perform the following steps.</p> <p> <b>To delete an RTMP distribution using the CloudFront API</b>:</p> <ol> <li> <p>Disable the RTMP distribution.</p> </li> <li> <p>Submit a <code>GET Streaming Distribution Config</code> request to get the current configuration and the <code>Etag</code> header for the distribution. </p> </li> <li> <p>Update the XML document that was returned in the response to your <code>GET Streaming Distribution Config</code> request to change the value of <code>Enabled</code> to <code>false</code>.</p> </li> <li> <p>Submit a <code>PUT Streaming Distribution Config</code> request to update the configuration for your distribution. In the request body, include the XML document that you updated in Step 3. Then set the value of the HTTP <code>If-Match</code> header to the value of the <code>ETag</code> header that CloudFront returned when you submitted the <code>GET Streaming Distribution Config</code> request in Step 2.</p> </li> <li> <p>Review the response to the <code>PUT Streaming Distribution Config</code> request to confirm that the distribution was successfully disabled.</p> </li> <li> <p>Submit a <code>GET Streaming Distribution Config</code> request to confirm that your changes have propagated. When propagation is complete, the value of <code>Status</code> is <code>Deployed</code>.</p> </li> <li> <p>Submit a <code>DELETE Streaming Distribution</code> request. Set the value of the HTTP <code>If-Match</code> header to the value of the <code>ETag</code> header that CloudFront returned when you submitted the <code>GET Streaming Distribution Config</code> request in Step 2.</p> </li> <li> <p>Review the response to your <code>DELETE Streaming Distribution</code> request to confirm that the distribution was successfully deleted.</p> </li> </ol> <p>For information about deleting a distribution using the CloudFront console, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowToDeleteDistribution.html\">Deleting a Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "GetCloudFrontOriginAccessIdentity": { + "name": "GetCloudFrontOriginAccessIdentity2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront/{Id}" + }, + "input": { + "shape": "GetCloudFrontOriginAccessIdentityRequest" + }, + "output": { + "shape": "GetCloudFrontOriginAccessIdentityResult" + }, + "errors": [ + { + "shape": "NoSuchCloudFrontOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the information about an origin access identity. </p>" + }, + "GetCloudFrontOriginAccessIdentityConfig": { + "name": "GetCloudFrontOriginAccessIdentityConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront/{Id}/config" + }, + "input": { + "shape": "GetCloudFrontOriginAccessIdentityConfigRequest" + }, + "output": { + "shape": "GetCloudFrontOriginAccessIdentityConfigResult" + }, + "errors": [ + { + "shape": "NoSuchCloudFrontOriginAccessIdentity" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the configuration information about an origin access identity. </p>" + }, + "GetDistribution": { + "name": "GetDistribution2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distribution/{Id}" + }, + "input": { + "shape": "GetDistributionRequest" + }, + "output": { + "shape": "GetDistributionResult" + }, + "errors": [ + { + "shape": "NoSuchDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the information about a distribution.</p>" + }, + "GetDistributionConfig": { + "name": "GetDistributionConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distribution/{Id}/config" + }, + "input": { + "shape": "GetDistributionConfigRequest" + }, + "output": { + "shape": "GetDistributionConfigResult" + }, + "errors": [ + { + "shape": "NoSuchDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the configuration information about a distribution. </p>" + }, + "GetFieldLevelEncryption": { + "name": "GetFieldLevelEncryption2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption/{Id}" + }, + "input": { + "shape": "GetFieldLevelEncryptionRequest" + }, + "output": { + "shape": "GetFieldLevelEncryptionResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + } + ], + "documentation": "<p>Get the field-level encryption configuration information.</p>" + }, + "GetFieldLevelEncryptionConfig": { + "name": "GetFieldLevelEncryptionConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption/{Id}/config" + }, + "input": { + "shape": "GetFieldLevelEncryptionConfigRequest" + }, + "output": { + "shape": "GetFieldLevelEncryptionConfigResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + } + ], + "documentation": "<p>Get the field-level encryption configuration information.</p>" + }, + "GetFieldLevelEncryptionProfile": { + "name": "GetFieldLevelEncryptionProfile2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption-profile/{Id}" + }, + "input": { + "shape": "GetFieldLevelEncryptionProfileRequest" + }, + "output": { + "shape": "GetFieldLevelEncryptionProfileResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + } + ], + "documentation": "<p>Get the field-level encryption profile information.</p>" + }, + "GetFieldLevelEncryptionProfileConfig": { + "name": "GetFieldLevelEncryptionProfileConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption-profile/{Id}/config" + }, + "input": { + "shape": "GetFieldLevelEncryptionProfileConfigRequest" + }, + "output": { + "shape": "GetFieldLevelEncryptionProfileConfigResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + } + ], + "documentation": "<p>Get the field-level encryption profile configuration information.</p>" + }, + "GetInvalidation": { + "name": "GetInvalidation2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distribution/{DistributionId}/invalidation/{Id}" + }, + "input": { + "shape": "GetInvalidationRequest" + }, + "output": { + "shape": "GetInvalidationResult" + }, + "errors": [ + { + "shape": "NoSuchInvalidation" + }, + { + "shape": "NoSuchDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the information about an invalidation. </p>" + }, + "GetPublicKey": { + "name": "GetPublicKey2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/public-key/{Id}" + }, + "input": { + "shape": "GetPublicKeyRequest" + }, + "output": { + "shape": "GetPublicKeyResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchPublicKey" + } + ], + "documentation": "<p>Get the public key information.</p>" + }, + "GetPublicKeyConfig": { + "name": "GetPublicKeyConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/public-key/{Id}/config" + }, + "input": { + "shape": "GetPublicKeyConfigRequest" + }, + "output": { + "shape": "GetPublicKeyConfigResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "NoSuchPublicKey" + } + ], + "documentation": "<p>Return public key configuration informaation</p>" + }, + "GetStreamingDistribution": { + "name": "GetStreamingDistribution2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/streaming-distribution/{Id}" + }, + "input": { + "shape": "GetStreamingDistributionRequest" + }, + "output": { + "shape": "GetStreamingDistributionResult" + }, + "errors": [ + { + "shape": "NoSuchStreamingDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Gets information about a specified RTMP distribution, including the distribution configuration.</p>" + }, + "GetStreamingDistributionConfig": { + "name": "GetStreamingDistributionConfig2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/streaming-distribution/{Id}/config" + }, + "input": { + "shape": "GetStreamingDistributionConfigRequest" + }, + "output": { + "shape": "GetStreamingDistributionConfigResult" + }, + "errors": [ + { + "shape": "NoSuchStreamingDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Get the configuration information about a streaming distribution. </p>" + }, + "ListCloudFrontOriginAccessIdentities": { + "name": "ListCloudFrontOriginAccessIdentities2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront" + }, + "input": { + "shape": "ListCloudFrontOriginAccessIdentitiesRequest" + }, + "output": { + "shape": "ListCloudFrontOriginAccessIdentitiesResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>Lists origin access identities.</p>" + }, + "ListDistributions": { + "name": "ListDistributions2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distribution" + }, + "input": { + "shape": "ListDistributionsRequest" + }, + "output": { + "shape": "ListDistributionsResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>List CloudFront distributions.</p>" + }, + "ListDistributionsByWebACLId": { + "name": "ListDistributionsByWebACLId2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distributionsByWebACLId/{WebACLId}" + }, + "input": { + "shape": "ListDistributionsByWebACLIdRequest" + }, + "output": { + "shape": "ListDistributionsByWebACLIdResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidWebACLId" + } + ], + "documentation": "<p>List the distributions that are associated with a specified AWS WAF web ACL. </p>" + }, + "ListFieldLevelEncryptionConfigs": { + "name": "ListFieldLevelEncryptionConfigs2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption" + }, + "input": { + "shape": "ListFieldLevelEncryptionConfigsRequest" + }, + "output": { + "shape": "ListFieldLevelEncryptionConfigsResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>List all field-level encryption configurations that have been created in CloudFront for this account.</p>" + }, + "ListFieldLevelEncryptionProfiles": { + "name": "ListFieldLevelEncryptionProfiles2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/field-level-encryption-profile" + }, + "input": { + "shape": "ListFieldLevelEncryptionProfilesRequest" + }, + "output": { + "shape": "ListFieldLevelEncryptionProfilesResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>Request a list of field-level encryption profiles that have been created in CloudFront for this account.</p>" + }, + "ListInvalidations": { + "name": "ListInvalidations2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/distribution/{DistributionId}/invalidation" + }, + "input": { + "shape": "ListInvalidationsRequest" + }, + "output": { + "shape": "ListInvalidationsResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + }, + { + "shape": "NoSuchDistribution" + }, + { + "shape": "AccessDenied" + } + ], + "documentation": "<p>Lists invalidation batches. </p>" + }, + "ListPublicKeys": { + "name": "ListPublicKeys2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/public-key" + }, + "input": { + "shape": "ListPublicKeysRequest" + }, + "output": { + "shape": "ListPublicKeysResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>List all public keys that have been added to CloudFront for this account.</p>" + }, + "ListStreamingDistributions": { + "name": "ListStreamingDistributions2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/streaming-distribution" + }, + "input": { + "shape": "ListStreamingDistributionsRequest" + }, + "output": { + "shape": "ListStreamingDistributionsResult" + }, + "errors": [ + { + "shape": "InvalidArgument" + } + ], + "documentation": "<p>List streaming distributions. </p>" + }, + "ListTagsForResource": { + "name": "ListTagsForResource2019_03_26", + "http": { + "method": "GET", + "requestUri": "/2019-03-26/tagging" + }, + "input": { + "shape": "ListTagsForResourceRequest" + }, + "output": { + "shape": "ListTagsForResourceResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidTagging" + }, + { + "shape": "NoSuchResource" + } + ], + "documentation": "<p>List tags for a CloudFront resource.</p>" + }, + "TagResource": { + "name": "TagResource2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/tagging?Operation=Tag", + "responseCode": 204 + }, + "input": { + "shape": "TagResourceRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidTagging" + }, + { + "shape": "NoSuchResource" + } + ], + "documentation": "<p>Add tags to a CloudFront resource.</p>" + }, + "UntagResource": { + "name": "UntagResource2019_03_26", + "http": { + "method": "POST", + "requestUri": "/2019-03-26/tagging?Operation=Untag", + "responseCode": 204 + }, + "input": { + "shape": "UntagResourceRequest" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidTagging" + }, + { + "shape": "NoSuchResource" + } + ], + "documentation": "<p>Remove tags from a CloudFront resource.</p>" + }, + "UpdateCloudFrontOriginAccessIdentity": { + "name": "UpdateCloudFrontOriginAccessIdentity2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/origin-access-identity/cloudfront/{Id}/config" + }, + "input": { + "shape": "UpdateCloudFrontOriginAccessIdentityRequest" + }, + "output": { + "shape": "UpdateCloudFrontOriginAccessIdentityResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "MissingBody" + }, + { + "shape": "NoSuchCloudFrontOriginAccessIdentity" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InconsistentQuantities" + } + ], + "documentation": "<p>Update an origin access identity. </p>" + }, + "UpdateDistribution": { + "name": "UpdateDistribution2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/distribution/{Id}/config" + }, + "input": { + "shape": "UpdateDistributionRequest" + }, + "output": { + "shape": "UpdateDistributionResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "MissingBody" + }, + { + "shape": "NoSuchDistribution" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "TooManyDistributionCNAMEs" + }, + { + "shape": "InvalidDefaultRootObject" + }, + { + "shape": "InvalidRelativePath" + }, + { + "shape": "InvalidErrorCode" + }, + { + "shape": "InvalidResponseCode" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "InvalidViewerCertificate" + }, + { + "shape": "InvalidMinimumProtocolVersion" + }, + { + "shape": "InvalidRequiredProtocol" + }, + { + "shape": "NoSuchOrigin" + }, + { + "shape": "TooManyOrigins" + }, + { + "shape": "TooManyOriginGroupsPerDistribution" + }, + { + "shape": "TooManyCacheBehaviors" + }, + { + "shape": "TooManyCookieNamesInWhiteList" + }, + { + "shape": "InvalidForwardCookies" + }, + { + "shape": "TooManyHeadersInForwardedValues" + }, + { + "shape": "InvalidHeadersForS3Origin" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "TooManyCertificates" + }, + { + "shape": "InvalidLocationCode" + }, + { + "shape": "InvalidGeoRestrictionParameter" + }, + { + "shape": "InvalidTTLOrder" + }, + { + "shape": "InvalidWebACLId" + }, + { + "shape": "TooManyOriginCustomHeaders" + }, + { + "shape": "TooManyQueryStringParameters" + }, + { + "shape": "InvalidQueryStringParameters" + }, + { + "shape": "TooManyDistributionsWithLambdaAssociations" + }, + { + "shape": "TooManyLambdaFunctionAssociations" + }, + { + "shape": "InvalidLambdaFunctionAssociation" + }, + { + "shape": "InvalidOriginReadTimeout" + }, + { + "shape": "InvalidOriginKeepaliveTimeout" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + }, + { + "shape": "IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior" + }, + { + "shape": "TooManyDistributionsAssociatedToFieldLevelEncryptionConfig" + } + ], + "documentation": "<p>Updates the configuration for a web distribution. </p> <important> <p>When you update a distribution, there are more required fields than when you create a distribution. When you update your distribution by using this API action, follow the steps here to get the current configuration and then make your updates, to make sure that you include all of the required fields. To view a summary, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-overview-required-fields.html\">Required Fields for Create Distribution and Update Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> </important> <p>The update process includes getting the current distribution configuration, updating the XML document that is returned to make your changes, and then submitting an <code>UpdateDistribution</code> request to make the updates.</p> <p>For information about updating a distribution using the CloudFront console instead, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-creating-console.html\">Creating a Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <p> <b>To update a web distribution using the CloudFront API</b> </p> <ol> <li> <p>Submit a <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistributionConfig.html\">GetDistributionConfig</a> request to get the current configuration and an <code>Etag</code> header for the distribution.</p> <note> <p>If you update the distribution again, you must get a new <code>Etag</code> header.</p> </note> </li> <li> <p>Update the XML document that was returned in the response to your <code>GetDistributionConfig</code> request to include your changes. </p> <important> <p>When you edit the XML file, be aware of the following:</p> <ul> <li> <p>You must strip out the ETag parameter that is returned.</p> </li> <li> <p>Additional fields are required when you update a distribution. There may be fields included in the XML file for features that you haven't configured for your distribution. This is expected and required to successfully update the distribution.</p> </li> <li> <p>You can't change the value of <code>CallerReference</code>. If you try to change this value, CloudFront returns an <code>IllegalUpdate</code> error. </p> </li> <li> <p>The new configuration replaces the existing configuration; the values that you specify in an <code>UpdateDistribution</code> request are not merged into your existing configuration. When you add, delete, or replace values in an element that allows multiple values (for example, <code>CNAME</code>), you must specify all of the values that you want to appear in the updated distribution. In addition, you must update the corresponding <code>Quantity</code> element.</p> </li> </ul> </important> </li> <li> <p>Submit an <code>UpdateDistribution</code> request to update the configuration for your distribution:</p> <ul> <li> <p>In the request body, include the XML document that you updated in Step 2. The request body must include an XML document with a <code>DistributionConfig</code> element.</p> </li> <li> <p>Set the value of the HTTP <code>If-Match</code> header to the value of the <code>ETag</code> header that CloudFront returned when you submitted the <code>GetDistributionConfig</code> request in Step 1.</p> </li> </ul> </li> <li> <p>Review the response to the <code>UpdateDistribution</code> request to confirm that the configuration was successfully updated.</p> </li> <li> <p>Optional: Submit a <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html\">GetDistribution</a> request to confirm that your changes have propagated. When propagation is complete, the value of <code>Status</code> is <code>Deployed</code>.</p> </li> </ol>" + }, + "UpdateFieldLevelEncryptionConfig": { + "name": "UpdateFieldLevelEncryptionConfig2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/field-level-encryption/{Id}/config" + }, + "input": { + "shape": "UpdateFieldLevelEncryptionConfigRequest" + }, + "output": { + "shape": "UpdateFieldLevelEncryptionConfigResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + }, + { + "shape": "NoSuchFieldLevelEncryptionConfig" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "TooManyFieldLevelEncryptionQueryArgProfiles" + }, + { + "shape": "TooManyFieldLevelEncryptionContentTypeProfiles" + }, + { + "shape": "QueryArgProfileEmpty" + } + ], + "documentation": "<p>Update a field-level encryption configuration. </p>" + }, + "UpdateFieldLevelEncryptionProfile": { + "name": "UpdateFieldLevelEncryptionProfile2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/field-level-encryption-profile/{Id}/config" + }, + "input": { + "shape": "UpdateFieldLevelEncryptionProfileRequest" + }, + "output": { + "shape": "UpdateFieldLevelEncryptionProfileResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "FieldLevelEncryptionProfileAlreadyExists" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "InconsistentQuantities" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "NoSuchPublicKey" + }, + { + "shape": "NoSuchFieldLevelEncryptionProfile" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "FieldLevelEncryptionProfileSizeExceeded" + }, + { + "shape": "TooManyFieldLevelEncryptionEncryptionEntities" + }, + { + "shape": "TooManyFieldLevelEncryptionFieldPatterns" + } + ], + "documentation": "<p>Update a field-level encryption profile. </p>" + }, + "UpdatePublicKey": { + "name": "UpdatePublicKey2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/public-key/{Id}/config" + }, + "input": { + "shape": "UpdatePublicKeyRequest" + }, + "output": { + "shape": "UpdatePublicKeyResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "CannotChangeImmutablePublicKeyFields" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "NoSuchPublicKey" + }, + { + "shape": "PreconditionFailed" + } + ], + "documentation": "<p>Update public key information. Note that the only value you can change is the comment.</p>" + }, + "UpdateStreamingDistribution": { + "name": "UpdateStreamingDistribution2019_03_26", + "http": { + "method": "PUT", + "requestUri": "/2019-03-26/streaming-distribution/{Id}/config" + }, + "input": { + "shape": "UpdateStreamingDistributionRequest" + }, + "output": { + "shape": "UpdateStreamingDistributionResult" + }, + "errors": [ + { + "shape": "AccessDenied" + }, + { + "shape": "CNAMEAlreadyExists" + }, + { + "shape": "IllegalUpdate" + }, + { + "shape": "InvalidIfMatchVersion" + }, + { + "shape": "MissingBody" + }, + { + "shape": "NoSuchStreamingDistribution" + }, + { + "shape": "PreconditionFailed" + }, + { + "shape": "TooManyStreamingDistributionCNAMEs" + }, + { + "shape": "InvalidArgument" + }, + { + "shape": "InvalidOriginAccessIdentity" + }, + { + "shape": "TooManyTrustedSigners" + }, + { + "shape": "TrustedSignerDoesNotExist" + }, + { + "shape": "InconsistentQuantities" + } + ], + "documentation": "<p>Update a streaming distribution. </p>" + } + }, + "shapes": { + "ActiveTrustedSigners": { + "type": "structure", + "required": [ + "Enabled", + "Quantity" + ], + "members": { + "Enabled": { + "shape": "boolean", + "documentation": "<p>Enabled is <code>true</code> if any of the AWS accounts listed in the <code>TrustedSigners</code> complex type for this distribution have active CloudFront key pairs. If not, <code>Enabled</code> is <code>false</code>.</p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of trusted signers specified in the <code>TrustedSigners</code> complex type.</p>" + }, + "Items": { + "shape": "SignerList", + "documentation": "<p>A complex type that contains one <code>Signer</code> complex type for each trusted signer that is specified in the <code>TrustedSigners</code> complex type.</p>" + } + }, + "documentation": "<p>A complex type that lists the AWS accounts, if any, that you included in the <code>TrustedSigners</code> complex type for this distribution. These are the accounts that you want to allow to create signed URLs for private content.</p> <p>The <code>Signer</code> complex type lists the AWS account number of the trusted signer or <code>self</code> if the signer is the AWS account that created the distribution. The <code>Signer</code> element also includes the IDs of any active CloudFront key pairs that are associated with the trusted signer's AWS account. If no <code>KeyPairId</code> element appears for a <code>Signer</code>, that signer can't create signed URLs. </p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "AliasICPRecordal": { + "type": "structure", + "members": { + "CNAME": { + "shape": "string", + "documentation": "<p>A domain name associated with a distribution. </p>" + }, + "ICPRecordalStatus": { + "shape": "ICPRecordalStatus", + "documentation": "<p>The Internet Content Provider (ICP) recordal status for a CNAME. The ICPRecordalStatus is set to APPROVED for all CNAMEs (aliases) in regions outside of China. </p> <p>The status values returned are the following:</p> <ul> <li> <p> <b>APPROVED</b> indicates that the associated CNAME has a valid ICP recordal number. Multiple CNAMEs can be associated with a distribution, and CNAMEs can correspond to different ICP recordals. To be marked as APPROVED, that is, valid to use with China region, a CNAME must have one ICP recordal number associated with it.</p> </li> <li> <p> <b>SUSPENDED</b> indicates that the associated CNAME does not have a valid ICP recordal number.</p> </li> <li> <p> <b>PENDING</b> indicates that at least one CNAME associated with the distribution does not have a valid ICP recordal number.</p> </li> </ul>" + } + }, + "documentation": "<p>AWS services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. The status is returned in the CloudFront response; you can't configure it yourself.</p> <p>For more information about ICP recordals, see <a href=\"https://docs.amazonaws.cn/en_us/aws/latest/userguide/accounts-and-credentials.html\"> Signup, Accounts, and Credentials</a> in <i>Getting Started with AWS services in China</i>.</p>" + }, + "AliasICPRecordals": { + "type": "list", + "member": { + "shape": "AliasICPRecordal", + "locationName": "AliasICPRecordal" + } + }, + "AliasList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "CNAME" + } + }, + "Aliases": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of CNAME aliases, if any, that you want to associate with this distribution.</p>" + }, + "Items": { + "shape": "AliasList", + "documentation": "<p>A complex type that contains the CNAME aliases, if any, that you want to associate with this distribution.</p>" + } + }, + "documentation": "<p>A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution. </p>" + }, + "AllowedMethods": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of HTTP methods that you want CloudFront to forward to your origin. Valid values are 2 (for <code>GET</code> and <code>HEAD</code> requests), 3 (for <code>GET</code>, <code>HEAD</code>, and <code>OPTIONS</code> requests) and 7 (for <code>GET, HEAD, OPTIONS, PUT, PATCH, POST</code>, and <code>DELETE</code> requests).</p>" + }, + "Items": { + "shape": "MethodsList", + "documentation": "<p>A complex type that contains the HTTP methods that you want CloudFront to process and forward to your origin.</p>" + }, + "CachedMethods": { + "shape": "CachedMethods" + } + }, + "documentation": "<p>A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:</p> <ul> <li> <p>CloudFront forwards only <code>GET</code> and <code>HEAD</code> requests.</p> </li> <li> <p>CloudFront forwards only <code>GET</code>, <code>HEAD</code>, and <code>OPTIONS</code> requests.</p> </li> <li> <p>CloudFront forwards <code>GET, HEAD, OPTIONS, PUT, PATCH, POST</code>, and <code>DELETE</code> requests.</p> </li> </ul> <p>If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.</p>" + }, + "AwsAccountNumberList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "AwsAccountNumber" + } + }, + "CacheBehavior": { + "type": "structure", + "required": [ + "PathPattern", + "TargetOriginId", + "ForwardedValues", + "TrustedSigners", + "ViewerProtocolPolicy", + "MinTTL" + ], + "members": { + "PathPattern": { + "shape": "string", + "documentation": "<p>The pattern (for example, <code>images/*.jpg</code>) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.</p> <note> <p>You can optionally include a slash (<code>/</code>) at the beginning of the path pattern. For example, <code>/images/*.jpg</code>. CloudFront behavior is the same with or without the leading <code>/</code>.</p> </note> <p>The path pattern for the default cache behavior is <code>*</code> and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern\">Path Pattern</a> in the <i> Amazon CloudFront Developer Guide</i>.</p>" + }, + "TargetOriginId": { + "shape": "string", + "documentation": "<p>The value of <code>ID</code> for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior in your distribution.</p>" + }, + "ForwardedValues": { + "shape": "ForwardedValues", + "documentation": "<p>A complex type that specifies how CloudFront handles query strings and cookies.</p>" + }, + "TrustedSigners": { + "shape": "TrustedSigners", + "documentation": "<p>A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content.</p> <p>If you want to require signed URLs in requests for objects in the target origin that match the <code>PathPattern</code> for this cache behavior, specify <code>true</code> for <code>Enabled</code>, and specify the applicable values for <code>Quantity</code> and <code>Items</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>. </p> <p>If you don't want to require signed URLs in requests for objects that match <code>PathPattern</code>, specify <code>false</code> for <code>Enabled</code> and <code>0</code> for <code>Quantity</code>. Omit <code>Items</code>.</p> <p>To add, change, or remove one or more trusted signers, change <code>Enabled</code> to <code>true</code> (if it's currently <code>false</code>), change <code>Quantity</code> as applicable, and specify all of the trusted signers that you want to include in the updated distribution.</p>" + }, + "ViewerProtocolPolicy": { + "shape": "ViewerProtocolPolicy", + "documentation": "<p>The protocol that viewers can use to access the files in the origin specified by <code>TargetOriginId</code> when a request matches the path pattern in <code>PathPattern</code>. You can specify the following options:</p> <ul> <li> <p> <code>allow-all</code>: Viewers can use HTTP or HTTPS.</p> </li> <li> <p> <code>redirect-to-https</code>: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL. </p> </li> <li> <p> <code>https-only</code>: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden). </p> </li> </ul> <p>For more information about requiring the HTTPS protocol, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html\">Using an HTTPS Connection to Access Your Objects</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <note> <p>The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> </note>" + }, + "MinTTL": { + "shape": "long", + "documentation": "<p>The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\"> Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i> Amazon CloudFront Developer Guide</i>.</p> <p>You must specify <code>0</code> for <code>MinTTL</code> if you configure CloudFront to forward all headers to your origin (under <code>Headers</code>, if you specify <code>1</code> for <code>Quantity</code> and <code>*</code> for <code>Name</code>).</p>" + }, + "AllowedMethods": { + "shape": "AllowedMethods" + }, + "SmoothStreaming": { + "shape": "boolean", + "documentation": "<p>Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify <code>true</code>; if not, specify <code>false</code>. If you specify <code>true</code> for <code>SmoothStreaming</code>, you can still distribute other content using this cache behavior if the content matches the value of <code>PathPattern</code>. </p>" + }, + "DefaultTTL": { + "shape": "long", + "documentation": "<p>The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as <code>Cache-Control max-age</code>, <code>Cache-Control s-maxage</code>, and <code>Expires</code> to objects. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "MaxTTL": { + "shape": "long", + "documentation": "<p>The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as <code>Cache-Control max-age</code>, <code>Cache-Control s-maxage</code>, and <code>Expires</code> to objects. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Compress": { + "shape": "boolean", + "documentation": "<p>Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html\">Serving Compressed Files</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "LambdaFunctionAssociations": { + "shape": "LambdaFunctionAssociations", + "documentation": "<p>A complex type that contains zero or more Lambda function associations for a cache behavior.</p>" + }, + "FieldLevelEncryptionId": { + "shape": "string", + "documentation": "<p>The value of <code>ID</code> for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for a cache behavior or for the default cache behavior in your distribution.</p>" + } + }, + "documentation": "<p>A complex type that describes how CloudFront processes requests.</p> <p>You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to distribute objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.</p> <p>For the current limit on the number of cache behaviors that you can add to a distribution, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_cloudfront\">Amazon CloudFront Limits</a> in the <i>AWS General Reference</i>.</p> <p>If you don't want to specify any cache behaviors, include only an empty <code>CacheBehaviors</code> element. Don't include an empty <code>CacheBehavior</code> element, or CloudFront returns a <code>MalformedXML</code> error.</p> <p>To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty <code>CacheBehaviors</code> element.</p> <p>To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.</p> <p>For more information about cache behaviors, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior\">Cache Behaviors</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CacheBehaviorList": { + "type": "list", + "member": { + "shape": "CacheBehavior", + "locationName": "CacheBehavior" + } + }, + "CacheBehaviors": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of cache behaviors for this distribution. </p>" + }, + "Items": { + "shape": "CacheBehaviorList", + "documentation": "<p>Optional: A complex type that contains cache behaviors for this distribution. If <code>Quantity</code> is <code>0</code>, you can omit <code>Items</code>.</p>" + } + }, + "documentation": "<p>A complex type that contains zero or more <code>CacheBehavior</code> elements. </p>" + }, + "CachedMethods": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of HTTP methods for which you want CloudFront to cache responses. Valid values are <code>2</code> (for caching responses to <code>GET</code> and <code>HEAD</code> requests) and <code>3</code> (for caching responses to <code>GET</code>, <code>HEAD</code>, and <code>OPTIONS</code> requests).</p>" + }, + "Items": { + "shape": "MethodsList", + "documentation": "<p>A complex type that contains the HTTP methods that you want CloudFront to cache responses to.</p>" + } + }, + "documentation": "<p>A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:</p> <ul> <li> <p>CloudFront caches responses to <code>GET</code> and <code>HEAD</code> requests.</p> </li> <li> <p>CloudFront caches responses to <code>GET</code>, <code>HEAD</code>, and <code>OPTIONS</code> requests.</p> </li> </ul> <p>If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly. </p>" + }, + "CertificateSource": { + "type": "string", + "enum": [ + "cloudfront", + "iam", + "acm" + ] + }, + "CloudFrontOriginAccessIdentity": { + "type": "structure", + "required": [ + "Id", + "S3CanonicalUserId" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The ID for the origin access identity, for example, <code>E74FTE3AJFJ256A</code>. </p>" + }, + "S3CanonicalUserId": { + "shape": "string", + "documentation": "<p>The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3. </p>" + }, + "CloudFrontOriginAccessIdentityConfig": { + "shape": "CloudFrontOriginAccessIdentityConfig", + "documentation": "<p>The current configuration information for the identity. </p>" + } + }, + "documentation": "<p>CloudFront origin access identity.</p>" + }, + "CloudFrontOriginAccessIdentityConfig": { + "type": "structure", + "required": [ + "CallerReference", + "Comment" + ], + "members": { + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.</p> <p>If the value of <code>CallerReference</code> is new (regardless of the content of the <code>CloudFrontOriginAccessIdentityConfig</code> object), a new origin access identity is created.</p> <p>If the <code>CallerReference</code> is a value already sent in a previous identity request, and the content of the <code>CloudFrontOriginAccessIdentityConfig</code> is identical to the original request (ignoring white space), the response includes the same information returned to the original request. </p> <p>If the <code>CallerReference</code> is a value you already sent in a previous request to create an identity, but the content of the <code>CloudFrontOriginAccessIdentityConfig</code> is different from the original request, CloudFront returns a <code>CloudFrontOriginAccessIdentityAlreadyExists</code> error. </p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>Any comments you want to include about the origin access identity. </p>" + } + }, + "documentation": "<p>Origin access identity configuration. Send a <code>GET</code> request to the <code>/<i>CloudFront API version</i>/CloudFront/identity ID/config</code> resource. </p>" + }, + "CloudFrontOriginAccessIdentityList": { + "type": "structure", + "required": [ + "Marker", + "MaxItems", + "IsTruncated", + "Quantity" + ], + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of origin access identities. The results include identities in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last identity on that page). </p>" + }, + "NextMarker": { + "shape": "string", + "documentation": "<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the value you can use for the <code>Marker</code> request parameter to continue listing your origin access identities where they left off. </p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The maximum number of origin access identities you want in the response body. </p>" + }, + "IsTruncated": { + "shape": "boolean", + "documentation": "<p>A flag that indicates whether more origin access identities remain to be listed. If your results were truncated, you can make a follow-up pagination request using the <code>Marker</code> request parameter to retrieve more items in the list.</p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of CloudFront origin access identities that were created by the current AWS account. </p>" + }, + "Items": { + "shape": "CloudFrontOriginAccessIdentitySummaryList", + "documentation": "<p>A complex type that contains one <code>CloudFrontOriginAccessIdentitySummary</code> element for each origin access identity that was created by the current AWS account.</p>" + } + }, + "documentation": "<p>Lists the origin access identities for CloudFront.Send a <code>GET</code> request to the <code>/<i>CloudFront API version</i>/origin-access-identity/cloudfront</code> resource. The response includes a <code>CloudFrontOriginAccessIdentityList</code> element with zero or more <code>CloudFrontOriginAccessIdentitySummary</code> child elements. By default, your entire list of origin access identities is returned in one single page. If the list is long, you can paginate it using the <code>MaxItems</code> and <code>Marker</code> parameters.</p>" + }, + "CloudFrontOriginAccessIdentitySummary": { + "type": "structure", + "required": [ + "Id", + "S3CanonicalUserId", + "Comment" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The ID for the origin access identity. For example: <code>E74FTE3AJFJ256A</code>.</p>" + }, + "S3CanonicalUserId": { + "shape": "string", + "documentation": "<p>The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>The comment for this origin access identity, as originally specified when created.</p>" + } + }, + "documentation": "<p>Summary of the information about a CloudFront origin access identity.</p>" + }, + "CloudFrontOriginAccessIdentitySummaryList": { + "type": "list", + "member": { + "shape": "CloudFrontOriginAccessIdentitySummary", + "locationName": "CloudFrontOriginAccessIdentitySummary" + } + }, + "CommentType": { + "type": "string", + "sensitive": true + }, + "ContentTypeProfile": { + "type": "structure", + "required": [ + "Format", + "ContentType" + ], + "members": { + "Format": { + "shape": "Format", + "documentation": "<p>The format for a field-level encryption content type-profile mapping. </p>" + }, + "ProfileId": { + "shape": "string", + "documentation": "<p>The profile ID for a field-level encryption content type-profile mapping. </p>" + }, + "ContentType": { + "shape": "string", + "documentation": "<p>The content type for a field-level encryption content type-profile mapping. </p>" + } + }, + "documentation": "<p>A field-level encryption content type profile. </p>" + }, + "ContentTypeProfileConfig": { + "type": "structure", + "required": [ + "ForwardWhenContentTypeIsUnknown" + ], + "members": { + "ForwardWhenContentTypeIsUnknown": { + "shape": "boolean", + "documentation": "<p>The setting in a field-level encryption content type-profile mapping that specifies what to do when an unknown content type is provided for the profile. If true, content is forwarded without being encrypted when the content type is unknown. If false (the default), an error is returned when the content type is unknown. </p>" + }, + "ContentTypeProfiles": { + "shape": "ContentTypeProfiles", + "documentation": "<p>The configuration for a field-level encryption content type-profile. </p>" + } + }, + "documentation": "<p>The configuration for a field-level encryption content type-profile mapping. </p>" + }, + "ContentTypeProfileList": { + "type": "list", + "member": { + "shape": "ContentTypeProfile", + "locationName": "ContentTypeProfile" + } + }, + "ContentTypeProfiles": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of field-level encryption content type-profile mappings. </p>" + }, + "Items": { + "shape": "ContentTypeProfileList", + "documentation": "<p>Items in a field-level encryption content type-profile mapping. </p>" + } + }, + "documentation": "<p>Field-level encryption content type-profile. </p>" + }, + "CookieNameList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "Name" + } + }, + "CookieNames": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of different cookies that you want CloudFront to forward to the origin for this cache behavior.</p>" + }, + "Items": { + "shape": "CookieNameList", + "documentation": "<p>A complex type that contains one <code>Name</code> element for each cookie that you want CloudFront to forward to the origin for this cache behavior.</p>" + } + }, + "documentation": "<p>A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html\"> Caching Content Based on Request Headers</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CookiePreference": { + "type": "structure", + "required": [ + "Forward" + ], + "members": { + "Forward": { + "shape": "ItemSelection", + "documentation": "<p>Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the <code>WhitelistedNames</code> complex type.</p> <p>Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the <code>Forward</code> element. </p>" + }, + "WhitelistedNames": { + "shape": "CookieNames", + "documentation": "<p>Required if you specify <code>whitelist</code> for the value of <code>Forward:</code>. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.</p> <p>If you specify <code>all</code> or none for the value of <code>Forward</code>, omit <code>WhitelistedNames</code>. If you change the value of <code>Forward</code> from <code>whitelist</code> to all or none and you don't delete the <code>WhitelistedNames</code> element and its child elements, CloudFront deletes them automatically.</p> <p>For the current limit on the number of cookie names that you can whitelist for each cache behavior, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront\"> CloudFront Limits</a> in the <i>AWS General Reference</i>.</p>" + } + }, + "documentation": "<p>A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html\">Caching Content Based on Cookies</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CreateCloudFrontOriginAccessIdentityRequest": { + "type": "structure", + "required": [ + "CloudFrontOriginAccessIdentityConfig" + ], + "members": { + "CloudFrontOriginAccessIdentityConfig": { + "shape": "CloudFrontOriginAccessIdentityConfig", + "documentation": "<p>The current configuration information for the identity.</p>", + "locationName": "CloudFrontOriginAccessIdentityConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html\"> Restricting Access to Amazon S3 Content by Using an Origin Access Identity</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>", + "payload": "CloudFrontOriginAccessIdentityConfig" + }, + "CreateCloudFrontOriginAccessIdentityResult": { + "type": "structure", + "members": { + "CloudFrontOriginAccessIdentity": { + "shape": "CloudFrontOriginAccessIdentity", + "documentation": "<p>The origin access identity's information.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new origin access identity just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/origin-access-identity/cloudfront/E74FTE3AJFJ256A</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the origin access identity created.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "CloudFrontOriginAccessIdentity" + }, + "CreateDistributionRequest": { + "type": "structure", + "required": [ + "DistributionConfig" + ], + "members": { + "DistributionConfig": { + "shape": "DistributionConfig", + "documentation": "<p>The distribution's configuration information.</p>", + "locationName": "DistributionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create a new distribution.</p>", + "payload": "DistributionConfig" + }, + "CreateDistributionResult": { + "type": "structure", + "members": { + "Distribution": { + "shape": "Distribution", + "documentation": "<p>The distribution's information.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new distribution resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the distribution created.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "Distribution" + }, + "CreateDistributionWithTagsRequest": { + "type": "structure", + "required": [ + "DistributionConfigWithTags" + ], + "members": { + "DistributionConfigWithTags": { + "shape": "DistributionConfigWithTags", + "documentation": "<p>The distribution's configuration information. </p>", + "locationName": "DistributionConfigWithTags", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create a new distribution with tags. </p>", + "payload": "DistributionConfigWithTags" + }, + "CreateDistributionWithTagsResult": { + "type": "structure", + "members": { + "Distribution": { + "shape": "Distribution", + "documentation": "<p>The distribution's information. </p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new distribution resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5</code>. </p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the distribution created.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "Distribution" + }, + "CreateFieldLevelEncryptionConfigRequest": { + "type": "structure", + "required": [ + "FieldLevelEncryptionConfig" + ], + "members": { + "FieldLevelEncryptionConfig": { + "shape": "FieldLevelEncryptionConfig", + "documentation": "<p>The request to create a new field-level encryption configuration.</p>", + "locationName": "FieldLevelEncryptionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "payload": "FieldLevelEncryptionConfig" + }, + "CreateFieldLevelEncryptionConfigResult": { + "type": "structure", + "members": { + "FieldLevelEncryption": { + "shape": "FieldLevelEncryption", + "documentation": "<p>Returned when you create a new field-level encryption configuration.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new configuration resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-config/EDFDVBD632BHDS5</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field level encryption configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryption" + }, + "CreateFieldLevelEncryptionProfileRequest": { + "type": "structure", + "required": [ + "FieldLevelEncryptionProfileConfig" + ], + "members": { + "FieldLevelEncryptionProfileConfig": { + "shape": "FieldLevelEncryptionProfileConfig", + "documentation": "<p>The request to create a field-level encryption profile.</p>", + "locationName": "FieldLevelEncryptionProfileConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "payload": "FieldLevelEncryptionProfileConfig" + }, + "CreateFieldLevelEncryptionProfileResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionProfile": { + "shape": "FieldLevelEncryptionProfile", + "documentation": "<p>Returned when you create a new field-level encryption profile.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new profile resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/field-level-encryption-profile/EDFDVBD632BHDS5</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field level encryption profile. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryptionProfile" + }, + "CreateInvalidationRequest": { + "type": "structure", + "required": [ + "DistributionId", + "InvalidationBatch" + ], + "members": { + "DistributionId": { + "shape": "string", + "documentation": "<p>The distribution's id.</p>", + "location": "uri", + "locationName": "DistributionId" + }, + "InvalidationBatch": { + "shape": "InvalidationBatch", + "documentation": "<p>The batch information for the invalidation.</p>", + "locationName": "InvalidationBatch", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create an invalidation.</p>", + "payload": "InvalidationBatch" + }, + "CreateInvalidationResult": { + "type": "structure", + "members": { + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the distribution and invalidation batch request, including the <code>Invalidation ID</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "Invalidation": { + "shape": "Invalidation", + "documentation": "<p>The invalidation's information.</p>" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "Invalidation" + }, + "CreatePublicKeyRequest": { + "type": "structure", + "required": [ + "PublicKeyConfig" + ], + "members": { + "PublicKeyConfig": { + "shape": "PublicKeyConfig", + "documentation": "<p>The request to add a public key to CloudFront.</p>", + "locationName": "PublicKeyConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "payload": "PublicKeyConfig" + }, + "CreatePublicKeyResult": { + "type": "structure", + "members": { + "PublicKey": { + "shape": "PublicKey", + "documentation": "<p>Returned when you add a public key.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new public key resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/cloudfront-public-key/EDFDVBD632BHDS5</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the public key. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "PublicKey" + }, + "CreateStreamingDistributionRequest": { + "type": "structure", + "required": [ + "StreamingDistributionConfig" + ], + "members": { + "StreamingDistributionConfig": { + "shape": "StreamingDistributionConfig", + "documentation": "<p>The streaming distribution's configuration information.</p>", + "locationName": "StreamingDistributionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create a new streaming distribution.</p>", + "payload": "StreamingDistributionConfig" + }, + "CreateStreamingDistributionResult": { + "type": "structure", + "members": { + "StreamingDistribution": { + "shape": "StreamingDistribution", + "documentation": "<p>The streaming distribution's information.</p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new streaming distribution resource just created. For example: <code>https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the streaming distribution created.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "StreamingDistribution" + }, + "CreateStreamingDistributionWithTagsRequest": { + "type": "structure", + "required": [ + "StreamingDistributionConfigWithTags" + ], + "members": { + "StreamingDistributionConfigWithTags": { + "shape": "StreamingDistributionConfigWithTags", + "documentation": "<p> The streaming distribution's configuration information. </p>", + "locationName": "StreamingDistributionConfigWithTags", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p>The request to create a new streaming distribution with tags.</p>", + "payload": "StreamingDistributionConfigWithTags" + }, + "CreateStreamingDistributionWithTagsResult": { + "type": "structure", + "members": { + "StreamingDistribution": { + "shape": "StreamingDistribution", + "documentation": "<p>The streaming distribution's information. </p>" + }, + "Location": { + "shape": "string", + "documentation": "<p>The fully qualified URI of the new streaming distribution resource just created. For example:<code> https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8</code>.</p>", + "location": "header", + "locationName": "Location" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the distribution created.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "StreamingDistribution" + }, + "CustomErrorResponse": { + "type": "structure", + "required": [ + "ErrorCode" + ], + "members": { + "ErrorCode": { + "shape": "integer", + "documentation": "<p>The HTTP status code for which you want to specify a custom error page and/or a caching duration.</p>" + }, + "ResponsePagePath": { + "shape": "string", + "documentation": "<p>The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by <code>ErrorCode</code>, for example, <code>/4xx-errors/403-forbidden.html</code>. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:</p> <ul> <li> <p>The value of <code>PathPattern</code> matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named <code>/4xx-errors</code>. Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, <code>/4xx-errors/*</code>. </p> </li> <li> <p>The value of <code>TargetOriginId</code> specifies the value of the <code>ID</code> element for the origin that contains your custom error pages.</p> </li> </ul> <p>If you specify a value for <code>ResponsePagePath</code>, you must also specify a value for <code>ResponseCode</code>. If you don't want to specify a value, include an empty element, <code><ResponsePagePath></code>, in the XML document.</p> <p>We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.</p>" + }, + "ResponseCode": { + "shape": "string", + "documentation": "<p>The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:</p> <ul> <li> <p>Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute <code>200</code>, the response typically won't be intercepted.</p> </li> <li> <p>If you don't care about distinguishing among different client errors or server errors, you can specify <code>400</code> or <code>500</code> as the <code>ResponseCode</code> for all 4xx or 5xx errors.</p> </li> <li> <p>You might want to return a <code>200</code> status code (OK) and static website so your customers don't know that your website is down.</p> </li> </ul> <p>If you specify a value for <code>ResponseCode</code>, you must also specify a value for <code>ResponsePagePath</code>. If you don't want to specify a value, include an empty element, <code><ResponseCode></code>, in the XML document.</p>" + }, + "ErrorCachingMinTTL": { + "shape": "long", + "documentation": "<p>The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in <code>ErrorCode</code>. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.</p> <p>If you don't want to specify a value, include an empty element, <code><ErrorCachingMinTTL></code>, in the XML document.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html\">Customizing Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + } + }, + "documentation": "<p>A complex type that controls:</p> <ul> <li> <p>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer. </p> </li> <li> <p>How long CloudFront caches HTTP status codes in the 4xx and 5xx range.</p> </li> </ul> <p>For more information about custom error pages, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html\">Customizing Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CustomErrorResponseList": { + "type": "list", + "member": { + "shape": "CustomErrorResponse", + "locationName": "CustomErrorResponse" + } + }, + "CustomErrorResponses": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of HTTP status codes for which you want to specify a custom error page and/or a caching duration. If <code>Quantity</code> is <code>0</code>, you can omit <code>Items</code>.</p>" + }, + "Items": { + "shape": "CustomErrorResponseList", + "documentation": "<p>A complex type that contains a <code>CustomErrorResponse</code> element for each HTTP status code for which you want to specify a custom error page and/or a caching duration. </p>" + } + }, + "documentation": "<p>A complex type that controls:</p> <ul> <li> <p>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.</p> </li> <li> <p>How long CloudFront caches HTTP status codes in the 4xx and 5xx range.</p> </li> </ul> <p>For more information about custom error pages, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html\">Customizing Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "CustomHeaders": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of custom headers, if any, for this distribution.</p>" + }, + "Items": { + "shape": "OriginCustomHeadersList", + "documentation": "<p> <b>Optional</b>: A list that contains one <code>OriginCustomHeader</code> element for each custom header that you want CloudFront to forward to the origin. If Quantity is <code>0</code>, omit <code>Items</code>.</p>" + } + }, + "documentation": "<p>A complex type that contains the list of Custom Headers for each origin. </p>" + }, + "CustomOriginConfig": { + "type": "structure", + "required": [ + "HTTPPort", + "HTTPSPort", + "OriginProtocolPolicy" + ], + "members": { + "HTTPPort": { + "shape": "integer", + "documentation": "<p>The HTTP port the custom origin listens on.</p>" + }, + "HTTPSPort": { + "shape": "integer", + "documentation": "<p>The HTTPS port the custom origin listens on.</p>" + }, + "OriginProtocolPolicy": { + "shape": "OriginProtocolPolicy", + "documentation": "<p>The origin protocol policy to apply to your origin.</p>" + }, + "OriginSslProtocols": { + "shape": "OriginSslProtocols", + "documentation": "<p>The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS.</p>" + }, + "OriginReadTimeout": { + "shape": "integer", + "documentation": "<p>You can create a custom origin read timeout. All timeout units are in seconds. The default origin read timeout is 30 seconds, but you can configure custom timeout lengths using the CloudFront API. The minimum timeout length is 4 seconds; the maximum is 60 seconds.</p> <p>If you need to increase the maximum time limit, contact the <a href=\"https://console.aws.amazon.com/support/home#/\">AWS Support Center</a>.</p>" + }, + "OriginKeepaliveTimeout": { + "shape": "integer", + "documentation": "<p>You can create a custom keep-alive timeout. All timeout units are in seconds. The default keep-alive timeout is 5 seconds, but you can configure custom timeout lengths using the CloudFront API. The minimum timeout length is 1 second; the maximum is 60 seconds.</p> <p>If you need to increase the maximum time limit, contact the <a href=\"https://console.aws.amazon.com/support/home#/\">AWS Support Center</a>.</p>" + } + }, + "documentation": "<p>A custom origin or an Amazon S3 bucket configured as a website endpoint.</p>" + }, + "DefaultCacheBehavior": { + "type": "structure", + "required": [ + "TargetOriginId", + "ForwardedValues", + "TrustedSigners", + "ViewerProtocolPolicy", + "MinTTL" + ], + "members": { + "TargetOriginId": { + "shape": "string", + "documentation": "<p>The value of <code>ID</code> for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior in your distribution.</p>" + }, + "ForwardedValues": { + "shape": "ForwardedValues", + "documentation": "<p>A complex type that specifies how CloudFront handles query strings and cookies.</p>" + }, + "TrustedSigners": { + "shape": "TrustedSigners", + "documentation": "<p>A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content.</p> <p>If you want to require signed URLs in requests for objects in the target origin that match the <code>PathPattern</code> for this cache behavior, specify <code>true</code> for <code>Enabled</code>, and specify the applicable values for <code>Quantity</code> and <code>Items</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i> Amazon CloudFront Developer Guide</i>.</p> <p>If you don't want to require signed URLs in requests for objects that match <code>PathPattern</code>, specify <code>false</code> for <code>Enabled</code> and <code>0</code> for <code>Quantity</code>. Omit <code>Items</code>.</p> <p>To add, change, or remove one or more trusted signers, change <code>Enabled</code> to <code>true</code> (if it's currently <code>false</code>), change <code>Quantity</code> as applicable, and specify all of the trusted signers that you want to include in the updated distribution.</p>" + }, + "ViewerProtocolPolicy": { + "shape": "ViewerProtocolPolicy", + "documentation": "<p>The protocol that viewers can use to access the files in the origin specified by <code>TargetOriginId</code> when a request matches the path pattern in <code>PathPattern</code>. You can specify the following options:</p> <ul> <li> <p> <code>allow-all</code>: Viewers can use HTTP or HTTPS.</p> </li> <li> <p> <code>redirect-to-https</code>: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.</p> </li> <li> <p> <code>https-only</code>: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).</p> </li> </ul> <p>For more information about requiring the HTTPS protocol, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html\">Using an HTTPS Connection to Access Your Objects</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <note> <p>The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> </note>" + }, + "MinTTL": { + "shape": "long", + "documentation": "<p>The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <p>You must specify <code>0</code> for <code>MinTTL</code> if you configure CloudFront to forward all headers to your origin (under <code>Headers</code>, if you specify <code>1</code> for <code>Quantity</code> and <code>*</code> for <code>Name</code>).</p>" + }, + "AllowedMethods": { + "shape": "AllowedMethods" + }, + "SmoothStreaming": { + "shape": "boolean", + "documentation": "<p>Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify <code>true</code>; if not, specify <code>false</code>. If you specify <code>true</code> for <code>SmoothStreaming</code>, you can still distribute other content using this cache behavior if the content matches the value of <code>PathPattern</code>. </p>" + }, + "DefaultTTL": { + "shape": "long", + "documentation": "<p>The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as <code>Cache-Control max-age</code>, <code>Cache-Control s-maxage</code>, and <code>Expires</code> to objects. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "MaxTTL": { + "shape": "long", + "documentation": "<p>The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as <code>Cache-Control max-age</code>, <code>Cache-Control s-maxage</code>, and <code>Expires</code> to objects. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html\">Managing How Long Content Stays in an Edge Cache (Expiration)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Compress": { + "shape": "boolean", + "documentation": "<p>Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify <code>true</code>; if not, specify <code>false</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html\">Serving Compressed Files</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "LambdaFunctionAssociations": { + "shape": "LambdaFunctionAssociations", + "documentation": "<p>A complex type that contains zero or more Lambda function associations for a cache behavior.</p>" + }, + "FieldLevelEncryptionId": { + "shape": "string", + "documentation": "<p>The value of <code>ID</code> for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for a cache behavior or for the default cache behavior in your distribution.</p>" + } + }, + "documentation": "<p>A complex type that describes the default cache behavior if you don't specify a <code>CacheBehavior</code> element or if files don't match any of the values of <code>PathPattern</code> in <code>CacheBehavior</code> elements. You must create exactly one default cache behavior.</p>" + }, + "DeleteCloudFrontOriginAccessIdentityRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The origin access identity's ID.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header you received from a previous <code>GET</code> or <code>PUT</code> request. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>Deletes a origin access identity.</p>" + }, + "DeleteDistributionRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The distribution ID. </p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when you disabled the distribution. For example: <code>E2QWRUHAPOMQZL</code>. </p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>This action deletes a web distribution. To delete a web distribution using the CloudFront API, perform the following steps.</p> <p> <b>To delete a web distribution using the CloudFront API:</b> </p> <ol> <li> <p>Disable the web distribution </p> </li> <li> <p>Submit a <code>GET Distribution Config</code> request to get the current configuration and the <code>Etag</code> header for the distribution.</p> </li> <li> <p>Update the XML document that was returned in the response to your <code>GET Distribution Config</code> request to change the value of <code>Enabled</code> to <code>false</code>.</p> </li> <li> <p>Submit a <code>PUT Distribution Config</code> request to update the configuration for your distribution. In the request body, include the XML document that you updated in Step 3. Set the value of the HTTP <code>If-Match</code> header to the value of the <code>ETag</code> header that CloudFront returned when you submitted the <code>GET Distribution Config</code> request in Step 2.</p> </li> <li> <p>Review the response to the <code>PUT Distribution Config</code> request to confirm that the distribution was successfully disabled.</p> </li> <li> <p>Submit a <code>GET Distribution</code> request to confirm that your changes have propagated. When propagation is complete, the value of <code>Status</code> is <code>Deployed</code>.</p> </li> <li> <p>Submit a <code>DELETE Distribution</code> request. Set the value of the HTTP <code>If-Match</code> header to the value of the <code>ETag</code> header that CloudFront returned when you submitted the <code>GET Distribution Config</code> request in Step 6.</p> </li> <li> <p>Review the response to your <code>DELETE Distribution</code> request to confirm that the distribution was successfully deleted.</p> </li> </ol> <p>For information about deleting a distribution using the CloudFront console, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowToDeleteDistribution.html\">Deleting a Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "DeleteFieldLevelEncryptionConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The ID of the configuration you want to delete from CloudFront.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the configuration identity to delete. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + } + }, + "DeleteFieldLevelEncryptionProfileRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Request the ID of the profile you want to delete from CloudFront.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the profile to delete. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + } + }, + "DeletePublicKeyRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The ID of the public key you want to remove from CloudFront.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the public key identity to delete. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + } + }, + "DeleteStreamingDistributionRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The distribution ID. </p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when you disabled the streaming distribution. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>The request to delete a streaming distribution.</p>" + }, + "Distribution": { + "type": "structure", + "required": [ + "Id", + "ARN", + "Status", + "LastModifiedTime", + "InProgressInvalidationBatches", + "DomainName", + "ActiveTrustedSigners", + "DistributionConfig" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the distribution. For example: <code>EDFDVBD632BHDS5</code>. </p>" + }, + "ARN": { + "shape": "string", + "documentation": "<p>The ARN (Amazon Resource Name) for the distribution. For example: <code>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</code>, where <code>123456789012</code> is your AWS account ID.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p>This response element indicates the current status of the distribution. When the status is <code>Deployed</code>, the distribution's information is fully propagated to all CloudFront edge locations. </p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The date and time the distribution was last modified. </p>" + }, + "InProgressInvalidationBatches": { + "shape": "integer", + "documentation": "<p>The number of invalidation batches currently in progress. </p>" + }, + "DomainName": { + "shape": "string", + "documentation": "<p>The domain name corresponding to the distribution, for example, <code>d111111abcdef8.cloudfront.net</code>. </p>" + }, + "ActiveTrustedSigners": { + "shape": "ActiveTrustedSigners", + "documentation": "<p>CloudFront automatically adds this element to the response only if you've set up the distribution to serve private content with signed URLs. The element lists the key pair IDs that CloudFront is aware of for each trusted signer. The <code>Signer</code> child element lists the AWS account number of the trusted signer (or an empty <code>Self</code> element if the signer is you). The <code>Signer</code> element also includes the IDs of any active key pairs associated with the trusted signer's AWS account. If no <code>KeyPairId</code> element appears for a <code>Signer</code>, that signer can't create working signed URLs.</p>" + }, + "DistributionConfig": { + "shape": "DistributionConfig", + "documentation": "<p>The current configuration information for the distribution. Send a <code>GET</code> request to the <code>/<i>CloudFront API version</i>/distribution ID/config</code> resource.</p>" + }, + "AliasICPRecordals": { + "shape": "AliasICPRecordals", + "documentation": "<p>AWS services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions.</p> <p>For more information about ICP recordals, see <a href=\"https://docs.amazonaws.cn/en_us/aws/latest/userguide/accounts-and-credentials.html\"> Signup, Accounts, and Credentials</a> in <i>Getting Started with AWS services in China</i>.</p>" + } + }, + "documentation": "<p>A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.</p>" + }, + "DistributionConfig": { + "type": "structure", + "required": [ + "CallerReference", + "Origins", + "DefaultCacheBehavior", + "Comment", + "Enabled" + ], + "members": { + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.</p> <p>If the value of <code>CallerReference</code> is new (regardless of the content of the <code>DistributionConfig</code> object), CloudFront creates a new distribution.</p> <p>If <code>CallerReference</code> is a value that you already sent in a previous request to create a distribution, CloudFront returns a <code>DistributionAlreadyExists</code> error.</p>" + }, + "Aliases": { + "shape": "Aliases", + "documentation": "<p>A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.</p>" + }, + "DefaultRootObject": { + "shape": "string", + "documentation": "<p>The object that you want CloudFront to request from your origin (for example, <code>index.html</code>) when a viewer requests the root URL for your distribution (<code>http://www.example.com</code>) instead of an object in your distribution (<code>http://www.example.com/product-description.html</code>). Specifying a default root object avoids exposing the contents of your distribution.</p> <p>Specify only the object name, for example, <code>index.html</code>. Don't add a <code>/</code> before the object name.</p> <p>If you don't want to specify a default root object when you create a distribution, include an empty <code>DefaultRootObject</code> element.</p> <p>To delete the default root object from an existing distribution, update the distribution configuration and include an empty <code>DefaultRootObject</code> element.</p> <p>To replace the default root object, update the distribution configuration and specify the new object.</p> <p>For more information about the default root object, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html\">Creating a Default Root Object</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Origins": { + "shape": "Origins", + "documentation": "<p>A complex type that contains information about origins for this distribution. </p>" + }, + "OriginGroups": { + "shape": "OriginGroups", + "documentation": "<p> A complex type that contains information about origin groups for this distribution.</p>" + }, + "DefaultCacheBehavior": { + "shape": "DefaultCacheBehavior", + "documentation": "<p>A complex type that describes the default cache behavior if you don't specify a <code>CacheBehavior</code> element or if files don't match any of the values of <code>PathPattern</code> in <code>CacheBehavior</code> elements. You must create exactly one default cache behavior.</p>" + }, + "CacheBehaviors": { + "shape": "CacheBehaviors", + "documentation": "<p>A complex type that contains zero or more <code>CacheBehavior</code> elements. </p>" + }, + "CustomErrorResponses": { + "shape": "CustomErrorResponses", + "documentation": "<p>A complex type that controls the following:</p> <ul> <li> <p>Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.</p> </li> <li> <p>How long CloudFront caches HTTP status codes in the 4xx and 5xx range.</p> </li> </ul> <p>For more information about custom error pages, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html\">Customizing Error Responses</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Comment": { + "shape": "CommentType", + "documentation": "<p>Any comments you want to include about the distribution.</p> <p>If you don't want to specify a comment, include an empty <code>Comment</code> element.</p> <p>To delete an existing comment, update the distribution configuration and include an empty <code>Comment</code> element.</p> <p>To add or change a comment, update the distribution configuration and specify the new comment.</p>" + }, + "Logging": { + "shape": "LoggingConfig", + "documentation": "<p>A complex type that controls whether access logs are written for the distribution.</p> <p>For more information about logging, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html\">Access Logs</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "PriceClass": { + "shape": "PriceClass", + "documentation": "<p>The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify <code>PriceClass_All</code>, CloudFront responds to requests for your objects from all CloudFront edge locations.</p> <p>If you specify a price class other than <code>PriceClass_All</code>, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.</p> <p>For more information about price classes, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html\">Choosing the Price Class for a CloudFront Distribution</a> in the <i>Amazon CloudFront Developer Guide</i>. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see <a href=\"http://aws.amazon.com/cloudfront/pricing/\">Amazon CloudFront Pricing</a>. For price class information, scroll down to see the table at the bottom of the page.</p>" + }, + "Enabled": { + "shape": "boolean", + "documentation": "<p>From this field, you can enable or disable the selected distribution.</p>" + }, + "ViewerCertificate": { + "shape": "ViewerCertificate", + "documentation": "<p>A complex type that specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.</p>" + }, + "Restrictions": { + "shape": "Restrictions", + "documentation": "<p>A complex type that identifies ways in which you want to restrict distribution of your content.</p>" + }, + "WebACLId": { + "shape": "string", + "documentation": "<p>A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.</p> <p>AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the <a href=\"http://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html\">AWS WAF Developer Guide</a>. </p>" + }, + "HttpVersion": { + "shape": "HttpVersion", + "documentation": "<p>(Optional) Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2 automatically use an earlier HTTP version.</p> <p>For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support Server Name Identification (SNI).</p> <p>In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. You can improve performance by optimizing for HTTP/2. For more information, do an Internet search for \"http/2 optimization.\" </p>" + }, + "IsIPV6Enabled": { + "shape": "boolean", + "documentation": "<p>If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify <code>true</code>. If you specify <code>false</code>, CloudFront responds to IPv6 DNS requests with the DNS response code <code>NOERROR</code> and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution. </p> <p>In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the <code>IpAddress</code> parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html\">Creating a Signed URL Using a Custom Policy</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <p>If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:</p> <ul> <li> <p>You enable IPv6 for the distribution</p> </li> <li> <p>You're using alternate domain names in the URLs for your objects</p> </li> </ul> <p>For more information, see <a href=\"https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html\">Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name</a> in the <i>Amazon Route 53 Developer Guide</i>.</p> <p>If you created a CNAME resource record set, either with Amazon Route 53 or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.</p>" + } + }, + "documentation": "<p>A distribution configuration.</p>" + }, + "DistributionConfigWithTags": { + "type": "structure", + "required": [ + "DistributionConfig", + "Tags" + ], + "members": { + "DistributionConfig": { + "shape": "DistributionConfig", + "documentation": "<p>A distribution configuration.</p>" + }, + "Tags": { + "shape": "Tags", + "documentation": "<p>A complex type that contains zero or more <code>Tag</code> elements.</p>" + } + }, + "documentation": "<p>A distribution Configuration and a list of tags to be associated with the distribution.</p>" + }, + "DistributionList": { + "type": "structure", + "required": [ + "Marker", + "MaxItems", + "IsTruncated", + "Quantity" + ], + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>The value you provided for the <code>Marker</code> request parameter.</p>" + }, + "NextMarker": { + "shape": "string", + "documentation": "<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the value you can use for the <code>Marker</code> request parameter to continue listing your distributions where they left off. </p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The value you provided for the <code>MaxItems</code> request parameter.</p>" + }, + "IsTruncated": { + "shape": "boolean", + "documentation": "<p>A flag that indicates whether more distributions remain to be listed. If your results were truncated, you can make a follow-up pagination request using the <code>Marker</code> request parameter to retrieve more distributions in the list.</p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of distributions that were created by the current AWS account. </p>" + }, + "Items": { + "shape": "DistributionSummaryList", + "documentation": "<p>A complex type that contains one <code>DistributionSummary</code> element for each distribution that was created by the current AWS account.</p>" + } + }, + "documentation": "<p>A distribution list.</p>" + }, + "DistributionSummary": { + "type": "structure", + "required": [ + "Id", + "ARN", + "Status", + "LastModifiedTime", + "DomainName", + "Aliases", + "Origins", + "DefaultCacheBehavior", + "CacheBehaviors", + "CustomErrorResponses", + "Comment", + "PriceClass", + "Enabled", + "ViewerCertificate", + "Restrictions", + "WebACLId", + "HttpVersion", + "IsIPV6Enabled" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the distribution. For example: <code>EDFDVBD632BHDS5</code>.</p>" + }, + "ARN": { + "shape": "string", + "documentation": "<p>The ARN (Amazon Resource Name) for the distribution. For example: <code>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</code>, where <code>123456789012</code> is your AWS account ID.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p>The current status of the distribution. When the status is <code>Deployed</code>, the distribution's information is propagated to all CloudFront edge locations.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The date and time the distribution was last modified.</p>" + }, + "DomainName": { + "shape": "string", + "documentation": "<p>The domain name that corresponds to the distribution, for example, <code>d111111abcdef8.cloudfront.net</code>.</p>" + }, + "Aliases": { + "shape": "Aliases", + "documentation": "<p>A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.</p>" + }, + "Origins": { + "shape": "Origins", + "documentation": "<p>A complex type that contains information about origins for this distribution.</p>" + }, + "OriginGroups": { + "shape": "OriginGroups", + "documentation": "<p> A complex type that contains information about origin groups for this distribution.</p>" + }, + "DefaultCacheBehavior": { + "shape": "DefaultCacheBehavior", + "documentation": "<p>A complex type that describes the default cache behavior if you don't specify a <code>CacheBehavior</code> element or if files don't match any of the values of <code>PathPattern</code> in <code>CacheBehavior</code> elements. You must create exactly one default cache behavior.</p>" + }, + "CacheBehaviors": { + "shape": "CacheBehaviors", + "documentation": "<p>A complex type that contains zero or more <code>CacheBehavior</code> elements.</p>" + }, + "CustomErrorResponses": { + "shape": "CustomErrorResponses", + "documentation": "<p>A complex type that contains zero or more <code>CustomErrorResponses</code> elements.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>The comment originally specified when this distribution was created.</p>" + }, + "PriceClass": { + "shape": "PriceClass", + "documentation": "<p>A complex type that contains information about price class for this streaming distribution. </p>" + }, + "Enabled": { + "shape": "boolean", + "documentation": "<p>Whether the distribution is enabled to accept user requests for content.</p>" + }, + "ViewerCertificate": { + "shape": "ViewerCertificate", + "documentation": "<p>A complex type that specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.</p>" + }, + "Restrictions": { + "shape": "Restrictions", + "documentation": "<p>A complex type that identifies ways in which you want to restrict distribution of your content.</p>" + }, + "WebACLId": { + "shape": "string", + "documentation": "<p>The Web ACL Id (if any) associated with the distribution.</p>" + }, + "HttpVersion": { + "shape": "HttpVersion", + "documentation": "<p> Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront. The default value for new web distributions is <code>http2</code>. Viewers that don't support <code>HTTP/2</code> will automatically use an earlier version.</p>" + }, + "IsIPV6Enabled": { + "shape": "boolean", + "documentation": "<p>Whether CloudFront responds to IPv6 DNS requests with an IPv6 address for your distribution.</p>" + }, + "AliasICPRecordals": { + "shape": "AliasICPRecordals", + "documentation": "<p>AWS services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions.</p> <p>For more information about ICP recordals, see <a href=\"https://docs.amazonaws.cn/en_us/aws/latest/userguide/accounts-and-credentials.html\"> Signup, Accounts, and Credentials</a> in <i>Getting Started with AWS services in China</i>.</p>" + } + }, + "documentation": "<p>A summary of the information about a CloudFront distribution.</p>" + }, + "DistributionSummaryList": { + "type": "list", + "member": { + "shape": "DistributionSummary", + "locationName": "DistributionSummary" + } + }, + "EncryptionEntities": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>Number of field pattern items in a field-level encryption content type-profile mapping. </p>" + }, + "Items": { + "shape": "EncryptionEntityList", + "documentation": "<p>An array of field patterns in a field-level encryption content type-profile mapping. </p>" + } + }, + "documentation": "<p>Complex data type for field-level encryption profiles that includes all of the encryption entities. </p>" + }, + "EncryptionEntity": { + "type": "structure", + "required": [ + "PublicKeyId", + "ProviderId", + "FieldPatterns" + ], + "members": { + "PublicKeyId": { + "shape": "string", + "documentation": "<p>The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns. </p>" + }, + "ProviderId": { + "shape": "string", + "documentation": "<p>The provider associated with the public key being used for encryption. This value must also be provided with the private key for applications to be able to decrypt data.</p>" + }, + "FieldPatterns": { + "shape": "FieldPatterns", + "documentation": "<p>Field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted. You can provide the full field name, or any beginning characters followed by a wildcard (*). You can't overlap field patterns. For example, you can't have both ABC* and AB*. Note that field patterns are case-sensitive. </p>" + } + }, + "documentation": "<p>Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications. </p>" + }, + "EncryptionEntityList": { + "type": "list", + "member": { + "shape": "EncryptionEntity", + "locationName": "EncryptionEntity" + } + }, + "EventType": { + "type": "string", + "enum": [ + "viewer-request", + "viewer-response", + "origin-request", + "origin-response" + ] + }, + "FieldLevelEncryption": { + "type": "structure", + "required": [ + "Id", + "LastModifiedTime", + "FieldLevelEncryptionConfig" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The configuration ID for a field-level encryption configuration which includes a set of profiles that specify certain selected data fields to be encrypted by specific public keys.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The last time the field-level encryption configuration was changed. </p>" + }, + "FieldLevelEncryptionConfig": { + "shape": "FieldLevelEncryptionConfig", + "documentation": "<p>A complex data type that includes the profile configurations specified for field-level encryption. </p>" + } + }, + "documentation": "<p>A complex data type that includes the profile configurations and other options specified for field-level encryption. </p>" + }, + "FieldLevelEncryptionConfig": { + "type": "structure", + "required": [ + "CallerReference" + ], + "members": { + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique number that ensures the request can't be replayed.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>An optional comment about the configuration.</p>" + }, + "QueryArgProfileConfig": { + "shape": "QueryArgProfileConfig", + "documentation": "<p>A complex data type that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.</p>" + }, + "ContentTypeProfileConfig": { + "shape": "ContentTypeProfileConfig", + "documentation": "<p>A complex data type that specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.</p>" + } + }, + "documentation": "<p>A complex data type that includes the profile configurations specified for field-level encryption. </p>" + }, + "FieldLevelEncryptionList": { + "type": "structure", + "required": [ + "MaxItems", + "Quantity" + ], + "members": { + "NextMarker": { + "shape": "string", + "documentation": "<p>If there are more elements to be listed, this element is present and contains the value that you can use for the <code>Marker</code> request parameter to continue listing your configurations where you left off.</p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The maximum number of elements you want in the response body. </p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of field-level encryption items.</p>" + }, + "Items": { + "shape": "FieldLevelEncryptionSummaryList", + "documentation": "<p>An array of field-level encryption items.</p>" + } + }, + "documentation": "<p>List of field-level encrpytion configurations.</p>" + }, + "FieldLevelEncryptionProfile": { + "type": "structure", + "required": [ + "Id", + "LastModifiedTime", + "FieldLevelEncryptionProfileConfig" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The ID for a field-level encryption profile configuration which includes a set of profiles that specify certain selected data fields to be encrypted by specific public keys.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The last time the field-level encryption profile was updated.</p>" + }, + "FieldLevelEncryptionProfileConfig": { + "shape": "FieldLevelEncryptionProfileConfig", + "documentation": "<p>A complex data type that includes the profile name and the encryption entities for the field-level encryption profile.</p>" + } + }, + "documentation": "<p>A complex data type for field-level encryption profiles.</p>" + }, + "FieldLevelEncryptionProfileConfig": { + "type": "structure", + "required": [ + "Name", + "CallerReference", + "EncryptionEntities" + ], + "members": { + "Name": { + "shape": "string", + "documentation": "<p>Profile name for the field-level encryption profile.</p>" + }, + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique number that ensures that the request can't be replayed.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>An optional comment for the field-level encryption profile.</p>" + }, + "EncryptionEntities": { + "shape": "EncryptionEntities", + "documentation": "<p>A complex data type of encryption entities for the field-level encryption profile that include the public key ID, provider, and field patterns for specifying which fields to encrypt with this key.</p>" + } + }, + "documentation": "<p>A complex data type of profiles for the field-level encryption.</p>" + }, + "FieldLevelEncryptionProfileList": { + "type": "structure", + "required": [ + "MaxItems", + "Quantity" + ], + "members": { + "NextMarker": { + "shape": "string", + "documentation": "<p>If there are more elements to be listed, this element is present and contains the value that you can use for the <code>Marker</code> request parameter to continue listing your profiles where you left off.</p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The maximum number of field-level encryption profiles you want in the response body. </p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of field-level encryption profiles.</p>" + }, + "Items": { + "shape": "FieldLevelEncryptionProfileSummaryList", + "documentation": "<p>The field-level encryption profile items.</p>" + } + }, + "documentation": "<p>List of field-level encryption profiles.</p>" + }, + "FieldLevelEncryptionProfileSummary": { + "type": "structure", + "required": [ + "Id", + "LastModifiedTime", + "Name", + "EncryptionEntities" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>ID for the field-level encryption profile summary.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The time when the the field-level encryption profile summary was last updated.</p>" + }, + "Name": { + "shape": "string", + "documentation": "<p>Name for the field-level encryption profile summary.</p>" + }, + "EncryptionEntities": { + "shape": "EncryptionEntities", + "documentation": "<p>A complex data type of encryption entities for the field-level encryption profile that include the public key ID, provider, and field patterns for specifying which fields to encrypt with this key.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>An optional comment for the field-level encryption profile summary.</p>" + } + }, + "documentation": "<p>The field-level encryption profile summary.</p>" + }, + "FieldLevelEncryptionProfileSummaryList": { + "type": "list", + "member": { + "shape": "FieldLevelEncryptionProfileSummary", + "locationName": "FieldLevelEncryptionProfileSummary" + } + }, + "FieldLevelEncryptionSummary": { + "type": "structure", + "required": [ + "Id", + "LastModifiedTime" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The unique ID of a field-level encryption item.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The last time that the summary of field-level encryption items was modified.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>An optional comment about the field-level encryption item.</p>" + }, + "QueryArgProfileConfig": { + "shape": "QueryArgProfileConfig", + "documentation": "<p> A summary of a query argument-profile mapping. </p>" + }, + "ContentTypeProfileConfig": { + "shape": "ContentTypeProfileConfig", + "documentation": "<p> A summary of a content type-profile mapping. </p>" + } + }, + "documentation": "<p>A summary of a field-level encryption item.</p>" + }, + "FieldLevelEncryptionSummaryList": { + "type": "list", + "member": { + "shape": "FieldLevelEncryptionSummary", + "locationName": "FieldLevelEncryptionSummary" + } + }, + "FieldPatternList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "FieldPattern" + } + }, + "FieldPatterns": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of field-level encryption field patterns.</p>" + }, + "Items": { + "shape": "FieldPatternList", + "documentation": "<p>An array of the field-level encryption field patterns.</p>" + } + }, + "documentation": "<p>A complex data type that includes the field patterns to match for field-level encryption.</p>" + }, + "Format": { + "type": "string", + "enum": [ + "URLEncoded" + ] + }, + "ForwardedValues": { + "type": "structure", + "required": [ + "QueryString", + "Cookies" + ], + "members": { + "QueryString": { + "shape": "boolean", + "documentation": "<p>Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of <code>QueryString</code> and on the values that you specify for <code>QueryStringCacheKeys</code>, if any:</p> <p>If you specify true for <code>QueryString</code> and you don't specify any values for <code>QueryStringCacheKeys</code>, CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.</p> <p>If you specify true for <code>QueryString</code> and you specify one or more values for <code>QueryStringCacheKeys</code>, CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.</p> <p>If you specify false for <code>QueryString</code>, CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html\">Configuring CloudFront to Cache Based on Query String Parameters</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Cookies": { + "shape": "CookiePreference", + "documentation": "<p>A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html\">How CloudFront Forwards, Caches, and Logs Cookies</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Headers": { + "shape": "Headers", + "documentation": "<p>A complex type that specifies the <code>Headers</code>, if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html\"> Caching Content Based on Request Headers</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "QueryStringCacheKeys": { + "shape": "QueryStringCacheKeys", + "documentation": "<p>A complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.</p>" + } + }, + "documentation": "<p>A complex type that specifies how CloudFront handles query strings and cookies.</p>" + }, + "GeoRestriction": { + "type": "structure", + "required": [ + "RestrictionType", + "Quantity" + ], + "members": { + "RestrictionType": { + "shape": "GeoRestrictionType", + "documentation": "<p>The method that you want to use to restrict distribution of your content by country:</p> <ul> <li> <p> <code>none</code>: No geo restriction is enabled, meaning access to content is not restricted by client geo location.</p> </li> <li> <p> <code>blacklist</code>: The <code>Location</code> elements specify the countries in which you don't want CloudFront to distribute your content.</p> </li> <li> <p> <code>whitelist</code>: The <code>Location</code> elements specify the countries in which you want CloudFront to distribute your content.</p> </li> </ul>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>When geo restriction is <code>enabled</code>, this is the number of countries in your <code>whitelist</code> or <code>blacklist</code>. Otherwise, when it is not enabled, <code>Quantity</code> is <code>0</code>, and you can omit <code>Items</code>.</p>" + }, + "Items": { + "shape": "LocationList", + "documentation": "<p> A complex type that contains a <code>Location</code> element for each country in which you want CloudFront either to distribute your content (<code>whitelist</code>) or not distribute your content (<code>blacklist</code>).</p> <p>The <code>Location</code> element is a two-letter, uppercase country code for a country that you want to include in your <code>blacklist</code> or <code>whitelist</code>. Include one <code>Location</code> element for each country.</p> <p>CloudFront and <code>MaxMind</code> both use <code>ISO 3166</code> country codes. For the current list of countries and the corresponding codes, see <code>ISO 3166-1-alpha-2</code> code on the <i>International Organization for Standardization</i> website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.</p>" + } + }, + "documentation": "<p>A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using <code>MaxMind</code> GeoIP databases. </p>" + }, + "GeoRestrictionType": { + "type": "string", + "enum": [ + "blacklist", + "whitelist", + "none" + ] + }, + "GetCloudFrontOriginAccessIdentityConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identity's ID. </p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The origin access identity's configuration information. For more information, see <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CloudFrontOriginAccessIdentityConfig.html\">CloudFrontOriginAccessIdentityConfig</a>.</p>" + }, + "GetCloudFrontOriginAccessIdentityConfigResult": { + "type": "structure", + "members": { + "CloudFrontOriginAccessIdentityConfig": { + "shape": "CloudFrontOriginAccessIdentityConfig", + "documentation": "<p>The origin access identity's configuration information. </p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "CloudFrontOriginAccessIdentityConfig" + }, + "GetCloudFrontOriginAccessIdentityRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identity's ID.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The request to get an origin access identity's information.</p>" + }, + "GetCloudFrontOriginAccessIdentityResult": { + "type": "structure", + "members": { + "CloudFrontOriginAccessIdentity": { + "shape": "CloudFrontOriginAccessIdentity", + "documentation": "<p>The origin access identity's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the origin access identity's information. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "CloudFrontOriginAccessIdentity" + }, + "GetDistributionConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The distribution's ID. If the ID is empty, an empty distribution configuration is returned.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The request to get a distribution configuration.</p>" + }, + "GetDistributionConfigResult": { + "type": "structure", + "members": { + "DistributionConfig": { + "shape": "DistributionConfig", + "documentation": "<p>The distribution's configuration information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "DistributionConfig" + }, + "GetDistributionRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The distribution's ID. If the ID is empty, an empty distribution configuration is returned.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The request to get a distribution's information.</p>" + }, + "GetDistributionResult": { + "type": "structure", + "members": { + "Distribution": { + "shape": "Distribution", + "documentation": "<p>The distribution's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the distribution's information. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "Distribution" + }, + "GetFieldLevelEncryptionConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Request the ID for the field-level encryption configuration information.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetFieldLevelEncryptionConfigResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionConfig": { + "shape": "FieldLevelEncryptionConfig", + "documentation": "<p>Return the field-level encryption configuration information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field level encryption configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryptionConfig" + }, + "GetFieldLevelEncryptionProfileConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Get the ID for the field-level encryption profile configuration information.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetFieldLevelEncryptionProfileConfigResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionProfileConfig": { + "shape": "FieldLevelEncryptionProfileConfig", + "documentation": "<p>Return the field-level encryption profile configuration information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field-level encryption profile configuration result. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryptionProfileConfig" + }, + "GetFieldLevelEncryptionProfileRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Get the ID for the field-level encryption profile information.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetFieldLevelEncryptionProfileResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionProfile": { + "shape": "FieldLevelEncryptionProfile", + "documentation": "<p>Return the field-level encryption profile information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field level encryption profile. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryptionProfile" + }, + "GetFieldLevelEncryptionRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Request the ID for the field-level encryption configuration information.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetFieldLevelEncryptionResult": { + "type": "structure", + "members": { + "FieldLevelEncryption": { + "shape": "FieldLevelEncryption", + "documentation": "<p>Return the field-level encryption configuration information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the field level encryption configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryption" + }, + "GetInvalidationRequest": { + "type": "structure", + "required": [ + "DistributionId", + "Id" + ], + "members": { + "DistributionId": { + "shape": "string", + "documentation": "<p>The distribution's ID.</p>", + "location": "uri", + "locationName": "DistributionId" + }, + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the invalidation request, for example, <code>IDFDVBD632BHDS5</code>.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The request to get an invalidation's information. </p>" + }, + "GetInvalidationResult": { + "type": "structure", + "members": { + "Invalidation": { + "shape": "Invalidation", + "documentation": "<p>The invalidation's information. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/InvalidationDatatype.html\">Invalidation Complex Type</a>. </p>" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "Invalidation" + }, + "GetPublicKeyConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Request the ID for the public key configuration.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetPublicKeyConfigResult": { + "type": "structure", + "members": { + "PublicKeyConfig": { + "shape": "PublicKeyConfig", + "documentation": "<p>Return the result for the public key configuration.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the public key configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "PublicKeyConfig" + }, + "GetPublicKeyRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>Request the ID for the public key.</p>", + "location": "uri", + "locationName": "Id" + } + } + }, + "GetPublicKeyResult": { + "type": "structure", + "members": { + "PublicKey": { + "shape": "PublicKey", + "documentation": "<p>Return the public key.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the public key. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "PublicKey" + }, + "GetStreamingDistributionConfigRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The streaming distribution's ID.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>To request to get a streaming distribution configuration.</p>" + }, + "GetStreamingDistributionConfigResult": { + "type": "structure", + "members": { + "StreamingDistributionConfig": { + "shape": "StreamingDistributionConfig", + "documentation": "<p>The streaming distribution's configuration information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>. </p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "StreamingDistributionConfig" + }, + "GetStreamingDistributionRequest": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The streaming distribution's ID.</p>", + "location": "uri", + "locationName": "Id" + } + }, + "documentation": "<p>The request to get a streaming distribution's information.</p>" + }, + "GetStreamingDistributionResult": { + "type": "structure", + "members": { + "StreamingDistribution": { + "shape": "StreamingDistribution", + "documentation": "<p>The streaming distribution's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the streaming distribution's information. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "StreamingDistribution" + }, + "HeaderList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "Name" + } + }, + "Headers": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of different headers that you want CloudFront to base caching on for this cache behavior. You can configure each cache behavior in a web distribution to do one of the following:</p> <ul> <li> <p> <b>Forward all headers to your origin</b>: Specify <code>1</code> for <code>Quantity</code> and <code>*</code> for <code>Name</code>.</p> <important> <p>CloudFront doesn't cache the objects that are associated with this cache behavior. Instead, CloudFront sends every request to the origin. </p> </important> </li> <li> <p> <b>Forward a whitelist of headers you specify</b>: Specify the number of headers that you want CloudFront to base caching on. Then specify the header names in <code>Name</code> elements. CloudFront caches your objects based on the values in the specified headers.</p> </li> <li> <p> <b>Forward only the default headers</b>: Specify <code>0</code> for <code>Quantity</code> and omit <code>Items</code>. In this configuration, CloudFront doesn't cache based on the values in the request headers.</p> </li> </ul> <p>Regardless of which option you choose, CloudFront forwards headers to your origin based on whether the origin is an S3 bucket or a custom origin. See the following documentation:</p> <ul> <li> <p> <b>S3 bucket</b>: See <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorS3Origin.html#request-s3-removed-headers\">HTTP Request Headers That CloudFront Removes or Updates</a> </p> </li> <li> <p> <b>Custom origin</b>: See <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html#request-custom-headers-behavior\">HTTP Request Headers and CloudFront Behavior</a> </p> </li> </ul>" + }, + "Items": { + "shape": "HeaderList", + "documentation": "<p>A list that contains one <code>Name</code> element for each header that you want CloudFront to use for caching in this cache behavior. If <code>Quantity</code> is <code>0</code>, omit <code>Items</code>.</p>" + } + }, + "documentation": "<p>A complex type that specifies the request headers, if any, that you want CloudFront to base caching on for this cache behavior. </p> <p>For the headers that you specify, CloudFront caches separate versions of a specified object based on the header values in viewer requests. For example, suppose viewer requests for <code>logo.jpg</code> contain a custom <code>product</code> header that has a value of either <code>acme</code> or <code>apex</code>, and you configure CloudFront to cache your content based on values in the <code>product</code> header. CloudFront forwards the <code>product</code> header to the origin and caches the response from the origin once for each header value. For more information about caching based on header values, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html\">How CloudFront Forwards and Caches Headers</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "HttpVersion": { + "type": "string", + "enum": [ + "http1.1", + "http2" + ] + }, + "ICPRecordalStatus": { + "type": "string", + "enum": [ + "APPROVED", + "SUSPENDED", + "PENDING" + ] + }, + "Invalidation": { + "type": "structure", + "required": [ + "Id", + "Status", + "CreateTime", + "InvalidationBatch" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the invalidation request. For example: <code>IDFDVBD632BHDS5</code>.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p>The status of the invalidation request. When the invalidation batch is finished, the status is <code>Completed</code>.</p>" + }, + "CreateTime": { + "shape": "timestamp", + "documentation": "<p>The date and time the invalidation request was first made. </p>" + }, + "InvalidationBatch": { + "shape": "InvalidationBatch", + "documentation": "<p>The current invalidation information for the batch request. </p>" + } + }, + "documentation": "<p>An invalidation. </p>" + }, + "InvalidationBatch": { + "type": "structure", + "required": [ + "Paths", + "CallerReference" + ], + "members": { + "Paths": { + "shape": "Paths", + "documentation": "<p>A complex type that contains information about the objects that you want to invalidate. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html#invalidation-specifying-objects\">Specifying the Objects to Invalidate</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>" + }, + "CallerReference": { + "shape": "string", + "documentation": "<p>A value that you specify to uniquely identify an invalidation request. CloudFront uses the value to prevent you from accidentally resubmitting an identical request. Whenever you create a new invalidation request, you must specify a new value for <code>CallerReference</code> and change other values in the request as applicable. One way to ensure that the value of <code>CallerReference</code> is unique is to use a <code>timestamp</code>, for example, <code>20120301090000</code>.</p> <p>If you make a second invalidation request with the same value for <code>CallerReference</code>, and if the rest of the request is the same, CloudFront doesn't create a new invalidation request. Instead, CloudFront returns information about the invalidation request that you previously created with the same <code>CallerReference</code>.</p> <p>If <code>CallerReference</code> is a value you already sent in a previous invalidation batch request but the content of any <code>Path</code> is different from the original request, CloudFront returns an <code>InvalidationBatchAlreadyExists</code> error.</p>" + } + }, + "documentation": "<p>An invalidation batch.</p>" + }, + "InvalidationList": { + "type": "structure", + "required": [ + "Marker", + "MaxItems", + "IsTruncated", + "Quantity" + ], + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>The value that you provided for the <code>Marker</code> request parameter.</p>" + }, + "NextMarker": { + "shape": "string", + "documentation": "<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the value that you can use for the <code>Marker</code> request parameter to continue listing your invalidation batches where they left off.</p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The value that you provided for the <code>MaxItems</code> request parameter.</p>" + }, + "IsTruncated": { + "shape": "boolean", + "documentation": "<p>A flag that indicates whether more invalidation batch requests remain to be listed. If your results were truncated, you can make a follow-up pagination request using the <code>Marker</code> request parameter to retrieve more invalidation batches in the list.</p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of invalidation batches that were created by the current AWS account. </p>" + }, + "Items": { + "shape": "InvalidationSummaryList", + "documentation": "<p>A complex type that contains one <code>InvalidationSummary</code> element for each invalidation batch created by the current AWS account.</p>" + } + }, + "documentation": "<p>The <code>InvalidationList</code> complex type describes the list of invalidation objects. For more information about invalidation, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html\">Invalidating Objects (Web Distributions Only)</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "InvalidationSummary": { + "type": "structure", + "required": [ + "Id", + "CreateTime", + "Status" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The unique ID for an invalidation request.</p>" + }, + "CreateTime": { + "shape": "timestamp", + "documentation": "<p>The time that an invalidation request was created.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p>The status of an invalidation request.</p>" + } + }, + "documentation": "<p>A summary of an invalidation request.</p>" + }, + "InvalidationSummaryList": { + "type": "list", + "member": { + "shape": "InvalidationSummary", + "locationName": "InvalidationSummary" + } + }, + "ItemSelection": { + "type": "string", + "enum": [ + "none", + "whitelist", + "all" + ] + }, + "KeyPairIdList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "KeyPairId" + } + }, + "KeyPairIds": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of active CloudFront key pairs for <code>AwsAccountNumber</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html\">ActiveTrustedSigners</a>.</p>" + }, + "Items": { + "shape": "KeyPairIdList", + "documentation": "<p>A complex type that lists the active CloudFront key pairs, if any, that are associated with <code>AwsAccountNumber</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html\">ActiveTrustedSigners</a>.</p>" + } + }, + "documentation": "<p>A complex type that lists the active CloudFront key pairs, if any, that are associated with <code>AwsAccountNumber</code>. </p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html\">ActiveTrustedSigners</a>.</p>" + }, + "LambdaFunctionARN": { + "type": "string" + }, + "LambdaFunctionAssociation": { + "type": "structure", + "required": [ + "LambdaFunctionARN", + "EventType" + ], + "members": { + "LambdaFunctionARN": { + "shape": "LambdaFunctionARN", + "documentation": "<p>The ARN of the Lambda function. You must specify the ARN of a function version; you can't specify a Lambda alias or $LATEST.</p>" + }, + "EventType": { + "shape": "EventType", + "documentation": "<p>Specifies the event type that triggers a Lambda function invocation. You can specify the following values:</p> <ul> <li> <p> <code>viewer-request</code>: The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache. </p> </li> <li> <p> <code>origin-request</code>: The function executes only when CloudFront forwards a request to your origin. When the requested object is in the edge cache, the function doesn't execute.</p> </li> <li> <p> <code>origin-response</code>: The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.</p> </li> <li> <p> <code>viewer-response</code>: The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.</p> <p>If the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.</p> </li> </ul>" + }, + "IncludeBody": { + "shape": "boolean", + "documentation": "<p>A flag that allows a Lambda function to have read access to the body content. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html\">Accessing the Request Body by Choosing the Include Body Option</a> in the Amazon CloudFront Developer Guide.</p>" + } + }, + "documentation": "<p>A complex type that contains a Lambda function association.</p>" + }, + "LambdaFunctionAssociationList": { + "type": "list", + "member": { + "shape": "LambdaFunctionAssociation", + "locationName": "LambdaFunctionAssociation" + } + }, + "LambdaFunctionAssociations": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of Lambda function associations for this cache behavior.</p>" + }, + "Items": { + "shape": "LambdaFunctionAssociationList", + "documentation": "<p> <b>Optional</b>: A complex type that contains <code>LambdaFunctionAssociation</code> items for this cache behavior. If <code>Quantity</code> is <code>0</code>, you can omit <code>Items</code>.</p>" + } + }, + "documentation": "<p>A complex type that specifies a list of Lambda functions associations for a cache behavior.</p> <p>If you want to invoke one or more Lambda functions triggered by requests that match the <code>PathPattern</code> of the cache behavior, specify the applicable values for <code>Quantity</code> and <code>Items</code>. Note that there can be up to 4 <code>LambdaFunctionAssociation</code> items in this list (one for each possible value of <code>EventType</code>) and each <code>EventType</code> can be associated with the Lambda function only once.</p> <p>If you don't want to invoke any Lambda functions for the requests that match <code>PathPattern</code>, specify <code>0</code> for <code>Quantity</code> and omit <code>Items</code>. </p>" + }, + "ListCloudFrontOriginAccessIdentitiesRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of origin access identities. The results include identities in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last identity on that page).</p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of origin access identities you want in the response body. </p>", + "location": "querystring", + "locationName": "MaxItems" + } + }, + "documentation": "<p>The request to list origin access identities. </p>" + }, + "ListCloudFrontOriginAccessIdentitiesResult": { + "type": "structure", + "members": { + "CloudFrontOriginAccessIdentityList": { + "shape": "CloudFrontOriginAccessIdentityList", + "documentation": "<p>The <code>CloudFrontOriginAccessIdentityList</code> type. </p>" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "CloudFrontOriginAccessIdentityList" + }, + "ListDistributionsByWebACLIdRequest": { + "type": "structure", + "required": [ + "WebACLId" + ], + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use <code>Marker</code> and <code>MaxItems</code> to control pagination of results. If you have more than <code>MaxItems</code> distributions that satisfy the request, the response includes a <code>NextMarker</code> element. To get the next page of results, submit another request. For the value of <code>Marker</code>, specify the value of <code>NextMarker</code> from the last response. (For the first request, omit <code>Marker</code>.) </p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of distributions that you want CloudFront to return in the response body. The maximum and default values are both 100.</p>", + "location": "querystring", + "locationName": "MaxItems" + }, + "WebACLId": { + "shape": "string", + "documentation": "<p>The ID of the AWS WAF web ACL that you want to list the associated distributions. If you specify \"null\" for the ID, the request returns a list of the distributions that aren't associated with a web ACL. </p>", + "location": "uri", + "locationName": "WebACLId" + } + }, + "documentation": "<p>The request to list distributions that are associated with a specified AWS WAF web ACL. </p>" + }, + "ListDistributionsByWebACLIdResult": { + "type": "structure", + "members": { + "DistributionList": { + "shape": "DistributionList", + "documentation": "<p>The <code>DistributionList</code> type. </p>" + } + }, + "documentation": "<p>The response to a request to list the distributions that are associated with a specified AWS WAF web ACL. </p>", + "payload": "DistributionList" + }, + "ListDistributionsRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of distributions. The results include distributions in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last distribution on that page).</p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of distributions you want in the response body.</p>", + "location": "querystring", + "locationName": "MaxItems" + } + }, + "documentation": "<p>The request to list your distributions. </p>" + }, + "ListDistributionsResult": { + "type": "structure", + "members": { + "DistributionList": { + "shape": "DistributionList", + "documentation": "<p>The <code>DistributionList</code> type. </p>" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "DistributionList" + }, + "ListFieldLevelEncryptionConfigsRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of configurations. The results include configurations in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last configuration on that page). </p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of field-level encryption configurations you want in the response body. </p>", + "location": "querystring", + "locationName": "MaxItems" + } + } + }, + "ListFieldLevelEncryptionConfigsResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionList": { + "shape": "FieldLevelEncryptionList", + "documentation": "<p>Returns a list of all field-level encryption configurations that have been created in CloudFront for this account.</p>" + } + }, + "payload": "FieldLevelEncryptionList" + }, + "ListFieldLevelEncryptionProfilesRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of profiles. The results include profiles in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last profile on that page). </p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of field-level encryption profiles you want in the response body. </p>", + "location": "querystring", + "locationName": "MaxItems" + } + } + }, + "ListFieldLevelEncryptionProfilesResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionProfileList": { + "shape": "FieldLevelEncryptionProfileList", + "documentation": "<p>Returns a list of the field-level encryption profiles that have been created in CloudFront for this account.</p>" + } + }, + "payload": "FieldLevelEncryptionProfileList" + }, + "ListInvalidationsRequest": { + "type": "structure", + "required": [ + "DistributionId" + ], + "members": { + "DistributionId": { + "shape": "string", + "documentation": "<p>The distribution's ID.</p>", + "location": "uri", + "locationName": "DistributionId" + }, + "Marker": { + "shape": "string", + "documentation": "<p>Use this parameter when paginating results to indicate where to begin in your list of invalidation batches. Because the results are returned in decreasing order from most recent to oldest, the most recent results are on the first page, the second page will contain earlier results, and so on. To get the next page of results, set <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response. This value is the same as the ID of the last invalidation batch on that page. </p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of invalidation batches that you want in the response body.</p>", + "location": "querystring", + "locationName": "MaxItems" + } + }, + "documentation": "<p>The request to list invalidations. </p>" + }, + "ListInvalidationsResult": { + "type": "structure", + "members": { + "InvalidationList": { + "shape": "InvalidationList", + "documentation": "<p>Information about invalidation batches. </p>" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "InvalidationList" + }, + "ListPublicKeysRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>Use this when paginating results to indicate where to begin in your list of public keys. The results include public keys in the list that occur after the marker. To get the next page of results, set the <code>Marker</code> to the value of the <code>NextMarker</code> from the current page's response (which is also the ID of the last public key on that page). </p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The maximum number of public keys you want in the response body. </p>", + "location": "querystring", + "locationName": "MaxItems" + } + } + }, + "ListPublicKeysResult": { + "type": "structure", + "members": { + "PublicKeyList": { + "shape": "PublicKeyList", + "documentation": "<p>Returns a list of all public keys that have been added to CloudFront for this account.</p>" + } + }, + "payload": "PublicKeyList" + }, + "ListStreamingDistributionsRequest": { + "type": "structure", + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>The value that you provided for the <code>Marker</code> request parameter.</p>", + "location": "querystring", + "locationName": "Marker" + }, + "MaxItems": { + "shape": "string", + "documentation": "<p>The value that you provided for the <code>MaxItems</code> request parameter.</p>", + "location": "querystring", + "locationName": "MaxItems" + } + }, + "documentation": "<p>The request to list your streaming distributions. </p>" + }, + "ListStreamingDistributionsResult": { + "type": "structure", + "members": { + "StreamingDistributionList": { + "shape": "StreamingDistributionList", + "documentation": "<p>The <code>StreamingDistributionList</code> type. </p>" + } + }, + "documentation": "<p>The returned result of the corresponding request. </p>", + "payload": "StreamingDistributionList" + }, + "ListTagsForResourceRequest": { + "type": "structure", + "required": [ + "Resource" + ], + "members": { + "Resource": { + "shape": "ResourceARN", + "documentation": "<p> An ARN of a CloudFront resource.</p>", + "location": "querystring", + "locationName": "Resource" + } + }, + "documentation": "<p> The request to list tags for a CloudFront resource.</p>" + }, + "ListTagsForResourceResult": { + "type": "structure", + "required": [ + "Tags" + ], + "members": { + "Tags": { + "shape": "Tags", + "documentation": "<p> A complex type that contains zero or more <code>Tag</code> elements.</p>" + } + }, + "documentation": "<p> The returned result of the corresponding request.</p>", + "payload": "Tags" + }, + "LocationList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "Location" + } + }, + "LoggingConfig": { + "type": "structure", + "required": [ + "Enabled", + "IncludeCookies", + "Bucket", + "Prefix" + ], + "members": { + "Enabled": { + "shape": "boolean", + "documentation": "<p>Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a distribution or if you want to disable logging for an existing distribution, specify <code>false</code> for <code>Enabled</code>, and specify empty <code>Bucket</code> and <code>Prefix</code> elements. If you specify <code>false</code> for <code>Enabled</code> but you specify values for <code>Bucket</code>, <code>prefix</code>, and <code>IncludeCookies</code>, the values are automatically deleted.</p>" + }, + "IncludeCookies": { + "shape": "boolean", + "documentation": "<p>Specifies whether you want CloudFront to include cookies in access logs, specify <code>true</code> for <code>IncludeCookies</code>. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify <code>false</code> for <code>IncludeCookies</code>.</p>" + }, + "Bucket": { + "shape": "string", + "documentation": "<p>The Amazon S3 bucket to store the access logs in, for example, <code>myawslogbucket.s3.amazonaws.com</code>.</p>" + }, + "Prefix": { + "shape": "string", + "documentation": "<p>An optional string that you want CloudFront to prefix to the access log <code>filenames</code> for this distribution, for example, <code>myprefix/</code>. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty <code>Prefix</code> element in the <code>Logging</code> element.</p>" + } + }, + "documentation": "<p>A complex type that controls whether access logs are written for the distribution.</p>" + }, + "Method": { + "type": "string", + "enum": [ + "GET", + "HEAD", + "POST", + "PUT", + "PATCH", + "OPTIONS", + "DELETE" + ] + }, + "MethodsList": { + "type": "list", + "member": { + "shape": "Method", + "locationName": "Method" + } + }, + "MinimumProtocolVersion": { + "type": "string", + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1_2016", + "TLSv1.1_2016", + "TLSv1.2_2018" + ] + }, + "Origin": { + "type": "structure", + "required": [ + "Id", + "DomainName" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>A unique identifier for the origin or origin group. The value of <code>Id</code> must be unique within the distribution.</p> <p>When you specify the value of <code>TargetOriginId</code> for the default cache behavior or for another cache behavior, you indicate the origin to which you want the cache behavior to route requests by specifying the value of the <code>Id</code> element for that origin. When a request matches the path pattern for that cache behavior, CloudFront routes the request to the specified origin. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior\">Cache Behavior Settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "DomainName": { + "shape": "string", + "documentation": "<p> <b>Amazon S3 origins</b>: The DNS name of the Amazon S3 bucket from which you want CloudFront to get objects for this origin, for example, <code>myawsbucket.s3.amazonaws.com</code>. If you set up your bucket to be configured as a website endpoint, enter the Amazon S3 static website hosting endpoint for the bucket.</p> <p>For more information about specifying this value for different types of origins, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName\">Origin Domain Name</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> <p>Constraints for Amazon S3 origins: </p> <ul> <li> <p>If you configured Amazon S3 Transfer Acceleration for your bucket, don't specify the <code>s3-accelerate</code> endpoint for <code>DomainName</code>.</p> </li> <li> <p>The bucket name must be between 3 and 63 characters long (inclusive).</p> </li> <li> <p>The bucket name must contain only lowercase characters, numbers, periods, underscores, and dashes.</p> </li> <li> <p>The bucket name must not contain adjacent periods.</p> </li> </ul> <p> <b>Custom Origins</b>: The DNS domain name for the HTTP server from which you want CloudFront to get objects for this origin, for example, <code>www.example.com</code>. </p> <p>Constraints for custom origins:</p> <ul> <li> <p> <code>DomainName</code> must be a valid DNS name that contains only a-z, A-Z, 0-9, dot (.), hyphen (-), or underscore (_) characters.</p> </li> <li> <p>The name cannot exceed 128 characters.</p> </li> </ul>" + }, + "OriginPath": { + "shape": "string", + "documentation": "<p>An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. When you include the <code>OriginPath</code> element, specify the directory name, beginning with a <code>/</code>. CloudFront appends the directory name to the value of <code>DomainName</code>, for example, <code>example.com/production</code>. Do not include a <code>/</code> at the end of the directory name.</p> <p>For example, suppose you've specified the following values for your distribution:</p> <ul> <li> <p> <code>DomainName</code>: An Amazon S3 bucket named <code>myawsbucket</code>.</p> </li> <li> <p> <code>OriginPath</code>: <code>/production</code> </p> </li> <li> <p> <code>CNAME</code>: <code>example.com</code> </p> </li> </ul> <p>When a user enters <code>example.com/index.html</code> in a browser, CloudFront sends a request to Amazon S3 for <code>myawsbucket/production/index.html</code>.</p> <p>When a user enters <code>example.com/acme/index.html</code> in a browser, CloudFront sends a request to Amazon S3 for <code>myawsbucket/production/acme/index.html</code>.</p>" + }, + "CustomHeaders": { + "shape": "CustomHeaders", + "documentation": "<p>A complex type that contains names and values for the custom headers that you want.</p>" + }, + "S3OriginConfig": { + "shape": "S3OriginConfig", + "documentation": "<p>A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin, use the <code>CustomOriginConfig</code> element instead.</p>" + }, + "CustomOriginConfig": { + "shape": "CustomOriginConfig", + "documentation": "<p>A complex type that contains information about a custom origin. If the origin is an Amazon S3 bucket, use the <code>S3OriginConfig</code> element instead.</p>" + } + }, + "documentation": "<p>A complex type that describes the Amazon S3 bucket, HTTP server (for example, a web server), Amazon MediaStore, or other server from which CloudFront gets your files. This can also be an origin group, if you've created an origin group. You must specify at least one origin or origin group.</p> <p>For the current limit on the number of origins or origin groups that you can specify for a distribution, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_cloudfront\">Amazon CloudFront Limits</a> in the <i>AWS General Reference</i>.</p>" + }, + "OriginCustomHeader": { + "type": "structure", + "required": [ + "HeaderName", + "HeaderValue" + ], + "members": { + "HeaderName": { + "shape": "string", + "documentation": "<p>The name of a header that you want CloudFront to forward to your origin. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html\">Forwarding Custom Headers to Your Origin (Web Distributions Only)</a> in the <i> Amazon CloudFront Developer Guide</i>.</p>" + }, + "HeaderValue": { + "shape": "string", + "documentation": "<p>The value for the header that you specified in the <code>HeaderName</code> field.</p>" + } + }, + "documentation": "<p>A complex type that contains <code>HeaderName</code> and <code>HeaderValue</code> elements, if any, for this distribution. </p>" + }, + "OriginCustomHeadersList": { + "type": "list", + "member": { + "shape": "OriginCustomHeader", + "locationName": "OriginCustomHeader" + } + }, + "OriginGroup": { + "type": "structure", + "required": [ + "Id", + "FailoverCriteria", + "Members" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The origin group's ID.</p>" + }, + "FailoverCriteria": { + "shape": "OriginGroupFailoverCriteria", + "documentation": "<p>A complex type that contains information about the failover criteria for an origin group.</p>" + }, + "Members": { + "shape": "OriginGroupMembers", + "documentation": "<p>A complex type that contains information about the origins in an origin group.</p>" + } + }, + "documentation": "<p>An origin group includes two origins (a primary origin and a second origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specifiy the origin group instead of a single origin, and CloudFront will failover from the primary origin to the second origin under the failover conditions that you've chosen.</p>" + }, + "OriginGroupFailoverCriteria": { + "type": "structure", + "required": [ + "StatusCodes" + ], + "members": { + "StatusCodes": { + "shape": "StatusCodes", + "documentation": "<p>The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.</p>" + } + }, + "documentation": "<p>A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin.</p>" + }, + "OriginGroupList": { + "type": "list", + "member": { + "shape": "OriginGroup", + "locationName": "OriginGroup" + }, + "documentation": "<p>List of origin groups for a distribution.</p>" + }, + "OriginGroupMember": { + "type": "structure", + "required": [ + "OriginId" + ], + "members": { + "OriginId": { + "shape": "string", + "documentation": "<p>The ID for an origin in an origin group.</p>" + } + }, + "documentation": "<p>An origin in an origin group.</p>" + }, + "OriginGroupMemberList": { + "type": "list", + "member": { + "shape": "OriginGroupMember", + "locationName": "OriginGroupMember" + }, + "documentation": "<p>List of origins in an origin group.</p>", + "max": 2, + "min": 2 + }, + "OriginGroupMembers": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of origins in an origin group.</p>" + }, + "Items": { + "shape": "OriginGroupMemberList", + "documentation": "<p>Items (origins) in an origin group.</p>" + } + }, + "documentation": "<p>A complex data type for the origins included in an origin group.</p>" + }, + "OriginGroups": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of origin groups.</p>" + }, + "Items": { + "shape": "OriginGroupList", + "documentation": "<p>The items (origin groups) in a distribution.</p>" + } + }, + "documentation": "<p>A complex data type for the origin groups specified for a distribution.</p>" + }, + "OriginList": { + "type": "list", + "member": { + "shape": "Origin", + "locationName": "Origin" + }, + "min": 1 + }, + "OriginProtocolPolicy": { + "type": "string", + "enum": [ + "http-only", + "match-viewer", + "https-only" + ] + }, + "OriginSslProtocols": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of SSL/TLS protocols that you want to allow CloudFront to use when establishing an HTTPS connection with this origin. </p>" + }, + "Items": { + "shape": "SslProtocolsList", + "documentation": "<p>A list that contains allowed SSL/TLS protocols for this distribution.</p>" + } + }, + "documentation": "<p>A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an HTTPS connection with your origin. </p>" + }, + "Origins": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of origins or origin groups for this distribution.</p>" + }, + "Items": { + "shape": "OriginList", + "documentation": "<p>A complex type that contains origins or origin groups for this distribution.</p>" + } + }, + "documentation": "<p>A complex type that contains information about origins and origin groups for this distribution. </p>" + }, + "PathList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "Path" + } + }, + "Paths": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of invalidation paths specified for the objects that you want to invalidate.</p>" + }, + "Items": { + "shape": "PathList", + "documentation": "<p>A complex type that contains a list of the paths that you want to invalidate.</p>" + } + }, + "documentation": "<p>A complex type that contains information about the objects that you want to invalidate. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html#invalidation-specifying-objects\">Specifying the Objects to Invalidate</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>" + }, + "PriceClass": { + "type": "string", + "enum": [ + "PriceClass_100", + "PriceClass_200", + "PriceClass_All" + ] + }, + "PublicKey": { + "type": "structure", + "required": [ + "Id", + "CreatedTime", + "PublicKeyConfig" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>A unique ID assigned to a public key you've added to CloudFront.</p>" + }, + "CreatedTime": { + "shape": "timestamp", + "documentation": "<p>A time you added a public key to CloudFront.</p>" + }, + "PublicKeyConfig": { + "shape": "PublicKeyConfig", + "documentation": "<p>A complex data type for a public key you add to CloudFront to use with features like field-level encryption.</p>" + } + }, + "documentation": "<p>A complex data type of public keys you add to CloudFront to use with features like field-level encryption.</p>" + }, + "PublicKeyConfig": { + "type": "structure", + "required": [ + "CallerReference", + "Name", + "EncodedKey" + ], + "members": { + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique number that ensures that the request can't be replayed.</p>" + }, + "Name": { + "shape": "string", + "documentation": "<p>The name for a public key you add to CloudFront to use with features like field-level encryption.</p>" + }, + "EncodedKey": { + "shape": "string", + "documentation": "<p>The encoded public key that you want to add to CloudFront to use with features like field-level encryption.</p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>An optional comment about a public key.</p>" + } + }, + "documentation": "<p>Information about a public key you add to CloudFront to use with features like field-level encryption.</p>" + }, + "PublicKeyList": { + "type": "structure", + "required": [ + "MaxItems", + "Quantity" + ], + "members": { + "NextMarker": { + "shape": "string", + "documentation": "<p>If there are more elements to be listed, this element is present and contains the value that you can use for the <code>Marker</code> request parameter to continue listing your public keys where you left off.</p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The maximum number of public keys you want in the response body. </p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of public keys you added to CloudFront to use with features like field-level encryption.</p>" + }, + "Items": { + "shape": "PublicKeySummaryList", + "documentation": "<p>An array of information about a public key you add to CloudFront to use with features like field-level encryption.</p>" + } + }, + "documentation": "<p>A list of public keys you've added to CloudFront to use with features like field-level encryption.</p>" + }, + "PublicKeySummary": { + "type": "structure", + "required": [ + "Id", + "Name", + "CreatedTime", + "EncodedKey" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p> ID for public key information summary. </p>" + }, + "Name": { + "shape": "string", + "documentation": "<p> Name for public key information summary. </p>" + }, + "CreatedTime": { + "shape": "timestamp", + "documentation": "<p> Creation time for public key information summary. </p>" + }, + "EncodedKey": { + "shape": "string", + "documentation": "<p> Encoded key for public key information summary. </p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p> Comment for public key information summary. </p>" + } + }, + "documentation": "<p>A complex data type for public key information. </p>" + }, + "PublicKeySummaryList": { + "type": "list", + "member": { + "shape": "PublicKeySummary", + "locationName": "PublicKeySummary" + } + }, + "QueryArgProfile": { + "type": "structure", + "required": [ + "QueryArg", + "ProfileId" + ], + "members": { + "QueryArg": { + "shape": "string", + "documentation": "<p>Query argument for field-level encryption query argument-profile mapping.</p>" + }, + "ProfileId": { + "shape": "string", + "documentation": "<p>ID of profile to use for field-level encryption query argument-profile mapping</p>" + } + }, + "documentation": "<p>Query argument-profile mapping for field-level encryption.</p>" + }, + "QueryArgProfileConfig": { + "type": "structure", + "required": [ + "ForwardWhenQueryArgProfileIsUnknown" + ], + "members": { + "ForwardWhenQueryArgProfileIsUnknown": { + "shape": "boolean", + "documentation": "<p>Flag to set if you want a request to be forwarded to the origin even if the profile specified by the field-level encryption query argument, fle-profile, is unknown.</p>" + }, + "QueryArgProfiles": { + "shape": "QueryArgProfiles", + "documentation": "<p>Profiles specified for query argument-profile mapping for field-level encryption.</p>" + } + }, + "documentation": "<p>Configuration for query argument-profile mapping for field-level encryption.</p>" + }, + "QueryArgProfileList": { + "type": "list", + "member": { + "shape": "QueryArgProfile", + "locationName": "QueryArgProfile" + } + }, + "QueryArgProfiles": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>Number of profiles for query argument-profile mapping for field-level encryption.</p>" + }, + "Items": { + "shape": "QueryArgProfileList", + "documentation": "<p>Number of items for query argument-profile mapping for field-level encryption.</p>" + } + }, + "documentation": "<p>Query argument-profile mapping for field-level encryption.</p>" + }, + "QueryStringCacheKeys": { + "type": "structure", + "required": [ + "Quantity" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of <code>whitelisted</code> query string parameters for a cache behavior.</p>" + }, + "Items": { + "shape": "QueryStringCacheKeysList", + "documentation": "<p>A list that contains the query string parameters that you want CloudFront to use as a basis for caching for a cache behavior. If <code>Quantity</code> is 0, you can omit <code>Items</code>. </p>" + } + }, + "documentation": "<p>A complex type that contains information about the query string parameters that you want CloudFront to use for caching for a cache behavior. </p>" + }, + "QueryStringCacheKeysList": { + "type": "list", + "member": { + "shape": "string", + "locationName": "Name" + } + }, + "ResourceARN": { + "type": "string", + "pattern": "arn:aws(-cn)?:cloudfront::[0-9]+:.*" + }, + "Restrictions": { + "type": "structure", + "required": [ + "GeoRestriction" + ], + "members": { + "GeoRestriction": { + "shape": "GeoRestriction", + "documentation": "<p>A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using <code>MaxMind</code> GeoIP databases.</p>" + } + }, + "documentation": "<p>A complex type that identifies ways in which you want to restrict distribution of your content.</p>" + }, + "S3Origin": { + "type": "structure", + "required": [ + "DomainName", + "OriginAccessIdentity" + ], + "members": { + "DomainName": { + "shape": "string", + "documentation": "<p>The DNS name of the Amazon S3 origin. </p>" + }, + "OriginAccessIdentity": { + "shape": "string", + "documentation": "<p>The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.</p> <p>If you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty <code>OriginAccessIdentity</code> element.</p> <p>To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty <code>OriginAccessIdentity</code> element.</p> <p>To replace the origin access identity, update the distribution configuration and specify the new origin access identity.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html\">Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content</a> in the <i> Amazon CloudFront Developer Guide</i>.</p>" + } + }, + "documentation": "<p>A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.</p>" + }, + "S3OriginConfig": { + "type": "structure", + "required": [ + "OriginAccessIdentity" + ], + "members": { + "OriginAccessIdentity": { + "shape": "string", + "documentation": "<p>The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can <i>only</i> access objects in an Amazon S3 bucket through CloudFront. The format of the value is:</p> <p>origin-access-identity/cloudfront/<i>ID-of-origin-access-identity</i> </p> <p>where <code> <i>ID-of-origin-access-identity</i> </code> is the value that CloudFront returned in the <code>ID</code> element when you created the origin access identity.</p> <p>If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty <code>OriginAccessIdentity</code> element.</p> <p>To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty <code>OriginAccessIdentity</code> element.</p> <p>To replace the origin access identity, update the distribution configuration and specify the new origin access identity.</p> <p>For more information about the origin access identity, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + } + }, + "documentation": "<p>A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin, use the <code>CustomOriginConfig</code> element instead.</p>" + }, + "SSLSupportMethod": { + "type": "string", + "enum": [ + "sni-only", + "vip" + ] + }, + "Signer": { + "type": "structure", + "members": { + "AwsAccountNumber": { + "shape": "string", + "documentation": "<p>An AWS account that is included in the <code>TrustedSigners</code> complex type for this distribution. Valid values include:</p> <ul> <li> <p> <code>self</code>, which is the AWS account used to create the distribution.</p> </li> <li> <p>An AWS account number.</p> </li> </ul>" + }, + "KeyPairIds": { + "shape": "KeyPairIds", + "documentation": "<p>A complex type that lists the active CloudFront key pairs, if any, that are associated with <code>AwsAccountNumber</code>.</p>" + } + }, + "documentation": "<p>A complex type that lists the AWS accounts that were included in the <code>TrustedSigners</code> complex type, as well as their active CloudFront key pair IDs, if any. </p>" + }, + "SignerList": { + "type": "list", + "member": { + "shape": "Signer", + "locationName": "Signer" + } + }, + "SslProtocol": { + "type": "string", + "enum": [ + "SSLv3", + "TLSv1", + "TLSv1.1", + "TLSv1.2" + ] + }, + "SslProtocolsList": { + "type": "list", + "member": { + "shape": "SslProtocol", + "locationName": "SslProtocol" + } + }, + "StatusCodeList": { + "type": "list", + "member": { + "shape": "integer", + "locationName": "StatusCode" + }, + "documentation": "<p>List of status codes for origin failover.</p>", + "min": 1 + }, + "StatusCodes": { + "type": "structure", + "required": [ + "Quantity", + "Items" + ], + "members": { + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of status codes.</p>" + }, + "Items": { + "shape": "StatusCodeList", + "documentation": "<p>The items (status codes) for an origin group.</p>" + } + }, + "documentation": "<p>A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin.</p>" + }, + "StreamingDistribution": { + "type": "structure", + "required": [ + "Id", + "ARN", + "Status", + "DomainName", + "ActiveTrustedSigners", + "StreamingDistributionConfig" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the RTMP distribution. For example: <code>EGTXBD79EXAMPLE</code>.</p>" + }, + "ARN": { + "shape": "string", + "documentation": "<p>The ARN (Amazon Resource Name) for the distribution. For example: <code>arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5</code>, where <code>123456789012</code> is your AWS account ID.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p>The current status of the RTMP distribution. When the status is <code>Deployed</code>, the distribution's information is propagated to all CloudFront edge locations.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The date and time that the distribution was last modified. </p>" + }, + "DomainName": { + "shape": "string", + "documentation": "<p>The domain name that corresponds to the streaming distribution, for example, <code>s5c39gqb8ow64r.cloudfront.net</code>. </p>" + }, + "ActiveTrustedSigners": { + "shape": "ActiveTrustedSigners", + "documentation": "<p>A complex type that lists the AWS accounts, if any, that you included in the <code>TrustedSigners</code> complex type for this distribution. These are the accounts that you want to allow to create signed URLs for private content.</p> <p>The <code>Signer</code> complex type lists the AWS account number of the trusted signer or <code>self</code> if the signer is the AWS account that created the distribution. The <code>Signer</code> element also includes the IDs of any active CloudFront key pairs that are associated with the trusted signer's AWS account. If no <code>KeyPairId</code> element appears for a <code>Signer</code>, that signer can't create signed URLs.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>" + }, + "StreamingDistributionConfig": { + "shape": "StreamingDistributionConfig", + "documentation": "<p>The current configuration information for the RTMP distribution.</p>" + } + }, + "documentation": "<p>A streaming distribution tells CloudFront where you want RTMP content to be delivered from, and the details about how to track and manage content delivery.</p>" + }, + "StreamingDistributionConfig": { + "type": "structure", + "required": [ + "CallerReference", + "S3Origin", + "Comment", + "TrustedSigners", + "Enabled" + ], + "members": { + "CallerReference": { + "shape": "string", + "documentation": "<p>A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.</p> <p>If the value of <code>CallerReference</code> is new (regardless of the content of the <code>StreamingDistributionConfig</code> object), CloudFront creates a new distribution.</p> <p>If <code>CallerReference</code> is a value that you already sent in a previous request to create a distribution, CloudFront returns a <code>DistributionAlreadyExists</code> error.</p>" + }, + "S3Origin": { + "shape": "S3Origin", + "documentation": "<p>A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution. </p>" + }, + "Aliases": { + "shape": "Aliases", + "documentation": "<p>A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution. </p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>Any comments you want to include about the streaming distribution. </p>" + }, + "Logging": { + "shape": "StreamingLoggingConfig", + "documentation": "<p>A complex type that controls whether access logs are written for the streaming distribution. </p>" + }, + "TrustedSigners": { + "shape": "TrustedSigners", + "documentation": "<p>A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>" + }, + "PriceClass": { + "shape": "PriceClass", + "documentation": "<p>A complex type that contains information about price class for this streaming distribution. </p>" + }, + "Enabled": { + "shape": "boolean", + "documentation": "<p>Whether the streaming distribution is enabled to accept user requests for content.</p>" + } + }, + "documentation": "<p>The RTMP distribution's configuration information.</p>" + }, + "StreamingDistributionConfigWithTags": { + "type": "structure", + "required": [ + "StreamingDistributionConfig", + "Tags" + ], + "members": { + "StreamingDistributionConfig": { + "shape": "StreamingDistributionConfig", + "documentation": "<p>A streaming distribution Configuration.</p>" + }, + "Tags": { + "shape": "Tags", + "documentation": "<p>A complex type that contains zero or more <code>Tag</code> elements.</p>" + } + }, + "documentation": "<p>A streaming distribution Configuration and a list of tags to be associated with the streaming distribution.</p>" + }, + "StreamingDistributionList": { + "type": "structure", + "required": [ + "Marker", + "MaxItems", + "IsTruncated", + "Quantity" + ], + "members": { + "Marker": { + "shape": "string", + "documentation": "<p>The value you provided for the <code>Marker</code> request parameter. </p>" + }, + "NextMarker": { + "shape": "string", + "documentation": "<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the value you can use for the <code>Marker</code> request parameter to continue listing your RTMP distributions where they left off. </p>" + }, + "MaxItems": { + "shape": "integer", + "documentation": "<p>The value you provided for the <code>MaxItems</code> request parameter. </p>" + }, + "IsTruncated": { + "shape": "boolean", + "documentation": "<p>A flag that indicates whether more streaming distributions remain to be listed. If your results were truncated, you can make a follow-up pagination request using the <code>Marker</code> request parameter to retrieve more distributions in the list. </p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of streaming distributions that were created by the current AWS account. </p>" + }, + "Items": { + "shape": "StreamingDistributionSummaryList", + "documentation": "<p>A complex type that contains one <code>StreamingDistributionSummary</code> element for each distribution that was created by the current AWS account.</p>" + } + }, + "documentation": "<p>A streaming distribution list. </p>" + }, + "StreamingDistributionSummary": { + "type": "structure", + "required": [ + "Id", + "ARN", + "Status", + "LastModifiedTime", + "DomainName", + "S3Origin", + "Aliases", + "TrustedSigners", + "Comment", + "PriceClass", + "Enabled" + ], + "members": { + "Id": { + "shape": "string", + "documentation": "<p>The identifier for the distribution, for example, <code>EDFDVBD632BHDS5</code>.</p>" + }, + "ARN": { + "shape": "string", + "documentation": "<p> The ARN (Amazon Resource Name) for the streaming distribution. For example: <code>arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5</code>, where <code>123456789012</code> is your AWS account ID.</p>" + }, + "Status": { + "shape": "string", + "documentation": "<p> Indicates the current status of the distribution. When the status is <code>Deployed</code>, the distribution's information is fully propagated throughout the Amazon CloudFront system.</p>" + }, + "LastModifiedTime": { + "shape": "timestamp", + "documentation": "<p>The date and time the distribution was last modified.</p>" + }, + "DomainName": { + "shape": "string", + "documentation": "<p>The domain name corresponding to the distribution, for example, <code>d111111abcdef8.cloudfront.net</code>.</p>" + }, + "S3Origin": { + "shape": "S3Origin", + "documentation": "<p>A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.</p>" + }, + "Aliases": { + "shape": "Aliases", + "documentation": "<p>A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.</p>" + }, + "TrustedSigners": { + "shape": "TrustedSigners", + "documentation": "<p>A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content. If you want to require signed URLs in requests for objects in the target origin that match the <code>PathPattern</code> for this cache behavior, specify <code>true</code> for <code>Enabled</code>, and specify the applicable values for <code>Quantity</code> and <code>Items</code>.If you don't want to require signed URLs in requests for objects that match <code>PathPattern</code>, specify <code>false</code> for <code>Enabled</code> and <code>0</code> for <code>Quantity</code>. Omit <code>Items</code>. To add, change, or remove one or more trusted signers, change <code>Enabled</code> to <code>true</code> (if it's currently <code>false</code>), change <code>Quantity</code> as applicable, and specify all of the trusted signers that you want to include in the updated distribution.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>. </p>" + }, + "Comment": { + "shape": "string", + "documentation": "<p>The comment originally specified when this distribution was created.</p>" + }, + "PriceClass": { + "shape": "PriceClass", + "documentation": "<p>A complex type that contains information about price class for this streaming distribution. </p>" + }, + "Enabled": { + "shape": "boolean", + "documentation": "<p>Whether the distribution is enabled to accept end user requests for content.</p>" + } + }, + "documentation": "<p> A summary of the information for a CloudFront streaming distribution.</p>" + }, + "StreamingDistributionSummaryList": { + "type": "list", + "member": { + "shape": "StreamingDistributionSummary", + "locationName": "StreamingDistributionSummary" + } + }, + "StreamingLoggingConfig": { + "type": "structure", + "required": [ + "Enabled", + "Bucket", + "Prefix" + ], + "members": { + "Enabled": { + "shape": "boolean", + "documentation": "<p>Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify <code>false</code> for <code>Enabled</code>, and specify <code>empty Bucket</code> and <code>Prefix</code> elements. If you specify <code>false</code> for <code>Enabled</code> but you specify values for <code>Bucket</code> and <code>Prefix</code>, the values are automatically deleted. </p>" + }, + "Bucket": { + "shape": "string", + "documentation": "<p>The Amazon S3 bucket to store the access logs in, for example, <code>myawslogbucket.s3.amazonaws.com</code>.</p>" + }, + "Prefix": { + "shape": "string", + "documentation": "<p>An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, <code>myprefix/</code>. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty <code>Prefix</code> element in the <code>Logging</code> element.</p>" + } + }, + "documentation": "<p>A complex type that controls whether access logs are written for this streaming distribution.</p>" + }, + "Tag": { + "type": "structure", + "required": [ + "Key" + ], + "members": { + "Key": { + "shape": "TagKey", + "documentation": "<p> A string that contains <code>Tag</code> key.</p> <p>The string length should be between 1 and 128 characters. Valid characters include <code>a-z</code>, <code>A-Z</code>, <code>0-9</code>, space, and the special characters <code>_ - . : / = + @</code>.</p>" + }, + "Value": { + "shape": "TagValue", + "documentation": "<p> A string that contains an optional <code>Tag</code> value.</p> <p>The string length should be between 0 and 256 characters. Valid characters include <code>a-z</code>, <code>A-Z</code>, <code>0-9</code>, space, and the special characters <code>_ - . : / = + @</code>.</p>" + } + }, + "documentation": "<p> A complex type that contains <code>Tag</code> key and <code>Tag</code> value.</p>" + }, + "TagKey": { + "type": "string", + "documentation": "<p> A string that contains <code>Tag</code> key.</p> <p>The string length should be between 1 and 128 characters. Valid characters include <code>a-z</code>, <code>A-Z</code>, <code>0-9</code>, space, and the special characters <code>_ - . : / = + @</code>.</p>", + "max": 128, + "min": 1, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$" + }, + "TagKeyList": { + "type": "list", + "member": { + "shape": "TagKey", + "locationName": "Key" + } + }, + "TagKeys": { + "type": "structure", + "members": { + "Items": { + "shape": "TagKeyList", + "documentation": "<p> A complex type that contains <code>Tag</code> key elements.</p>" + } + }, + "documentation": "<p> A complex type that contains zero or more <code>Tag</code> elements.</p>" + }, + "TagList": { + "type": "list", + "member": { + "shape": "Tag", + "locationName": "Tag" + } + }, + "TagResourceRequest": { + "type": "structure", + "required": [ + "Resource", + "Tags" + ], + "members": { + "Resource": { + "shape": "ResourceARN", + "documentation": "<p> An ARN of a CloudFront resource.</p>", + "location": "querystring", + "locationName": "Resource" + }, + "Tags": { + "shape": "Tags", + "documentation": "<p> A complex type that contains zero or more <code>Tag</code> elements.</p>", + "locationName": "Tags", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p> The request to add tags to a CloudFront resource.</p>", + "payload": "Tags" + }, + "TagValue": { + "type": "string", + "max": 256, + "min": 0, + "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$" + }, + "Tags": { + "type": "structure", + "members": { + "Items": { + "shape": "TagList", + "documentation": "<p> A complex type that contains <code>Tag</code> elements.</p>" + } + }, + "documentation": "<p> A complex type that contains zero or more <code>Tag</code> elements.</p>" + }, + "TrustedSigners": { + "type": "structure", + "required": [ + "Enabled", + "Quantity" + ], + "members": { + "Enabled": { + "shape": "boolean", + "documentation": "<p>Specifies whether you want to require viewers to use signed URLs to access the files specified by <code>PathPattern</code> and <code>TargetOriginId</code>.</p>" + }, + "Quantity": { + "shape": "integer", + "documentation": "<p>The number of trusted signers for this cache behavior.</p>" + }, + "Items": { + "shape": "AwsAccountNumberList", + "documentation": "<p> <b>Optional</b>: A complex type that contains trusted signers for this cache behavior. If <code>Quantity</code> is <code>0</code>, you can omit <code>Items</code>.</p>" + } + }, + "documentation": "<p>A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content.</p> <p>If you want to require signed URLs in requests for objects in the target origin that match the <code>PathPattern</code> for this cache behavior, specify <code>true</code> for <code>Enabled</code>, and specify the applicable values for <code>Quantity</code> and <code>Items</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">Serving Private Content through CloudFront</a> in the <i> Amazon CloudFront Developer Guide</i>.</p> <p>If you don't want to require signed URLs in requests for objects that match <code>PathPattern</code>, specify <code>false</code> for <code>Enabled</code> and <code>0</code> for <code>Quantity</code>. Omit <code>Items</code>.</p> <p>To add, change, or remove one or more trusted signers, change <code>Enabled</code> to <code>true</code> (if it's currently <code>false</code>), change <code>Quantity</code> as applicable, and specify all of the trusted signers that you want to include in the updated distribution.</p> <p>For more information about updating the distribution configuration, see <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/DistributionConfig.html\">DistributionConfig</a> in the <i>Amazon CloudFront API Reference</i>.</p>" + }, + "UntagResourceRequest": { + "type": "structure", + "required": [ + "Resource", + "TagKeys" + ], + "members": { + "Resource": { + "shape": "ResourceARN", + "documentation": "<p> An ARN of a CloudFront resource.</p>", + "location": "querystring", + "locationName": "Resource" + }, + "TagKeys": { + "shape": "TagKeys", + "documentation": "<p> A complex type that contains zero or more <code>Tag</code> key elements.</p>", + "locationName": "TagKeys", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + } + }, + "documentation": "<p> The request to remove tags from a CloudFront resource.</p>", + "payload": "TagKeys" + }, + "UpdateCloudFrontOriginAccessIdentityRequest": { + "type": "structure", + "required": [ + "CloudFrontOriginAccessIdentityConfig", + "Id" + ], + "members": { + "CloudFrontOriginAccessIdentityConfig": { + "shape": "CloudFrontOriginAccessIdentityConfig", + "documentation": "<p>The identity's configuration information.</p>", + "locationName": "CloudFrontOriginAccessIdentityConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>The identity's id.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the identity's configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>The request to update an origin access identity.</p>", + "payload": "CloudFrontOriginAccessIdentityConfig" + }, + "UpdateCloudFrontOriginAccessIdentityResult": { + "type": "structure", + "members": { + "CloudFrontOriginAccessIdentity": { + "shape": "CloudFrontOriginAccessIdentity", + "documentation": "<p>The origin access identity's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "CloudFrontOriginAccessIdentity" + }, + "UpdateDistributionRequest": { + "type": "structure", + "required": [ + "DistributionConfig", + "Id" + ], + "members": { + "DistributionConfig": { + "shape": "DistributionConfig", + "documentation": "<p>The distribution's configuration information.</p>", + "locationName": "DistributionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>The distribution's id.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the distribution's configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>The request to update a distribution.</p>", + "payload": "DistributionConfig" + }, + "UpdateDistributionResult": { + "type": "structure", + "members": { + "Distribution": { + "shape": "Distribution", + "documentation": "<p>The distribution's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "Distribution" + }, + "UpdateFieldLevelEncryptionConfigRequest": { + "type": "structure", + "required": [ + "FieldLevelEncryptionConfig", + "Id" + ], + "members": { + "FieldLevelEncryptionConfig": { + "shape": "FieldLevelEncryptionConfig", + "documentation": "<p>Request to update a field-level encryption configuration. </p>", + "locationName": "FieldLevelEncryptionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>The ID of the configuration you want to update.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the configuration identity to update. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "payload": "FieldLevelEncryptionConfig" + }, + "UpdateFieldLevelEncryptionConfigResult": { + "type": "structure", + "members": { + "FieldLevelEncryption": { + "shape": "FieldLevelEncryption", + "documentation": "<p>Return the results of updating the configuration.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when updating the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryption" + }, + "UpdateFieldLevelEncryptionProfileRequest": { + "type": "structure", + "required": [ + "FieldLevelEncryptionProfileConfig", + "Id" + ], + "members": { + "FieldLevelEncryptionProfileConfig": { + "shape": "FieldLevelEncryptionProfileConfig", + "documentation": "<p>Request to update a field-level encryption profile. </p>", + "locationName": "FieldLevelEncryptionProfileConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>The ID of the field-level encryption profile request. </p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the profile identity to update. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "payload": "FieldLevelEncryptionProfileConfig" + }, + "UpdateFieldLevelEncryptionProfileResult": { + "type": "structure", + "members": { + "FieldLevelEncryptionProfile": { + "shape": "FieldLevelEncryptionProfile", + "documentation": "<p>Return the results of updating the profile.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The result of the field-level encryption profile request. </p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "FieldLevelEncryptionProfile" + }, + "UpdatePublicKeyRequest": { + "type": "structure", + "required": [ + "PublicKeyConfig", + "Id" + ], + "members": { + "PublicKeyConfig": { + "shape": "PublicKeyConfig", + "documentation": "<p>Request to update public key information.</p>", + "locationName": "PublicKeyConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>ID of the public key to be updated.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the public key to update. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "payload": "PublicKeyConfig" + }, + "UpdatePublicKeyResult": { + "type": "structure", + "members": { + "PublicKey": { + "shape": "PublicKey", + "documentation": "<p>Return the results of updating the public key.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the update public key result. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "payload": "PublicKey" + }, + "UpdateStreamingDistributionRequest": { + "type": "structure", + "required": [ + "StreamingDistributionConfig", + "Id" + ], + "members": { + "StreamingDistributionConfig": { + "shape": "StreamingDistributionConfig", + "documentation": "<p>The streaming distribution's configuration information.</p>", + "locationName": "StreamingDistributionConfig", + "xmlNamespace": { + "uri": "http://cloudfront.amazonaws.com/doc/2019-03-26/" + } + }, + "Id": { + "shape": "string", + "documentation": "<p>The streaming distribution's id.</p>", + "location": "uri", + "locationName": "Id" + }, + "IfMatch": { + "shape": "string", + "documentation": "<p>The value of the <code>ETag</code> header that you received when retrieving the streaming distribution's configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "If-Match" + } + }, + "documentation": "<p>The request to update a streaming distribution.</p>", + "payload": "StreamingDistributionConfig" + }, + "UpdateStreamingDistributionResult": { + "type": "structure", + "members": { + "StreamingDistribution": { + "shape": "StreamingDistribution", + "documentation": "<p>The streaming distribution's information.</p>" + }, + "ETag": { + "shape": "string", + "documentation": "<p>The current version of the configuration. For example: <code>E2QWRUHAPOMQZL</code>.</p>", + "location": "header", + "locationName": "ETag" + } + }, + "documentation": "<p>The returned result of the corresponding request.</p>", + "payload": "StreamingDistribution" + }, + "ViewerCertificate": { + "type": "structure", + "members": { + "CloudFrontDefaultCertificate": { + "shape": "boolean", + "documentation": "<p>If you're using the CloudFront domain name for your distribution, such as <code>d111111abcdef8.cloudfront.net</code>, specify the following value:</p> <ul> <li> <p> <code><CloudFrontDefaultCertificate>true<CloudFrontDefaultCertificate> </code> </p> </li> </ul>" + }, + "IAMCertificateId": { + "shape": "string", + "documentation": "<p>If you want viewers to use HTTPS to request your objects and you're using an alternate domain name, you must choose the type of certificate that you want to use. Specify the following value if you purchased your certificate from a third-party certificate authority:</p> <ul> <li> <p> <code><IAMCertificateId><i>IAM certificate ID</i><IAMCertificateId></code> where <code> <i>IAM certificate ID</i> </code> is the ID that IAM returned when you added the certificate to the IAM certificate store.</p> </li> </ul> <p>If you specify <code>IAMCertificateId</code>, you must also specify a value for <code>SSLSupportMethod</code>.</p>" + }, + "ACMCertificateArn": { + "shape": "string", + "documentation": "<p>If you want viewers to use HTTPS to request your objects and you're using an alternate domain name, you must choose the type of certificate that you want to use. Specify the following value if ACM provided your certificate:</p> <ul> <li> <p> <code><ACMCertificateArn><i>ARN for ACM SSL/TLS certificate</i><ACMCertificateArn></code> where <code> <i>ARN for ACM SSL/TLS certificate</i> </code> is the ARN for the ACM SSL/TLS certificate that you want to use for this distribution.</p> </li> </ul> <p>If you specify <code>ACMCertificateArn</code>, you must also specify a value for <code>SSLSupportMethod</code>.</p>" + }, + "SSLSupportMethod": { + "shape": "SSLSupportMethod", + "documentation": "<p>If you specify a value for <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn\">ACMCertificateArn</a> or for <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId\">IAMCertificateId</a>, you must also specify how you want CloudFront to serve HTTPS requests: using a method that works for browsers and clients released after 2010 or one that works for all clients.</p> <ul> <li> <p> <code>sni-only</code>: CloudFront can respond to HTTPS requests from viewers that support Server Name Indication (SNI). All modern browsers support SNI, but there are a few that don't. For a current list of the browsers that support SNI, see the <a href=\"http://en.wikipedia.org/wiki/Server_Name_Indication\">Wikipedia entry Server Name Indication</a>. To learn about options to explore if you have users with browsers that don't include SNI support, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-https-dedicated-ip-or-sni.html\">Choosing How CloudFront Serves HTTPS Requests</a> in the <i>Amazon CloudFront Developer Guide</i>.</p> </li> <li> <p> <code>vip</code>: CloudFront uses dedicated IP addresses for your content and can respond to HTTPS requests from any viewer. However, there are additional monthly charges. For details, including specific pricing information, see <a href=\"http://aws.amazon.com/cloudfront/custom-ssl-domains/\">Custom SSL options for Amazon CloudFront</a> on the AWS marketing site.</p> </li> </ul> <p>Don't specify a value for <code>SSLSupportMethod</code> if you specified <code><CloudFrontDefaultCertificate>true<CloudFrontDefaultCertificate></code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-https-dedicated-ip-or-sni.html\">Choosing How CloudFront Serves HTTPS Requests</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "MinimumProtocolVersion": { + "shape": "MinimumProtocolVersion", + "documentation": "<p>Specify the security policy that you want CloudFront to use for HTTPS connections. A security policy determines two settings:</p> <ul> <li> <p>The minimum SSL/TLS protocol that CloudFront uses to communicate with viewers</p> </li> <li> <p>The cipher that CloudFront uses to encrypt the content that it returns to viewers</p> </li> </ul> <note> <p>On the CloudFront console, this setting is called <b>Security policy</b>.</p> </note> <p>We recommend that you specify <code>TLSv1.1_2016</code> unless your users are using browsers or devices that do not support TLSv1.1 or later.</p> <p>When both of the following are true, you must specify <code>TLSv1</code> or later for the security policy: </p> <ul> <li> <p>You're using a custom certificate: you specified a value for <code>ACMCertificateArn</code> or for <code>IAMCertificateId</code> </p> </li> <li> <p>You're using SNI: you specified <code>sni-only</code> for <code>SSLSupportMethod</code> </p> </li> </ul> <p>If you specify <code>true</code> for <code>CloudFrontDefaultCertificate</code>, CloudFront automatically sets the security policy to <code>TLSv1</code> regardless of the value that you specify for <code>MinimumProtocolVersion</code>.</p> <p>For information about the relationship between the security policy that you choose and the protocols and ciphers that CloudFront uses to communicate with viewers, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers\"> Supported SSL/TLS Protocols and Ciphers for Communication Between Viewers and CloudFront</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "Certificate": { + "shape": "string", + "documentation": "<p>This field is no longer used. Use one of the following fields instead:</p> <ul> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn\">ACMCertificateArn</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId\">IAMCertificateId</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate\">CloudFrontDefaultCertificate</a> </p> </li> </ul>", + "deprecated": true + }, + "CertificateSource": { + "shape": "CertificateSource", + "documentation": "<p>This field is no longer used. Use one of the following fields instead:</p> <ul> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn\">ACMCertificateArn</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId\">IAMCertificateId</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate\">CloudFrontDefaultCertificate</a> </p> </li> </ul>", + "deprecated": true + } + }, + "documentation": "<p>A complex type that specifies the following:</p> <ul> <li> <p>Whether you want viewers to use HTTP or HTTPS to request your objects.</p> </li> <li> <p>If you want viewers to use HTTPS, whether you're using an alternate domain name such as <code>example.com</code> or the CloudFront domain name for your distribution, such as <code>d111111abcdef8.cloudfront.net</code>.</p> </li> <li> <p>If you're using an alternate domain name, whether AWS Certificate Manager (ACM) provided the certificate, or you purchased a certificate from a third-party certificate authority and imported it into ACM or uploaded it to the IAM certificate store.</p> </li> </ul> <p>Specify only one of the following values: </p> <ul> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn\">ACMCertificateArn</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId\">IAMCertificateId</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate\">CloudFrontDefaultCertificate</a> </p> </li> </ul> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html#CNAMEsAndHTTPS\"> Using Alternate Domain Names and HTTPS</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>" + }, + "ViewerProtocolPolicy": { + "type": "string", + "enum": [ + "allow-all", + "https-only", + "redirect-to-https" + ] + }, + "boolean": { + "type": "boolean" + }, + "integer": { + "type": "integer" + }, + "long": { + "type": "long" + }, + "string": { + "type": "string" + }, + "timestamp": { + "type": "timestamp" + } + }, + "documentation": "<fullname>Amazon CloudFront</fullname> <p>This is the <i>Amazon CloudFront API Reference</i>. This guide is for developers who need detailed information about CloudFront API actions, data types, and errors. For detailed information about CloudFront features, see the <i>Amazon CloudFront Developer Guide</i>.</p>" +}
\ No newline at end of file diff --git a/aws/api/ec2-2016-11-15.normal.json b/aws/api/ec2-2016-11-15.normal.json new file mode 100644 index 0000000..cc0d566 --- /dev/null +++ b/aws/api/ec2-2016-11-15.normal.json @@ -0,0 +1,32928 @@ +{ + "version": "2.0", + "metadata": { + "apiVersion": "2016-11-15", + "endpointPrefix": "ec2", + "protocol": "ec2", + "serviceAbbreviation": "Amazon EC2", + "serviceFullName": "Amazon Elastic Compute Cloud", + "serviceId": "EC2", + "signatureVersion": "v4", + "uid": "ec2-2016-11-15", + "xmlNamespace": "http://ec2.amazonaws.com/doc/2016-11-15" + }, + "operations": { + "AcceptReservedInstancesExchangeQuote": { + "name": "AcceptReservedInstancesExchangeQuote", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AcceptReservedInstancesExchangeQuoteRequest" + }, + "output": { + "shape": "AcceptReservedInstancesExchangeQuoteResult" + }, + "documentation": "<p>Accepts the Convertible Reserved Instance exchange quote described in the <a>GetReservedInstancesExchangeQuote</a> call.</p>" + }, + "AcceptTransitGatewayVpcAttachment": { + "name": "AcceptTransitGatewayVpcAttachment", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AcceptTransitGatewayVpcAttachmentRequest" + }, + "output": { + "shape": "AcceptTransitGatewayVpcAttachmentResult" + }, + "documentation": "<p>Accepts a request to attach a VPC to a transit gateway.</p> <p>The VPC attachment must be in the <code>pendingAcceptance</code> state. Use <a>DescribeTransitGatewayVpcAttachments</a> to view your pending VPC attachment requests. Use <a>RejectTransitGatewayVpcAttachment</a> to reject a VPC attachment request.</p>" + }, + "AcceptVpcEndpointConnections": { + "name": "AcceptVpcEndpointConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AcceptVpcEndpointConnectionsRequest" + }, + "output": { + "shape": "AcceptVpcEndpointConnectionsResult" + }, + "documentation": "<p>Accepts one or more interface VPC endpoint connection requests to your VPC endpoint service.</p>" + }, + "AcceptVpcPeeringConnection": { + "name": "AcceptVpcPeeringConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AcceptVpcPeeringConnectionRequest" + }, + "output": { + "shape": "AcceptVpcPeeringConnectionResult" + }, + "documentation": "<p>Accept a VPC peering connection request. To accept a request, the VPC peering connection must be in the <code>pending-acceptance</code> state, and you must be the owner of the peer VPC. Use <a>DescribeVpcPeeringConnections</a> to view your outstanding VPC peering connection requests.</p> <p>For an inter-Region VPC peering connection request, you must accept the VPC peering connection in the Region of the accepter VPC.</p>" + }, + "AdvertiseByoipCidr": { + "name": "AdvertiseByoipCidr", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AdvertiseByoipCidrRequest" + }, + "output": { + "shape": "AdvertiseByoipCidrResult" + }, + "documentation": "<p>Advertises an IPv4 address range that is provisioned for use with your AWS resources through bring your own IP addresses (BYOIP).</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>We recommend that you stop advertising the BYOIP CIDR from other locations when you advertise it from AWS. To minimize down time, you can configure your AWS resources to use an address from a BYOIP CIDR before it is advertised, and then simultaneously stop advertising it from the current location and start advertising it through AWS.</p> <p>It can take a few minutes before traffic to the specified addresses starts routing to AWS because of BGP propagation delays.</p> <p>To stop advertising the BYOIP CIDR, use <a>WithdrawByoipCidr</a>.</p>" + }, + "AllocateAddress": { + "name": "AllocateAddress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AllocateAddressRequest" + }, + "output": { + "shape": "AllocateAddressResult" + }, + "documentation": "<p>Allocates an Elastic IP address to your AWS account. After you allocate the Elastic IP address you can associate it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address pool and can be allocated to a different AWS account.</p> <p>You can allocate an Elastic IP address from an address pool owned by AWS or from an address pool created from a public IPv4 address range that you have brought to AWS for use with your AWS resources using bring your own IP addresses (BYOIP). For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">Bring Your Own IP Addresses (BYOIP)</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>[EC2-VPC] If you release an Elastic IP address, you might be able to recover it. You cannot recover an Elastic IP address that you released after it is allocated to another AWS account. You cannot recover an Elastic IP address for EC2-Classic. To attempt to recover an Elastic IP address that you released, specify it in this operation.</p> <p>An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic per Region and 5 Elastic IP addresses for EC2-VPC per Region.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "AllocateHosts": { + "name": "AllocateHosts", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AllocateHostsRequest" + }, + "output": { + "shape": "AllocateHostsResult" + }, + "documentation": "<p>Allocates a Dedicated Host to your account. At a minimum, specify the instance size type, Availability Zone, and quantity of hosts to allocate.</p>" + }, + "ApplySecurityGroupsToClientVpnTargetNetwork": { + "name": "ApplySecurityGroupsToClientVpnTargetNetwork", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ApplySecurityGroupsToClientVpnTargetNetworkRequest" + }, + "output": { + "shape": "ApplySecurityGroupsToClientVpnTargetNetworkResult" + }, + "documentation": "<p>Applies a security group to the association between the target network and the Client VPN endpoint. This action replaces the existing security groups with the specified security groups.</p>" + }, + "AssignIpv6Addresses": { + "name": "AssignIpv6Addresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssignIpv6AddressesRequest" + }, + "output": { + "shape": "AssignIpv6AddressesResult" + }, + "documentation": "<p>Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI\">IP Addresses Per Network Interface Per Instance Type</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "AssignPrivateIpAddresses": { + "name": "AssignPrivateIpAddresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssignPrivateIpAddressesRequest" + }, + "documentation": "<p>Assigns one or more secondary private IP addresses to the specified network interface.</p> <p>You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For more information about Elastic IP addresses, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.</p> <p>Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check <code>network/interfaces/macs/mac/local-ipv4s</code> in the instance metadata to confirm that the remapping is complete.</p>" + }, + "AssociateAddress": { + "name": "AssociateAddress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateAddressRequest" + }, + "output": { + "shape": "AssociateAddressResult" + }, + "documentation": "<p>Associates an Elastic IP address with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.</p> <p>[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.</p> <important> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the <i>Elastic IP Addresses</i> section of <a href=\"http://aws.amazon.com/ec2/pricing/\">Amazon EC2 Pricing</a>.</p> </important>" + }, + "AssociateClientVpnTargetNetwork": { + "name": "AssociateClientVpnTargetNetwork", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateClientVpnTargetNetworkRequest" + }, + "output": { + "shape": "AssociateClientVpnTargetNetworkResult" + }, + "documentation": "<p>Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.</p>" + }, + "AssociateDhcpOptions": { + "name": "AssociateDhcpOptions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateDhcpOptionsRequest" + }, + "documentation": "<p>Associates a set of DHCP options (that you've previously created) with the specified VPC, or associates no DHCP options with the VPC.</p> <p>After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don't need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "AssociateIamInstanceProfile": { + "name": "AssociateIamInstanceProfile", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateIamInstanceProfileRequest" + }, + "output": { + "shape": "AssociateIamInstanceProfileResult" + }, + "documentation": "<p>Associates an IAM instance profile with a running or stopped instance. You cannot associate more than one IAM instance profile with an instance.</p>" + }, + "AssociateRouteTable": { + "name": "AssociateRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateRouteTableRequest" + }, + "output": { + "shape": "AssociateRouteTableResult" + }, + "documentation": "<p>Associates a subnet with a route table. The subnet and route table must be in the same VPC. This association causes traffic originating from the subnet to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table from the subnet later. A route table can be associated with multiple subnets.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "AssociateSubnetCidrBlock": { + "name": "AssociateSubnetCidrBlock", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateSubnetCidrBlockRequest" + }, + "output": { + "shape": "AssociateSubnetCidrBlockResult" + }, + "documentation": "<p>Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length of /64.</p>" + }, + "AssociateTransitGatewayRouteTable": { + "name": "AssociateTransitGatewayRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateTransitGatewayRouteTableRequest" + }, + "output": { + "shape": "AssociateTransitGatewayRouteTableResult" + }, + "documentation": "<p>Associates the specified attachment with the specified transit gateway route table. You can associate only one route table with an attachment.</p>" + }, + "AssociateVpcCidrBlock": { + "name": "AssociateVpcCidrBlock", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AssociateVpcCidrBlockRequest" + }, + "output": { + "shape": "AssociateVpcCidrBlockResult" + }, + "documentation": "<p>Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, or you can associate an Amazon-provided IPv6 CIDR block. The IPv6 CIDR block size is fixed at /56.</p> <p>For more information about associating CIDR blocks with your VPC and applicable restrictions, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing\">VPC and Subnet Sizing</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "AttachClassicLinkVpc": { + "name": "AttachClassicLinkVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AttachClassicLinkVpcRequest" + }, + "output": { + "shape": "AttachClassicLinkVpcResult" + }, + "documentation": "<p>Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You can only link an instance that's in the <code>running</code> state. An instance is automatically unlinked from a VPC when it's stopped - you can link it to the VPC again when you restart it.</p> <p>After you've linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.</p> <p>Linking your instance to a VPC is sometimes referred to as <i>attaching</i> your instance.</p>" + }, + "AttachInternetGateway": { + "name": "AttachInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AttachInternetGatewayRequest" + }, + "documentation": "<p>Attaches an internet gateway to a VPC, enabling connectivity between the internet and the VPC. For more information about your VPC and internet gateway, see the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/\">Amazon Virtual Private Cloud User Guide</a>.</p>" + }, + "AttachNetworkInterface": { + "name": "AttachNetworkInterface", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AttachNetworkInterfaceRequest" + }, + "output": { + "shape": "AttachNetworkInterfaceResult" + }, + "documentation": "<p>Attaches a network interface to an instance.</p>" + }, + "AttachVolume": { + "name": "AttachVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AttachVolumeRequest" + }, + "output": { + "shape": "VolumeAttachment" + }, + "documentation": "<p>Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name.</p> <p>Encrypted EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>After you attach an EBS volume, you must make it available. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html\">Making an EBS Volume Available For Use</a>.</p> <p>If a volume has an AWS Marketplace product code:</p> <ul> <li> <p>The volume can be attached only to a stopped instance.</p> </li> <li> <p>AWS Marketplace product codes are copied from the volume to the instance.</p> </li> <li> <p>You must be subscribed to the product.</p> </li> <li> <p>The instance type and operating system of the instance must support the product. For example, you can't detach a volume from a Windows instance and attach it to a Linux instance.</p> </li> </ul> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html\">Attaching Amazon EBS Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "AttachVpnGateway": { + "name": "AttachVpnGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AttachVpnGatewayRequest" + }, + "output": { + "shape": "AttachVpnGatewayResult" + }, + "documentation": "<p>Attaches a virtual private gateway to a VPC. You can attach one virtual private gateway to one VPC at a time.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "AuthorizeClientVpnIngress": { + "name": "AuthorizeClientVpnIngress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AuthorizeClientVpnIngressRequest" + }, + "output": { + "shape": "AuthorizeClientVpnIngressResult" + }, + "documentation": "<p>Adds an ingress authorization rule to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. You must configure ingress authorization rules to enable clients to access resources in AWS or on-premises networks.</p>" + }, + "AuthorizeSecurityGroupEgress": { + "name": "AuthorizeSecurityGroupEgress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AuthorizeSecurityGroupEgressRequest" + }, + "documentation": "<p>[VPC only] Adds the specified egress rules to a security group for use with a VPC.</p> <p>An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances associated with the specified destination security groups.</p> <p>You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.</p> <p>Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.</p> <p>For more information about VPC security group limits, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html\">Amazon VPC Limits</a>.</p>" + }, + "AuthorizeSecurityGroupIngress": { + "name": "AuthorizeSecurityGroupIngress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "AuthorizeSecurityGroupIngressRequest" + }, + "documentation": "<p>Adds the specified ingress rules to a security group.</p> <p>An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances associated with the specified destination security groups.</p> <p>You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.</p> <p>Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.</p> <p>For more information about VPC security group limits, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html\">Amazon VPC Limits</a>.</p>" + }, + "BundleInstance": { + "name": "BundleInstance", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "BundleInstanceRequest" + }, + "output": { + "shape": "BundleInstanceResult" + }, + "documentation": "<p>Bundles an Amazon instance store-backed Windows instance.</p> <p>During bundling, only the root device volume (C:\\) is bundled. Data on other instance store volumes is not preserved.</p> <note> <p>This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.</p> </note>" + }, + "CancelBundleTask": { + "name": "CancelBundleTask", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelBundleTaskRequest" + }, + "output": { + "shape": "CancelBundleTaskResult" + }, + "documentation": "<p>Cancels a bundling operation for an instance store-backed Windows instance.</p>" + }, + "CancelCapacityReservation": { + "name": "CancelCapacityReservation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelCapacityReservationRequest" + }, + "output": { + "shape": "CancelCapacityReservationResult" + }, + "documentation": "<p>Cancels the specified Capacity Reservation, releases the reserved capacity, and changes the Capacity Reservation's state to <code>cancelled</code>.</p> <p>Instances running in the reserved capacity continue running until you stop them. Stopped instances that target the Capacity Reservation can no longer launch. Modify these instances to either target a different Capacity Reservation, launch On-Demand Instance capacity, or run in any open Capacity Reservation that has matching attributes and sufficient capacity.</p>" + }, + "CancelConversionTask": { + "name": "CancelConversionTask", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelConversionRequest" + }, + "documentation": "<p>Cancels an active conversion task. The task can be the import of an instance or volume. The action removes all artifacts of the conversion, including a partially uploaded volume or instance. If the conversion is complete or is in the process of transferring the final disk image, the command fails and returns an exception.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html\">Importing a Virtual Machine Using the Amazon EC2 CLI</a>.</p>" + }, + "CancelExportTask": { + "name": "CancelExportTask", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelExportTaskRequest" + }, + "documentation": "<p>Cancels an active export task. The request removes all artifacts of the export, including any partially-created Amazon S3 objects. If the export task is complete or is in the process of transferring the final disk image, the command fails and returns an error.</p>" + }, + "CancelImportTask": { + "name": "CancelImportTask", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelImportTaskRequest" + }, + "output": { + "shape": "CancelImportTaskResult" + }, + "documentation": "<p>Cancels an in-process import virtual machine or import snapshot task.</p>" + }, + "CancelReservedInstancesListing": { + "name": "CancelReservedInstancesListing", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelReservedInstancesListingRequest" + }, + "output": { + "shape": "CancelReservedInstancesListingResult" + }, + "documentation": "<p>Cancels the specified Reserved Instance listing in the Reserved Instance Marketplace.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CancelSpotFleetRequests": { + "name": "CancelSpotFleetRequests", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelSpotFleetRequestsRequest" + }, + "output": { + "shape": "CancelSpotFleetRequestsResponse" + }, + "documentation": "<p>Cancels the specified Spot Fleet requests.</p> <p>After you cancel a Spot Fleet request, the Spot Fleet launches no new Spot Instances. You must specify whether the Spot Fleet should also terminate its Spot Instances. If you terminate the instances, the Spot Fleet request enters the <code>cancelled_terminating</code> state. Otherwise, the Spot Fleet request enters the <code>cancelled_running</code> state and the instances continue to run until they are interrupted or you terminate them manually.</p>" + }, + "CancelSpotInstanceRequests": { + "name": "CancelSpotInstanceRequests", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CancelSpotInstanceRequestsRequest" + }, + "output": { + "shape": "CancelSpotInstanceRequestsResult" + }, + "documentation": "<p>Cancels one or more Spot Instance requests.</p> <important> <p>Canceling a Spot Instance request does not terminate running Spot Instances associated with the request.</p> </important>" + }, + "ConfirmProductInstance": { + "name": "ConfirmProductInstance", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ConfirmProductInstanceRequest" + }, + "output": { + "shape": "ConfirmProductInstanceResult" + }, + "documentation": "<p>Determines whether a product code is associated with an instance. This action can only be used by the owner of the product code. It is useful when a product code owner must verify whether another user's instance is eligible for support.</p>" + }, + "CopyFpgaImage": { + "name": "CopyFpgaImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CopyFpgaImageRequest" + }, + "output": { + "shape": "CopyFpgaImageResult" + }, + "documentation": "<p>Copies the specified Amazon FPGA Image (AFI) to the current Region.</p>" + }, + "CopyImage": { + "name": "CopyImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CopyImageRequest" + }, + "output": { + "shape": "CopyImageResult" + }, + "documentation": "<p>Initiates the copy of an AMI from the specified source Region to the current Region. You specify the destination Region by using its endpoint when making the request.</p> <p>Copies of encrypted backing snapshots for the AMI are encrypted. Copies of unencrypted backing snapshots remain unencrypted, unless you set <code>Encrypted</code> during the copy operation. You cannot create an unencrypted copy of an encrypted backing snapshot.</p> <p>For more information about the prerequisites and limits when copying an AMI, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html\">Copying an AMI</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CopySnapshot": { + "name": "CopySnapshot", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CopySnapshotRequest" + }, + "output": { + "shape": "CopySnapshotResult" + }, + "documentation": "<p>Copies a point-in-time snapshot of an EBS volume and stores it in Amazon S3. You can copy the snapshot within the same Region or from one Region to another. You can use the snapshot to create EBS volumes or Amazon Machine Images (AMIs).</p> <p>Copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted snapshots remain unencrypted, unless you enable encryption for the snapshot copy operation. By default, encrypted snapshot copies use the default AWS Key Management Service (AWS KMS) customer master key (CMK); however, you can specify a different CMK.</p> <p>To copy an encrypted snapshot that has been shared from another account, you must have permissions for the CMK used to encrypt the snapshot.</p> <p>Snapshots created by copying another snapshot have an arbitrary volume ID that should not be used for any purpose.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html\">Copying an Amazon EBS Snapshot</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateCapacityReservation": { + "name": "CreateCapacityReservation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateCapacityReservationRequest" + }, + "output": { + "shape": "CreateCapacityReservationResult" + }, + "documentation": "<p>Creates a new Capacity Reservation with the specified attributes.</p> <p>Capacity Reservations enable you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. This gives you the flexibility to selectively add capacity reservations and still get the Regional RI discounts for that usage. By creating Capacity Reservations, you ensure that you always have access to Amazon EC2 capacity when you need it, for as long as you need it. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html\">Capacity Reservations</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Your request to create a Capacity Reservation could fail if Amazon EC2 does not have sufficient capacity to fulfill the request. If your request fails due to Amazon EC2 capacity constraints, either try again at a later time, try in a different Availability Zone, or request a smaller capacity reservation. If your application is flexible across instance types and sizes, try to create a Capacity Reservation with different instance attributes.</p> <p>Your request could also fail if the requested quantity exceeds your On-Demand Instance limit for the selected instance type. If your request fails due to limit constraints, increase your On-Demand Instance limit for the required instance type and try again. For more information about increasing your instance limits, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html\">Amazon EC2 Service Limits</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateClientVpnEndpoint": { + "name": "CreateClientVpnEndpoint", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateClientVpnEndpointRequest" + }, + "output": { + "shape": "CreateClientVpnEndpointResult" + }, + "documentation": "<p>Creates a Client VPN endpoint. A Client VPN endpoint is the resource you create and configure to enable and manage client VPN sessions. It is the destination endpoint at which all client VPN sessions are terminated.</p>" + }, + "CreateClientVpnRoute": { + "name": "CreateClientVpnRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateClientVpnRouteRequest" + }, + "output": { + "shape": "CreateClientVpnRouteResult" + }, + "documentation": "<p>Adds a route to a network to a Client VPN endpoint. Each Client VPN endpoint has a route table that describes the available destination network routes. Each route in the route table specifies the path for traffic to specific resources or networks.</p>" + }, + "CreateCustomerGateway": { + "name": "CreateCustomerGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateCustomerGatewayRequest" + }, + "output": { + "shape": "CreateCustomerGatewayResult" + }, + "documentation": "<p>Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and may be behind a device performing network address translation (NAT).</p> <p>For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).</p> <note> <p>Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the <code>us-east-1</code> Region, and 9059, which is reserved in the <code>eu-west-1</code> Region.</p> </note> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <important> <p>You cannot create more than one customer gateway with the same VPN type, IP address, and BGP ASN parameter values. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources.</p> </important>" + }, + "CreateDefaultSubnet": { + "name": "CreateDefaultSubnet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateDefaultSubnetRequest" + }, + "output": { + "shape": "CreateDefaultSubnetResult" + }, + "documentation": "<p>Creates a default subnet with a size <code>/20</code> IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-subnet\">Creating a Default Subnet</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateDefaultVpc": { + "name": "CreateDefaultVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateDefaultVpcRequest" + }, + "output": { + "shape": "CreateDefaultVpcResult" + }, + "documentation": "<p>Creates a default VPC with a size <code>/16</code> IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html\">Default VPC and Default Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>. You cannot specify the components of the default VPC yourself.</p> <p>If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.</p> <p>If your account supports EC2-Classic, you cannot use this action to create a default VPC in a Region that supports EC2-Classic. If you want a default VPC in a Region that supports EC2-Classic, see \"I really want a default VPC for my existing EC2 account. Is that possible?\" in the <a href=\"http://aws.amazon.com/vpc/faqs/#Default_VPCs\">Default VPCs FAQ</a>.</p>" + }, + "CreateDhcpOptions": { + "name": "CreateDhcpOptions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateDhcpOptionsRequest" + }, + "output": { + "shape": "CreateDhcpOptionsResult" + }, + "documentation": "<p>Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> <ul> <li> <p> <code>domain-name-servers</code> - The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. ITo have your instance to receive a custom DNS hostname as specified in <code>domain-name</code>, you must set <code>domain-name-servers</code> to a custom DNS server.</p> </li> <li> <p> <code>domain-name</code> - If you're using AmazonProvidedDNS in <code>us-east-1</code>, specify <code>ec2.internal</code>. If you're using AmazonProvidedDNS in another Region, specify <code>region.compute.internal</code> (for example, <code>ap-northeast-1.compute.internal</code>). Otherwise, specify a domain name (for example, <code>MyCompany.com</code>). This value is used to complete unqualified DNS hostnames. <b>Important</b>: Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.</p> </li> <li> <p> <code>ntp-servers</code> - The IP addresses of up to four Network Time Protocol (NTP) servers.</p> </li> <li> <p> <code>netbios-name-servers</code> - The IP addresses of up to four NetBIOS name servers.</p> </li> <li> <p> <code>netbios-node-type</code> - The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see <a href=\"http://www.ietf.org/rfc/rfc2132.txt\">RFC 2132</a>.</p> </li> </ul> <p>Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the <code>domain-name-servers</code> option either to <code>AmazonProvidedDNS</code> or to a domain name server of your choice. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateEgressOnlyInternetGateway": { + "name": "CreateEgressOnlyInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateEgressOnlyInternetGatewayRequest" + }, + "output": { + "shape": "CreateEgressOnlyInternetGatewayResult" + }, + "documentation": "<p>[IPv6 only] Creates an egress-only internet gateway for your VPC. An egress-only internet gateway is used to enable outbound communication over IPv6 from instances in your VPC to the internet, and prevents hosts outside of your VPC from initiating an IPv6 connection with your instance.</p>" + }, + "CreateFleet": { + "name": "CreateFleet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateFleetRequest" + }, + "output": { + "shape": "CreateFleetResult" + }, + "documentation": "<p>Launches an EC2 Fleet.</p> <p>You can create a single EC2 Fleet that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html\">Launching an EC2 Fleet</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateFlowLogs": { + "name": "CreateFlowLogs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateFlowLogsRequest" + }, + "output": { + "shape": "CreateFlowLogsResult" + }, + "documentation": "<p>Creates one or more flow logs to capture information about IP traffic for a specific network interface, subnet, or VPC. </p> <p>Flow log data for a monitored network interface is recorded as flow log records, which are log events consisting of fields that describe the traffic flow. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records\">Flow Log Records</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>When publishing to CloudWatch Logs, flow log records are published to a log group, and each network interface has a unique log stream in the log group. When publishing to Amazon S3, flow log records for all of the monitored network interfaces are published to a single log file object that is stored in the specified bucket.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html\">VPC Flow Logs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateFpgaImage": { + "name": "CreateFpgaImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateFpgaImageRequest" + }, + "output": { + "shape": "CreateFpgaImageResult" + }, + "documentation": "<p>Creates an Amazon FPGA Image (AFI) from the specified design checkpoint (DCP).</p> <p>The create operation is asynchronous. To verify that the AFI is ready for use, check the output logs.</p> <p>An AFI contains the FPGA bitstream that is ready to download to an FPGA. You can securely deploy an AFI on multiple FPGA-accelerated instances. For more information, see the <a href=\"https://github.com/aws/aws-fpga/\">AWS FPGA Hardware Development Kit</a>.</p>" + }, + "CreateImage": { + "name": "CreateImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateImageRequest" + }, + "output": { + "shape": "CreateImageResult" + }, + "documentation": "<p>Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or stopped.</p> <p>If you customized your instance with instance store volumes or EBS volumes in addition to the root device volume, the new AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI, the instance automatically launches with those additional volumes.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html\">Creating Amazon EBS-Backed Linux AMIs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateInstanceExportTask": { + "name": "CreateInstanceExportTask", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateInstanceExportTaskRequest" + }, + "output": { + "shape": "CreateInstanceExportTaskResult" + }, + "documentation": "<p>Exports a running or stopped instance to an S3 bucket.</p> <p>For information about the supported operating systems, image formats, and known limitations for the types of instances you can export, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html\">Exporting an Instance as a VM Using VM Import/Export</a> in the <i>VM Import/Export User Guide</i>.</p>" + }, + "CreateInternetGateway": { + "name": "CreateInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateInternetGatewayRequest" + }, + "output": { + "shape": "CreateInternetGatewayResult" + }, + "documentation": "<p>Creates an internet gateway for use with a VPC. After creating the internet gateway, you attach it to a VPC using <a>AttachInternetGateway</a>.</p> <p>For more information about your VPC and internet gateway, see the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/\">Amazon Virtual Private Cloud User Guide</a>.</p>" + }, + "CreateKeyPair": { + "name": "CreateKeyPair", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateKeyPairRequest" + }, + "output": { + "shape": "KeyPair" + }, + "documentation": "<p>Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and displays the private key for you to save to a file. The private key is returned as an unencrypted PEM encoded PKCS#1 private key. If a key with the specified name already exists, Amazon EC2 returns an error.</p> <p>You can have up to five thousand key pairs per Region.</p> <p>The key pair returned to you is available only in the Region in which you create it. If you prefer, you can create your own key pair using a third-party tool and upload it to any Region using <a>ImportKeyPair</a>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateLaunchTemplate": { + "name": "CreateLaunchTemplate", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateLaunchTemplateRequest" + }, + "output": { + "shape": "CreateLaunchTemplateResult" + }, + "documentation": "<p>Creates a launch template. A launch template contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify a launch template instead of providing the launch parameters in the request.</p>" + }, + "CreateLaunchTemplateVersion": { + "name": "CreateLaunchTemplateVersion", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateLaunchTemplateVersionRequest" + }, + "output": { + "shape": "CreateLaunchTemplateVersionResult" + }, + "documentation": "<p>Creates a new version for a launch template. You can specify an existing version of launch template from which to base the new version.</p> <p>Launch template versions are numbered in the order in which they are created. You cannot specify, change, or replace the numbering of launch template versions.</p>" + }, + "CreateNatGateway": { + "name": "CreateNatGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateNatGatewayRequest" + }, + "output": { + "shape": "CreateNatGatewayResult" + }, + "documentation": "<p>Creates a NAT gateway in the specified public subnet. This action creates a network interface in the specified subnet with a private IP address from the IP address range of the subnet. Internet-bound traffic from a private subnet can be routed to the NAT gateway, therefore enabling instances in the private subnet to connect to the internet. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">NAT Gateways</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateNetworkAcl": { + "name": "CreateNetworkAcl", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateNetworkAclRequest" + }, + "output": { + "shape": "CreateNetworkAclResult" + }, + "documentation": "<p>Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html\">Network ACLs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateNetworkAclEntry": { + "name": "CreateNetworkAclEntry", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateNetworkAclEntryRequest" + }, + "documentation": "<p>Creates an entry (a rule) in a network ACL with the specified rule number. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the ACL, we process the entries in the ACL according to the rule numbers, in ascending order. Each network ACL has a set of ingress rules and a separate set of egress rules.</p> <p>We recommend that you leave room between the rule numbers (for example, 100, 110, 120, ...), and not number them one right after the other (for example, 101, 102, 103, ...). This makes it easier to add a rule between existing ones without having to renumber the rules.</p> <p>After you add an entry, you can't modify it; you must either replace it, or create an entry and delete the old one.</p> <p>For more information about network ACLs, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html\">Network ACLs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateNetworkInterface": { + "name": "CreateNetworkInterface", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateNetworkInterfaceRequest" + }, + "output": { + "shape": "CreateNetworkInterfaceResult" + }, + "documentation": "<p>Creates a network interface in the specified subnet.</p> <p>For more information about network interfaces, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html\">Elastic Network Interfaces</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateNetworkInterfacePermission": { + "name": "CreateNetworkInterfacePermission", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateNetworkInterfacePermissionRequest" + }, + "output": { + "shape": "CreateNetworkInterfacePermissionResult" + }, + "documentation": "<p>Grants an AWS-authorized account permission to attach the specified network interface to an instance in their account.</p> <p>You can grant permission to a single AWS account only, and only one account at a time.</p>" + }, + "CreatePlacementGroup": { + "name": "CreatePlacementGroup", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreatePlacementGroupRequest" + }, + "documentation": "<p>Creates a placement group in which to launch instances. The strategy of the placement group determines how the instances are organized within the group. </p> <p>A <code>cluster</code> placement group is a logical grouping of instances within a single Availability Zone that benefit from low network latency, high network throughput. A <code>spread</code> placement group places instances on distinct hardware. A <code>partition</code> placement group places groups of instances in different partitions, where instances in one partition do not share the same hardware with instances in another partition.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">Placement Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateReservedInstancesListing": { + "name": "CreateReservedInstancesListing", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateReservedInstancesListingRequest" + }, + "output": { + "shape": "CreateReservedInstancesListingResult" + }, + "documentation": "<p>Creates a listing for Amazon EC2 Standard Reserved Instances to be sold in the Reserved Instance Marketplace. You can submit one Standard Reserved Instance listing at a time. To get a list of your Standard Reserved Instances, you can use the <a>DescribeReservedInstances</a> operation.</p> <note> <p>Only Standard Reserved Instances can be sold in the Reserved Instance Marketplace. Convertible Reserved Instances cannot be sold.</p> </note> <p>The Reserved Instance Marketplace matches sellers who want to resell Standard Reserved Instance capacity that they no longer need with buyers who want to purchase additional capacity. Reserved Instances bought and sold through the Reserved Instance Marketplace work like any other Reserved Instances.</p> <p>To sell your Standard Reserved Instances, you must first register as a seller in the Reserved Instance Marketplace. After completing the registration process, you can create a Reserved Instance Marketplace listing of some or all of your Standard Reserved Instances, and specify the upfront price to receive for them. Your Standard Reserved Instance listings then become available for purchase. To view the details of your Standard Reserved Instance listing, you can use the <a>DescribeReservedInstancesListings</a> operation.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateRoute": { + "name": "CreateRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateRouteRequest" + }, + "output": { + "shape": "CreateRouteResult" + }, + "documentation": "<p>Creates a route in a route table within a VPC.</p> <p>You must specify one of the following targets: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, or egress-only internet gateway.</p> <p>When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address <code>192.0.2.3</code>, and the route table includes the following two IPv4 routes:</p> <ul> <li> <p> <code>192.0.2.0/24</code> (goes to some target A)</p> </li> <li> <p> <code>192.0.2.0/28</code> (goes to some target B)</p> </li> </ul> <p>Both routes apply to the traffic destined for <code>192.0.2.3</code>. However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.</p> <p>For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateRouteTable": { + "name": "CreateRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateRouteTableRequest" + }, + "output": { + "shape": "CreateRouteTableResult" + }, + "documentation": "<p>Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateSecurityGroup": { + "name": "CreateSecurityGroup", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateSecurityGroupRequest" + }, + "output": { + "shape": "CreateSecurityGroupResult" + }, + "documentation": "<p>Creates a security group.</p> <p>A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html\">Amazon EC2 Security Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i> and <a href=\"https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html\">Security Groups for Your VPC</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>When you create a security group, you specify a friendly name of your choice. You can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.</p> <p>You have a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.</p> <p>You can add or remove rules from your security groups using <a>AuthorizeSecurityGroupIngress</a>, <a>AuthorizeSecurityGroupEgress</a>, <a>RevokeSecurityGroupIngress</a>, and <a>RevokeSecurityGroupEgress</a>.</p> <p>For more information about VPC security group limits, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html\">Amazon VPC Limits</a>.</p>" + }, + "CreateSnapshot": { + "name": "CreateSnapshot", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateSnapshotRequest" + }, + "output": { + "shape": "Snapshot" + }, + "documentation": "<p>Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for backups, to make copies of EBS volumes, and to save data before shutting down an instance.</p> <p>When a snapshot is created, any AWS Marketplace product codes that are associated with the source volume are propagated to the snapshot.</p> <p>You can take a snapshot of an attached volume that is in use. However, snapshots only capture data that has been written to your EBS volume at the time the snapshot command is issued; this may exclude any data that has been cached by any applications or the operating system. If you can pause any file systems on the volume long enough to take a snapshot, your snapshot should be complete. However, if you cannot pause all file writes to the volume, you should unmount the volume from within the instance, issue the snapshot command, and then remount the volume to ensure a consistent and complete snapshot. You may remount and use your volume while the snapshot status is <code>pending</code>.</p> <p>To create a snapshot for EBS volumes that serve as root devices, you should stop the instance before taking the snapshot.</p> <p>Snapshots that are taken from encrypted volumes are automatically encrypted. Volumes that are created from encrypted snapshots are also automatically encrypted. Your encrypted volumes and any associated snapshots always remain protected.</p> <p>You can tag your snapshots during creation. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Amazon EC2 Resources</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html\">Amazon Elastic Block Store</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateSnapshots": { + "name": "CreateSnapshots", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateSnapshotsRequest" + }, + "output": { + "shape": "CreateSnapshotsResult" + }, + "documentation": "<p>Creates crash-consistent snapshots of multiple EBS volumes and stores the data in S3. Volumes are chosen by specifying an instance. Any attached volumes will produce one snapshot each that is crash-consistent across the instance. Boot volumes can be excluded by changing the paramaters. </p>" + }, + "CreateSpotDatafeedSubscription": { + "name": "CreateSpotDatafeedSubscription", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateSpotDatafeedSubscriptionRequest" + }, + "output": { + "shape": "CreateSpotDatafeedSubscriptionResult" + }, + "documentation": "<p>Creates a data feed for Spot Instances, enabling you to view Spot Instance usage logs. You can create one data feed per AWS account. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html\">Spot Instance Data Feed</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>" + }, + "CreateSubnet": { + "name": "CreateSubnet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateSubnetRequest" + }, + "output": { + "shape": "CreateSubnetResult" + }, + "documentation": "<p>Creates a subnet in an existing VPC.</p> <p>When you create each subnet, you provide the VPC ID and IPv4 CIDR block for the subnet. After you create a subnet, you can't change its CIDR block. The size of the subnet's IPv4 CIDR block can be the same as a VPC's IPv4 CIDR block, or a subset of a VPC's IPv4 CIDR block. If you create more than one subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest IPv4 subnet (and VPC) you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses).</p> <p>If you've associated an IPv6 CIDR block with your VPC, you can create a subnet with an IPv6 CIDR block that uses a /64 prefix length. </p> <important> <p>AWS reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for use.</p> </important> <p>If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.</p> <p>If you launch an instance in a VPC using an Amazon EBS-backed AMI, the IP address doesn't change if you stop and restart the instance (unlike a similar instance launched outside a VPC, which gets a new IP address when restarted). It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.</p> <p>For more information about subnets, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html\">Your VPC and Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "CreateTags": { + "name": "CreateTags", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTagsRequest" + }, + "documentation": "<p>Adds or overwrites the specified tags for the specified Amazon EC2 resource or resources. Each resource can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique per resource.</p> <p>For more information about tags, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Resources</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. For more information about creating IAM policies that control users' access to resources based on tags, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-iam-actions-resources.html\">Supported Resource-Level Permissions for Amazon EC2 API Actions</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateTrafficMirrorFilter": { + "name": "CreateTrafficMirrorFilter", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTrafficMirrorFilterRequest" + }, + "output": { + "shape": "CreateTrafficMirrorFilterResult" + }, + "documentation": "<p>Creates a Traffic Mirror filter.</p> <p>A Traffic Mirror filter is a set of rules that defines the traffic to mirror.</p> <p>By default, no traffic is mirrored. To mirror traffic, use <a>CreateTrafficMirrorFilterRule</a> to add Traffic Mirror rules to the filter. The rules you add define what traffic gets mirrored. You can also use <a>ModifyTrafficMirrorFilterNetworkServices</a> to mirror supported network services.</p>" + }, + "CreateTrafficMirrorFilterRule": { + "name": "CreateTrafficMirrorFilterRule", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTrafficMirrorFilterRuleRequest" + }, + "output": { + "shape": "CreateTrafficMirrorFilterRuleResult" + }, + "documentation": "<p>Creates a Traffic Mirror rule. </p> <p>A Traffic Mirror rule defines the Traffic Mirror source traffic to mirror.</p> <p>You need the Traffic Mirror filter ID when you create the rule.</p>" + }, + "CreateTrafficMirrorSession": { + "name": "CreateTrafficMirrorSession", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTrafficMirrorSessionRequest" + }, + "output": { + "shape": "CreateTrafficMirrorSessionResult" + }, + "documentation": "<p>Creates a Traffic Mirror session.</p> <p>A Traffic Mirror session actively copies packets from a Traffic Mirror source to a Traffic Mirror target. Create a filter, and then assign it to the session to define a subset of the traffic to mirror, for example all TCP traffic.</p> <p>The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in a different VPC connected via VPC peering or a transit gateway. </p> <p>By default, no traffic is mirrored. Use <a>CreateTrafficMirrorFilter</a> to create filter rules that specify the traffic to mirror.</p>" + }, + "CreateTrafficMirrorTarget": { + "name": "CreateTrafficMirrorTarget", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTrafficMirrorTargetRequest" + }, + "output": { + "shape": "CreateTrafficMirrorTargetResult" + }, + "documentation": "<p>Creates a target for your Traffic Mirror session.</p> <p>A Traffic Mirror target is the destination for mirrored traffic. The Traffic Mirror source and the Traffic Mirror target (monitoring appliances) can be in the same VPC, or in different VPCs connected via VPC peering or a transit gateway.</p> <p>A Traffic Mirror target can be a network interface, or a Network Load Balancer.</p> <p>To use the target in a Traffic Mirror session, use <a>CreateTrafficMirrorSession</a>.</p>" + }, + "CreateTransitGateway": { + "name": "CreateTransitGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTransitGatewayRequest" + }, + "output": { + "shape": "CreateTransitGatewayResult" + }, + "documentation": "<p>Creates a transit gateway.</p> <p>You can use a transit gateway to interconnect your virtual private clouds (VPC) and on-premises networks. After the transit gateway enters the <code>available</code> state, you can attach your VPCs and VPN connections to the transit gateway.</p> <p>To attach your VPCs, use <a>CreateTransitGatewayVpcAttachment</a>.</p> <p>To attach a VPN connection, use <a>CreateCustomerGateway</a> to create a customer gateway and specify the ID of the customer gateway and the ID of the transit gateway in a call to <a>CreateVpnConnection</a>.</p> <p>When you create a transit gateway, we create a default transit gateway route table and use it as the default association route table and the default propagation route table. You can use <a>CreateTransitGatewayRouteTable</a> to create additional transit gateway route tables. If you disable automatic route propagation, we do not create a default transit gateway route table. You can use <a>EnableTransitGatewayRouteTablePropagation</a> to propagate routes from a resource attachment to a transit gateway route table. If you disable automatic associations, you can use <a>AssociateTransitGatewayRouteTable</a> to associate a resource attachment with a transit gateway route table.</p>" + }, + "CreateTransitGatewayRoute": { + "name": "CreateTransitGatewayRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTransitGatewayRouteRequest" + }, + "output": { + "shape": "CreateTransitGatewayRouteResult" + }, + "documentation": "<p>Creates a static route for the specified transit gateway route table.</p>" + }, + "CreateTransitGatewayRouteTable": { + "name": "CreateTransitGatewayRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTransitGatewayRouteTableRequest" + }, + "output": { + "shape": "CreateTransitGatewayRouteTableResult" + }, + "documentation": "<p>Creates a route table for the specified transit gateway.</p>" + }, + "CreateTransitGatewayVpcAttachment": { + "name": "CreateTransitGatewayVpcAttachment", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateTransitGatewayVpcAttachmentRequest" + }, + "output": { + "shape": "CreateTransitGatewayVpcAttachmentResult" + }, + "documentation": "<p>Attaches the specified VPC to the specified transit gateway.</p> <p>If you attach a VPC with a CIDR range that overlaps the CIDR range of a VPC that is already attached, the new VPC CIDR range is not propagated to the default propagation route table.</p> <p>To send VPC traffic to an attached transit gateway, add a route to the VPC route table using <a>CreateRoute</a>.</p>" + }, + "CreateVolume": { + "name": "CreateVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVolumeRequest" + }, + "output": { + "shape": "Volume" + }, + "documentation": "<p>Creates an EBS volume that can be attached to an instance in the same Availability Zone. The volume is created in the regional endpoint that you send the HTTP request to. For more information see <a href=\"https://docs.aws.amazon.com/general/latest/gr/rande.html\">Regions and Endpoints</a>.</p> <p>You can create a new empty volume or restore a volume from an EBS snapshot. Any AWS Marketplace product codes from the snapshot are propagated to the volume.</p> <p>You can create encrypted volumes. Encrypted volumes must be attached to instances that support Amazon EBS encryption. Volumes that are created from encrypted snapshots are also automatically encrypted. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can tag your volumes during creation. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Amazon EC2 Resources</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html\">Creating an Amazon EBS Volume</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateVpc": { + "name": "CreateVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpcRequest" + }, + "output": { + "shape": "CreateVpcResult" + }, + "documentation": "<p>Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html\">Your VPC and Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. The IPv6 CIDR block uses a /56 prefix length, and is allocated from Amazon's pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC.</p> <p>By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html\">Dedicated Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CreateVpcEndpoint": { + "name": "CreateVpcEndpoint", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpcEndpointRequest" + }, + "output": { + "shape": "CreateVpcEndpointResult" + }, + "documentation": "<p>Creates a VPC endpoint for a specified service. An endpoint enables you to create a private connection between your VPC and the service. The service may be provided by AWS, an AWS Marketplace partner, or another AWS account. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html\">VPC Endpoints</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>A <code>gateway</code> endpoint serves as a target for a route in your route table for traffic destined for the AWS service. You can specify an endpoint policy to attach to the endpoint that will control access to the service from your VPC. You can also specify the VPC route tables that use the endpoint.</p> <p>An <code>interface</code> endpoint is a network interface in your subnet that serves as an endpoint for communicating with the specified service. You can specify the subnets in which to create an endpoint, and the security groups to associate with the endpoint network interface.</p> <p>Use <a>DescribeVpcEndpointServices</a> to get a list of supported services.</p>" + }, + "CreateVpcEndpointConnectionNotification": { + "name": "CreateVpcEndpointConnectionNotification", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpcEndpointConnectionNotificationRequest" + }, + "output": { + "shape": "CreateVpcEndpointConnectionNotificationResult" + }, + "documentation": "<p>Creates a connection notification for a specified VPC endpoint or VPC endpoint service. A connection notification notifies you of specific endpoint events. You must create an SNS topic to receive notifications. For more information, see <a href=\"https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html\">Create a Topic</a> in the <i>Amazon Simple Notification Service Developer Guide</i>.</p> <p>You can create a connection notification for interface endpoints only.</p>" + }, + "CreateVpcEndpointServiceConfiguration": { + "name": "CreateVpcEndpointServiceConfiguration", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpcEndpointServiceConfigurationRequest" + }, + "output": { + "shape": "CreateVpcEndpointServiceConfigurationResult" + }, + "documentation": "<p>Creates a VPC endpoint service configuration to which service consumers (AWS accounts, IAM users, and IAM roles) can connect. Service consumers can create an interface VPC endpoint to connect to your service.</p> <p>To create an endpoint service configuration, you must first create a Network Load Balancer for your service. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html\">VPC Endpoint Services</a> in the <i>Amazon Virtual Private Cloud User Guide</i>. </p>" + }, + "CreateVpcPeeringConnection": { + "name": "CreateVpcPeeringConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpcPeeringConnectionRequest" + }, + "output": { + "shape": "CreateVpcPeeringConnectionResult" + }, + "documentation": "<p>Requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection. The accepter VPC can belong to another AWS account and can be in a different Region to the requester VPC. The requester VPC and accepter VPC cannot have overlapping CIDR blocks.</p> <note> <p>Limitations and rules apply to a VPC peering connection. For more information, see the <a href=\"https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html#vpc-peering-limitations\">limitations</a> section in the <i>VPC Peering Guide</i>.</p> </note> <p>The owner of the accepter VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.</p> <p>If you create a VPC peering connection request between VPCs with overlapping CIDR blocks, the VPC peering connection has a status of <code>failed</code>.</p>" + }, + "CreateVpnConnection": { + "name": "CreateVpnConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpnConnectionRequest" + }, + "output": { + "shape": "CreateVpnConnectionResult" + }, + "documentation": "<p>Creates a VPN connection between an existing virtual private gateway and a VPN customer gateway. The supported connection types is <code>ipsec.1</code>.</p> <p>The response includes information that you need to give to your network administrator to configure your customer gateway.</p> <important> <p>We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway.</p> </important> <p>If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.</p> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "CreateVpnConnectionRoute": { + "name": "CreateVpnConnectionRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpnConnectionRouteRequest" + }, + "documentation": "<p>Creates a static route associated with a VPN connection between an existing virtual private gateway and a VPN customer gateway. The static route allows traffic to be routed from the virtual private gateway to the VPN customer gateway.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "CreateVpnGateway": { + "name": "CreateVpnGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "CreateVpnGatewayRequest" + }, + "output": { + "shape": "CreateVpnGatewayResult" + }, + "documentation": "<p>Creates a virtual private gateway. A virtual private gateway is the endpoint on the VPC side of your VPN connection. You can create a virtual private gateway before creating the VPC itself.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "DeleteClientVpnEndpoint": { + "name": "DeleteClientVpnEndpoint", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteClientVpnEndpointRequest" + }, + "output": { + "shape": "DeleteClientVpnEndpointResult" + }, + "documentation": "<p>Deletes the specified Client VPN endpoint. You must disassociate all target networks before you can delete a Client VPN endpoint.</p>" + }, + "DeleteClientVpnRoute": { + "name": "DeleteClientVpnRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteClientVpnRouteRequest" + }, + "output": { + "shape": "DeleteClientVpnRouteResult" + }, + "documentation": "<p>Deletes a route from a Client VPN endpoint. You can only delete routes that you manually added using the <b>CreateClientVpnRoute</b> action. You cannot delete routes that were automatically added when associating a subnet. To remove routes that have been automatically added, disassociate the target subnet from the Client VPN endpoint.</p>" + }, + "DeleteCustomerGateway": { + "name": "DeleteCustomerGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteCustomerGatewayRequest" + }, + "documentation": "<p>Deletes the specified customer gateway. You must delete the VPN connection before you can delete the customer gateway.</p>" + }, + "DeleteDhcpOptions": { + "name": "DeleteDhcpOptions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteDhcpOptionsRequest" + }, + "documentation": "<p>Deletes the specified set of DHCP options. You must disassociate the set of DHCP options before you can delete it. You can disassociate the set of DHCP options by associating either a new set of options or the default set of options with the VPC.</p>" + }, + "DeleteEgressOnlyInternetGateway": { + "name": "DeleteEgressOnlyInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteEgressOnlyInternetGatewayRequest" + }, + "output": { + "shape": "DeleteEgressOnlyInternetGatewayResult" + }, + "documentation": "<p>Deletes an egress-only internet gateway.</p>" + }, + "DeleteFleets": { + "name": "DeleteFleets", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteFleetsRequest" + }, + "output": { + "shape": "DeleteFleetsResult" + }, + "documentation": "<p>Deletes the specified EC2 Fleet.</p> <p>After you delete an EC2 Fleet, it launches no new instances. You must specify whether an EC2 Fleet should also terminate its instances. If you terminate the instances, the EC2 Fleet enters the <code>deleted_terminating</code> state. Otherwise, the EC2 Fleet enters the <code>deleted_running</code> state, and the instances continue to run until they are interrupted or you terminate them manually. </p>" + }, + "DeleteFlowLogs": { + "name": "DeleteFlowLogs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteFlowLogsRequest" + }, + "output": { + "shape": "DeleteFlowLogsResult" + }, + "documentation": "<p>Deletes one or more flow logs.</p>" + }, + "DeleteFpgaImage": { + "name": "DeleteFpgaImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteFpgaImageRequest" + }, + "output": { + "shape": "DeleteFpgaImageResult" + }, + "documentation": "<p>Deletes the specified Amazon FPGA Image (AFI).</p>" + }, + "DeleteInternetGateway": { + "name": "DeleteInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteInternetGatewayRequest" + }, + "documentation": "<p>Deletes the specified internet gateway. You must detach the internet gateway from the VPC before you can delete it.</p>" + }, + "DeleteKeyPair": { + "name": "DeleteKeyPair", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteKeyPairRequest" + }, + "documentation": "<p>Deletes the specified key pair, by removing the public key from Amazon EC2.</p>" + }, + "DeleteLaunchTemplate": { + "name": "DeleteLaunchTemplate", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteLaunchTemplateRequest" + }, + "output": { + "shape": "DeleteLaunchTemplateResult" + }, + "documentation": "<p>Deletes a launch template. Deleting a launch template deletes all of its versions.</p>" + }, + "DeleteLaunchTemplateVersions": { + "name": "DeleteLaunchTemplateVersions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteLaunchTemplateVersionsRequest" + }, + "output": { + "shape": "DeleteLaunchTemplateVersionsResult" + }, + "documentation": "<p>Deletes one or more versions of a launch template. You cannot delete the default version of a launch template; you must first assign a different version as the default. If the default version is the only version for the launch template, you must delete the entire launch template using <a>DeleteLaunchTemplate</a>.</p>" + }, + "DeleteNatGateway": { + "name": "DeleteNatGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteNatGatewayRequest" + }, + "output": { + "shape": "DeleteNatGatewayResult" + }, + "documentation": "<p>Deletes the specified NAT gateway. Deleting a NAT gateway disassociates its Elastic IP address, but does not release the address from your account. Deleting a NAT gateway does not delete any NAT gateway routes in your route tables.</p>" + }, + "DeleteNetworkAcl": { + "name": "DeleteNetworkAcl", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteNetworkAclRequest" + }, + "documentation": "<p>Deletes the specified network ACL. You can't delete the ACL if it's associated with any subnets. You can't delete the default network ACL.</p>" + }, + "DeleteNetworkAclEntry": { + "name": "DeleteNetworkAclEntry", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteNetworkAclEntryRequest" + }, + "documentation": "<p>Deletes the specified ingress or egress entry (rule) from the specified network ACL.</p>" + }, + "DeleteNetworkInterface": { + "name": "DeleteNetworkInterface", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteNetworkInterfaceRequest" + }, + "documentation": "<p>Deletes the specified network interface. You must detach the network interface before you can delete it.</p>" + }, + "DeleteNetworkInterfacePermission": { + "name": "DeleteNetworkInterfacePermission", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteNetworkInterfacePermissionRequest" + }, + "output": { + "shape": "DeleteNetworkInterfacePermissionResult" + }, + "documentation": "<p>Deletes a permission for a network interface. By default, you cannot delete the permission if the account for which you're removing the permission has attached the network interface to an instance. However, you can force delete the permission, regardless of any attachment.</p>" + }, + "DeletePlacementGroup": { + "name": "DeletePlacementGroup", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeletePlacementGroupRequest" + }, + "documentation": "<p>Deletes the specified placement group. You must terminate all instances in the placement group before you can delete the placement group. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">Placement Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DeleteRoute": { + "name": "DeleteRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteRouteRequest" + }, + "documentation": "<p>Deletes the specified route from the specified route table.</p>" + }, + "DeleteRouteTable": { + "name": "DeleteRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteRouteTableRequest" + }, + "documentation": "<p>Deletes the specified route table. You must disassociate the route table from any subnets before you can delete it. You can't delete the main route table.</p>" + }, + "DeleteSecurityGroup": { + "name": "DeleteSecurityGroup", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteSecurityGroupRequest" + }, + "documentation": "<p>Deletes a security group.</p> <p>If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation fails with <code>InvalidGroup.InUse</code> in EC2-Classic or <code>DependencyViolation</code> in EC2-VPC.</p>" + }, + "DeleteSnapshot": { + "name": "DeleteSnapshot", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteSnapshotRequest" + }, + "documentation": "<p>Deletes the specified snapshot.</p> <p>When you make periodic snapshots of a volume, the snapshots are incremental, and only the blocks on the device that have changed since your last snapshot are saved in the new snapshot. When you delete a snapshot, only the data not needed for any other snapshot is removed. So regardless of which prior snapshots have been deleted, all active snapshots will have access to all the information needed to restore the volume.</p> <p>You cannot delete a snapshot of the root device of an EBS volume used by a registered AMI. You must first de-register the AMI before you can delete the snapshot.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html\">Deleting an Amazon EBS Snapshot</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DeleteSpotDatafeedSubscription": { + "name": "DeleteSpotDatafeedSubscription", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteSpotDatafeedSubscriptionRequest" + }, + "documentation": "<p>Deletes the data feed for Spot Instances.</p>" + }, + "DeleteSubnet": { + "name": "DeleteSubnet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteSubnetRequest" + }, + "documentation": "<p>Deletes the specified subnet. You must terminate all running instances in the subnet before you can delete the subnet.</p>" + }, + "DeleteTags": { + "name": "DeleteTags", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTagsRequest" + }, + "documentation": "<p>Deletes the specified set of tags from the specified set of resources.</p> <p>To list the current tags, use <a>DescribeTags</a>. For more information about tags, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Resources</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DeleteTrafficMirrorFilter": { + "name": "DeleteTrafficMirrorFilter", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTrafficMirrorFilterRequest" + }, + "output": { + "shape": "DeleteTrafficMirrorFilterResult" + }, + "documentation": "<p>Deletes the specified Traffic Mirror filter.</p> <p>You cannot delete a Traffic Mirror filter that is in use by a Traffic Mirror session.</p>" + }, + "DeleteTrafficMirrorFilterRule": { + "name": "DeleteTrafficMirrorFilterRule", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTrafficMirrorFilterRuleRequest" + }, + "output": { + "shape": "DeleteTrafficMirrorFilterRuleResult" + }, + "documentation": "<p>Deletes the specified Traffic Mirror rule.</p>" + }, + "DeleteTrafficMirrorSession": { + "name": "DeleteTrafficMirrorSession", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTrafficMirrorSessionRequest" + }, + "output": { + "shape": "DeleteTrafficMirrorSessionResult" + }, + "documentation": "<p>Deletes the specified Traffic Mirror session.</p>" + }, + "DeleteTrafficMirrorTarget": { + "name": "DeleteTrafficMirrorTarget", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTrafficMirrorTargetRequest" + }, + "output": { + "shape": "DeleteTrafficMirrorTargetResult" + }, + "documentation": "<p>Deletes the specified Traffic Mirror target.</p> <p>You cannot delete a Traffic Mirror target that is in use by a Traffic Mirror session.</p>" + }, + "DeleteTransitGateway": { + "name": "DeleteTransitGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTransitGatewayRequest" + }, + "output": { + "shape": "DeleteTransitGatewayResult" + }, + "documentation": "<p>Deletes the specified transit gateway.</p>" + }, + "DeleteTransitGatewayRoute": { + "name": "DeleteTransitGatewayRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTransitGatewayRouteRequest" + }, + "output": { + "shape": "DeleteTransitGatewayRouteResult" + }, + "documentation": "<p>Deletes the specified route from the specified transit gateway route table.</p>" + }, + "DeleteTransitGatewayRouteTable": { + "name": "DeleteTransitGatewayRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTransitGatewayRouteTableRequest" + }, + "output": { + "shape": "DeleteTransitGatewayRouteTableResult" + }, + "documentation": "<p>Deletes the specified transit gateway route table. You must disassociate the route table from any transit gateway route tables before you can delete it.</p>" + }, + "DeleteTransitGatewayVpcAttachment": { + "name": "DeleteTransitGatewayVpcAttachment", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteTransitGatewayVpcAttachmentRequest" + }, + "output": { + "shape": "DeleteTransitGatewayVpcAttachmentResult" + }, + "documentation": "<p>Deletes the specified VPC attachment.</p>" + }, + "DeleteVolume": { + "name": "DeleteVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVolumeRequest" + }, + "documentation": "<p>Deletes the specified EBS volume. The volume must be in the <code>available</code> state (not attached to an instance).</p> <p>The volume can remain in the <code>deleting</code> state for several minutes.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html\">Deleting an Amazon EBS Volume</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DeleteVpc": { + "name": "DeleteVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpcRequest" + }, + "documentation": "<p>Deletes the specified VPC. You must detach or delete all gateways and resources that are associated with the VPC before you can delete it. For example, you must terminate all instances running in the VPC, delete all security groups associated with the VPC (except the default one), delete all route tables associated with the VPC (except the default one), and so on.</p>" + }, + "DeleteVpcEndpointConnectionNotifications": { + "name": "DeleteVpcEndpointConnectionNotifications", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpcEndpointConnectionNotificationsRequest" + }, + "output": { + "shape": "DeleteVpcEndpointConnectionNotificationsResult" + }, + "documentation": "<p>Deletes one or more VPC endpoint connection notifications.</p>" + }, + "DeleteVpcEndpointServiceConfigurations": { + "name": "DeleteVpcEndpointServiceConfigurations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpcEndpointServiceConfigurationsRequest" + }, + "output": { + "shape": "DeleteVpcEndpointServiceConfigurationsResult" + }, + "documentation": "<p>Deletes one or more VPC endpoint service configurations in your account. Before you delete the endpoint service configuration, you must reject any <code>Available</code> or <code>PendingAcceptance</code> interface endpoint connections that are attached to the service.</p>" + }, + "DeleteVpcEndpoints": { + "name": "DeleteVpcEndpoints", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpcEndpointsRequest" + }, + "output": { + "shape": "DeleteVpcEndpointsResult" + }, + "documentation": "<p>Deletes one or more specified VPC endpoints. Deleting a gateway endpoint also deletes the endpoint routes in the route tables that were associated with the endpoint. Deleting an interface endpoint deletes the endpoint network interfaces.</p>" + }, + "DeleteVpcPeeringConnection": { + "name": "DeleteVpcPeeringConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpcPeeringConnectionRequest" + }, + "output": { + "shape": "DeleteVpcPeeringConnectionResult" + }, + "documentation": "<p>Deletes a VPC peering connection. Either the owner of the requester VPC or the owner of the accepter VPC can delete the VPC peering connection if it's in the <code>active</code> state. The owner of the requester VPC can delete a VPC peering connection in the <code>pending-acceptance</code> state. You cannot delete a VPC peering connection that's in the <code>failed</code> state.</p>" + }, + "DeleteVpnConnection": { + "name": "DeleteVpnConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpnConnectionRequest" + }, + "documentation": "<p>Deletes the specified VPN connection.</p> <p>If you're deleting the VPC and its associated components, we recommend that you detach the virtual private gateway from the VPC and delete the VPC before deleting the VPN connection. If you believe that the tunnel credentials for your VPN connection have been compromised, you can delete the VPN connection and create a new one that has new keys, without needing to delete the VPC or virtual private gateway. If you create a new VPN connection, you must reconfigure the customer gateway using the new configuration information returned with the new VPN connection ID.</p>" + }, + "DeleteVpnConnectionRoute": { + "name": "DeleteVpnConnectionRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpnConnectionRouteRequest" + }, + "documentation": "<p>Deletes the specified static route associated with a VPN connection between an existing virtual private gateway and a VPN customer gateway. The static route allows traffic to be routed from the virtual private gateway to the VPN customer gateway.</p>" + }, + "DeleteVpnGateway": { + "name": "DeleteVpnGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeleteVpnGatewayRequest" + }, + "documentation": "<p>Deletes the specified virtual private gateway. We recommend that before you delete a virtual private gateway, you detach it from the VPC and delete the VPN connection. Note that you don't need to delete the virtual private gateway if you plan to delete and recreate the VPN connection between your VPC and your network.</p>" + }, + "DeprovisionByoipCidr": { + "name": "DeprovisionByoipCidr", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeprovisionByoipCidrRequest" + }, + "output": { + "shape": "DeprovisionByoipCidrResult" + }, + "documentation": "<p>Releases the specified address range that you provisioned for use with your AWS resources through bring your own IP addresses (BYOIP) and deletes the corresponding address pool.</p> <p>Before you can release an address range, you must stop advertising it using <a>WithdrawByoipCidr</a> and you must not have any IP addresses allocated from its address range.</p>" + }, + "DeregisterImage": { + "name": "DeregisterImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DeregisterImageRequest" + }, + "documentation": "<p>Deregisters the specified AMI. After you deregister an AMI, it can't be used to launch new instances; however, it doesn't affect any instances that you've already launched from the AMI. You'll continue to incur usage costs for those instances until you terminate them.</p> <p>When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was created for the root volume of the instance during the AMI creation process. When you deregister an instance store-backed AMI, it doesn't affect the files that you uploaded to Amazon S3 when you created the AMI.</p>" + }, + "DescribeAccountAttributes": { + "name": "DescribeAccountAttributes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeAccountAttributesRequest" + }, + "output": { + "shape": "DescribeAccountAttributesResult" + }, + "documentation": "<p>Describes attributes of your AWS account. The following are the supported account attributes:</p> <ul> <li> <p> <code>supported-platforms</code>: Indicates whether your account can launch instances into EC2-Classic and EC2-VPC, or only into EC2-VPC.</p> </li> <li> <p> <code>default-vpc</code>: The ID of the default VPC for your account, or <code>none</code>.</p> </li> <li> <p> <code>max-instances</code>: The maximum number of On-Demand Instances that you can run.</p> </li> <li> <p> <code>vpc-max-security-groups-per-interface</code>: The maximum number of security groups that you can assign to a network interface.</p> </li> <li> <p> <code>max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-Classic. </p> </li> <li> <p> <code>vpc-max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate for use with EC2-VPC.</p> </li> </ul>" + }, + "DescribeAddresses": { + "name": "DescribeAddresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeAddressesRequest" + }, + "output": { + "shape": "DescribeAddressesResult" + }, + "documentation": "<p>Describes the specified Elastic IP addresses or all of your Elastic IP addresses.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeAggregateIdFormat": { + "name": "DescribeAggregateIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeAggregateIdFormatRequest" + }, + "output": { + "shape": "DescribeAggregateIdFormatResult" + }, + "documentation": "<p>Describes the longer ID format settings for all resource types in a specific Region. This request is useful for performing a quick audit to determine whether a specific Region is fully opted in for longer IDs (17-character IDs).</p> <p>This request only returns information about resource types that support longer IDs.</p> <p>The following resource types support longer IDs: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>.</p>" + }, + "DescribeAvailabilityZones": { + "name": "DescribeAvailabilityZones", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeAvailabilityZonesRequest" + }, + "output": { + "shape": "DescribeAvailabilityZonesResult" + }, + "documentation": "<p>Describes the Availability Zones that are available to you. The results include zones only for the Region you're currently using. If there is an event impacting an Availability Zone, you can use this request to view the state and any provided message for that Availability Zone.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html\">Regions and Availability Zones</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeBundleTasks": { + "name": "DescribeBundleTasks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeBundleTasksRequest" + }, + "output": { + "shape": "DescribeBundleTasksResult" + }, + "documentation": "<p>Describes the specified bundle tasks or all of your bundle tasks.</p> <note> <p>Completed bundle tasks are listed for only a limited time. If your bundle task is no longer in the list, you can still register an AMI from it. Just use <code>RegisterImage</code> with the Amazon S3 bucket name and image manifest name you provided to the bundle task.</p> </note>" + }, + "DescribeByoipCidrs": { + "name": "DescribeByoipCidrs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeByoipCidrsRequest" + }, + "output": { + "shape": "DescribeByoipCidrsResult" + }, + "documentation": "<p>Describes the IP address ranges that were specified in calls to <a>ProvisionByoipCidr</a>.</p> <p>To describe the address pools that were created when you provisioned the address ranges, use <a>DescribePublicIpv4Pools</a>.</p>" + }, + "DescribeCapacityReservations": { + "name": "DescribeCapacityReservations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeCapacityReservationsRequest" + }, + "output": { + "shape": "DescribeCapacityReservationsResult" + }, + "documentation": "<p>Describes one or more of your Capacity Reservations. The results describe only the Capacity Reservations in the AWS Region that you're currently using.</p>" + }, + "DescribeClassicLinkInstances": { + "name": "DescribeClassicLinkInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClassicLinkInstancesRequest" + }, + "output": { + "shape": "DescribeClassicLinkInstancesResult" + }, + "documentation": "<p>Describes one or more of your linked EC2-Classic instances. This request only returns information about EC2-Classic instances linked to a VPC through ClassicLink. You cannot use this request to return information about other instances.</p>" + }, + "DescribeClientVpnAuthorizationRules": { + "name": "DescribeClientVpnAuthorizationRules", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClientVpnAuthorizationRulesRequest" + }, + "output": { + "shape": "DescribeClientVpnAuthorizationRulesResult" + }, + "documentation": "<p>Describes the authorization rules for a specified Client VPN endpoint.</p>" + }, + "DescribeClientVpnConnections": { + "name": "DescribeClientVpnConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClientVpnConnectionsRequest" + }, + "output": { + "shape": "DescribeClientVpnConnectionsResult" + }, + "documentation": "<p>Describes active client connections and connections that have been terminated within the last 60 minutes for the specified Client VPN endpoint.</p>" + }, + "DescribeClientVpnEndpoints": { + "name": "DescribeClientVpnEndpoints", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClientVpnEndpointsRequest" + }, + "output": { + "shape": "DescribeClientVpnEndpointsResult" + }, + "documentation": "<p>Describes one or more Client VPN endpoints in the account.</p>" + }, + "DescribeClientVpnRoutes": { + "name": "DescribeClientVpnRoutes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClientVpnRoutesRequest" + }, + "output": { + "shape": "DescribeClientVpnRoutesResult" + }, + "documentation": "<p>Describes the routes for the specified Client VPN endpoint.</p>" + }, + "DescribeClientVpnTargetNetworks": { + "name": "DescribeClientVpnTargetNetworks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeClientVpnTargetNetworksRequest" + }, + "output": { + "shape": "DescribeClientVpnTargetNetworksResult" + }, + "documentation": "<p>Describes the target networks associated with the specified Client VPN endpoint.</p>" + }, + "DescribeConversionTasks": { + "name": "DescribeConversionTasks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeConversionTasksRequest" + }, + "output": { + "shape": "DescribeConversionTasksResult" + }, + "documentation": "<p>Describes the specified conversion tasks or all your conversion tasks. For more information, see the <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/\">VM Import/Export User Guide</a>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>" + }, + "DescribeCustomerGateways": { + "name": "DescribeCustomerGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeCustomerGatewaysRequest" + }, + "output": { + "shape": "DescribeCustomerGatewaysResult" + }, + "documentation": "<p>Describes one or more of your VPN customer gateways.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "DescribeDhcpOptions": { + "name": "DescribeDhcpOptions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeDhcpOptionsRequest" + }, + "output": { + "shape": "DescribeDhcpOptionsResult" + }, + "documentation": "<p>Describes one or more of your DHCP options sets.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html\">DHCP Options Sets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DescribeEgressOnlyInternetGateways": { + "name": "DescribeEgressOnlyInternetGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeEgressOnlyInternetGatewaysRequest" + }, + "output": { + "shape": "DescribeEgressOnlyInternetGatewaysResult" + }, + "documentation": "<p>Describes one or more of your egress-only internet gateways.</p>" + }, + "DescribeElasticGpus": { + "name": "DescribeElasticGpus", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeElasticGpusRequest" + }, + "output": { + "shape": "DescribeElasticGpusResult" + }, + "documentation": "<p>Describes the Elastic Graphics accelerator associated with your instances. For more information about Elastic Graphics, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html\">Amazon Elastic Graphics</a>.</p>" + }, + "DescribeExportTasks": { + "name": "DescribeExportTasks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeExportTasksRequest" + }, + "output": { + "shape": "DescribeExportTasksResult" + }, + "documentation": "<p>Describes the specified export tasks or all your export tasks.</p>" + }, + "DescribeFleetHistory": { + "name": "DescribeFleetHistory", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFleetHistoryRequest" + }, + "output": { + "shape": "DescribeFleetHistoryResult" + }, + "documentation": "<p>Describes the events for the specified EC2 Fleet during the specified time.</p>" + }, + "DescribeFleetInstances": { + "name": "DescribeFleetInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFleetInstancesRequest" + }, + "output": { + "shape": "DescribeFleetInstancesResult" + }, + "documentation": "<p>Describes the running instances for the specified EC2 Fleet.</p>" + }, + "DescribeFleets": { + "name": "DescribeFleets", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFleetsRequest" + }, + "output": { + "shape": "DescribeFleetsResult" + }, + "documentation": "<p>Describes the specified EC2 Fleets or all your EC2 Fleets.</p>" + }, + "DescribeFlowLogs": { + "name": "DescribeFlowLogs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFlowLogsRequest" + }, + "output": { + "shape": "DescribeFlowLogsResult" + }, + "documentation": "<p>Describes one or more flow logs. To view the information in your flow logs (the log streams for the network interfaces), you must use the CloudWatch Logs console or the CloudWatch Logs API.</p>" + }, + "DescribeFpgaImageAttribute": { + "name": "DescribeFpgaImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFpgaImageAttributeRequest" + }, + "output": { + "shape": "DescribeFpgaImageAttributeResult" + }, + "documentation": "<p>Describes the specified attribute of the specified Amazon FPGA Image (AFI).</p>" + }, + "DescribeFpgaImages": { + "name": "DescribeFpgaImages", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeFpgaImagesRequest" + }, + "output": { + "shape": "DescribeFpgaImagesResult" + }, + "documentation": "<p>Describes the Amazon FPGA Images (AFIs) available to you. These include public AFIs, private AFIs that you own, and AFIs owned by other AWS accounts for which you have load permissions.</p>" + }, + "DescribeHostReservationOfferings": { + "name": "DescribeHostReservationOfferings", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeHostReservationOfferingsRequest" + }, + "output": { + "shape": "DescribeHostReservationOfferingsResult" + }, + "documentation": "<p>Describes the Dedicated Host reservations that are available to purchase.</p> <p>The results describe all the Dedicated Host reservation offerings, including offerings that may not match the instance family and Region of your Dedicated Hosts. When purchasing an offering, ensure that the instance family and Region of the offering matches that of the Dedicated Hosts with which it is to be associated. For more information about supported instance types, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html\">Dedicated Hosts Overview</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. </p>" + }, + "DescribeHostReservations": { + "name": "DescribeHostReservations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeHostReservationsRequest" + }, + "output": { + "shape": "DescribeHostReservationsResult" + }, + "documentation": "<p>Describes reservations that are associated with Dedicated Hosts in your account.</p>" + }, + "DescribeHosts": { + "name": "DescribeHosts", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeHostsRequest" + }, + "output": { + "shape": "DescribeHostsResult" + }, + "documentation": "<p>Describes the specified Dedicated Hosts or all your Dedicated Hosts.</p> <p>The results describe only the Dedicated Hosts in the Region you're currently using. All listed instances consume capacity on your Dedicated Host. Dedicated Hosts that have recently been released are listed with the state <code>released</code>.</p>" + }, + "DescribeIamInstanceProfileAssociations": { + "name": "DescribeIamInstanceProfileAssociations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeIamInstanceProfileAssociationsRequest" + }, + "output": { + "shape": "DescribeIamInstanceProfileAssociationsResult" + }, + "documentation": "<p>Describes your IAM instance profile associations.</p>" + }, + "DescribeIdFormat": { + "name": "DescribeIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeIdFormatRequest" + }, + "output": { + "shape": "DescribeIdFormatResult" + }, + "documentation": "<p>Describes the ID format settings for your resources on a per-Region basis, for example, to view which resource types are enabled for longer IDs. This request only returns information about resource types whose ID formats can be modified; it does not return information about other resource types.</p> <p>The following resource types support longer IDs: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>. </p> <p>These settings apply to the IAM user who makes the request; they do not apply to the entire AWS account. By default, an IAM user defaults to the same settings as the root user, unless they explicitly override the settings by running the <a>ModifyIdFormat</a> command. Resources created with longer IDs are visible to all IAM users, regardless of these settings and provided that they have permission to use the relevant <code>Describe</code> command for the resource type.</p>" + }, + "DescribeIdentityIdFormat": { + "name": "DescribeIdentityIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeIdentityIdFormatRequest" + }, + "output": { + "shape": "DescribeIdentityIdFormatResult" + }, + "documentation": "<p>Describes the ID format settings for resources for the specified IAM user, IAM role, or root user. For example, you can view the resource types that are enabled for longer IDs. This request only returns information about resource types whose ID formats can be modified; it does not return information about other resource types. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html\">Resource IDs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. </p> <p>The following resource types support longer IDs: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>. </p> <p>These settings apply to the principal specified in the request. They do not apply to the principal that makes the request.</p>" + }, + "DescribeImageAttribute": { + "name": "DescribeImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeImageAttributeRequest" + }, + "output": { + "shape": "ImageAttribute" + }, + "documentation": "<p>Describes the specified attribute of the specified AMI. You can specify only one attribute at a time.</p>" + }, + "DescribeImages": { + "name": "DescribeImages", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeImagesRequest" + }, + "output": { + "shape": "DescribeImagesResult" + }, + "documentation": "<p>Describes the specified images (AMIs, AKIs, and ARIs) available to you or all of the images available to you.</p> <p>The images available to you include public images, private images that you own, and private images owned by other AWS accounts for which you have explicit launch permissions.</p> <p>Recently deregistered images appear in the returned results for a short interval and then return empty results. After all instances that reference a deregistered AMI are terminated, specifying the ID of the image results in an error indicating that the AMI ID cannot be found.</p>" + }, + "DescribeImportImageTasks": { + "name": "DescribeImportImageTasks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeImportImageTasksRequest" + }, + "output": { + "shape": "DescribeImportImageTasksResult" + }, + "documentation": "<p>Displays details about an import virtual machine or import snapshot tasks that are already created.</p>" + }, + "DescribeImportSnapshotTasks": { + "name": "DescribeImportSnapshotTasks", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeImportSnapshotTasksRequest" + }, + "output": { + "shape": "DescribeImportSnapshotTasksResult" + }, + "documentation": "<p>Describes your import snapshot tasks.</p>" + }, + "DescribeInstanceAttribute": { + "name": "DescribeInstanceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeInstanceAttributeRequest" + }, + "output": { + "shape": "InstanceAttribute" + }, + "documentation": "<p>Describes the specified attribute of the specified instance. You can specify only one attribute at a time. Valid attribute values are: <code>instanceType</code> | <code>kernel</code> | <code>ramdisk</code> | <code>userData</code> | <code>disableApiTermination</code> | <code>instanceInitiatedShutdownBehavior</code> | <code>rootDeviceName</code> | <code>blockDeviceMapping</code> | <code>productCodes</code> | <code>sourceDestCheck</code> | <code>groupSet</code> | <code>ebsOptimized</code> | <code>sriovNetSupport</code> </p>" + }, + "DescribeInstanceCreditSpecifications": { + "name": "DescribeInstanceCreditSpecifications", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeInstanceCreditSpecificationsRequest" + }, + "output": { + "shape": "DescribeInstanceCreditSpecificationsResult" + }, + "documentation": "<p>Describes the credit option for CPU usage of the specified T2 or T3 instances. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>If you do not specify an instance ID, Amazon EC2 returns T2 and T3 instances with the <code>unlimited</code> credit option, as well as instances that were previously configured as T2 or T3 with the <code>unlimited</code> credit option. For example, if you resize a T2 instance, while it is configured as <code>unlimited</code>, to an M4 instance, Amazon EC2 returns the M4 instance.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns the credit option (<code>standard</code> or <code>unlimited</code>) of those instances. If you specify an instance ID that is not valid, such as an instance that is not a T2 or T3 instance, an error is returned.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If an Availability Zone is experiencing a service disruption and you specify instance IDs in the affected zone, or do not specify any instance IDs at all, the call fails. If you specify only instance IDs in an unaffected zone, the call works normally.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeInstanceStatus": { + "name": "DescribeInstanceStatus", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeInstanceStatusRequest" + }, + "output": { + "shape": "DescribeInstanceStatusResult" + }, + "documentation": "<p>Describes the status of the specified instances or all of your instances. By default, only running instances are described, unless you specifically indicate to return the status of all instances.</p> <p>Instance status includes the following components:</p> <ul> <li> <p> <b>Status checks</b> - Amazon EC2 performs status checks on running EC2 instances to identify hardware and software issues. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-system-instance-status-check.html\">Status Checks for Your Instances</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstances.html\">Troubleshooting Instances with Failed Status Checks</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> <li> <p> <b>Scheduled events</b> - Amazon EC2 can schedule events (such as reboot, stop, or terminate) for your instances related to hardware issues, software updates, or system maintenance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instances-status-check_sched.html\">Scheduled Events for Your Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> <li> <p> <b>Instance state</b> - You can manage your instances from the moment you launch them through their termination. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </li> </ul>" + }, + "DescribeInstances": { + "name": "DescribeInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeInstancesRequest" + }, + "output": { + "shape": "DescribeInstancesResult" + }, + "documentation": "<p>Describes the specified instances or all of your instances.</p> <p>If you specify one or more instance IDs, Amazon EC2 returns information for those instances. If you do not specify instance IDs, Amazon EC2 returns information for all relevant instances. If you specify an instance ID that is not valid, an error is returned. If you specify an instance that you do not own, it is not included in the returned results.</p> <p>Recently terminated instances might appear in the returned results. This interval is usually less than one hour.</p> <p>If you describe instances in the rare case where an Availability Zone is experiencing a service disruption and you specify instance IDs that are in the affected zone, or do not specify any instance IDs at all, the call fails. If you describe instances and specify only instance IDs that are in an unaffected zone, the call works normally.</p>" + }, + "DescribeInternetGateways": { + "name": "DescribeInternetGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeInternetGatewaysRequest" + }, + "output": { + "shape": "DescribeInternetGatewaysResult" + }, + "documentation": "<p>Describes one or more of your internet gateways.</p>" + }, + "DescribeKeyPairs": { + "name": "DescribeKeyPairs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeKeyPairsRequest" + }, + "output": { + "shape": "DescribeKeyPairsResult" + }, + "documentation": "<p>Describes the specified key pairs or all of your key pairs.</p> <p>For more information about key pairs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeLaunchTemplateVersions": { + "name": "DescribeLaunchTemplateVersions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeLaunchTemplateVersionsRequest" + }, + "output": { + "shape": "DescribeLaunchTemplateVersionsResult" + }, + "documentation": "<p>Describes one or more versions of a specified launch template. You can describe all versions, individual versions, or a range of versions.</p>" + }, + "DescribeLaunchTemplates": { + "name": "DescribeLaunchTemplates", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeLaunchTemplatesRequest" + }, + "output": { + "shape": "DescribeLaunchTemplatesResult" + }, + "documentation": "<p>Describes one or more launch templates.</p>" + }, + "DescribeMovingAddresses": { + "name": "DescribeMovingAddresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeMovingAddressesRequest" + }, + "output": { + "shape": "DescribeMovingAddressesResult" + }, + "documentation": "<p>Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, or that are being restored to the EC2-Classic platform. This request does not return information about any other Elastic IP addresses in your account.</p>" + }, + "DescribeNatGateways": { + "name": "DescribeNatGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeNatGatewaysRequest" + }, + "output": { + "shape": "DescribeNatGatewaysResult" + }, + "documentation": "<p>Describes one or more of your NAT gateways.</p>" + }, + "DescribeNetworkAcls": { + "name": "DescribeNetworkAcls", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeNetworkAclsRequest" + }, + "output": { + "shape": "DescribeNetworkAclsResult" + }, + "documentation": "<p>Describes one or more of your network ACLs.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html\">Network ACLs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DescribeNetworkInterfaceAttribute": { + "name": "DescribeNetworkInterfaceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeNetworkInterfaceAttributeRequest" + }, + "output": { + "shape": "DescribeNetworkInterfaceAttributeResult" + }, + "documentation": "<p>Describes a network interface attribute. You can specify only one attribute at a time.</p>" + }, + "DescribeNetworkInterfacePermissions": { + "name": "DescribeNetworkInterfacePermissions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeNetworkInterfacePermissionsRequest" + }, + "output": { + "shape": "DescribeNetworkInterfacePermissionsResult" + }, + "documentation": "<p>Describes the permissions for your network interfaces. </p>" + }, + "DescribeNetworkInterfaces": { + "name": "DescribeNetworkInterfaces", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeNetworkInterfacesRequest" + }, + "output": { + "shape": "DescribeNetworkInterfacesResult" + }, + "documentation": "<p>Describes one or more of your network interfaces.</p>" + }, + "DescribePlacementGroups": { + "name": "DescribePlacementGroups", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribePlacementGroupsRequest" + }, + "output": { + "shape": "DescribePlacementGroupsResult" + }, + "documentation": "<p>Describes the specified placement groups or all of your placement groups. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">Placement Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribePrefixLists": { + "name": "DescribePrefixLists", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribePrefixListsRequest" + }, + "output": { + "shape": "DescribePrefixListsResult" + }, + "documentation": "<p>Describes available AWS services in a prefix list format, which includes the prefix list name and prefix list ID of the service and the IP address range for the service. A prefix list ID is required for creating an outbound security group rule that allows traffic from a VPC to access an AWS service through a gateway VPC endpoint. Currently, the services that support this action are Amazon S3 and Amazon DynamoDB.</p>" + }, + "DescribePrincipalIdFormat": { + "name": "DescribePrincipalIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribePrincipalIdFormatRequest" + }, + "output": { + "shape": "DescribePrincipalIdFormatResult" + }, + "documentation": "<p>Describes the ID format settings for the root user and all IAM roles and IAM users that have explicitly specified a longer ID (17-character ID) preference. </p> <p>By default, all IAM roles and IAM users default to the same ID settings as the root user, unless they explicitly override the settings. This request is useful for identifying those IAM users and IAM roles that have overridden the default ID settings.</p> <p>The following resource types support longer IDs: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>. </p>" + }, + "DescribePublicIpv4Pools": { + "name": "DescribePublicIpv4Pools", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribePublicIpv4PoolsRequest" + }, + "output": { + "shape": "DescribePublicIpv4PoolsResult" + }, + "documentation": "<p>Describes the specified IPv4 address pools.</p>" + }, + "DescribeRegions": { + "name": "DescribeRegions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeRegionsRequest" + }, + "output": { + "shape": "DescribeRegionsResult" + }, + "documentation": "<p>Describes the Regions that are currently available to you. The API returns a list of all the Regions, including Regions that are disabled for your account. For information about enabling Regions for your account, see <a href=\"https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/manage-account-payment.html#manage-account-payment-enable-disable-regions\">Enabling and Disabling Regions</a> in the <i>AWS Billing and Cost Management User Guide</i>.</p> <p>For a list of the Regions supported by Amazon EC2, see <a href=\"https://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region\"> Regions and Endpoints</a>.</p>" + }, + "DescribeReservedInstances": { + "name": "DescribeReservedInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeReservedInstancesRequest" + }, + "output": { + "shape": "DescribeReservedInstancesResult" + }, + "documentation": "<p>Describes one or more of the Reserved Instances that you purchased.</p> <p>For more information about Reserved Instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html\">Reserved Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeReservedInstancesListings": { + "name": "DescribeReservedInstancesListings", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeReservedInstancesListingsRequest" + }, + "output": { + "shape": "DescribeReservedInstancesListingsResult" + }, + "documentation": "<p>Describes your account's Reserved Instance listings in the Reserved Instance Marketplace.</p> <p>The Reserved Instance Marketplace matches sellers who want to resell Reserved Instance capacity that they no longer need with buyers who want to purchase additional capacity. Reserved Instances bought and sold through the Reserved Instance Marketplace work like any other Reserved Instances.</p> <p>As a seller, you choose to list some or all of your Reserved Instances, and you specify the upfront price to receive for them. Your Reserved Instances are then listed in the Reserved Instance Marketplace and are available for purchase.</p> <p>As a buyer, you specify the configuration of the Reserved Instance to purchase, and the Marketplace matches what you're searching for with what's available. The Marketplace first sells the lowest priced Reserved Instances to you, and continues to sell available Reserved Instance listings to you until your demand is met. You are charged based on the total price of all of the listings that you purchase.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeReservedInstancesModifications": { + "name": "DescribeReservedInstancesModifications", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeReservedInstancesModificationsRequest" + }, + "output": { + "shape": "DescribeReservedInstancesModificationsResult" + }, + "documentation": "<p>Describes the modifications made to your Reserved Instances. If no parameter is specified, information about all your Reserved Instances modification requests is returned. If a modification ID is specified, only information about the specific modification is returned.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html\">Modifying Reserved Instances</a> in the Amazon Elastic Compute Cloud User Guide.</p>" + }, + "DescribeReservedInstancesOfferings": { + "name": "DescribeReservedInstancesOfferings", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeReservedInstancesOfferingsRequest" + }, + "output": { + "shape": "DescribeReservedInstancesOfferingsResult" + }, + "documentation": "<p>Describes Reserved Instance offerings that are available for purchase. With Reserved Instances, you purchase the right to launch instances for a period of time. During that time period, you do not receive insufficient capacity errors, and you pay a lower usage rate than the rate charged for On-Demand instances for the actual time used.</p> <p>If you have listed your own Reserved Instances for sale in the Reserved Instance Marketplace, they will be excluded from these results. This is to ensure that you do not purchase your own Reserved Instances.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeRouteTables": { + "name": "DescribeRouteTables", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeRouteTablesRequest" + }, + "output": { + "shape": "DescribeRouteTablesResult" + }, + "documentation": "<p>Describes one or more of your route tables.</p> <p>Each subnet in your VPC must be associated with a route table. If a subnet is not explicitly associated with any route table, it is implicitly associated with the main route table. This command does not return the subnet ID for implicit associations.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DescribeScheduledInstanceAvailability": { + "name": "DescribeScheduledInstanceAvailability", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeScheduledInstanceAvailabilityRequest" + }, + "output": { + "shape": "DescribeScheduledInstanceAvailabilityResult" + }, + "documentation": "<p>Finds available schedules that meet the specified criteria.</p> <p>You can search for an available schedule no more than 3 months in advance. You must meet the minimum required duration of 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.</p> <p>After you find a schedule that meets your needs, call <a>PurchaseScheduledInstances</a> to purchase Scheduled Instances with that schedule.</p>" + }, + "DescribeScheduledInstances": { + "name": "DescribeScheduledInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeScheduledInstancesRequest" + }, + "output": { + "shape": "DescribeScheduledInstancesResult" + }, + "documentation": "<p>Describes the specified Scheduled Instances or all your Scheduled Instances.</p>" + }, + "DescribeSecurityGroupReferences": { + "name": "DescribeSecurityGroupReferences", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSecurityGroupReferencesRequest" + }, + "output": { + "shape": "DescribeSecurityGroupReferencesResult" + }, + "documentation": "<p>[VPC only] Describes the VPCs on the other side of a VPC peering connection that are referencing the security groups you've specified in this request.</p>" + }, + "DescribeSecurityGroups": { + "name": "DescribeSecurityGroups", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSecurityGroupsRequest" + }, + "output": { + "shape": "DescribeSecurityGroupsResult" + }, + "documentation": "<p>Describes the specified security groups or all of your security groups.</p> <p>A security group is for use with instances either in the EC2-Classic platform or in a specific VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html\">Amazon EC2 Security Groups</a> in the <i>Amazon Elastic Compute Cloud User Guide</i> and <a href=\"https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html\">Security Groups for Your VPC</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DescribeSnapshotAttribute": { + "name": "DescribeSnapshotAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSnapshotAttributeRequest" + }, + "output": { + "shape": "DescribeSnapshotAttributeResult" + }, + "documentation": "<p>Describes the specified attribute of the specified snapshot. You can specify only one attribute at a time.</p> <p>For more information about EBS snapshots, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html\">Amazon EBS Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeSnapshots": { + "name": "DescribeSnapshots", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSnapshotsRequest" + }, + "output": { + "shape": "DescribeSnapshotsResult" + }, + "documentation": "<p>Describes the specified EBS snapshots available to you or all of the EBS snapshots available to you.</p> <p>The snapshots available to you include public snapshots, private snapshots that you own, and private snapshots owned by other AWS accounts for which you have explicit create volume permissions.</p> <p>The create volume permissions fall into the following categories:</p> <ul> <li> <p> <i>public</i>: The owner of the snapshot granted create volume permissions for the snapshot to the <code>all</code> group. All AWS accounts have create volume permissions for these snapshots.</p> </li> <li> <p> <i>explicit</i>: The owner of the snapshot granted create volume permissions to a specific AWS account.</p> </li> <li> <p> <i>implicit</i>: An AWS account has implicit create volume permissions for all snapshots it owns.</p> </li> </ul> <p>The list of snapshots returned can be modified by specifying snapshot IDs, snapshot owners, or AWS accounts with create volume permissions. If no options are specified, Amazon EC2 returns all snapshots for which you have create volume permissions.</p> <p>If you specify one or more snapshot IDs, only snapshots that have the specified IDs are returned. If you specify an invalid snapshot ID, an error is returned. If you specify a snapshot ID for which you do not have access, it is not included in the returned results.</p> <p>If you specify one or more snapshot owners using the <code>OwnerIds</code> option, only snapshots from the specified owners and for which you have access are returned. The results can include the AWS account IDs of the specified owners, <code>amazon</code> for snapshots owned by Amazon, or <code>self</code> for snapshots that you own.</p> <p>If you specify a list of restorable users, only snapshots with create snapshot permissions for those users are returned. You can specify AWS account IDs (if you own the snapshots), <code>self</code> for snapshots for which you own or have explicit permissions, or <code>all</code> for public snapshots.</p> <p>If you are describing a long list of snapshots, you can paginate the output to make the list more manageable. The <code>MaxResults</code> parameter sets the maximum number of results returned in a single page. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSnapshots</code> request to retrieve the remaining results.</p> <p>For more information about EBS snapshots, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html\">Amazon EBS Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeSpotDatafeedSubscription": { + "name": "DescribeSpotDatafeedSubscription", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotDatafeedSubscriptionRequest" + }, + "output": { + "shape": "DescribeSpotDatafeedSubscriptionResult" + }, + "documentation": "<p>Describes the data feed for Spot Instances. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-data-feeds.html\">Spot Instance Data Feed</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>" + }, + "DescribeSpotFleetInstances": { + "name": "DescribeSpotFleetInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotFleetInstancesRequest" + }, + "output": { + "shape": "DescribeSpotFleetInstancesResponse" + }, + "documentation": "<p>Describes the running instances for the specified Spot Fleet.</p>" + }, + "DescribeSpotFleetRequestHistory": { + "name": "DescribeSpotFleetRequestHistory", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotFleetRequestHistoryRequest" + }, + "output": { + "shape": "DescribeSpotFleetRequestHistoryResponse" + }, + "documentation": "<p>Describes the events for the specified Spot Fleet request during the specified time.</p> <p>Spot Fleet events are delayed by up to 30 seconds before they can be described. This ensures that you can query by the last evaluated time and not miss a recorded event. Spot Fleet events are available for 48 hours.</p>" + }, + "DescribeSpotFleetRequests": { + "name": "DescribeSpotFleetRequests", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotFleetRequestsRequest" + }, + "output": { + "shape": "DescribeSpotFleetRequestsResponse" + }, + "documentation": "<p>Describes your Spot Fleet requests.</p> <p>Spot Fleet requests are deleted 48 hours after they are canceled and their instances are terminated.</p>" + }, + "DescribeSpotInstanceRequests": { + "name": "DescribeSpotInstanceRequests", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotInstanceRequestsRequest" + }, + "output": { + "shape": "DescribeSpotInstanceRequestsResult" + }, + "documentation": "<p>Describes the specified Spot Instance requests.</p> <p>You can use <code>DescribeSpotInstanceRequests</code> to find a running Spot Instance by examining the response. If the status of the Spot Instance is <code>fulfilled</code>, the instance ID appears in the response and contains the identifier of the instance. Alternatively, you can use <a>DescribeInstances</a> with a filter to look for instances where the instance lifecycle is <code>spot</code>.</p> <p>We recommend that you set <code>MaxResults</code> to a value between 5 and 1000 to limit the number of results returned. This paginates the output, which makes the list more manageable and returns the results faster. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeSpotInstanceRequests</code> request to retrieve the remaining results.</p> <p>Spot Instance requests are deleted four hours after they are canceled and their instances are terminated.</p>" + }, + "DescribeSpotPriceHistory": { + "name": "DescribeSpotPriceHistory", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSpotPriceHistoryRequest" + }, + "output": { + "shape": "DescribeSpotPriceHistoryResult" + }, + "documentation": "<p>Describes the Spot price history. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances-history.html\">Spot Instance Pricing History</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p> <p>When you specify a start and end time, this operation returns the prices of the instance types within the time range that you specified and the time when the price changed. The price is valid within the time period that you specified; the response merely indicates the last time that the price changed.</p>" + }, + "DescribeStaleSecurityGroups": { + "name": "DescribeStaleSecurityGroups", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeStaleSecurityGroupsRequest" + }, + "output": { + "shape": "DescribeStaleSecurityGroupsResult" + }, + "documentation": "<p>[VPC only] Describes the stale security group rules for security groups in a specified VPC. Rules are stale when they reference a deleted security group in a peer VPC, or a security group in a peer VPC for which the VPC peering connection has been deleted.</p>" + }, + "DescribeSubnets": { + "name": "DescribeSubnets", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeSubnetsRequest" + }, + "output": { + "shape": "DescribeSubnetsResult" + }, + "documentation": "<p>Describes one or more of your subnets.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html\">Your VPC and Subnets</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DescribeTags": { + "name": "DescribeTags", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTagsRequest" + }, + "output": { + "shape": "DescribeTagsResult" + }, + "documentation": "<p>Describes the specified tags for your EC2 resources.</p> <p>For more information about tags, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Resources</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeTrafficMirrorFilters": { + "name": "DescribeTrafficMirrorFilters", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTrafficMirrorFiltersRequest" + }, + "output": { + "shape": "DescribeTrafficMirrorFiltersResult" + }, + "documentation": "<p>Describes one or more Traffic Mirror filters.</p>" + }, + "DescribeTrafficMirrorSessions": { + "name": "DescribeTrafficMirrorSessions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTrafficMirrorSessionsRequest" + }, + "output": { + "shape": "DescribeTrafficMirrorSessionsResult" + }, + "documentation": "<p>Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.</p>" + }, + "DescribeTrafficMirrorTargets": { + "name": "DescribeTrafficMirrorTargets", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTrafficMirrorTargetsRequest" + }, + "output": { + "shape": "DescribeTrafficMirrorTargetsResult" + }, + "documentation": "<p>Information about one or more Traffic Mirror targets.</p>" + }, + "DescribeTransitGatewayAttachments": { + "name": "DescribeTransitGatewayAttachments", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTransitGatewayAttachmentsRequest" + }, + "output": { + "shape": "DescribeTransitGatewayAttachmentsResult" + }, + "documentation": "<p>Describes one or more attachments between resources and transit gateways. By default, all attachments are described. Alternatively, you can filter the results by attachment ID, attachment state, resource ID, or resource owner.</p>" + }, + "DescribeTransitGatewayRouteTables": { + "name": "DescribeTransitGatewayRouteTables", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTransitGatewayRouteTablesRequest" + }, + "output": { + "shape": "DescribeTransitGatewayRouteTablesResult" + }, + "documentation": "<p>Describes one or more transit gateway route tables. By default, all transit gateway route tables are described. Alternatively, you can filter the results.</p>" + }, + "DescribeTransitGatewayVpcAttachments": { + "name": "DescribeTransitGatewayVpcAttachments", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTransitGatewayVpcAttachmentsRequest" + }, + "output": { + "shape": "DescribeTransitGatewayVpcAttachmentsResult" + }, + "documentation": "<p>Describes one or more VPC attachments. By default, all VPC attachments are described. Alternatively, you can filter the results.</p>" + }, + "DescribeTransitGateways": { + "name": "DescribeTransitGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeTransitGatewaysRequest" + }, + "output": { + "shape": "DescribeTransitGatewaysResult" + }, + "documentation": "<p>Describes one or more transit gateways. By default, all transit gateways are described. Alternatively, you can filter the results.</p>" + }, + "DescribeVolumeAttribute": { + "name": "DescribeVolumeAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVolumeAttributeRequest" + }, + "output": { + "shape": "DescribeVolumeAttributeResult" + }, + "documentation": "<p>Describes the specified attribute of the specified volume. You can specify only one attribute at a time.</p> <p>For more information about EBS volumes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html\">Amazon EBS Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeVolumeStatus": { + "name": "DescribeVolumeStatus", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVolumeStatusRequest" + }, + "output": { + "shape": "DescribeVolumeStatusResult" + }, + "documentation": "<p>Describes the status of the specified volumes. Volume status provides the result of the checks performed on your volumes to determine events that can impair the performance of your volumes. The performance of a volume can be affected if an issue occurs on the volume's underlying host. If the volume's underlying host experiences a power outage or system issue, after the system is restored, there could be data inconsistencies on the volume. Volume events notify you if this occurs. Volume actions notify you if any action needs to be taken in response to the event.</p> <p>The <code>DescribeVolumeStatus</code> operation provides the following information about the specified volumes:</p> <p> <i>Status</i>: Reflects the current status of the volume. The possible values are <code>ok</code>, <code>impaired</code> , <code>warning</code>, or <code>insufficient-data</code>. If all checks pass, the overall status of the volume is <code>ok</code>. If the check fails, the overall status is <code>impaired</code>. If the status is <code>insufficient-data</code>, then the checks may still be taking place on your volume at the time. We recommend that you retry the request. For more information about volume status, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html\">Monitoring the Status of Your Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p> <i>Events</i>: Reflect the cause of a volume status and may require you to take action. For example, if your volume returns an <code>impaired</code> status, then the volume event might be <code>potential-data-inconsistency</code>. This means that your volume has been affected by an issue with the underlying host, has all I/O operations disabled, and may have inconsistent data.</p> <p> <i>Actions</i>: Reflect the actions you may have to take in response to an event. For example, if the status of the volume is <code>impaired</code> and the volume event shows <code>potential-data-inconsistency</code>, then the action shows <code>enable-volume-io</code>. This means that you may want to enable the I/O operations for the volume by calling the <a>EnableVolumeIO</a> action and then check the volume for data consistency.</p> <p>Volume status is based on the volume status checks, and does not reflect the volume state. Therefore, volume status does not indicate volumes in the <code>error</code> state (for example, when a volume is incapable of accepting I/O.)</p>" + }, + "DescribeVolumes": { + "name": "DescribeVolumes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVolumesRequest" + }, + "output": { + "shape": "DescribeVolumesResult" + }, + "documentation": "<p>Describes the specified EBS volumes or all of your EBS volumes.</p> <p>If you are describing a long list of volumes, you can paginate the output to make the list more manageable. The <code>MaxResults</code> parameter sets the maximum number of results returned in a single page. If the list of results exceeds your <code>MaxResults</code> value, then that number of results is returned along with a <code>NextToken</code> value that can be passed to a subsequent <code>DescribeVolumes</code> request to retrieve the remaining results.</p> <p>For more information about EBS volumes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html\">Amazon EBS Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeVolumesModifications": { + "name": "DescribeVolumesModifications", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVolumesModificationsRequest" + }, + "output": { + "shape": "DescribeVolumesModificationsResult" + }, + "documentation": "<p>Reports the current modification status of EBS volumes.</p> <p>Current-generation EBS volumes support modification of attributes including type, size, and (for <code>io1</code> volumes) IOPS provisioning while either attached to or detached from an instance. Following an action from the API or the console to modify a volume, the status of the modification may be <code>modifying</code>, <code>optimizing</code>, <code>completed</code>, or <code>failed</code>. If a volume has never been modified, then certain elements of the returned <code>VolumeModification</code> objects are null. </p> <p> You can also use CloudWatch Events to check the status of a modification to an EBS volume. For information about CloudWatch Events, see the <a href=\"https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/\">Amazon CloudWatch Events User Guide</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods\">Monitoring Volume Modifications\"</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeVpcAttribute": { + "name": "DescribeVpcAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcAttributeRequest" + }, + "output": { + "shape": "DescribeVpcAttributeResult" + }, + "documentation": "<p>Describes the specified attribute of the specified VPC. You can specify only one attribute at a time.</p>" + }, + "DescribeVpcClassicLink": { + "name": "DescribeVpcClassicLink", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcClassicLinkRequest" + }, + "output": { + "shape": "DescribeVpcClassicLinkResult" + }, + "documentation": "<p>Describes the ClassicLink status of one or more VPCs.</p>" + }, + "DescribeVpcClassicLinkDnsSupport": { + "name": "DescribeVpcClassicLinkDnsSupport", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcClassicLinkDnsSupportRequest" + }, + "output": { + "shape": "DescribeVpcClassicLinkDnsSupportResult" + }, + "documentation": "<p>Describes the ClassicLink DNS support status of one or more VPCs. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DescribeVpcEndpointConnectionNotifications": { + "name": "DescribeVpcEndpointConnectionNotifications", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointConnectionNotificationsRequest" + }, + "output": { + "shape": "DescribeVpcEndpointConnectionNotificationsResult" + }, + "documentation": "<p>Describes the connection notifications for VPC endpoints and VPC endpoint services.</p>" + }, + "DescribeVpcEndpointConnections": { + "name": "DescribeVpcEndpointConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointConnectionsRequest" + }, + "output": { + "shape": "DescribeVpcEndpointConnectionsResult" + }, + "documentation": "<p>Describes the VPC endpoint connections to your VPC endpoint services, including any endpoints that are pending your acceptance.</p>" + }, + "DescribeVpcEndpointServiceConfigurations": { + "name": "DescribeVpcEndpointServiceConfigurations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointServiceConfigurationsRequest" + }, + "output": { + "shape": "DescribeVpcEndpointServiceConfigurationsResult" + }, + "documentation": "<p>Describes the VPC endpoint service configurations in your account (your services).</p>" + }, + "DescribeVpcEndpointServicePermissions": { + "name": "DescribeVpcEndpointServicePermissions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointServicePermissionsRequest" + }, + "output": { + "shape": "DescribeVpcEndpointServicePermissionsResult" + }, + "documentation": "<p>Describes the principals (service consumers) that are permitted to discover your VPC endpoint service.</p>" + }, + "DescribeVpcEndpointServices": { + "name": "DescribeVpcEndpointServices", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointServicesRequest" + }, + "output": { + "shape": "DescribeVpcEndpointServicesResult" + }, + "documentation": "<p>Describes available services to which you can create a VPC endpoint.</p>" + }, + "DescribeVpcEndpoints": { + "name": "DescribeVpcEndpoints", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcEndpointsRequest" + }, + "output": { + "shape": "DescribeVpcEndpointsResult" + }, + "documentation": "<p>Describes one or more of your VPC endpoints.</p>" + }, + "DescribeVpcPeeringConnections": { + "name": "DescribeVpcPeeringConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcPeeringConnectionsRequest" + }, + "output": { + "shape": "DescribeVpcPeeringConnectionsResult" + }, + "documentation": "<p>Describes one or more of your VPC peering connections.</p>" + }, + "DescribeVpcs": { + "name": "DescribeVpcs", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpcsRequest" + }, + "output": { + "shape": "DescribeVpcsResult" + }, + "documentation": "<p>Describes one or more of your VPCs.</p>" + }, + "DescribeVpnConnections": { + "name": "DescribeVpnConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpnConnectionsRequest" + }, + "output": { + "shape": "DescribeVpnConnectionsResult" + }, + "documentation": "<p>Describes one or more of your VPN connections.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "DescribeVpnGateways": { + "name": "DescribeVpnGateways", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DescribeVpnGatewaysRequest" + }, + "output": { + "shape": "DescribeVpnGatewaysResult" + }, + "documentation": "<p>Describes one or more of your virtual private gateways.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html\">AWS Site-to-Site VPN</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p>" + }, + "DetachClassicLinkVpc": { + "name": "DetachClassicLinkVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DetachClassicLinkVpcRequest" + }, + "output": { + "shape": "DetachClassicLinkVpcResult" + }, + "documentation": "<p>Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance has been unlinked, the VPC security groups are no longer associated with it. An instance is automatically unlinked from a VPC when it's stopped.</p>" + }, + "DetachInternetGateway": { + "name": "DetachInternetGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DetachInternetGatewayRequest" + }, + "documentation": "<p>Detaches an internet gateway from a VPC, disabling connectivity between the internet and the VPC. The VPC must not contain any running instances with Elastic IP addresses or public IPv4 addresses.</p>" + }, + "DetachNetworkInterface": { + "name": "DetachNetworkInterface", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DetachNetworkInterfaceRequest" + }, + "documentation": "<p>Detaches a network interface from an instance.</p>" + }, + "DetachVolume": { + "name": "DetachVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DetachVolumeRequest" + }, + "output": { + "shape": "VolumeAttachment" + }, + "documentation": "<p>Detaches an EBS volume from an instance. Make sure to unmount any file systems on the device within your operating system before detaching the volume. Failure to do so can result in the volume becoming stuck in the <code>busy</code> state while detaching. If this happens, detachment can be delayed indefinitely until you unmount the volume, force detachment, reboot the instance, or all three. If an EBS volume is the root device of an instance, it can't be detached while the instance is running. To detach the root volume, stop the instance first.</p> <p>When a volume with an AWS Marketplace product code is detached from an instance, the product code is no longer associated with the instance.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html\">Detaching an Amazon EBS Volume</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DetachVpnGateway": { + "name": "DetachVpnGateway", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DetachVpnGatewayRequest" + }, + "documentation": "<p>Detaches a virtual private gateway from a VPC. You do this if you're planning to turn off the VPC and not use it anymore. You can confirm a virtual private gateway has been completely detached from a VPC by describing the virtual private gateway (any attachments to the virtual private gateway are also described).</p> <p>You must wait for the attachment's state to switch to <code>detached</code> before you can delete the VPC or attach a different VPC to the virtual private gateway.</p>" + }, + "DisableEbsEncryptionByDefault": { + "name": "DisableEbsEncryptionByDefault", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisableEbsEncryptionByDefaultRequest" + }, + "output": { + "shape": "DisableEbsEncryptionByDefaultResult" + }, + "documentation": "<p>Disables EBS encryption by default for your account in the current Region.</p> <p>After you disable encryption by default, you can still create encrypted volumes by enabling encryption when you create each volume.</p> <p>Disabling encryption by default does not change the encryption status of your existing volumes.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DisableTransitGatewayRouteTablePropagation": { + "name": "DisableTransitGatewayRouteTablePropagation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisableTransitGatewayRouteTablePropagationRequest" + }, + "output": { + "shape": "DisableTransitGatewayRouteTablePropagationResult" + }, + "documentation": "<p>Disables the specified resource attachment from propagating routes to the specified propagation route table.</p>" + }, + "DisableVgwRoutePropagation": { + "name": "DisableVgwRoutePropagation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisableVgwRoutePropagationRequest" + }, + "documentation": "<p>Disables a virtual private gateway (VGW) from propagating routes to a specified route table of a VPC.</p>" + }, + "DisableVpcClassicLink": { + "name": "DisableVpcClassicLink", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisableVpcClassicLinkRequest" + }, + "output": { + "shape": "DisableVpcClassicLinkResult" + }, + "documentation": "<p>Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC that has EC2-Classic instances linked to it.</p>" + }, + "DisableVpcClassicLinkDnsSupport": { + "name": "DisableVpcClassicLinkDnsSupport", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisableVpcClassicLinkDnsSupportRequest" + }, + "output": { + "shape": "DisableVpcClassicLinkDnsSupportResult" + }, + "documentation": "<p>Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve to public IP addresses when addressed between a linked EC2-Classic instance and instances in the VPC to which it's linked. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "DisassociateAddress": { + "name": "DisassociateAddress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateAddressRequest" + }, + "documentation": "<p>Disassociates an Elastic IP address from the instance or network interface it's associated with.</p> <p>An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html\">Elastic IP Addresses</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.</p>" + }, + "DisassociateClientVpnTargetNetwork": { + "name": "DisassociateClientVpnTargetNetwork", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateClientVpnTargetNetworkRequest" + }, + "output": { + "shape": "DisassociateClientVpnTargetNetworkResult" + }, + "documentation": "<p>Disassociates a target network from the specified Client VPN endpoint. When you disassociate the last target network from a Client VPN, the following happens:</p> <ul> <li> <p>The route that was automatically added for the VPC is deleted</p> </li> <li> <p>All active client connections are terminated</p> </li> <li> <p>New client connections are disallowed</p> </li> <li> <p>The Client VPN endpoint's status changes to <code>pending-associate</code> </p> </li> </ul>" + }, + "DisassociateIamInstanceProfile": { + "name": "DisassociateIamInstanceProfile", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateIamInstanceProfileRequest" + }, + "output": { + "shape": "DisassociateIamInstanceProfileResult" + }, + "documentation": "<p>Disassociates an IAM instance profile from a running or stopped instance.</p> <p>Use <a>DescribeIamInstanceProfileAssociations</a> to get the association ID.</p>" + }, + "DisassociateRouteTable": { + "name": "DisassociateRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateRouteTableRequest" + }, + "documentation": "<p>Disassociates a subnet from a route table.</p> <p>After you perform this action, the subnet no longer uses the routes in the route table. Instead, it uses the routes in the VPC's main route table. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "DisassociateSubnetCidrBlock": { + "name": "DisassociateSubnetCidrBlock", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateSubnetCidrBlockRequest" + }, + "output": { + "shape": "DisassociateSubnetCidrBlockResult" + }, + "documentation": "<p>Disassociates a CIDR block from a subnet. Currently, you can disassociate an IPv6 CIDR block only. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it. </p>" + }, + "DisassociateTransitGatewayRouteTable": { + "name": "DisassociateTransitGatewayRouteTable", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateTransitGatewayRouteTableRequest" + }, + "output": { + "shape": "DisassociateTransitGatewayRouteTableResult" + }, + "documentation": "<p>Disassociates a resource attachment from a transit gateway route table.</p>" + }, + "DisassociateVpcCidrBlock": { + "name": "DisassociateVpcCidrBlock", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "DisassociateVpcCidrBlockRequest" + }, + "output": { + "shape": "DisassociateVpcCidrBlockResult" + }, + "documentation": "<p>Disassociates a CIDR block from a VPC. To disassociate the CIDR block, you must specify its association ID. You can get the association ID by using <a>DescribeVpcs</a>. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it. </p> <p>You cannot disassociate the CIDR block with which you originally created the VPC (the primary CIDR block).</p>" + }, + "EnableEbsEncryptionByDefault": { + "name": "EnableEbsEncryptionByDefault", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableEbsEncryptionByDefaultRequest" + }, + "output": { + "shape": "EnableEbsEncryptionByDefaultResult" + }, + "documentation": "<p>Enables EBS encryption by default for your account in the current Region.</p> <p>After you enable encryption by default, the EBS volumes that you create are are always encrypted, either using the default CMK or the CMK that you specified when you created each volume. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can specify the default CMK for encryption by default using <a>ModifyEbsDefaultKmsKeyId</a> or <a>ResetEbsDefaultKmsKeyId</a>.</p> <p>Enabling encryption by default has no effect on the encryption status of your existing volumes.</p> <p>After you enable encryption by default, you can no longer launch instances using instance types that do not support encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p>" + }, + "EnableTransitGatewayRouteTablePropagation": { + "name": "EnableTransitGatewayRouteTablePropagation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableTransitGatewayRouteTablePropagationRequest" + }, + "output": { + "shape": "EnableTransitGatewayRouteTablePropagationResult" + }, + "documentation": "<p>Enables the specified attachment to propagate routes to the specified propagation route table.</p>" + }, + "EnableVgwRoutePropagation": { + "name": "EnableVgwRoutePropagation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableVgwRoutePropagationRequest" + }, + "documentation": "<p>Enables a virtual private gateway (VGW) to propagate routes to the specified route table of a VPC.</p>" + }, + "EnableVolumeIO": { + "name": "EnableVolumeIO", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableVolumeIORequest" + }, + "documentation": "<p>Enables I/O operations for a volume that had I/O operations disabled because the data on the volume was potentially inconsistent.</p>" + }, + "EnableVpcClassicLink": { + "name": "EnableVpcClassicLink", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableVpcClassicLinkRequest" + }, + "output": { + "shape": "EnableVpcClassicLinkResult" + }, + "documentation": "<p>Enables a VPC for ClassicLink. You can then link EC2-Classic instances to your ClassicLink-enabled VPC to allow communication over private IP addresses. You cannot enable your VPC for ClassicLink if any of your VPC route tables have existing routes for address ranges within the <code>10.0.0.0/8</code> IP address range, excluding local routes for VPCs in the <code>10.0.0.0/16</code> and <code>10.1.0.0/16</code> IP address ranges. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "EnableVpcClassicLinkDnsSupport": { + "name": "EnableVpcClassicLinkDnsSupport", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "EnableVpcClassicLinkDnsSupportRequest" + }, + "output": { + "shape": "EnableVpcClassicLinkDnsSupportResult" + }, + "documentation": "<p>Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, the DNS hostname of a linked EC2-Classic instance resolves to its private IP address when addressed from an instance in the VPC to which it's linked. Similarly, the DNS hostname of an instance in a VPC resolves to its private IP address when addressed from a linked EC2-Classic instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ExportClientVpnClientCertificateRevocationList": { + "name": "ExportClientVpnClientCertificateRevocationList", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ExportClientVpnClientCertificateRevocationListRequest" + }, + "output": { + "shape": "ExportClientVpnClientCertificateRevocationListResult" + }, + "documentation": "<p>Downloads the client certificate revocation list for the specified Client VPN endpoint.</p>" + }, + "ExportClientVpnClientConfiguration": { + "name": "ExportClientVpnClientConfiguration", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ExportClientVpnClientConfigurationRequest" + }, + "output": { + "shape": "ExportClientVpnClientConfigurationResult" + }, + "documentation": "<p>Downloads the contents of the Client VPN endpoint configuration file for the specified Client VPN endpoint. The Client VPN endpoint configuration file includes the Client VPN endpoint and certificate information clients need to establish a connection with the Client VPN endpoint.</p>" + }, + "ExportTransitGatewayRoutes": { + "name": "ExportTransitGatewayRoutes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ExportTransitGatewayRoutesRequest" + }, + "output": { + "shape": "ExportTransitGatewayRoutesResult" + }, + "documentation": "<p>Exports routes from the specified transit gateway route table to the specified S3 bucket. By default, all routes are exported. Alternatively, you can filter by CIDR range.</p>" + }, + "GetConsoleOutput": { + "name": "GetConsoleOutput", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetConsoleOutputRequest" + }, + "output": { + "shape": "GetConsoleOutputResult" + }, + "documentation": "<p>Gets the console output for the specified instance. For Linux instances, the instance console output displays the exact console output that would normally be displayed on a physical monitor attached to a computer. For Windows instances, the instance console output includes the last three system event log errors.</p> <p>By default, the console output returns buffered information that was posted shortly after an instance transition state (start, stop, reboot, or terminate). This information is available for at least one hour after the most recent post. Only the most recent 64 KB of console output is available.</p> <p>You can optionally retrieve the latest serial console output at any time during the instance lifecycle. This option is supported on instance types that use the Nitro hypervisor.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html#instance-console-console-output\">Instance Console Output</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "GetConsoleScreenshot": { + "name": "GetConsoleScreenshot", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetConsoleScreenshotRequest" + }, + "output": { + "shape": "GetConsoleScreenshotResult" + }, + "documentation": "<p>Retrieve a JPG-format screenshot of a running instance to help with troubleshooting.</p> <p>The returned content is Base64-encoded.</p>" + }, + "GetEbsDefaultKmsKeyId": { + "name": "GetEbsDefaultKmsKeyId", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetEbsDefaultKmsKeyIdRequest" + }, + "output": { + "shape": "GetEbsDefaultKmsKeyIdResult" + }, + "documentation": "<p>Describes the default customer master key (CMK) for EBS encryption by default for your account in this Region. You can change the default CMK for encryption by default using <a>ModifyEbsDefaultKmsKeyId</a> or <a>ResetEbsDefaultKmsKeyId</a>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "GetEbsEncryptionByDefault": { + "name": "GetEbsEncryptionByDefault", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetEbsEncryptionByDefaultRequest" + }, + "output": { + "shape": "GetEbsEncryptionByDefaultResult" + }, + "documentation": "<p>Describes whether EBS encryption by default is enabled for your account in the current Region.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "GetHostReservationPurchasePreview": { + "name": "GetHostReservationPurchasePreview", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetHostReservationPurchasePreviewRequest" + }, + "output": { + "shape": "GetHostReservationPurchasePreviewResult" + }, + "documentation": "<p>Preview a reservation purchase with configurations that match those of your Dedicated Host. You must have active Dedicated Hosts in your account before you purchase a reservation.</p> <p>This is a preview of the <a>PurchaseHostReservation</a> action and does not result in the offering being purchased.</p>" + }, + "GetLaunchTemplateData": { + "name": "GetLaunchTemplateData", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetLaunchTemplateDataRequest" + }, + "output": { + "shape": "GetLaunchTemplateDataResult" + }, + "documentation": "<p>Retrieves the configuration data of the specified instance. You can use this data to create a launch template.</p>" + }, + "GetPasswordData": { + "name": "GetPasswordData", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetPasswordDataRequest" + }, + "output": { + "shape": "GetPasswordDataResult" + }, + "documentation": "<p>Retrieves the encrypted administrator password for a running Windows instance.</p> <p>The Windows password is generated at boot by the <code>EC2Config</code> service or <code>EC2Launch</code> scripts (Windows Server 2016 and later). This usually only happens the first time an instance is launched. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_WinAMI.html\">EC2Config</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2launch.html\">EC2Launch</a> in the Amazon Elastic Compute Cloud User Guide.</p> <p>For the <code>EC2Config</code> service, the password is not generated for rebundled AMIs unless <code>Ec2SetPassword</code> is enabled before bundling.</p> <p>The password is encrypted using the key pair that you specified when you launched the instance. You must provide the corresponding key pair file.</p> <p>When you launch an instance, password generation and encryption may take a few minutes. If you try to retrieve the password before it's available, the output returns an empty string. We recommend that you wait up to 15 minutes after launching an instance before trying to retrieve the generated password.</p>" + }, + "GetReservedInstancesExchangeQuote": { + "name": "GetReservedInstancesExchangeQuote", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetReservedInstancesExchangeQuoteRequest" + }, + "output": { + "shape": "GetReservedInstancesExchangeQuoteResult" + }, + "documentation": "<p>Returns a quote and exchange information for exchanging one or more specified Convertible Reserved Instances for a new Convertible Reserved Instance. If the exchange cannot be performed, the reason is returned in the response. Use <a>AcceptReservedInstancesExchangeQuote</a> to perform the exchange.</p>" + }, + "GetTransitGatewayAttachmentPropagations": { + "name": "GetTransitGatewayAttachmentPropagations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetTransitGatewayAttachmentPropagationsRequest" + }, + "output": { + "shape": "GetTransitGatewayAttachmentPropagationsResult" + }, + "documentation": "<p>Lists the route tables to which the specified resource attachment propagates routes.</p>" + }, + "GetTransitGatewayRouteTableAssociations": { + "name": "GetTransitGatewayRouteTableAssociations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetTransitGatewayRouteTableAssociationsRequest" + }, + "output": { + "shape": "GetTransitGatewayRouteTableAssociationsResult" + }, + "documentation": "<p>Gets information about the associations for the specified transit gateway route table.</p>" + }, + "GetTransitGatewayRouteTablePropagations": { + "name": "GetTransitGatewayRouteTablePropagations", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "GetTransitGatewayRouteTablePropagationsRequest" + }, + "output": { + "shape": "GetTransitGatewayRouteTablePropagationsResult" + }, + "documentation": "<p>Gets information about the route table propagations for the specified transit gateway route table.</p>" + }, + "ImportClientVpnClientCertificateRevocationList": { + "name": "ImportClientVpnClientCertificateRevocationList", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportClientVpnClientCertificateRevocationListRequest" + }, + "output": { + "shape": "ImportClientVpnClientCertificateRevocationListResult" + }, + "documentation": "<p>Uploads a client certificate revocation list to the specified Client VPN endpoint. Uploading a client certificate revocation list overwrites the existing client certificate revocation list.</p> <p>Uploading a client certificate revocation list resets existing client connections.</p>" + }, + "ImportImage": { + "name": "ImportImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportImageRequest" + }, + "output": { + "shape": "ImportImageResult" + }, + "documentation": "<p>Import single or multi-volume disk images or EBS snapshots into an Amazon Machine Image (AMI). For more information, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html\">Importing a VM as an Image Using VM Import/Export</a> in the <i>VM Import/Export User Guide</i>.</p>" + }, + "ImportInstance": { + "name": "ImportInstance", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportInstanceRequest" + }, + "output": { + "shape": "ImportInstanceResult" + }, + "documentation": "<p>Creates an import instance task using metadata from the specified disk image. <code>ImportInstance</code> only supports single-volume VMs. To import multi-volume VMs, use <a>ImportImage</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html\">Importing a Virtual Machine Using the Amazon EC2 CLI</a>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>" + }, + "ImportKeyPair": { + "name": "ImportKeyPair", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportKeyPairRequest" + }, + "output": { + "shape": "ImportKeyPairResult" + }, + "documentation": "<p>Imports the public key from an RSA key pair that you created with a third-party tool. Compare this with <a>CreateKeyPair</a>, in which AWS creates the key pair and gives the keys to you (AWS keeps a copy of the public key). With ImportKeyPair, you create the key pair and give AWS just the public key. The private key is never transferred between you and AWS.</p> <p>For more information about key pairs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ImportSnapshot": { + "name": "ImportSnapshot", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportSnapshotRequest" + }, + "output": { + "shape": "ImportSnapshotResult" + }, + "documentation": "<p>Imports a disk into an EBS snapshot.</p>" + }, + "ImportVolume": { + "name": "ImportVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ImportVolumeRequest" + }, + "output": { + "shape": "ImportVolumeResult" + }, + "documentation": "<p>Creates an import volume task using metadata from the specified disk image.For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/importing-your-volumes-into-amazon-ebs.html\">Importing Disks to Amazon EBS</a>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>" + }, + "ModifyCapacityReservation": { + "name": "ModifyCapacityReservation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyCapacityReservationRequest" + }, + "output": { + "shape": "ModifyCapacityReservationResult" + }, + "documentation": "<p>Modifies a Capacity Reservation's capacity and the conditions under which it is to be released. You cannot change a Capacity Reservation's instance type, EBS optimization, instance store settings, platform, Availability Zone, or instance eligibility. If you need to modify any of these attributes, we recommend that you cancel the Capacity Reservation, and then create a new one with the required attributes.</p>" + }, + "ModifyClientVpnEndpoint": { + "name": "ModifyClientVpnEndpoint", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyClientVpnEndpointRequest" + }, + "output": { + "shape": "ModifyClientVpnEndpointResult" + }, + "documentation": "<p>Modifies the specified Client VPN endpoint. You can only modify an endpoint's server certificate information, client connection logging information, DNS server, and description. Modifying the DNS server resets existing client connections.</p>" + }, + "ModifyEbsDefaultKmsKeyId": { + "name": "ModifyEbsDefaultKmsKeyId", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyEbsDefaultKmsKeyIdRequest" + }, + "output": { + "shape": "ModifyEbsDefaultKmsKeyIdResult" + }, + "documentation": "<p>Changes the default customer master key (CMK) for EBS encryption by default for your account in this Region.</p> <p>AWS creates a unique AWS managed CMK in each Region for use with encryption by default. If you change the default CMK to a customer managed CMK, it is used instead of the AWS managed CMK. To reset the default CMK to the AWS managed CMK for EBS, use <a>ResetEbsDefaultKmsKeyId</a>.</p> <p>If you delete or disable the customer managed CMK that you specified for use with encryption by default, your instances will fail to launch.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ModifyFleet": { + "name": "ModifyFleet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyFleetRequest" + }, + "output": { + "shape": "ModifyFleetResult" + }, + "documentation": "<p>Modifies the specified EC2 Fleet.</p> <p>While the EC2 Fleet is being modified, it is in the <code>modifying</code> state.</p>" + }, + "ModifyFpgaImageAttribute": { + "name": "ModifyFpgaImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyFpgaImageAttributeRequest" + }, + "output": { + "shape": "ModifyFpgaImageAttributeResult" + }, + "documentation": "<p>Modifies the specified attribute of the specified Amazon FPGA Image (AFI).</p>" + }, + "ModifyHosts": { + "name": "ModifyHosts", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyHostsRequest" + }, + "output": { + "shape": "ModifyHostsResult" + }, + "documentation": "<p>Modify the auto-placement setting of a Dedicated Host. When auto-placement is enabled, any instances that you launch with a tenancy of <code>host</code> but without a specific host ID are placed onto any available Dedicated Host in your account that has auto-placement enabled. When auto-placement is disabled, you need to provide a host ID to have the instance launch onto a specific host. If no host ID is provided, the instance is launched onto a suitable host with auto-placement enabled.</p>" + }, + "ModifyIdFormat": { + "name": "ModifyIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyIdFormatRequest" + }, + "documentation": "<p>Modifies the ID format for the specified resource on a per-Region basis. You can specify that resources should receive longer IDs (17-character IDs) when they are created.</p> <p>This request can only be used to modify longer ID settings for resource types that are within the opt-in period. Resources currently in their opt-in period include: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>.</p> <p>This setting applies to the IAM user who makes the request; it does not apply to the entire AWS account. By default, an IAM user defaults to the same settings as the root user. If you're using this action as the root user, then these settings apply to the entire account, unless an IAM user explicitly overrides these settings for themselves. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html\">Resource IDs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Resources created with longer IDs are visible to all IAM roles and users, regardless of these settings and provided that they have permission to use the relevant <code>Describe</code> command for the resource type.</p>" + }, + "ModifyIdentityIdFormat": { + "name": "ModifyIdentityIdFormat", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyIdentityIdFormatRequest" + }, + "documentation": "<p>Modifies the ID format of a resource for a specified IAM user, IAM role, or the root user for an account; or all IAM users, IAM roles, and the root user for an account. You can specify that resources should receive longer IDs (17-character IDs) when they are created. </p> <p>This request can only be used to modify longer ID settings for resource types that are within the opt-in period. Resources currently in their opt-in period include: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>. </p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html\">Resource IDs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>. </p> <p>This setting applies to the principal specified in the request; it does not apply to the principal that makes the request. </p> <p>Resources created with longer IDs are visible to all IAM roles and users, regardless of these settings and provided that they have permission to use the relevant <code>Describe</code> command for the resource type.</p>" + }, + "ModifyImageAttribute": { + "name": "ModifyImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyImageAttributeRequest" + }, + "documentation": "<p>Modifies the specified attribute of the specified AMI. You can specify only one attribute at a time. You can use the <code>Attribute</code> parameter to specify the attribute or one of the following parameters: <code>Description</code>, <code>LaunchPermission</code>, or <code>ProductCode</code>.</p> <p>AWS Marketplace product codes cannot be modified. Images with an AWS Marketplace product code cannot be made public.</p> <p>To enable the SriovNetSupport enhanced networking attribute of an image, enable SriovNetSupport on an instance and create an AMI from the instance.</p>" + }, + "ModifyInstanceAttribute": { + "name": "ModifyInstanceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyInstanceAttributeRequest" + }, + "documentation": "<p>Modifies the specified attribute of the specified instance. You can specify only one attribute at a time.</p> <p> <b>Note: </b>Using this action to change the security groups associated with an elastic network interface (ENI) attached to an instance in a VPC can result in an error if the instance has more than one ENI. To change the security groups associated with an ENI attached to an instance that has multiple ENIs, we recommend that you use the <a>ModifyNetworkInterfaceAttribute</a> action.</p> <p>To modify some attributes, the instance must be stopped. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html\">Modifying Attributes of a Stopped Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ModifyInstanceCapacityReservationAttributes": { + "name": "ModifyInstanceCapacityReservationAttributes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyInstanceCapacityReservationAttributesRequest" + }, + "output": { + "shape": "ModifyInstanceCapacityReservationAttributesResult" + }, + "documentation": "<p>Modifies the Capacity Reservation settings for a stopped instance. Use this action to configure an instance to target a specific Capacity Reservation, run in any <code>open</code> Capacity Reservation with matching attributes, or run On-Demand Instance capacity.</p>" + }, + "ModifyInstanceCreditSpecification": { + "name": "ModifyInstanceCreditSpecification", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyInstanceCreditSpecificationRequest" + }, + "output": { + "shape": "ModifyInstanceCreditSpecificationResult" + }, + "documentation": "<p>Modifies the credit option for CPU usage on a running or stopped T2 or T3 instance. The credit options are <code>standard</code> and <code>unlimited</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ModifyInstanceEventStartTime": { + "name": "ModifyInstanceEventStartTime", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyInstanceEventStartTimeRequest" + }, + "output": { + "shape": "ModifyInstanceEventStartTimeResult" + }, + "documentation": "<p>Modifies the start time for a scheduled Amazon EC2 instance event.</p>" + }, + "ModifyInstancePlacement": { + "name": "ModifyInstancePlacement", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyInstancePlacementRequest" + }, + "output": { + "shape": "ModifyInstancePlacementResult" + }, + "documentation": "<p>Modifies the placement attributes for a specified instance. You can do the following:</p> <ul> <li> <p>Modify the affinity between an instance and a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html\">Dedicated Host</a>. When affinity is set to <code>host</code> and the instance is not associated with a specific Dedicated Host, the next time the instance is launched, it is automatically associated with the host on which it lands. If the instance is restarted or rebooted, this relationship persists.</p> </li> <li> <p>Change the Dedicated Host with which an instance is associated.</p> </li> <li> <p>Change the instance tenancy of an instance from <code>host</code> to <code>dedicated</code>, or from <code>dedicated</code> to <code>host</code>.</p> </li> <li> <p>Move an instance to or from a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html\">placement group</a>.</p> </li> </ul> <p>At least one attribute for affinity, host ID, tenancy, or placement group name must be specified in the request. Affinity and tenancy can be modified in the same request.</p> <p>To modify the host ID, tenancy, placement group, or partition for an instance, the instance must be in the <code>stopped</code> state.</p>" + }, + "ModifyLaunchTemplate": { + "name": "ModifyLaunchTemplate", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyLaunchTemplateRequest" + }, + "output": { + "shape": "ModifyLaunchTemplateResult" + }, + "documentation": "<p>Modifies a launch template. You can specify which version of the launch template to set as the default version. When launching an instance, the default version applies when a launch template version is not specified.</p>" + }, + "ModifyNetworkInterfaceAttribute": { + "name": "ModifyNetworkInterfaceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyNetworkInterfaceAttributeRequest" + }, + "documentation": "<p>Modifies the specified network interface attribute. You can specify only one attribute at a time. You can use this action to attach and detach security groups from an existing EC2 instance.</p>" + }, + "ModifyReservedInstances": { + "name": "ModifyReservedInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyReservedInstancesRequest" + }, + "output": { + "shape": "ModifyReservedInstancesResult" + }, + "documentation": "<p>Modifies the Availability Zone, instance count, instance type, or network platform (EC2-Classic or EC2-VPC) of your Reserved Instances. The Reserved Instances to be modified must be identical, except for Availability Zone, network platform, and instance type.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html\">Modifying Reserved Instances</a> in the Amazon Elastic Compute Cloud User Guide.</p>" + }, + "ModifySnapshotAttribute": { + "name": "ModifySnapshotAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifySnapshotAttributeRequest" + }, + "documentation": "<p>Adds or removes permission settings for the specified snapshot. You may add or remove specified AWS account IDs from a snapshot's list of create volume permissions, but you cannot do both in a single operation. If you need to both add and remove account IDs for a snapshot, you must use multiple operations.</p> <p>Encrypted snapshots and snapshots with AWS Marketplace product codes cannot be made public. Snapshots encrypted with your default CMK cannot be shared with other accounts.</p> <p>For more information about modifying snapshot permissions, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html\">Sharing Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ModifySpotFleetRequest": { + "name": "ModifySpotFleetRequest", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifySpotFleetRequestRequest" + }, + "output": { + "shape": "ModifySpotFleetRequestResponse" + }, + "documentation": "<p>Modifies the specified Spot Fleet request.</p> <p>You can only modify a Spot Fleet request of type <code>maintain</code>.</p> <p>While the Spot Fleet request is being modified, it is in the <code>modifying</code> state.</p> <p>To scale up your Spot Fleet, increase its target capacity. The Spot Fleet launches the additional Spot Instances according to the allocation strategy for the Spot Fleet request. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet launches instances using the Spot pool with the lowest price. If the allocation strategy is <code>diversified</code>, the Spot Fleet distributes the instances across the Spot pools.</p> <p>To scale down your Spot Fleet, decrease its target capacity. First, the Spot Fleet cancels any open requests that exceed the new target capacity. You can request that the Spot Fleet terminate Spot Instances until the size of the fleet no longer exceeds the new target capacity. If the allocation strategy is <code>lowestPrice</code>, the Spot Fleet terminates the instances with the highest price per unit. If the allocation strategy is <code>diversified</code>, the Spot Fleet terminates instances across the Spot pools. Alternatively, you can request that the Spot Fleet keep the fleet at its current size, but not replace any Spot Instances that are interrupted or that you terminate manually.</p> <p>If you are finished with your Spot Fleet for now, but will use it again later, you can set the target capacity to 0.</p>" + }, + "ModifySubnetAttribute": { + "name": "ModifySubnetAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifySubnetAttributeRequest" + }, + "documentation": "<p>Modifies a subnet attribute. You can only modify one attribute at a time.</p>" + }, + "ModifyTrafficMirrorFilterNetworkServices": { + "name": "ModifyTrafficMirrorFilterNetworkServices", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyTrafficMirrorFilterNetworkServicesRequest" + }, + "output": { + "shape": "ModifyTrafficMirrorFilterNetworkServicesResult" + }, + "documentation": "<p>Allows or restricts mirroring network services.</p> <p> By default, Amazon DNS network services are not eligible for Traffic Mirror. Use <code>AddNetworkServices</code> to add network services to a Traffic Mirror filter. When a network service is added to the Traffic Mirror filter, all traffic related to that network service will be mirrored. When you no longer want to mirror network services, use <code>RemoveNetworkServices</code> to remove the network services from the Traffic Mirror filter. </p> <p>FFor information about filter rule properties, see <a href=\"https://docs.aws.amazon.com/vpc/latest/mirroring/traffic-mirroring-considerations.html#traffic-mirroring-network-services\">Network Services</a> in the <i>Traffic Mirroring User Guide </i>.</p>" + }, + "ModifyTrafficMirrorFilterRule": { + "name": "ModifyTrafficMirrorFilterRule", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyTrafficMirrorFilterRuleRequest" + }, + "output": { + "shape": "ModifyTrafficMirrorFilterRuleResult" + }, + "documentation": "<p>Modifies the specified Traffic Mirror rule.</p> <p> <code>DestinationCidrBlock</code> and <code>SourceCidrBlock</code> must both be an IPv4 range or an IPv6 range.</p>" + }, + "ModifyTrafficMirrorSession": { + "name": "ModifyTrafficMirrorSession", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyTrafficMirrorSessionRequest" + }, + "output": { + "shape": "ModifyTrafficMirrorSessionResult" + }, + "documentation": "<p>Modifies a Traffic Mirror session.</p>" + }, + "ModifyTransitGatewayVpcAttachment": { + "name": "ModifyTransitGatewayVpcAttachment", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyTransitGatewayVpcAttachmentRequest" + }, + "output": { + "shape": "ModifyTransitGatewayVpcAttachmentResult" + }, + "documentation": "<p>Modifies the specified VPC attachment.</p>" + }, + "ModifyVolume": { + "name": "ModifyVolume", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVolumeRequest" + }, + "output": { + "shape": "ModifyVolumeResult" + }, + "documentation": "<p>You can modify several parameters of an existing EBS volume, including volume size, volume type, and IOPS capacity. If your EBS volume is attached to a current-generation EC2 instance type, you may be able to apply these changes without stopping the instance or detaching the volume from it. For more information about modifying an EBS volume running Linux, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html\">Modifying the Size, IOPS, or Type of an EBS Volume on Linux</a>. For more information about modifying an EBS volume running Windows, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html\">Modifying the Size, IOPS, or Type of an EBS Volume on Windows</a>. </p> <p> When you complete a resize operation on your volume, you need to extend the volume's file-system size to take advantage of the new storage capacity. For information about extending a Linux file system, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux\">Extending a Linux File System</a>. For information about extending a Windows file system, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows\">Extending a Windows File System</a>. </p> <p> You can use CloudWatch Events to check the status of a modification to an EBS volume. For information about CloudWatch Events, see the <a href=\"https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/\">Amazon CloudWatch Events User Guide</a>. You can also track the status of a modification using <a>DescribeVolumesModifications</a>. For information about tracking status changes using either method, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#monitoring_mods\">Monitoring Volume Modifications</a>. </p> <p>With previous-generation instance types, resizing an EBS volume may require detaching and reattaching the volume or stopping and restarting the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html\">Modifying the Size, IOPS, or Type of an EBS Volume on Linux</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html\">Modifying the Size, IOPS, or Type of an EBS Volume on Windows</a>.</p> <p>If you reach the maximum volume modification rate per volume limit, you will need to wait at least six hours before applying further modifications to the affected EBS volume.</p>" + }, + "ModifyVolumeAttribute": { + "name": "ModifyVolumeAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVolumeAttributeRequest" + }, + "documentation": "<p>Modifies a volume attribute.</p> <p>By default, all I/O operations for the volume are suspended when the data on the volume is determined to be potentially inconsistent, to prevent undetectable, latent data corruption. The I/O access to the volume can be resumed by first enabling I/O access and then checking the data consistency on your volume.</p> <p>You can change the default behavior to resume I/O operations. We recommend that you change this only for boot volumes or for volumes that are stateless or disposable.</p>" + }, + "ModifyVpcAttribute": { + "name": "ModifyVpcAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcAttributeRequest" + }, + "documentation": "<p>Modifies the specified attribute of the specified VPC.</p>" + }, + "ModifyVpcEndpoint": { + "name": "ModifyVpcEndpoint", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcEndpointRequest" + }, + "output": { + "shape": "ModifyVpcEndpointResult" + }, + "documentation": "<p>Modifies attributes of a specified VPC endpoint. The attributes that you can modify depend on the type of VPC endpoint (interface or gateway). For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html\">VPC Endpoints</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "ModifyVpcEndpointConnectionNotification": { + "name": "ModifyVpcEndpointConnectionNotification", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcEndpointConnectionNotificationRequest" + }, + "output": { + "shape": "ModifyVpcEndpointConnectionNotificationResult" + }, + "documentation": "<p>Modifies a connection notification for VPC endpoint or VPC endpoint service. You can change the SNS topic for the notification, or the events for which to be notified. </p>" + }, + "ModifyVpcEndpointServiceConfiguration": { + "name": "ModifyVpcEndpointServiceConfiguration", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcEndpointServiceConfigurationRequest" + }, + "output": { + "shape": "ModifyVpcEndpointServiceConfigurationResult" + }, + "documentation": "<p>Modifies the attributes of your VPC endpoint service configuration. You can change the Network Load Balancers for your service, and you can specify whether acceptance is required for requests to connect to your endpoint service through an interface VPC endpoint.</p>" + }, + "ModifyVpcEndpointServicePermissions": { + "name": "ModifyVpcEndpointServicePermissions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcEndpointServicePermissionsRequest" + }, + "output": { + "shape": "ModifyVpcEndpointServicePermissionsResult" + }, + "documentation": "<p>Modifies the permissions for your <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-service.html\">VPC endpoint service</a>. You can add or remove permissions for service consumers (IAM users, IAM roles, and AWS accounts) to connect to your endpoint service.</p> <p>If you grant permissions to all principals, the service is public. Any users who know the name of a public service can send a request to attach an endpoint. If the service does not require manual approval, attachments are automatically approved.</p>" + }, + "ModifyVpcPeeringConnectionOptions": { + "name": "ModifyVpcPeeringConnectionOptions", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcPeeringConnectionOptionsRequest" + }, + "output": { + "shape": "ModifyVpcPeeringConnectionOptionsResult" + }, + "documentation": "<p>Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:</p> <ul> <li> <p>Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.</p> </li> <li> <p>Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.</p> </li> <li> <p>Enable/disable the ability to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.</p> </li> </ul> <p>If the peered VPCs are in the same AWS account, you can enable DNS resolution for queries from the local VPC. This ensures that queries from the local VPC resolve to private IP addresses in the peer VPC. This option is not available if the peered VPCs are in different AWS accounts or different Regions. For peered VPCs in different AWS accounts, each AWS account owner must initiate a separate request to modify the peering connection options. For inter-region peering connections, you must use the Region for the requester VPC to modify the requester VPC peering options and the Region for the accepter VPC to modify the accepter VPC peering options. To verify which VPCs are the accepter and the requester for a VPC peering connection, use the <a>DescribeVpcPeeringConnections</a> command.</p>" + }, + "ModifyVpcTenancy": { + "name": "ModifyVpcTenancy", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpcTenancyRequest" + }, + "output": { + "shape": "ModifyVpcTenancyResult" + }, + "documentation": "<p>Modifies the instance tenancy attribute of the specified VPC. You can change the instance tenancy attribute of a VPC to <code>default</code> only. You cannot change the instance tenancy attribute to <code>dedicated</code>.</p> <p>After you modify the tenancy of the VPC, any new instances that you launch into the VPC have a tenancy of <code>default</code>, unless you specify otherwise during launch. The tenancy of any existing instances in the VPC is not affected.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html\">Dedicated Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ModifyVpnConnection": { + "name": "ModifyVpnConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ModifyVpnConnectionRequest" + }, + "output": { + "shape": "ModifyVpnConnectionResult" + }, + "documentation": "<p>Modifies the target gateway of a AWS Site-to-Site VPN connection. The following migration options are available:</p> <ul> <li> <p>An existing virtual private gateway to a new virtual private gateway</p> </li> <li> <p>An existing virtual private gateway to a transit gateway</p> </li> <li> <p>An existing transit gateway to a new transit gateway</p> </li> <li> <p>An existing transit gateway to a virtual private gateway</p> </li> </ul> <p>Before you perform the migration to the new gateway, you must configure the new gateway. Use <a>CreateVpnGateway</a> to create a virtual private gateway, or <a>CreateTransitGateway</a> to create a transit gateway.</p> <p>This step is required when you migrate from a virtual private gateway with static routes to a transit gateway. </p> <p>You must delete the static routes before you migrate to the new gateway.</p> <p>Keep a copy of the static route before you delete it. You will need to add back these routes to the transit gateway after the VPN connection migration is complete.</p> <p>After you migrate to the new gateway, you might need to modify your VPC route table. Use <a>CreateRoute</a> and <a>DeleteRoute</a> to make the changes described in <a href=\"https://docs.aws.amazon.com/vpn/latest/s2svpn/modify-vpn-target.html#step-update-routing\">VPN Gateway Target Modification Required VPC Route Table Updates</a> in the <i>AWS Site-to-Site VPN User Guide</i>.</p> <p> When the new gateway is a transit gateway, modify the transit gateway route table to allow traffic between the VPC and the AWS Site-to-Site VPN connection. Use <a>CreateTransitGatewayRoute</a> to add the routes.</p> <p> If you deleted VPN static routes, you must add the static routes to the transit gateway route table.</p> <p>After you perform this operation, the AWS VPN endpoint's IP addresses on the AWS side and the tunnel options remain intact. Your s2slong; connection will be temporarily unavailable for approximately 10 minutes while we provision the new endpoints </p>" + }, + "MonitorInstances": { + "name": "MonitorInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "MonitorInstancesRequest" + }, + "output": { + "shape": "MonitorInstancesResult" + }, + "documentation": "<p>Enables detailed monitoring for a running instance. Otherwise, basic monitoring is enabled. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html\">Monitoring Your Instances and Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>To disable detailed monitoring, see .</p>" + }, + "MoveAddressToVpc": { + "name": "MoveAddressToVpc", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "MoveAddressToVpcRequest" + }, + "output": { + "shape": "MoveAddressToVpcResult" + }, + "documentation": "<p>Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC platform. The Elastic IP address must be allocated to your account for more than 24 hours, and it must not be associated with an instance. After the Elastic IP address is moved, it is no longer available for use in the EC2-Classic platform, unless you move it back using the <a>RestoreAddressToClassic</a> request. You cannot move an Elastic IP address that was originally allocated for use in the EC2-VPC platform to the EC2-Classic platform. </p>" + }, + "ProvisionByoipCidr": { + "name": "ProvisionByoipCidr", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ProvisionByoipCidrRequest" + }, + "output": { + "shape": "ProvisionByoipCidrResult" + }, + "documentation": "<p>Provisions an address range for use with your AWS resources through bring your own IP addresses (BYOIP) and creates a corresponding address pool. After the address range is provisioned, it is ready to be advertised using <a>AdvertiseByoipCidr</a>.</p> <p>AWS verifies that you own the address range and are authorized to advertise it. You must ensure that the address range is registered to you and that you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise the address range. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html\">Bring Your Own IP Addresses (BYOIP)</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Provisioning an address range is an asynchronous operation, so the call returns immediately, but the address range is not ready to use until its status changes from <code>pending-provision</code> to <code>provisioned</code>. To monitor the status of an address range, use <a>DescribeByoipCidrs</a>. To allocate an Elastic IP address from your address pool, use <a>AllocateAddress</a> with either the specific address from the address pool or the ID of the address pool.</p>" + }, + "PurchaseHostReservation": { + "name": "PurchaseHostReservation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "PurchaseHostReservationRequest" + }, + "output": { + "shape": "PurchaseHostReservationResult" + }, + "documentation": "<p>Purchase a reservation with configurations that match those of your Dedicated Host. You must have active Dedicated Hosts in your account before you purchase a reservation. This action results in the specified reservation being purchased and charged to your account.</p>" + }, + "PurchaseReservedInstancesOffering": { + "name": "PurchaseReservedInstancesOffering", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "PurchaseReservedInstancesOfferingRequest" + }, + "output": { + "shape": "PurchaseReservedInstancesOfferingResult" + }, + "documentation": "<p>Purchases a Reserved Instance for use with your account. With Reserved Instances, you pay a lower hourly rate compared to On-Demand instance pricing.</p> <p>Use <a>DescribeReservedInstancesOfferings</a> to get a list of Reserved Instance offerings that match your specifications. After you've purchased a Reserved Instance, you can check for your new Reserved Instance with <a>DescribeReservedInstances</a>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html\">Reserved Instances</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html\">Reserved Instance Marketplace</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "PurchaseScheduledInstances": { + "name": "PurchaseScheduledInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "PurchaseScheduledInstancesRequest" + }, + "output": { + "shape": "PurchaseScheduledInstancesResult" + }, + "documentation": "<p>Purchases the Scheduled Instances with the specified schedule.</p> <p>Scheduled Instances enable you to purchase Amazon EC2 compute capacity by the hour for a one-year term. Before you can purchase a Scheduled Instance, you must call <a>DescribeScheduledInstanceAvailability</a> to check for available schedules and obtain a purchase token. After you purchase a Scheduled Instance, you must call <a>RunScheduledInstances</a> during each scheduled time period.</p> <p>After you purchase a Scheduled Instance, you can't cancel, modify, or resell your purchase.</p>" + }, + "RebootInstances": { + "name": "RebootInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RebootInstancesRequest" + }, + "documentation": "<p>Requests a reboot of the specified instances. This operation is asynchronous; it only queues a request to reboot the specified instances. The operation succeeds if the instances are valid and belong to you. Requests to reboot terminated instances are ignored.</p> <p>If an instance does not cleanly shut down within four minutes, Amazon EC2 performs a hard reboot.</p> <p>For more information about troubleshooting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-console.html\">Getting Console Output and Rebooting Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "RegisterImage": { + "name": "RegisterImage", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RegisterImageRequest" + }, + "output": { + "shape": "RegisterImageResult" + }, + "documentation": "<p>Registers an AMI. When you're creating an AMI, this is the final step you must complete before you can launch an instance from the AMI. For more information about creating AMIs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html\">Creating Your Own AMIs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <note> <p>For Amazon EBS-backed instances, <a>CreateImage</a> creates and registers the AMI in a single request, so you don't have to register the AMI yourself.</p> </note> <p>You can also use <code>RegisterImage</code> to create an Amazon EBS-backed Linux AMI from a snapshot of a root device volume. You specify the snapshot using the block device mapping. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-launch-snapshot.html\">Launching a Linux Instance from a Backup</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>You can't register an image where a secondary (non-root) snapshot has AWS Marketplace product codes.</p> <p>Some Linux distributions, such as Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES), use the EC2 billing product code associated with an AMI to verify the subscription status for package updates. Creating an AMI from an EBS snapshot does not maintain this billing code, and instances launched from such an AMI are not able to connect to package update infrastructure. If you purchase a Reserved Instance offering for one of these Linux distributions and launch instances using an AMI that does not contain the required billing code, your Reserved Instance is not applied to these instances.</p> <p>To create an AMI for operating systems that require a billing code, see <a>CreateImage</a>.</p> <p>If needed, you can deregister an AMI at any time. Any modifications you make to an AMI backed by an instance store volume invalidates its registration. If you make changes to an image, deregister the previous image and register the new image.</p>" + }, + "RejectTransitGatewayVpcAttachment": { + "name": "RejectTransitGatewayVpcAttachment", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RejectTransitGatewayVpcAttachmentRequest" + }, + "output": { + "shape": "RejectTransitGatewayVpcAttachmentResult" + }, + "documentation": "<p>Rejects a request to attach a VPC to a transit gateway.</p> <p>The VPC attachment must be in the <code>pendingAcceptance</code> state. Use <a>DescribeTransitGatewayVpcAttachments</a> to view your pending VPC attachment requests. Use <a>AcceptTransitGatewayVpcAttachment</a> to accept a VPC attachment request.</p>" + }, + "RejectVpcEndpointConnections": { + "name": "RejectVpcEndpointConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RejectVpcEndpointConnectionsRequest" + }, + "output": { + "shape": "RejectVpcEndpointConnectionsResult" + }, + "documentation": "<p>Rejects one or more VPC endpoint connection requests to your VPC endpoint service.</p>" + }, + "RejectVpcPeeringConnection": { + "name": "RejectVpcPeeringConnection", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RejectVpcPeeringConnectionRequest" + }, + "output": { + "shape": "RejectVpcPeeringConnectionResult" + }, + "documentation": "<p>Rejects a VPC peering connection request. The VPC peering connection must be in the <code>pending-acceptance</code> state. Use the <a>DescribeVpcPeeringConnections</a> request to view your outstanding VPC peering connection requests. To delete an active VPC peering connection, or to delete a VPC peering connection request that you initiated, use <a>DeleteVpcPeeringConnection</a>.</p>" + }, + "ReleaseAddress": { + "name": "ReleaseAddress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReleaseAddressRequest" + }, + "documentation": "<p>Releases the specified Elastic IP address.</p> <p>[EC2-Classic, default VPC] Releasing an Elastic IP address automatically disassociates it from any instance that it's associated with. To disassociate an Elastic IP address without releasing it, use <a>DisassociateAddress</a>.</p> <p>[Nondefault VPC] You must use <a>DisassociateAddress</a> to disassociate the Elastic IP address before you can release it. Otherwise, Amazon EC2 returns an error (<code>InvalidIPAddress.InUse</code>).</p> <p>After releasing an Elastic IP address, it is released to the IP address pool. Be sure to update your DNS records and any servers or devices that communicate with the address. If you attempt to release an Elastic IP address that you already released, you'll get an <code>AuthFailure</code> error if the address is already allocated to another AWS account.</p> <p>[EC2-VPC] After you release an Elastic IP address for use in a VPC, you might be able to recover it. For more information, see <a>AllocateAddress</a>.</p>" + }, + "ReleaseHosts": { + "name": "ReleaseHosts", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReleaseHostsRequest" + }, + "output": { + "shape": "ReleaseHostsResult" + }, + "documentation": "<p>When you no longer want to use an On-Demand Dedicated Host it can be released. On-Demand billing is stopped and the host goes into <code>released</code> state. The host ID of Dedicated Hosts that have been released can no longer be specified in another request, for example, to modify the host. You must stop or terminate all instances on a host before it can be released.</p> <p>When Dedicated Hosts are released, it may take some time for them to stop counting toward your limit and you may receive capacity errors when trying to allocate new Dedicated Hosts. Wait a few minutes and then try again.</p> <p>Released hosts still appear in a <a>DescribeHosts</a> response.</p>" + }, + "ReplaceIamInstanceProfileAssociation": { + "name": "ReplaceIamInstanceProfileAssociation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceIamInstanceProfileAssociationRequest" + }, + "output": { + "shape": "ReplaceIamInstanceProfileAssociationResult" + }, + "documentation": "<p>Replaces an IAM instance profile for the specified running instance. You can use this action to change the IAM instance profile that's associated with an instance without having to disassociate the existing IAM instance profile first.</p> <p>Use <a>DescribeIamInstanceProfileAssociations</a> to get the association ID.</p>" + }, + "ReplaceNetworkAclAssociation": { + "name": "ReplaceNetworkAclAssociation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceNetworkAclAssociationRequest" + }, + "output": { + "shape": "ReplaceNetworkAclAssociationResult" + }, + "documentation": "<p>Changes which network ACL a subnet is associated with. By default when you create a subnet, it's automatically associated with the default network ACL. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html\">Network ACLs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>This is an idempotent operation.</p>" + }, + "ReplaceNetworkAclEntry": { + "name": "ReplaceNetworkAclEntry", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceNetworkAclEntryRequest" + }, + "documentation": "<p>Replaces an entry (rule) in a network ACL. For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html\">Network ACLs</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "ReplaceRoute": { + "name": "ReplaceRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceRouteRequest" + }, + "documentation": "<p>Replaces an existing route within a route table in a VPC. You must provide only one of the following: internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, or egress-only internet gateway.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "ReplaceRouteTableAssociation": { + "name": "ReplaceRouteTableAssociation", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceRouteTableAssociationRequest" + }, + "output": { + "shape": "ReplaceRouteTableAssociationResult" + }, + "documentation": "<p>Changes the route table associated with a given subnet in a VPC. After the operation completes, the subnet uses the routes in the new route table it's associated with. For more information about route tables, see <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html\">Route Tables</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p> <p>You can also use ReplaceRouteTableAssociation to change which table is the main route table in the VPC. You just specify the main route table's association ID and the route table to be the new main route table.</p>" + }, + "ReplaceTransitGatewayRoute": { + "name": "ReplaceTransitGatewayRoute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReplaceTransitGatewayRouteRequest" + }, + "output": { + "shape": "ReplaceTransitGatewayRouteResult" + }, + "documentation": "<p>Replaces the specified route in the specified transit gateway route table.</p>" + }, + "ReportInstanceStatus": { + "name": "ReportInstanceStatus", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ReportInstanceStatusRequest" + }, + "documentation": "<p>Submits feedback about the status of an instance. The instance must be in the <code>running</code> state. If your experience with the instance differs from the instance status returned by <a>DescribeInstanceStatus</a>, use <a>ReportInstanceStatus</a> to report your experience with the instance. Amazon EC2 collects this information to improve the accuracy of status checks.</p> <p>Use of this action does not change the value returned by <a>DescribeInstanceStatus</a>.</p>" + }, + "RequestSpotFleet": { + "name": "RequestSpotFleet", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RequestSpotFleetRequest" + }, + "output": { + "shape": "RequestSpotFleetResponse" + }, + "documentation": "<p>Creates a Spot Fleet request.</p> <p>The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.</p> <p>You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.</p> <p>By default, the Spot Fleet requests Spot Instances in the Spot pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.</p> <p>Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.</p> <p>You can specify tags for the Spot Instances. You cannot tag other resource types in a Spot Fleet request because only the <code>instance</code> resource type is supported.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html\">Spot Fleet Requests</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>" + }, + "RequestSpotInstances": { + "name": "RequestSpotInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RequestSpotInstancesRequest" + }, + "output": { + "shape": "RequestSpotInstancesResult" + }, + "documentation": "<p>Creates a Spot Instance request.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html\">Spot Instance Requests</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>" + }, + "ResetEbsDefaultKmsKeyId": { + "name": "ResetEbsDefaultKmsKeyId", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetEbsDefaultKmsKeyIdRequest" + }, + "output": { + "shape": "ResetEbsDefaultKmsKeyIdResult" + }, + "documentation": "<p>Resets the default customer master key (CMK) for EBS encryption for your account in this Region to the AWS managed CMK for EBS.</p> <p>After resetting the default CMK to the AWS managed CMK, you can continue to encrypt by a customer managed CMK by specifying it when you create the volume. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ResetFpgaImageAttribute": { + "name": "ResetFpgaImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetFpgaImageAttributeRequest" + }, + "output": { + "shape": "ResetFpgaImageAttributeResult" + }, + "documentation": "<p>Resets the specified attribute of the specified Amazon FPGA Image (AFI) to its default value. You can only reset the load permission attribute.</p>" + }, + "ResetImageAttribute": { + "name": "ResetImageAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetImageAttributeRequest" + }, + "documentation": "<p>Resets an attribute of an AMI to its default value.</p> <note> <p>The productCodes attribute can't be reset.</p> </note>" + }, + "ResetInstanceAttribute": { + "name": "ResetInstanceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetInstanceAttributeRequest" + }, + "documentation": "<p>Resets an attribute of an instance to its default value. To reset the <code>kernel</code> or <code>ramdisk</code>, the instance must be in a stopped state. To reset the <code>sourceDestCheck</code>, the instance can be either running or stopped.</p> <p>The <code>sourceDestCheck</code> attribute controls whether source/destination checking is enabled. The default value is <code>true</code>, which means checking is enabled. This value must be <code>false</code> for a NAT instance to perform NAT. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html\">NAT Instances</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>" + }, + "ResetNetworkInterfaceAttribute": { + "name": "ResetNetworkInterfaceAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetNetworkInterfaceAttributeRequest" + }, + "documentation": "<p>Resets a network interface attribute. You can specify only one attribute at a time.</p>" + }, + "ResetSnapshotAttribute": { + "name": "ResetSnapshotAttribute", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "ResetSnapshotAttributeRequest" + }, + "documentation": "<p>Resets permission settings for the specified snapshot.</p> <p>For more information about modifying snapshot permissions, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html\">Sharing Snapshots</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "RestoreAddressToClassic": { + "name": "RestoreAddressToClassic", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RestoreAddressToClassicRequest" + }, + "output": { + "shape": "RestoreAddressToClassicResult" + }, + "documentation": "<p>Restores an Elastic IP address that was previously moved to the EC2-VPC platform back to the EC2-Classic platform. You cannot move an Elastic IP address that was originally allocated for use in EC2-VPC. The Elastic IP address must not be associated with an instance or network interface.</p>" + }, + "RevokeClientVpnIngress": { + "name": "RevokeClientVpnIngress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RevokeClientVpnIngressRequest" + }, + "output": { + "shape": "RevokeClientVpnIngressResult" + }, + "documentation": "<p>Removes an ingress authorization rule from a Client VPN endpoint. </p>" + }, + "RevokeSecurityGroupEgress": { + "name": "RevokeSecurityGroupEgress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RevokeSecurityGroupEgressRequest" + }, + "documentation": "<p>[VPC only] Removes the specified egress rules from a security group for EC2-VPC. This action doesn't apply to security groups for use in EC2-Classic. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.</p> <p>Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.</p> <p>Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.</p>" + }, + "RevokeSecurityGroupIngress": { + "name": "RevokeSecurityGroupIngress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RevokeSecurityGroupIngressRequest" + }, + "documentation": "<p>Removes the specified ingress rules from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.</p> <note> <p>[EC2-Classic only] If the values you specify do not match the existing rule's values, no error is returned. Use <a>DescribeSecurityGroups</a> to verify that the rule has been removed.</p> </note> <p>Each rule consists of the protocol and the CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.</p> <p>Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.</p>" + }, + "RunInstances": { + "name": "RunInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RunInstancesRequest" + }, + "output": { + "shape": "Reservation" + }, + "documentation": "<p>Launches the specified number of instances using an AMI for which you have permissions. </p> <p>You can specify a number of options, or leave the default options. The following rules apply:</p> <ul> <li> <p>[EC2-VPC] If you don't specify a subnet ID, we choose a default subnet from your default VPC for you. If you don't have a default VPC, you must specify a subnet ID in the request.</p> </li> <li> <p>[EC2-Classic] If don't specify an Availability Zone, we choose one for you.</p> </li> <li> <p>Some instance types must be launched into a VPC. If you do not have a default VPC, or if you do not specify a subnet ID, the request fails. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types\">Instance Types Available Only in a VPC</a>.</p> </li> <li> <p>[EC2-VPC] All instances have a network interface with a primary private IPv4 address. If you don't specify this address, we choose one from the IPv4 range of your subnet.</p> </li> <li> <p>Not all instance types support IPv6 addresses. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a>.</p> </li> <li> <p>If you don't specify a security group ID, we use the default security group. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html\">Security Groups</a>.</p> </li> <li> <p>If any of the AMIs have a product code attached for which the user has not subscribed, the request fails.</p> </li> </ul> <p>You can create a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html\">launch template</a>, which is a resource that contains the parameters to launch an instance. When you launch an instance using <a>RunInstances</a>, you can specify the launch template instead of specifying the launch parameters.</p> <p>To ensure faster instance launches, break up large requests into smaller batches. For example, create five separate launch requests for 100 instances each instead of one launch request for 500 instances.</p> <p>An instance is ready for you to use when it's in the <code>running</code> state. You can check the state of your instance using <a>DescribeInstances</a>. You can tag instances and EBS volumes during launch, after launch, or both. For more information, see <a>CreateTags</a> and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html\">Tagging Your Amazon EC2 Resources</a>.</p> <p>Linux instances have access to the public key of the key pair at boot. You can use this key to provide secure access to the instance. Amazon EC2 public images use this feature to provide secure access without passwords. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html\">Key Pairs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For troubleshooting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html\">What To Do If An Instance Immediately Terminates</a>, and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html\">Troubleshooting Connecting to Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "RunScheduledInstances": { + "name": "RunScheduledInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "RunScheduledInstancesRequest" + }, + "output": { + "shape": "RunScheduledInstancesResult" + }, + "documentation": "<p>Launches the specified Scheduled Instances.</p> <p>Before you can launch a Scheduled Instance, you must purchase it and obtain an identifier using <a>PurchaseScheduledInstances</a>.</p> <p>You must launch a Scheduled Instance during its scheduled time period. You can't stop or reboot a Scheduled Instance, but you can terminate it as needed. If you terminate a Scheduled Instance before the current scheduled time period ends, you can launch it again after a few minutes. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html\">Scheduled Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "SearchTransitGatewayRoutes": { + "name": "SearchTransitGatewayRoutes", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "SearchTransitGatewayRoutesRequest" + }, + "output": { + "shape": "SearchTransitGatewayRoutesResult" + }, + "documentation": "<p>Searches for routes in the specified transit gateway route table.</p>" + }, + "StartInstances": { + "name": "StartInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "StartInstancesRequest" + }, + "output": { + "shape": "StartInstancesResult" + }, + "documentation": "<p>Starts an Amazon EBS-backed instance that you've previously stopped.</p> <p>Instances that use Amazon EBS volumes as their root devices can be quickly stopped and started. When an instance is stopped, the compute resources are released and you are not billed for instance usage. However, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. You can restart your instance at any time. Every time you start your Windows instance, Amazon EC2 charges you for a full instance hour. If you stop and restart your Windows instance, a new instance hour begins and Amazon EC2 charges you for another full instance hour even if you are still within the same 60-minute period when it was stopped. Every time you start your Linux instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>Before stopping an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM.</p> <p>Performing this operation on an instance that uses an instance store as its root device returns an error.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html\">Stopping Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "StopInstances": { + "name": "StopInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "StopInstancesRequest" + }, + "output": { + "shape": "StopInstancesResult" + }, + "documentation": "<p>Stops an Amazon EBS-backed instance.</p> <p>You can use the Stop action to hibernate an instance if the instance is <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation\">enabled for hibernation</a> and it meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>We don't charge usage for a stopped instance, or data transfer fees; however, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. Every time you start your Windows instance, Amazon EC2 charges you for a full instance hour. If you stop and restart your Windows instance, a new instance hour begins and Amazon EC2 charges you for another full instance hour even if you are still within the same 60-minute period when it was stopped. Every time you start your Linux instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>You can't start, stop, or hibernate Spot Instances, and you can't stop or hibernate instance store-backed instances. For information about using hibernation for Spot Instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-interruptions.html#hibernate-spot-instances\">Hibernating Interrupted Spot Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop or hibernate an instance, we shut it down. You can restart your instance at any time. Before stopping or hibernating an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM, but hibernating an instance does preserve data stored in RAM. If an instance cannot hibernate successfully, a normal shutdown occurs.</p> <p>Stopping and hibernating an instance is different to rebooting or terminating it. For example, when you stop or hibernate an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, the root device and any other devices attached during the instance launch are automatically deleted. For more information about the differences between rebooting, stopping, hibernating, and terminating instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>When you stop an instance, we attempt to shut it down forcibly after a short while. If your instance appears stuck in the stopping state after a period of time, there may be an issue with the underlying host computer. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesStopping.html\">Troubleshooting Stopping Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "TerminateClientVpnConnections": { + "name": "TerminateClientVpnConnections", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "TerminateClientVpnConnectionsRequest" + }, + "output": { + "shape": "TerminateClientVpnConnectionsResult" + }, + "documentation": "<p>Terminates active Client VPN endpoint connections. This action can be used to terminate a specific client connection, or up to five connections established by a specific user.</p>" + }, + "TerminateInstances": { + "name": "TerminateInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "TerminateInstancesRequest" + }, + "output": { + "shape": "TerminateInstancesResult" + }, + "documentation": "<p>Shuts down the specified instances. This operation is idempotent; if you terminate an instance more than once, each call succeeds. </p> <p>If you specify multiple instances and the request fails (for example, because of a single incorrect instance ID), none of the instances are terminated.</p> <p>Terminated instances remain visible after termination (for approximately one hour).</p> <p>By default, Amazon EC2 deletes all EBS volumes that were attached when the instance launched. Volumes attached after instance launch continue running.</p> <p>You can stop, start, and terminate EBS-backed instances. You can only terminate instance store-backed instances. What happens to an instance differs if you stop it or terminate it. For example, when you stop an instance, the root device and any other devices attached to the instance persist. When you terminate an instance, any attached EBS volumes with the <code>DeleteOnTermination</code> block device mapping parameter set to <code>true</code> are automatically deleted. For more information about the differences between stopping and terminating instances, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html\">Instance Lifecycle</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>For more information about troubleshooting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesShuttingDown.html\">Troubleshooting Terminating Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "UnassignIpv6Addresses": { + "name": "UnassignIpv6Addresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "UnassignIpv6AddressesRequest" + }, + "output": { + "shape": "UnassignIpv6AddressesResult" + }, + "documentation": "<p>Unassigns one or more IPv6 addresses from a network interface.</p>" + }, + "UnassignPrivateIpAddresses": { + "name": "UnassignPrivateIpAddresses", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "UnassignPrivateIpAddressesRequest" + }, + "documentation": "<p>Unassigns one or more secondary private IP addresses from a network interface.</p>" + }, + "UnmonitorInstances": { + "name": "UnmonitorInstances", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "UnmonitorInstancesRequest" + }, + "output": { + "shape": "UnmonitorInstancesResult" + }, + "documentation": "<p>Disables detailed monitoring for a running instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html\">Monitoring Your Instances and Volumes</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "UpdateSecurityGroupRuleDescriptionsEgress": { + "name": "UpdateSecurityGroupRuleDescriptionsEgress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "UpdateSecurityGroupRuleDescriptionsEgressRequest" + }, + "output": { + "shape": "UpdateSecurityGroupRuleDescriptionsEgressResult" + }, + "documentation": "<p>[VPC only] Updates the description of an egress (outbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.</p> <p>You specify the description as part of the IP permissions structure. You can remove a description for a security group rule by omitting the description parameter in the request.</p>" + }, + "UpdateSecurityGroupRuleDescriptionsIngress": { + "name": "UpdateSecurityGroupRuleDescriptionsIngress", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "UpdateSecurityGroupRuleDescriptionsIngressRequest" + }, + "output": { + "shape": "UpdateSecurityGroupRuleDescriptionsIngressResult" + }, + "documentation": "<p>Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.</p> <p>You specify the description as part of the IP permissions structure. You can remove a description for a security group rule by omitting the description parameter in the request.</p>" + }, + "WithdrawByoipCidr": { + "name": "WithdrawByoipCidr", + "http": { + "method": "POST", + "requestUri": "/" + }, + "input": { + "shape": "WithdrawByoipCidrRequest" + }, + "output": { + "shape": "WithdrawByoipCidrResult" + }, + "documentation": "<p>Stops advertising an IPv4 address range that is provisioned as an address pool.</p> <p>You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.</p> <p>It can take a few minutes before traffic to the specified addresses stops routing to AWS because of BGP propagation delays.</p>" + } + }, + "shapes": { + "AcceptReservedInstancesExchangeQuoteRequest": { + "type": "structure", + "required": [ + "ReservedInstanceIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ReservedInstanceIds": { + "shape": "ReservedInstanceIdSet", + "documentation": "<p>The IDs of the Convertible Reserved Instances to exchange for another Convertible Reserved Instance of the same or higher value.</p>", + "locationName": "ReservedInstanceId" + }, + "TargetConfigurations": { + "shape": "TargetConfigurationRequestSet", + "documentation": "<p>The configuration of the target Convertible Reserved Instance to exchange for your current Convertible Reserved Instances.</p>", + "locationName": "TargetConfiguration" + } + }, + "documentation": "<p>Contains the parameters for accepting the quote.</p>" + }, + "AcceptReservedInstancesExchangeQuoteResult": { + "type": "structure", + "members": { + "ExchangeId": { + "shape": "String", + "documentation": "<p>The ID of the successful exchange.</p>", + "locationName": "exchangeId" + } + }, + "documentation": "<p>The result of the exchange and whether it was <code>successful</code>.</p>" + }, + "AcceptTransitGatewayVpcAttachmentRequest": { + "type": "structure", + "required": [ + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "AcceptTransitGatewayVpcAttachmentResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachment": { + "shape": "TransitGatewayVpcAttachment", + "documentation": "<p>The VPC attachment.</p>", + "locationName": "transitGatewayVpcAttachment" + } + } + }, + "AcceptVpcEndpointConnectionsRequest": { + "type": "structure", + "required": [ + "ServiceId", + "VpcEndpointIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint service.</p>" + }, + "VpcEndpointIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more interface VPC endpoints.</p>", + "locationName": "VpcEndpointId" + } + } + }, + "AcceptVpcEndpointConnectionsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the interface endpoints that were not accepted, if applicable.</p>", + "locationName": "unsuccessful" + } + } + }, + "AcceptVpcPeeringConnectionRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection. You must specify this parameter in the request.</p>", + "locationName": "vpcPeeringConnectionId" + } + } + }, + "AcceptVpcPeeringConnectionResult": { + "type": "structure", + "members": { + "VpcPeeringConnection": { + "shape": "VpcPeeringConnection", + "documentation": "<p>Information about the VPC peering connection.</p>", + "locationName": "vpcPeeringConnection" + } + } + }, + "AccountAttribute": { + "type": "structure", + "members": { + "AttributeName": { + "shape": "String", + "documentation": "<p>The name of the account attribute.</p>", + "locationName": "attributeName" + }, + "AttributeValues": { + "shape": "AccountAttributeValueList", + "documentation": "<p>The values for the account attribute.</p>", + "locationName": "attributeValueSet" + } + }, + "documentation": "<p>Describes an account attribute.</p>" + }, + "AccountAttributeList": { + "type": "list", + "member": { + "shape": "AccountAttribute", + "locationName": "item" + } + }, + "AccountAttributeName": { + "type": "string", + "enum": [ + "supported-platforms", + "default-vpc" + ] + }, + "AccountAttributeNameStringList": { + "type": "list", + "member": { + "shape": "AccountAttributeName", + "locationName": "attributeName" + } + }, + "AccountAttributeValue": { + "type": "structure", + "members": { + "AttributeValue": { + "shape": "String", + "documentation": "<p>The value of the attribute.</p>", + "locationName": "attributeValue" + } + }, + "documentation": "<p>Describes a value of an account attribute.</p>" + }, + "AccountAttributeValueList": { + "type": "list", + "member": { + "shape": "AccountAttributeValue", + "locationName": "item" + } + }, + "ActiveInstance": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "SpotInstanceRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Instance request.</p>", + "locationName": "spotInstanceRequestId" + }, + "InstanceHealth": { + "shape": "InstanceHealthStatus", + "documentation": "<p>The health status of the instance. If the status of either the instance status check or the system status check is <code>impaired</code>, the health status of the instance is <code>unhealthy</code>. Otherwise, the health status is <code>healthy</code>.</p>", + "locationName": "instanceHealth" + } + }, + "documentation": "<p>Describes a running instance in a Spot Fleet.</p>" + }, + "ActiveInstanceSet": { + "type": "list", + "member": { + "shape": "ActiveInstance", + "locationName": "item" + } + }, + "ActivityStatus": { + "type": "string", + "enum": [ + "error", + "pending_fulfillment", + "pending_termination", + "fulfilled" + ] + }, + "Address": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance that the address is associated with (if any).</p>", + "locationName": "instanceId" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + }, + "AllocationId": { + "shape": "String", + "documentation": "<p>The ID representing the allocation of the address for use with EC2-VPC.</p>", + "locationName": "allocationId" + }, + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID representing the association of the address with an instance in a VPC.</p>", + "locationName": "associationId" + }, + "Domain": { + "shape": "DomainType", + "documentation": "<p>Indicates whether this Elastic IP address is for use with instances in EC2-Classic (<code>standard</code>) or instances in a VPC (<code>vpc</code>).</p>", + "locationName": "domain" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "NetworkInterfaceOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the network interface.</p>", + "locationName": "networkInterfaceOwnerId" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IP address associated with the Elastic IP address.</p>", + "locationName": "privateIpAddress" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the Elastic IP address.</p>", + "locationName": "tagSet" + }, + "PublicIpv4Pool": { + "shape": "String", + "documentation": "<p>The ID of an address pool.</p>", + "locationName": "publicIpv4Pool" + } + }, + "documentation": "<p>Describes an Elastic IP address.</p>" + }, + "AddressList": { + "type": "list", + "member": { + "shape": "Address", + "locationName": "item" + } + }, + "AdvertiseByoipCidrRequest": { + "type": "structure", + "required": [ + "Cidr" + ], + "members": { + "Cidr": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation. This must be the exact range that you provisioned. You can't advertise only a portion of the provisioned range.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "AdvertiseByoipCidrResult": { + "type": "structure", + "members": { + "ByoipCidr": { + "shape": "ByoipCidr", + "documentation": "<p>Information about the address range.</p>", + "locationName": "byoipCidr" + } + } + }, + "Affinity": { + "type": "string", + "enum": [ + "default", + "host" + ] + }, + "AllocateAddressRequest": { + "type": "structure", + "members": { + "Domain": { + "shape": "DomainType", + "documentation": "<p>Set to <code>vpc</code> to allocate the address for use with instances in a VPC.</p> <p>Default: The address is for use with instances in EC2-Classic.</p>" + }, + "Address": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address pool.</p>" + }, + "PublicIpv4Pool": { + "shape": "String", + "documentation": "<p>The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool. To specify a specific address from the address pool, use the <code>Address</code> parameter instead.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "AllocateAddressResult": { + "type": "structure", + "members": { + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + }, + "AllocationId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID that AWS assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.</p>", + "locationName": "allocationId" + }, + "PublicIpv4Pool": { + "shape": "String", + "documentation": "<p>The ID of an address pool.</p>", + "locationName": "publicIpv4Pool" + }, + "Domain": { + "shape": "DomainType", + "documentation": "<p>Indicates whether this Elastic IP address is for use with instances in EC2-Classic (<code>standard</code>) or instances in a VPC (<code>vpc</code>).</p>", + "locationName": "domain" + } + } + }, + "AllocateHostsRequest": { + "type": "structure", + "required": [ + "AvailabilityZone", + "InstanceType", + "Quantity" + ], + "members": { + "AutoPlacement": { + "shape": "AutoPlacement", + "documentation": "<p>Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding\"> Understanding Instance Placement and Host Affinity</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p> <p>Default: <code>on</code> </p>", + "locationName": "autoPlacement" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to allocate the Dedicated Host.</p>", + "locationName": "availabilityZone" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>Specifies the instance type for which to configure your Dedicated Hosts. When you specify the instance type, that is the only instance type that you can launch onto that host.</p>", + "locationName": "instanceType" + }, + "Quantity": { + "shape": "Integer", + "documentation": "<p>The number of Dedicated Hosts to allocate to your account with these parameters.</p>", + "locationName": "quantity" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the Dedicated Host during creation.</p>", + "locationName": "TagSpecification" + }, + "HostRecovery": { + "shape": "HostRecovery", + "documentation": "<p>Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html\"> Host Recovery</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Default: <code>off</code> </p>" + } + } + }, + "AllocateHostsResult": { + "type": "structure", + "members": { + "HostIds": { + "shape": "ResponseHostIdList", + "documentation": "<p>The ID of the allocated Dedicated Host. This is used to launch an instance onto a specific host.</p>", + "locationName": "hostIdSet" + } + }, + "documentation": "<p>Contains the output of AllocateHosts.</p>" + }, + "AllocationIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "AllocationId" + } + }, + "AllocationState": { + "type": "string", + "enum": [ + "available", + "under-assessment", + "permanent-failure", + "released", + "released-permanent-failure", + "pending" + ] + }, + "AllocationStrategy": { + "type": "string", + "enum": [ + "lowestPrice", + "diversified" + ] + }, + "AllowedPrincipal": { + "type": "structure", + "members": { + "PrincipalType": { + "shape": "PrincipalType", + "documentation": "<p>The type of principal.</p>", + "locationName": "principalType" + }, + "Principal": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the principal.</p>", + "locationName": "principal" + } + }, + "documentation": "<p>Describes a principal.</p>" + }, + "AllowedPrincipalSet": { + "type": "list", + "member": { + "shape": "AllowedPrincipal", + "locationName": "item" + } + }, + "ApplySecurityGroupsToClientVpnTargetNetworkRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "VpcId", + "SecurityGroupIds" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC in which the associated target network is located.</p>" + }, + "SecurityGroupIds": { + "shape": "ClientVpnSecurityGroupIdSet", + "documentation": "<p>The IDs of the security groups to apply to the associated target network. Up to 5 security groups can be applied to an associated target network.</p>", + "locationName": "SecurityGroupId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ApplySecurityGroupsToClientVpnTargetNetworkResult": { + "type": "structure", + "members": { + "SecurityGroupIds": { + "shape": "ClientVpnSecurityGroupIdSet", + "documentation": "<p>The IDs of the applied security groups.</p>", + "locationName": "securityGroupIds" + } + } + }, + "ArchitectureValues": { + "type": "string", + "enum": [ + "i386", + "x86_64", + "arm64" + ] + }, + "AssignIpv6AddressesRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.</p>", + "locationName": "ipv6AddressCount" + }, + "Ipv6Addresses": { + "shape": "Ipv6AddressList", + "documentation": "<p>One or more specific IPv6 addresses to be assigned to the network interface. You can't use this option if you're specifying a number of IPv6 addresses.</p>", + "locationName": "ipv6Addresses" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + } + }, + "AssignIpv6AddressesResult": { + "type": "structure", + "members": { + "AssignedIpv6Addresses": { + "shape": "Ipv6AddressList", + "documentation": "<p>The IPv6 addresses assigned to the network interface.</p>", + "locationName": "assignedIpv6Addresses" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + } + }, + "AssignPrivateIpAddressesRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "AllowReassignment": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to allow an IP address that is already assigned to another network interface or instance to be reassigned to the specified network interface.</p>", + "locationName": "allowReassignment" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressStringList", + "documentation": "<p>One or more IP addresses to be assigned as a secondary private IP address to the network interface. You can't specify this parameter when also specifying a number of secondary IP addresses.</p> <p>If you don't specify an IP address, Amazon EC2 automatically selects an IP address within the subnet range.</p>", + "locationName": "privateIpAddress" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary IP addresses to assign to the network interface. You can't specify this parameter when also specifying private IP addresses.</p>", + "locationName": "secondaryPrivateIpAddressCount" + } + }, + "documentation": "<p>Contains the parameters for AssignPrivateIpAddresses.</p>" + }, + "AssociateAddressRequest": { + "type": "structure", + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The allocation ID. This is required for EC2-VPC.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.</p>" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address to associate with the instance. This is required for EC2-Classic.</p>" + }, + "AllowReassociation": { + "shape": "Boolean", + "documentation": "<p>[EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic IP address that is already associated with an instance or network interface to be reassociated with the specified instance or network interface. Otherwise, the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, therefore you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.</p>", + "locationName": "allowReassociation" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.</p> <p>For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. </p>", + "locationName": "networkInterfaceId" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.</p>", + "locationName": "privateIpAddress" + } + } + }, + "AssociateAddressResult": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID that represents the association of the Elastic IP address with an instance.</p>", + "locationName": "associationId" + } + } + }, + "AssociateClientVpnTargetNetworkRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "SubnetId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet to associate with the Client VPN endpoint.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "AssociateClientVpnTargetNetworkResult": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The unique ID of the target network association.</p>", + "locationName": "associationId" + }, + "Status": { + "shape": "AssociationStatus", + "documentation": "<p>The current state of the target network association.</p>", + "locationName": "status" + } + } + }, + "AssociateDhcpOptionsRequest": { + "type": "structure", + "required": [ + "DhcpOptionsId", + "VpcId" + ], + "members": { + "DhcpOptionsId": { + "shape": "String", + "documentation": "<p>The ID of the DHCP options set, or <code>default</code> to associate no DHCP options with the VPC.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "AssociateIamInstanceProfileRequest": { + "type": "structure", + "required": [ + "IamInstanceProfile", + "InstanceId" + ], + "members": { + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + } + } + }, + "AssociateIamInstanceProfileResult": { + "type": "structure", + "members": { + "IamInstanceProfileAssociation": { + "shape": "IamInstanceProfileAssociation", + "documentation": "<p>Information about the IAM instance profile association.</p>", + "locationName": "iamInstanceProfileAssociation" + } + } + }, + "AssociateRouteTableRequest": { + "type": "structure", + "required": [ + "RouteTableId", + "SubnetId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + } + } + }, + "AssociateRouteTableResult": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The route table association ID. This ID is required for disassociating the route table.</p>", + "locationName": "associationId" + } + } + }, + "AssociateSubnetCidrBlockRequest": { + "type": "structure", + "required": [ + "Ipv6CidrBlock", + "SubnetId" + ], + "members": { + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block for your subnet. The subnet must have a /64 prefix length.</p>", + "locationName": "ipv6CidrBlock" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of your subnet.</p>", + "locationName": "subnetId" + } + } + }, + "AssociateSubnetCidrBlockResult": { + "type": "structure", + "members": { + "Ipv6CidrBlockAssociation": { + "shape": "SubnetIpv6CidrBlockAssociation", + "documentation": "<p>Information about the IPv6 CIDR block association.</p>", + "locationName": "ipv6CidrBlockAssociation" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + } + } + }, + "AssociateTransitGatewayRouteTableRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "AssociateTransitGatewayRouteTableResult": { + "type": "structure", + "members": { + "Association": { + "shape": "TransitGatewayAssociation", + "documentation": "<p>The ID of the association.</p>", + "locationName": "association" + } + } + }, + "AssociateVpcCidrBlockRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "AmazonProvidedIpv6CidrBlock": { + "shape": "Boolean", + "documentation": "<p>Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses, or the size of the CIDR block.</p>", + "locationName": "amazonProvidedIpv6CidrBlock" + }, + "CidrBlock": { + "shape": "String", + "documentation": "<p>An IPv4 CIDR block to associate with the VPC.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "AssociateVpcCidrBlockResult": { + "type": "structure", + "members": { + "Ipv6CidrBlockAssociation": { + "shape": "VpcIpv6CidrBlockAssociation", + "documentation": "<p>Information about the IPv6 CIDR block association.</p>", + "locationName": "ipv6CidrBlockAssociation" + }, + "CidrBlockAssociation": { + "shape": "VpcCidrBlockAssociation", + "documentation": "<p>Information about the IPv4 CIDR block association.</p>", + "locationName": "cidrBlockAssociation" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "AssociatedNetworkType": { + "type": "string", + "enum": [ + "vpc" + ] + }, + "AssociatedTargetNetwork": { + "type": "structure", + "members": { + "NetworkId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "networkId" + }, + "NetworkType": { + "shape": "AssociatedNetworkType", + "documentation": "<p>The target network type.</p>", + "locationName": "networkType" + } + }, + "documentation": "<p>Describes a target network that is associated with a Client VPN endpoint. A target network is a subnet in a VPC.</p>" + }, + "AssociatedTargetNetworkSet": { + "type": "list", + "member": { + "shape": "AssociatedTargetNetwork", + "locationName": "item" + } + }, + "AssociationIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "AssociationId" + } + }, + "AssociationStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "AssociationStatusCode", + "documentation": "<p>The state of the target network association.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the target network association, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of a target network association.</p>" + }, + "AssociationStatusCode": { + "type": "string", + "enum": [ + "associating", + "associated", + "association-failed", + "disassociating", + "disassociated" + ] + }, + "AttachClassicLinkVpcRequest": { + "type": "structure", + "required": [ + "Groups", + "InstanceId", + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Groups": { + "shape": "GroupIdStringList", + "documentation": "<p>The ID of one or more of the VPC's security groups. You cannot specify security groups from a different VPC.</p>", + "locationName": "SecurityGroupId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC.</p>", + "locationName": "instanceId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of a ClassicLink-enabled VPC.</p>", + "locationName": "vpcId" + } + } + }, + "AttachClassicLinkVpcResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "AttachInternetGatewayRequest": { + "type": "structure", + "required": [ + "InternetGatewayId", + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InternetGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the internet gateway.</p>", + "locationName": "internetGatewayId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "AttachNetworkInterfaceRequest": { + "type": "structure", + "required": [ + "DeviceIndex", + "InstanceId", + "NetworkInterfaceId" + ], + "members": { + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The index of the device for the network interface attachment.</p>", + "locationName": "deviceIndex" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + }, + "documentation": "<p>Contains the parameters for AttachNetworkInterface.</p>" + }, + "AttachNetworkInterfaceResult": { + "type": "structure", + "members": { + "AttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the network interface attachment.</p>", + "locationName": "attachmentId" + } + }, + "documentation": "<p>Contains the output of AttachNetworkInterface.</p>" + }, + "AttachVolumeRequest": { + "type": "structure", + "required": [ + "Device", + "InstanceId", + "VolumeId" + ], + "members": { + "Device": { + "shape": "String", + "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the EBS volume. The volume and instance must be within the same Availability Zone.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for AttachVolume.</p>" + }, + "AttachVpnGatewayRequest": { + "type": "structure", + "required": [ + "VpcId", + "VpnGatewayId" + ], + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for AttachVpnGateway.</p>" + }, + "AttachVpnGatewayResult": { + "type": "structure", + "members": { + "VpcAttachment": { + "shape": "VpcAttachment", + "documentation": "<p>Information about the attachment.</p>", + "locationName": "attachment" + } + }, + "documentation": "<p>Contains the output of AttachVpnGateway.</p>" + }, + "AttachmentStatus": { + "type": "string", + "enum": [ + "attaching", + "attached", + "detaching", + "detached" + ] + }, + "AttributeBooleanValue": { + "type": "structure", + "members": { + "Value": { + "shape": "Boolean", + "documentation": "<p>The attribute value. The valid values are <code>true</code> or <code>false</code>.</p>", + "locationName": "value" + } + }, + "documentation": "<p>Describes a value for a resource attribute that is a Boolean value.</p>" + }, + "AttributeValue": { + "type": "structure", + "members": { + "Value": { + "shape": "String", + "documentation": "<p>The attribute value. The value is case-sensitive.</p>", + "locationName": "value" + } + }, + "documentation": "<p>Describes a value for a resource attribute that is a String.</p>" + }, + "AuthorizationRule": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint with which the authorization rule is associated.</p>", + "locationName": "clientVpnEndpointId" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the authorization rule.</p>", + "locationName": "description" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the Active Directory group to which the authorization rule grants access.</p>", + "locationName": "groupId" + }, + "AccessAll": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the authorization rule grants access to all clients.</p>", + "locationName": "accessAll" + }, + "DestinationCidr": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the network to which the authorization rule applies.</p>", + "locationName": "destinationCidr" + }, + "Status": { + "shape": "ClientVpnAuthorizationRuleStatus", + "documentation": "<p>The current state of the authorization rule.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Information about an authorization rule.</p>" + }, + "AuthorizationRuleSet": { + "type": "list", + "member": { + "shape": "AuthorizationRule", + "locationName": "item" + } + }, + "AuthorizeClientVpnIngressRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "TargetNetworkCidr" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "TargetNetworkCidr": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the network for which access is being authorized.</p>" + }, + "AccessGroupId": { + "shape": "String", + "documentation": "<p>The ID of the Active Directory group to grant access.</p>" + }, + "AuthorizeAllGroups": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to grant access to all clients. Use <code>true</code> to grant all clients who successfully establish a VPN connection access to the network.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the authorization rule.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "AuthorizeClientVpnIngressResult": { + "type": "structure", + "members": { + "Status": { + "shape": "ClientVpnAuthorizationRuleStatus", + "documentation": "<p>The current state of the authorization rule.</p>", + "locationName": "status" + } + } + }, + "AuthorizeSecurityGroupEgressRequest": { + "type": "structure", + "required": [ + "GroupId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.</p>", + "locationName": "ipPermissions" + }, + "CidrIp": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the CIDR.</p>", + "locationName": "cidrIp" + }, + "FromPort": { + "shape": "Integer", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the port.</p>", + "locationName": "fromPort" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the protocol name or number.</p>", + "locationName": "ipProtocol" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the port.</p>", + "locationName": "toPort" + }, + "SourceSecurityGroupName": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify a destination security group.</p>", + "locationName": "sourceSecurityGroupName" + }, + "SourceSecurityGroupOwnerId": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify a destination security group.</p>", + "locationName": "sourceSecurityGroupOwnerId" + } + } + }, + "AuthorizeSecurityGroupIngressRequest": { + "type": "structure", + "members": { + "CidrIp": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR format. You can't specify this parameter when specifying a source security group. To specify an IPv6 address range, use a set of IP permissions.</p> <p>Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.</p>" + }, + "FromPort": { + "shape": "Integer", + "documentation": "<p>The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use <code>-1</code> to specify all types. If you specify all ICMP types, you must specify all codes.</p> <p>Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.</p>" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The sets of IP permissions.</p>" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>) or number (see <a href=\"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\">Protocol Numbers</a>). To specify <code>icmpv6</code>, use a set of IP permissions.</p> <p>[VPC only] Use <code>-1</code> to specify all protocols. If you specify <code>-1</code> or a protocol other than <code>tcp</code>, <code>udp</code>, or <code>icmp</code>, traffic on all ports is allowed, regardless of any ports you specify.</p> <p>Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.</p>" + }, + "SourceSecurityGroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC.</p>" + }, + "SourceSecurityGroupOwnerId": { + "shape": "String", + "documentation": "<p>[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead.</p>" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The end of port range for the TCP and UDP protocols, or an ICMP code number. For the ICMP code number, use <code>-1</code> to specify all codes. If you specify all ICMP types, you must specify all codes.</p> <p>Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "AutoAcceptSharedAttachmentsValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "AutoPlacement": { + "type": "string", + "enum": [ + "on", + "off" + ] + }, + "AvailabilityZone": { + "type": "structure", + "members": { + "State": { + "shape": "AvailabilityZoneState", + "documentation": "<p>The state of the Availability Zone.</p>", + "locationName": "zoneState" + }, + "Messages": { + "shape": "AvailabilityZoneMessageList", + "documentation": "<p>Any messages about the Availability Zone.</p>", + "locationName": "messageSet" + }, + "RegionName": { + "shape": "String", + "documentation": "<p>The name of the Region.</p>", + "locationName": "regionName" + }, + "ZoneName": { + "shape": "String", + "documentation": "<p>The name of the Availability Zone.</p>", + "locationName": "zoneName" + }, + "ZoneId": { + "shape": "String", + "documentation": "<p>The ID of the Availability Zone.</p>", + "locationName": "zoneId" + } + }, + "documentation": "<p>Describes an Availability Zone.</p>" + }, + "AvailabilityZoneList": { + "type": "list", + "member": { + "shape": "AvailabilityZone", + "locationName": "item" + } + }, + "AvailabilityZoneMessage": { + "type": "structure", + "members": { + "Message": { + "shape": "String", + "documentation": "<p>The message about the Availability Zone.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes a message about an Availability Zone.</p>" + }, + "AvailabilityZoneMessageList": { + "type": "list", + "member": { + "shape": "AvailabilityZoneMessage", + "locationName": "item" + } + }, + "AvailabilityZoneState": { + "type": "string", + "enum": [ + "available", + "information", + "impaired", + "unavailable" + ] + }, + "AvailableCapacity": { + "type": "structure", + "members": { + "AvailableInstanceCapacity": { + "shape": "AvailableInstanceCapacityList", + "documentation": "<p>The total number of instances supported by the Dedicated Host.</p>", + "locationName": "availableInstanceCapacity" + }, + "AvailableVCpus": { + "shape": "Integer", + "documentation": "<p>The number of vCPUs available on the Dedicated Host.</p>", + "locationName": "availableVCpus" + } + }, + "documentation": "<p>The capacity information for instances launched onto the Dedicated Host.</p>" + }, + "AvailableInstanceCapacityList": { + "type": "list", + "member": { + "shape": "InstanceCapacity", + "locationName": "item" + } + }, + "BatchState": { + "type": "string", + "enum": [ + "submitted", + "active", + "cancelled", + "failed", + "cancelled_running", + "cancelled_terminating", + "modifying" + ] + }, + "BillingProductList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "Blob": { + "type": "blob" + }, + "BlobAttributeValue": { + "type": "structure", + "members": { + "Value": { + "shape": "Blob", + "locationName": "value" + } + } + }, + "BlockDeviceMapping": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>", + "locationName": "deviceName" + }, + "VirtualName": { + "shape": "String", + "documentation": "<p>The virtual device name (<code>ephemeral</code>N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for <code>ephemeral0</code> and <code>ephemeral1</code>. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.</p> <p>NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.</p> <p>Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.</p>", + "locationName": "virtualName" + }, + "Ebs": { + "shape": "EbsBlockDevice", + "documentation": "<p>Parameters used to automatically set up EBS volumes when the instance is launched.</p>", + "locationName": "ebs" + }, + "NoDevice": { + "shape": "String", + "documentation": "<p>Suppresses the specified device included in the block device mapping of the AMI.</p>", + "locationName": "noDevice" + } + }, + "documentation": "<p>Describes a block device mapping.</p>" + }, + "BlockDeviceMappingList": { + "type": "list", + "member": { + "shape": "BlockDeviceMapping", + "locationName": "item" + } + }, + "BlockDeviceMappingRequestList": { + "type": "list", + "member": { + "shape": "BlockDeviceMapping", + "locationName": "BlockDeviceMapping" + } + }, + "Boolean": { + "type": "boolean" + }, + "BundleIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "BundleId" + } + }, + "BundleInstanceRequest": { + "type": "structure", + "required": [ + "InstanceId", + "Storage" + ], + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance to bundle.</p> <p>Type: String</p> <p>Default: None</p> <p>Required: Yes</p>" + }, + "Storage": { + "shape": "Storage", + "documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for BundleInstance.</p>" + }, + "BundleInstanceResult": { + "type": "structure", + "members": { + "BundleTask": { + "shape": "BundleTask", + "documentation": "<p>Information about the bundle task.</p>", + "locationName": "bundleInstanceTask" + } + }, + "documentation": "<p>Contains the output of BundleInstance.</p>" + }, + "BundleTask": { + "type": "structure", + "members": { + "BundleId": { + "shape": "String", + "documentation": "<p>The ID of the bundle task.</p>", + "locationName": "bundleId" + }, + "BundleTaskError": { + "shape": "BundleTaskError", + "documentation": "<p>If the task fails, a description of the error.</p>", + "locationName": "error" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance associated with this bundle task.</p>", + "locationName": "instanceId" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The level of task completion, as a percent (for example, 20%).</p>", + "locationName": "progress" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The time this task started.</p>", + "locationName": "startTime" + }, + "State": { + "shape": "BundleTaskState", + "documentation": "<p>The state of the task.</p>", + "locationName": "state" + }, + "Storage": { + "shape": "Storage", + "documentation": "<p>The Amazon S3 storage locations.</p>", + "locationName": "storage" + }, + "UpdateTime": { + "shape": "DateTime", + "documentation": "<p>The time of the most recent update for the task.</p>", + "locationName": "updateTime" + } + }, + "documentation": "<p>Describes a bundle task.</p>" + }, + "BundleTaskError": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The error message.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes an error for <a>BundleInstance</a>.</p>" + }, + "BundleTaskList": { + "type": "list", + "member": { + "shape": "BundleTask", + "locationName": "item" + } + }, + "BundleTaskState": { + "type": "string", + "enum": [ + "pending", + "waiting-for-shutdown", + "bundling", + "storing", + "cancelling", + "complete", + "failed" + ] + }, + "ByoipCidr": { + "type": "structure", + "members": { + "Cidr": { + "shape": "String", + "documentation": "<p>The public IPv4 address range, in CIDR notation.</p>", + "locationName": "cidr" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the address range.</p>", + "locationName": "description" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>Upon success, contains the ID of the address pool. Otherwise, contains an error message.</p>", + "locationName": "statusMessage" + }, + "State": { + "shape": "ByoipCidrState", + "documentation": "<p>The state of the address pool.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Information about an address range that is provisioned for use with your AWS resources through bring your own IP addresses (BYOIP).</p>" + }, + "ByoipCidrSet": { + "type": "list", + "member": { + "shape": "ByoipCidr", + "locationName": "item" + } + }, + "ByoipCidrState": { + "type": "string", + "enum": [ + "advertised", + "deprovisioned", + "failed-deprovision", + "failed-provision", + "pending-deprovision", + "pending-provision", + "provisioned" + ] + }, + "CancelBatchErrorCode": { + "type": "string", + "enum": [ + "fleetRequestIdDoesNotExist", + "fleetRequestIdMalformed", + "fleetRequestNotInCancellableState", + "unexpectedError" + ] + }, + "CancelBundleTaskRequest": { + "type": "structure", + "required": [ + "BundleId" + ], + "members": { + "BundleId": { + "shape": "String", + "documentation": "<p>The ID of the bundle task.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CancelBundleTask.</p>" + }, + "CancelBundleTaskResult": { + "type": "structure", + "members": { + "BundleTask": { + "shape": "BundleTask", + "documentation": "<p>Information about the bundle task.</p>", + "locationName": "bundleInstanceTask" + } + }, + "documentation": "<p>Contains the output of CancelBundleTask.</p>" + }, + "CancelCapacityReservationRequest": { + "type": "structure", + "required": [ + "CapacityReservationId" + ], + "members": { + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation to be cancelled.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CancelCapacityReservationResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "CancelConversionRequest": { + "type": "structure", + "required": [ + "ConversionTaskId" + ], + "members": { + "ConversionTaskId": { + "shape": "String", + "documentation": "<p>The ID of the conversion task.</p>", + "locationName": "conversionTaskId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "ReasonMessage": { + "shape": "String", + "documentation": "<p>The reason for canceling the conversion task.</p>", + "locationName": "reasonMessage" + } + } + }, + "CancelExportTaskRequest": { + "type": "structure", + "required": [ + "ExportTaskId" + ], + "members": { + "ExportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the export task. This is the ID returned by <code>CreateInstanceExportTask</code>.</p>", + "locationName": "exportTaskId" + } + } + }, + "CancelImportTaskRequest": { + "type": "structure", + "members": { + "CancelReason": { + "shape": "String", + "documentation": "<p>The reason for canceling the task.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the import image or import snapshot task to be canceled.</p>" + } + } + }, + "CancelImportTaskResult": { + "type": "structure", + "members": { + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the task being canceled.</p>", + "locationName": "importTaskId" + }, + "PreviousState": { + "shape": "String", + "documentation": "<p>The current state of the task being canceled.</p>", + "locationName": "previousState" + }, + "State": { + "shape": "String", + "documentation": "<p>The current state of the task being canceled.</p>", + "locationName": "state" + } + } + }, + "CancelReservedInstancesListingRequest": { + "type": "structure", + "required": [ + "ReservedInstancesListingId" + ], + "members": { + "ReservedInstancesListingId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance listing.</p>", + "locationName": "reservedInstancesListingId" + } + }, + "documentation": "<p>Contains the parameters for CancelReservedInstancesListing.</p>" + }, + "CancelReservedInstancesListingResult": { + "type": "structure", + "members": { + "ReservedInstancesListings": { + "shape": "ReservedInstancesListingList", + "documentation": "<p>The Reserved Instance listing.</p>", + "locationName": "reservedInstancesListingsSet" + } + }, + "documentation": "<p>Contains the output of CancelReservedInstancesListing.</p>" + }, + "CancelSpotFleetRequestsError": { + "type": "structure", + "members": { + "Code": { + "shape": "CancelBatchErrorCode", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The description for the error code.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes a Spot Fleet error.</p>" + }, + "CancelSpotFleetRequestsErrorItem": { + "type": "structure", + "members": { + "Error": { + "shape": "CancelSpotFleetRequestsError", + "documentation": "<p>The error.</p>", + "locationName": "error" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Describes a Spot Fleet request that was not successfully canceled.</p>" + }, + "CancelSpotFleetRequestsErrorSet": { + "type": "list", + "member": { + "shape": "CancelSpotFleetRequestsErrorItem", + "locationName": "item" + } + }, + "CancelSpotFleetRequestsRequest": { + "type": "structure", + "required": [ + "SpotFleetRequestIds", + "TerminateInstances" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "SpotFleetRequestIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the Spot Fleet requests.</p>", + "locationName": "spotFleetRequestId" + }, + "TerminateInstances": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to terminate instances for a Spot Fleet request if it is canceled successfully.</p>", + "locationName": "terminateInstances" + } + }, + "documentation": "<p>Contains the parameters for CancelSpotFleetRequests.</p>" + }, + "CancelSpotFleetRequestsResponse": { + "type": "structure", + "members": { + "SuccessfulFleetRequests": { + "shape": "CancelSpotFleetRequestsSuccessSet", + "documentation": "<p>Information about the Spot Fleet requests that are successfully canceled.</p>", + "locationName": "successfulFleetRequestSet" + }, + "UnsuccessfulFleetRequests": { + "shape": "CancelSpotFleetRequestsErrorSet", + "documentation": "<p>Information about the Spot Fleet requests that are not successfully canceled.</p>", + "locationName": "unsuccessfulFleetRequestSet" + } + }, + "documentation": "<p>Contains the output of CancelSpotFleetRequests.</p>" + }, + "CancelSpotFleetRequestsSuccessItem": { + "type": "structure", + "members": { + "CurrentSpotFleetRequestState": { + "shape": "BatchState", + "documentation": "<p>The current state of the Spot Fleet request.</p>", + "locationName": "currentSpotFleetRequestState" + }, + "PreviousSpotFleetRequestState": { + "shape": "BatchState", + "documentation": "<p>The previous state of the Spot Fleet request.</p>", + "locationName": "previousSpotFleetRequestState" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Describes a Spot Fleet request that was successfully canceled.</p>" + }, + "CancelSpotFleetRequestsSuccessSet": { + "type": "list", + "member": { + "shape": "CancelSpotFleetRequestsSuccessItem", + "locationName": "item" + } + }, + "CancelSpotInstanceRequestState": { + "type": "string", + "enum": [ + "active", + "open", + "closed", + "cancelled", + "completed" + ] + }, + "CancelSpotInstanceRequestsRequest": { + "type": "structure", + "required": [ + "SpotInstanceRequestIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "SpotInstanceRequestIds": { + "shape": "SpotInstanceRequestIdList", + "documentation": "<p>One or more Spot Instance request IDs.</p>", + "locationName": "SpotInstanceRequestId" + } + }, + "documentation": "<p>Contains the parameters for CancelSpotInstanceRequests.</p>" + }, + "CancelSpotInstanceRequestsResult": { + "type": "structure", + "members": { + "CancelledSpotInstanceRequests": { + "shape": "CancelledSpotInstanceRequestList", + "documentation": "<p>One or more Spot Instance requests.</p>", + "locationName": "spotInstanceRequestSet" + } + }, + "documentation": "<p>Contains the output of CancelSpotInstanceRequests.</p>" + }, + "CancelledSpotInstanceRequest": { + "type": "structure", + "members": { + "SpotInstanceRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Instance request.</p>", + "locationName": "spotInstanceRequestId" + }, + "State": { + "shape": "CancelSpotInstanceRequestState", + "documentation": "<p>The state of the Spot Instance request.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a request to cancel a Spot Instance.</p>" + }, + "CancelledSpotInstanceRequestList": { + "type": "list", + "member": { + "shape": "CancelledSpotInstanceRequest", + "locationName": "item" + } + }, + "CapacityReservation": { + "type": "structure", + "members": { + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation.</p>", + "locationName": "capacityReservationId" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The type of instance for which the Capacity Reservation reserves capacity.</p>", + "locationName": "instanceType" + }, + "InstancePlatform": { + "shape": "CapacityReservationInstancePlatform", + "documentation": "<p>The type of operating system for which the Capacity Reservation reserves capacity.</p>", + "locationName": "instancePlatform" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which the capacity is reserved.</p>", + "locationName": "availabilityZone" + }, + "Tenancy": { + "shape": "CapacityReservationTenancy", + "documentation": "<p>Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:</p> <ul> <li> <p> <code>default</code> - The Capacity Reservation is created on hardware that is shared with other AWS accounts.</p> </li> <li> <p> <code>dedicated</code> - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account.</p> </li> </ul>", + "locationName": "tenancy" + }, + "TotalInstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances for which the Capacity Reservation reserves capacity.</p>", + "locationName": "totalInstanceCount" + }, + "AvailableInstanceCount": { + "shape": "Integer", + "documentation": "<p>The remaining capacity. Indicates the number of instances that can be launched in the Capacity Reservation.</p>", + "locationName": "availableInstanceCount" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.</p>", + "locationName": "ebsOptimized" + }, + "EphemeralStorage": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.</p>", + "locationName": "ephemeralStorage" + }, + "State": { + "shape": "CapacityReservationState", + "documentation": "<p>The current state of the Capacity Reservation. A Capacity Reservation can be in one of the following states:</p> <ul> <li> <p> <code>active</code> - The Capacity Reservation is active and the capacity is available for your use.</p> </li> <li> <p> <code>cancelled</code> - The Capacity Reservation expired automatically at the date and time specified in your request. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>expired</code> - The Capacity Reservation was manually cancelled. The reserved capacity is no longer available for your use.</p> </li> <li> <p> <code>pending</code> - The Capacity Reservation request was successful but the capacity provisioning is still pending.</p> </li> <li> <p> <code>failed</code> - The Capacity Reservation request has failed. A request might fail due to invalid request parameters, capacity constraints, or instance limit constraints. Failed requests are retained for 60 minutes.</p> </li> </ul>", + "locationName": "state" + }, + "EndDate": { + "shape": "DateTime", + "documentation": "<p>The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to <code>expired</code> when it reaches its end date and time.</p>", + "locationName": "endDate" + }, + "EndDateType": { + "shape": "EndDateType", + "documentation": "<p>Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:</p> <ul> <li> <p> <code>unlimited</code> - The Capacity Reservation remains active until you explicitly cancel it.</p> </li> <li> <p> <code>limited</code> - The Capacity Reservation expires automatically at a specified date and time.</p> </li> </ul>", + "locationName": "endDateType" + }, + "InstanceMatchCriteria": { + "shape": "InstanceMatchCriteria", + "documentation": "<p>Indicates the type of instance launches that the Capacity Reservation accepts. The options include:</p> <ul> <li> <p> <code>open</code> - The Capacity Reservation accepts all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes launch into the Capacity Reservation automatically without specifying any additional parameters.</p> </li> <li> <p> <code>targeted</code> - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity. </p> </li> </ul>", + "locationName": "instanceMatchCriteria" + }, + "CreateDate": { + "shape": "DateTime", + "documentation": "<p>The date and time at which the Capacity Reservation was created.</p>", + "locationName": "createDate" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the Capacity Reservation.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a Capacity Reservation.</p>" + }, + "CapacityReservationIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "CapacityReservationInstancePlatform": { + "type": "string", + "enum": [ + "Linux/UNIX", + "Red Hat Enterprise Linux", + "SUSE Linux", + "Windows", + "Windows with SQL Server", + "Windows with SQL Server Enterprise", + "Windows with SQL Server Standard", + "Windows with SQL Server Web", + "Linux with SQL Server Standard", + "Linux with SQL Server Web", + "Linux with SQL Server Enterprise" + ] + }, + "CapacityReservationPreference": { + "type": "string", + "enum": [ + "open", + "none" + ] + }, + "CapacityReservationSet": { + "type": "list", + "member": { + "shape": "CapacityReservation", + "locationName": "item" + } + }, + "CapacityReservationSpecification": { + "type": "structure", + "members": { + "CapacityReservationPreference": { + "shape": "CapacityReservationPreference", + "documentation": "<p>Indicates the instance's Capacity Reservation preferences. Possible preferences include:</p> <ul> <li> <p> <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p> </li> <li> <p> <code>none</code> - The instance avoids running in a Capacity Reservation even if one is available. The instance runs as an On-Demand Instance.</p> </li> </ul>" + }, + "CapacityReservationTarget": { + "shape": "CapacityReservationTarget", + "documentation": "<p>Information about the target Capacity Reservation.</p>" + } + }, + "documentation": "<p>Describes an instance's Capacity Reservation targeting option. You can specify only one parameter at a time. If you specify <code>CapacityReservationPreference</code> and <code>CapacityReservationTarget</code>, the request fails.</p> <p>Use the <code>CapacityReservationPreference</code> parameter to configure the instance to run as an On-Demand Instance or to run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone). Use the <code>CapacityReservationTarget</code> parameter to explicitly target a specific Capacity Reservation.</p>" + }, + "CapacityReservationSpecificationResponse": { + "type": "structure", + "members": { + "CapacityReservationPreference": { + "shape": "CapacityReservationPreference", + "documentation": "<p>Describes the instance's Capacity Reservation preferences. Possible preferences include:</p> <ul> <li> <p> <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p> </li> <li> <p> <code>none</code> - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.</p> </li> </ul>", + "locationName": "capacityReservationPreference" + }, + "CapacityReservationTarget": { + "shape": "CapacityReservationTargetResponse", + "documentation": "<p>Information about the targeted Capacity Reservation.</p>", + "locationName": "capacityReservationTarget" + } + }, + "documentation": "<p>Describes the instance's Capacity Reservation targeting preferences. The action returns the <code>capacityReservationPreference</code> response element if the instance is configured to run in On-Demand capacity, or if it is configured in run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone). The action returns the <code>capacityReservationTarget</code> response element if the instance explicily targets a specific Capacity Reservation.</p>" + }, + "CapacityReservationState": { + "type": "string", + "enum": [ + "active", + "expired", + "cancelled", + "pending", + "failed" + ] + }, + "CapacityReservationTarget": { + "type": "structure", + "members": { + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation.</p>" + } + }, + "documentation": "<p>Describes a target Capacity Reservation.</p>" + }, + "CapacityReservationTargetResponse": { + "type": "structure", + "members": { + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation.</p>", + "locationName": "capacityReservationId" + } + }, + "documentation": "<p>Describes a target Capacity Reservation.</p>" + }, + "CapacityReservationTenancy": { + "type": "string", + "enum": [ + "default", + "dedicated" + ] + }, + "CertificateAuthentication": { + "type": "structure", + "members": { + "ClientRootCertificateChain": { + "shape": "String", + "documentation": "<p>The ARN of the client certificate. </p>", + "locationName": "clientRootCertificateChain" + } + }, + "documentation": "<p>Information about the client certificate used for authentication.</p>" + }, + "CertificateAuthenticationRequest": { + "type": "structure", + "members": { + "ClientRootCertificateChainArn": { + "shape": "String", + "documentation": "<p>The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).</p>" + } + }, + "documentation": "<p>Information about the client certificate to be used for authentication.</p>" + }, + "CidrAuthorizationContext": { + "type": "structure", + "required": [ + "Message", + "Signature" + ], + "members": { + "Message": { + "shape": "String", + "documentation": "<p>The plain-text authorization message for the prefix and account.</p>" + }, + "Signature": { + "shape": "String", + "documentation": "<p>The signed authorization message for the prefix and account.</p>" + } + }, + "documentation": "<p>Provides authorization for Amazon to bring a specific IP address range to a specific AWS account using bring your own IP addresses (BYOIP). For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html#prepare-for-byoip\">Prepare to Bring Your Address Range to Your AWS Account</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CidrBlock": { + "type": "structure", + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR block.</p>", + "locationName": "cidrBlock" + } + }, + "documentation": "<p>Describes an IPv4 CIDR block.</p>" + }, + "CidrBlockSet": { + "type": "list", + "member": { + "shape": "CidrBlock", + "locationName": "item" + } + }, + "ClassicLinkDnsSupport": { + "type": "structure", + "members": { + "ClassicLinkDnsSupported": { + "shape": "Boolean", + "documentation": "<p>Indicates whether ClassicLink DNS support is enabled for the VPC.</p>", + "locationName": "classicLinkDnsSupported" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes the ClassicLink DNS support status of a VPC.</p>" + }, + "ClassicLinkDnsSupportList": { + "type": "list", + "member": { + "shape": "ClassicLinkDnsSupport", + "locationName": "item" + } + }, + "ClassicLinkInstance": { + "type": "structure", + "members": { + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>A list of security groups.</p>", + "locationName": "groupSet" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the instance.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes a linked EC2-Classic instance.</p>" + }, + "ClassicLinkInstanceList": { + "type": "list", + "member": { + "shape": "ClassicLinkInstance", + "locationName": "item" + } + }, + "ClassicLoadBalancer": { + "type": "structure", + "members": { + "Name": { + "shape": "String", + "documentation": "<p>The name of the load balancer.</p>", + "locationName": "name" + } + }, + "documentation": "<p>Describes a Classic Load Balancer.</p>" + }, + "ClassicLoadBalancers": { + "type": "list", + "member": { + "shape": "ClassicLoadBalancer", + "locationName": "item" + }, + "max": 5, + "min": 1 + }, + "ClassicLoadBalancersConfig": { + "type": "structure", + "members": { + "ClassicLoadBalancers": { + "shape": "ClassicLoadBalancers", + "documentation": "<p>One or more Classic Load Balancers.</p>", + "locationName": "classicLoadBalancers" + } + }, + "documentation": "<p>Describes the Classic Load Balancers to attach to a Spot Fleet. Spot Fleet registers the running Spot Instances with these Classic Load Balancers.</p>" + }, + "ClientCertificateRevocationListStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "ClientCertificateRevocationListStatusCode", + "documentation": "<p>The state of the client certificate revocation list.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the client certificate revocation list, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of a client certificate revocation list.</p>" + }, + "ClientCertificateRevocationListStatusCode": { + "type": "string", + "enum": [ + "pending", + "active" + ] + }, + "ClientData": { + "type": "structure", + "members": { + "Comment": { + "shape": "String", + "documentation": "<p>A user-defined comment about the disk upload.</p>" + }, + "UploadEnd": { + "shape": "DateTime", + "documentation": "<p>The time that the disk upload ends.</p>" + }, + "UploadSize": { + "shape": "Double", + "documentation": "<p>The size of the uploaded disk image, in GiB.</p>" + }, + "UploadStart": { + "shape": "DateTime", + "documentation": "<p>The time that the disk upload starts.</p>" + } + }, + "documentation": "<p>Describes the client-specific data.</p>" + }, + "ClientVpnAuthentication": { + "type": "structure", + "members": { + "Type": { + "shape": "ClientVpnAuthenticationType", + "documentation": "<p>The authentication type used.</p>", + "locationName": "type" + }, + "ActiveDirectory": { + "shape": "DirectoryServiceAuthentication", + "documentation": "<p>Information about the Active Directory, if applicable.</p>", + "locationName": "activeDirectory" + }, + "MutualAuthentication": { + "shape": "CertificateAuthentication", + "documentation": "<p>Information about the authentication certificates, if applicable.</p>", + "locationName": "mutualAuthentication" + } + }, + "documentation": "<p>Describes the authentication methods used by a Client VPN endpoint. Client VPN supports Active Directory and mutual authentication. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>" + }, + "ClientVpnAuthenticationList": { + "type": "list", + "member": { + "shape": "ClientVpnAuthentication", + "locationName": "item" + } + }, + "ClientVpnAuthenticationRequest": { + "type": "structure", + "members": { + "Type": { + "shape": "ClientVpnAuthenticationType", + "documentation": "<p>The type of client authentication to be used. Specify <code>certificate-authentication</code> to use certificate-based authentication, or <code>directory-service-authentication</code> to use Active Directory authentication.</p>" + }, + "ActiveDirectory": { + "shape": "DirectoryServiceAuthenticationRequest", + "documentation": "<p>Information about the Active Directory to be used, if applicable. You must provide this information if <b>Type</b> is <code>directory-service-authentication</code>.</p>" + }, + "MutualAuthentication": { + "shape": "CertificateAuthenticationRequest", + "documentation": "<p>Information about the authentication certificates to be used, if applicable. You must provide this information if <b>Type</b> is <code>certificate-authentication</code>.</p>" + } + }, + "documentation": "<p>Describes the authentication method to be used by a Client VPN endpoint. Client VPN supports Active Directory and mutual authentication. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication\">Authentication</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>" + }, + "ClientVpnAuthenticationRequestList": { + "type": "list", + "member": { + "shape": "ClientVpnAuthenticationRequest" + } + }, + "ClientVpnAuthenticationType": { + "type": "string", + "enum": [ + "certificate-authentication", + "directory-service-authentication" + ] + }, + "ClientVpnAuthorizationRuleStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "ClientVpnAuthorizationRuleStatusCode", + "documentation": "<p>The state of the authorization rule.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the authorization rule, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of an authorization rule.</p>" + }, + "ClientVpnAuthorizationRuleStatusCode": { + "type": "string", + "enum": [ + "authorizing", + "active", + "failed", + "revoking" + ] + }, + "ClientVpnConnection": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint to which the client is connected.</p>", + "locationName": "clientVpnEndpointId" + }, + "Timestamp": { + "shape": "String", + "documentation": "<p>The current date and time.</p>", + "locationName": "timestamp" + }, + "ConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the client connection.</p>", + "locationName": "connectionId" + }, + "Username": { + "shape": "String", + "documentation": "<p>The username of the client who established the client connection. This information is only provided if Active Directory client authentication is used.</p>", + "locationName": "username" + }, + "ConnectionEstablishedTime": { + "shape": "String", + "documentation": "<p>The date and time the client connection was established.</p>", + "locationName": "connectionEstablishedTime" + }, + "IngressBytes": { + "shape": "String", + "documentation": "<p>The number of bytes sent by the client.</p>", + "locationName": "ingressBytes" + }, + "EgressBytes": { + "shape": "String", + "documentation": "<p>The number of bytes received by the client.</p>", + "locationName": "egressBytes" + }, + "IngressPackets": { + "shape": "String", + "documentation": "<p>The number of packets sent by the client.</p>", + "locationName": "ingressPackets" + }, + "EgressPackets": { + "shape": "String", + "documentation": "<p>The number of packets received by the client.</p>", + "locationName": "egressPackets" + }, + "ClientIp": { + "shape": "String", + "documentation": "<p>The IP address of the client.</p>", + "locationName": "clientIp" + }, + "CommonName": { + "shape": "String", + "documentation": "<p>The common name associated with the client. This is either the name of the client certificate, or the Active Directory user name.</p>", + "locationName": "commonName" + }, + "Status": { + "shape": "ClientVpnConnectionStatus", + "documentation": "<p>The current state of the client connection.</p>", + "locationName": "status" + }, + "ConnectionEndTime": { + "shape": "String", + "documentation": "<p>The date and time the client connection was terminated.</p>", + "locationName": "connectionEndTime" + } + }, + "documentation": "<p>Describes a client connection.</p>" + }, + "ClientVpnConnectionSet": { + "type": "list", + "member": { + "shape": "ClientVpnConnection", + "locationName": "item" + } + }, + "ClientVpnConnectionStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "ClientVpnConnectionStatusCode", + "documentation": "<p>The state of the client connection.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the client connection, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the status of a client connection.</p>" + }, + "ClientVpnConnectionStatusCode": { + "type": "string", + "enum": [ + "active", + "failed-to-terminate", + "terminating", + "terminated" + ] + }, + "ClientVpnEndpoint": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>", + "locationName": "clientVpnEndpointId" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the endpoint.</p>", + "locationName": "description" + }, + "Status": { + "shape": "ClientVpnEndpointStatus", + "documentation": "<p>The current state of the Client VPN endpoint.</p>", + "locationName": "status" + }, + "CreationTime": { + "shape": "String", + "documentation": "<p>The date and time the Client VPN endpoint was created.</p>", + "locationName": "creationTime" + }, + "DeletionTime": { + "shape": "String", + "documentation": "<p>The date and time the Client VPN endpoint was deleted, if applicable.</p>", + "locationName": "deletionTime" + }, + "DnsName": { + "shape": "String", + "documentation": "<p>The DNS name to be used by clients when connecting to the Client VPN endpoint.</p>", + "locationName": "dnsName" + }, + "ClientCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.</p>", + "locationName": "clientCidrBlock" + }, + "DnsServers": { + "shape": "ValueStringList", + "documentation": "<p>Information about the DNS servers to be used for DNS resolution. </p>", + "locationName": "dnsServer" + }, + "SplitTunnel": { + "shape": "Boolean", + "documentation": "<p>Indicates whether VPN split tunneling is supported.</p>", + "locationName": "splitTunnel" + }, + "VpnProtocol": { + "shape": "VpnProtocol", + "documentation": "<p>The protocol used by the VPN session.</p>", + "locationName": "vpnProtocol" + }, + "TransportProtocol": { + "shape": "TransportProtocol", + "documentation": "<p>The transport protocol used by the Client VPN endpoint.</p>", + "locationName": "transportProtocol" + }, + "AssociatedTargetNetworks": { + "shape": "AssociatedTargetNetworkSet", + "documentation": "<p>Information about the associated target networks. A target network is a subnet in a VPC.</p>", + "deprecated": true, + "deprecatedMessage": "This property is deprecated. To view the target networks associated with a Client VPN endpoint, call DescribeClientVpnTargetNetworks and inspect the clientVpnTargetNetworks response element.", + "locationName": "associatedTargetNetwork" + }, + "ServerCertificateArn": { + "shape": "String", + "documentation": "<p>The ARN of the server certificate.</p>", + "locationName": "serverCertificateArn" + }, + "AuthenticationOptions": { + "shape": "ClientVpnAuthenticationList", + "documentation": "<p>Information about the authentication method used by the Client VPN endpoint.</p>", + "locationName": "authenticationOptions" + }, + "ConnectionLogOptions": { + "shape": "ConnectionLogResponseOptions", + "documentation": "<p>Information about the client connection logging options for the Client VPN endpoint.</p>", + "locationName": "connectionLogOptions" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the Client VPN endpoint.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a Client VPN endpoint.</p>" + }, + "ClientVpnEndpointStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "ClientVpnEndpointStatusCode", + "documentation": "<p>The state of the Client VPN endpoint. Possible states include:</p> <ul> <li> <p> <code>pending-associate</code> - The Client VPN endpoint has been created but no target networks have been associated. The Client VPN endpoint cannot accept connections.</p> </li> <li> <p> <code>available</code> - The Client VPN endpoint has been created and a target network has been associated. The Client VPN endpoint can accept connections.</p> </li> <li> <p> <code>deleting</code> - The Client VPN endpoint is being deleted. The Client VPN endpoint cannot accept connections.</p> </li> <li> <p> <code>deleted</code> - The Client VPN endpoint has been deleted. The Client VPN endpoint cannot accept connections.</p> </li> </ul>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the Client VPN endpoint.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of a Client VPN endpoint.</p>" + }, + "ClientVpnEndpointStatusCode": { + "type": "string", + "enum": [ + "pending-associate", + "available", + "deleting", + "deleted" + ] + }, + "ClientVpnRoute": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint with which the route is associated.</p>", + "locationName": "clientVpnEndpointId" + }, + "DestinationCidr": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the route destination.</p>", + "locationName": "destinationCidr" + }, + "TargetSubnet": { + "shape": "String", + "documentation": "<p>The ID of the subnet through which traffic is routed.</p>", + "locationName": "targetSubnet" + }, + "Type": { + "shape": "String", + "documentation": "<p>The route type.</p>", + "locationName": "type" + }, + "Origin": { + "shape": "String", + "documentation": "<p>Indicates how the route was associated with the Client VPN endpoint. <code>associate</code> indicates that the route was automatically added when the target network was associated with the Client VPN endpoint. <code>add-route</code> indicates that the route was manually added using the <b>CreateClientVpnRoute</b> action.</p>", + "locationName": "origin" + }, + "Status": { + "shape": "ClientVpnRouteStatus", + "documentation": "<p>The current state of the route.</p>", + "locationName": "status" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the route.</p>", + "locationName": "description" + } + }, + "documentation": "<p>Information about a Client VPN endpoint route.</p>" + }, + "ClientVpnRouteSet": { + "type": "list", + "member": { + "shape": "ClientVpnRoute", + "locationName": "item" + } + }, + "ClientVpnRouteStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "ClientVpnRouteStatusCode", + "documentation": "<p>The state of the Client VPN endpoint route.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message about the status of the Client VPN endpoint route, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of a Client VPN endpoint route.</p>" + }, + "ClientVpnRouteStatusCode": { + "type": "string", + "enum": [ + "creating", + "active", + "failed", + "deleting" + ] + }, + "ClientVpnSecurityGroupIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ConfirmProductInstanceRequest": { + "type": "structure", + "required": [ + "InstanceId", + "ProductCode" + ], + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "ProductCode": { + "shape": "String", + "documentation": "<p>The product code. This must be a product code that you own.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "ConfirmProductInstanceResult": { + "type": "structure", + "members": { + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the instance owner. This is only present if the product code is attached to the instance.</p>", + "locationName": "ownerId" + }, + "Return": { + "shape": "Boolean", + "documentation": "<p>The return value of the request. Returns <code>true</code> if the specified product code is owned by the requester and associated with the specified instance.</p>", + "locationName": "return" + } + } + }, + "ConnectionLogOptions": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether connection logging is enabled.</p>" + }, + "CloudwatchLogGroup": { + "shape": "String", + "documentation": "<p>The name of the CloudWatch Logs log group.</p>" + }, + "CloudwatchLogStream": { + "shape": "String", + "documentation": "<p>The name of the CloudWatch Logs log stream to which the connection data is published.</p>" + } + }, + "documentation": "<p>Describes the client connection logging options for the Client VPN endpoint.</p>" + }, + "ConnectionLogResponseOptions": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether client connection logging is enabled for the Client VPN endpoint.</p>" + }, + "CloudwatchLogGroup": { + "shape": "String", + "documentation": "<p>The name of the Amazon CloudWatch Logs log group to which connection logging data is published.</p>" + }, + "CloudwatchLogStream": { + "shape": "String", + "documentation": "<p>The name of the Amazon CloudWatch Logs log stream to which connection logging data is published.</p>" + } + }, + "documentation": "<p>Information about the client connection logging options for a Client VPN endpoint.</p>" + }, + "ConnectionNotification": { + "type": "structure", + "members": { + "ConnectionNotificationId": { + "shape": "String", + "documentation": "<p>The ID of the notification.</p>", + "locationName": "connectionNotificationId" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint service.</p>", + "locationName": "serviceId" + }, + "VpcEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the VPC endpoint.</p>", + "locationName": "vpcEndpointId" + }, + "ConnectionNotificationType": { + "shape": "ConnectionNotificationType", + "documentation": "<p>The type of notification.</p>", + "locationName": "connectionNotificationType" + }, + "ConnectionNotificationArn": { + "shape": "String", + "documentation": "<p>The ARN of the SNS topic for the notification.</p>", + "locationName": "connectionNotificationArn" + }, + "ConnectionEvents": { + "shape": "ValueStringList", + "documentation": "<p>The events for the notification. Valid values are <code>Accept</code>, <code>Connect</code>, <code>Delete</code>, and <code>Reject</code>.</p>", + "locationName": "connectionEvents" + }, + "ConnectionNotificationState": { + "shape": "ConnectionNotificationState", + "documentation": "<p>The state of the notification.</p>", + "locationName": "connectionNotificationState" + } + }, + "documentation": "<p>Describes a connection notification for a VPC endpoint or VPC endpoint service.</p>" + }, + "ConnectionNotificationSet": { + "type": "list", + "member": { + "shape": "ConnectionNotification", + "locationName": "item" + } + }, + "ConnectionNotificationState": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "ConnectionNotificationType": { + "type": "string", + "enum": [ + "Topic" + ] + }, + "ContainerFormat": { + "type": "string", + "enum": [ + "ova" + ] + }, + "ConversionIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ConversionTask": { + "type": "structure", + "members": { + "ConversionTaskId": { + "shape": "String", + "documentation": "<p>The ID of the conversion task.</p>", + "locationName": "conversionTaskId" + }, + "ExpirationTime": { + "shape": "String", + "documentation": "<p>The time when the task expires. If the upload isn't complete before the expiration time, we automatically cancel the task.</p>", + "locationName": "expirationTime" + }, + "ImportInstance": { + "shape": "ImportInstanceTaskDetails", + "documentation": "<p>If the task is for importing an instance, this contains information about the import instance task.</p>", + "locationName": "importInstance" + }, + "ImportVolume": { + "shape": "ImportVolumeTaskDetails", + "documentation": "<p>If the task is for importing a volume, this contains information about the import volume task.</p>", + "locationName": "importVolume" + }, + "State": { + "shape": "ConversionTaskState", + "documentation": "<p>The state of the conversion task.</p>", + "locationName": "state" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>The status message related to the conversion task.</p>", + "locationName": "statusMessage" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the task.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a conversion task.</p>" + }, + "ConversionTaskState": { + "type": "string", + "enum": [ + "active", + "cancelling", + "cancelled", + "completed" + ] + }, + "CopyFpgaImageRequest": { + "type": "structure", + "required": [ + "SourceFpgaImageId", + "SourceRegion" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "SourceFpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the source AFI.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description for the new AFI.</p>" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name for the new AFI. The default is the name of the source AFI.</p>" + }, + "SourceRegion": { + "shape": "String", + "documentation": "<p>The Region that contains the source AFI.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>" + } + } + }, + "CopyFpgaImageResult": { + "type": "structure", + "members": { + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the new AFI.</p>", + "locationName": "fpgaImageId" + } + } + }, + "CopyImageRequest": { + "type": "structure", + "required": [ + "Name", + "SourceImageId", + "SourceRegion" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the new AMI in the destination Region.</p>" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Specifies whether the destination snapshots of the copied image should be encrypted. You can encrypt a copy of an unencrypted snapshot, but you cannot create an unencrypted copy of an encrypted snapshot. The default CMK for EBS is used unless you specify a non-default AWS Key Management Service (AWS KMS) CMK using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>", + "locationName": "encrypted" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with \"alias/\". For example:</p> <ul> <li> <p>Key ID: <code>1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Key ARN: <code>arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab</code> </p> </li> <li> <p>Alias name: <code>alias/ExampleAlias</code> </p> </li> <li> <p>Alias ARN: <code>arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias</code> </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to. </p>", + "locationName": "kmsKeyId" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the new AMI in the destination Region.</p>" + }, + "SourceImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI to copy.</p>" + }, + "SourceRegion": { + "shape": "String", + "documentation": "<p>The name of the Region that contains the AMI to copy.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CopyImage.</p>" + }, + "CopyImageResult": { + "type": "structure", + "members": { + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the new AMI.</p>", + "locationName": "imageId" + } + }, + "documentation": "<p>Contains the output of CopyImage.</p>" + }, + "CopySnapshotRequest": { + "type": "structure", + "required": [ + "SourceRegion", + "SourceSnapshotId" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the EBS snapshot.</p>" + }, + "DestinationRegion": { + "shape": "String", + "documentation": "<p>The destination Region to use in the <code>PresignedUrl</code> parameter of a snapshot copy operation. This parameter is only valid for specifying the destination Region in a <code>PresignedUrl</code> parameter, where it is required.</p> <p>The snapshot copy is sent to the regional endpoint that you sent the HTTP request to (for example, <code>ec2.us-east-1.amazonaws.com</code>). With the AWS CLI, this is specified using the <code>--region</code> parameter or the default Region in your AWS configuration file.</p>", + "locationName": "destinationRegion" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Specifies whether the destination snapshot should be encrypted. You can encrypt a copy of an unencrypted snapshot, but you cannot use it to create an unencrypted copy of an encrypted snapshot. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>", + "locationName": "encrypted" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>", + "locationName": "kmsKeyId" + }, + "PresignedUrl": { + "shape": "String", + "documentation": "<p>When you copy an encrypted source snapshot using the Amazon EC2 Query API, you must supply a pre-signed URL. This parameter is optional for unencrypted snapshots. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html\">Query Requests</a>.</p> <p>The <code>PresignedUrl</code> should use the snapshot source endpoint, the <code>CopySnapshot</code> action, and include the <code>SourceRegion</code>, <code>SourceSnapshotId</code>, and <code>DestinationRegion</code> parameters. The <code>PresignedUrl</code> must be signed using AWS Signature Version 4. Because EBS snapshots are stored in Amazon S3, the signing algorithm for this parameter uses the same logic that is described in <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html\">Authenticating Requests by Using Query Parameters (AWS Signature Version 4)</a> in the <i>Amazon Simple Storage Service API Reference</i>. An invalid or improperly signed <code>PresignedUrl</code> will cause the copy operation to fail asynchronously, and the snapshot will move to an <code>error</code> state.</p>", + "locationName": "presignedUrl" + }, + "SourceRegion": { + "shape": "String", + "documentation": "<p>The ID of the Region that contains the snapshot to be copied.</p>" + }, + "SourceSnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the EBS snapshot to copy.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CopySnapshot.</p>" + }, + "CopySnapshotResult": { + "type": "structure", + "members": { + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the new snapshot.</p>", + "locationName": "snapshotId" + } + }, + "documentation": "<p>Contains the output of CopySnapshot.</p>" + }, + "CopyTagsFromSource": { + "type": "string", + "enum": [ + "volume" + ] + }, + "CpuOptions": { + "type": "structure", + "members": { + "CoreCount": { + "shape": "Integer", + "documentation": "<p>The number of CPU cores for the instance.</p>", + "locationName": "coreCount" + }, + "ThreadsPerCore": { + "shape": "Integer", + "documentation": "<p>The number of threads per CPU core.</p>", + "locationName": "threadsPerCore" + } + }, + "documentation": "<p>The CPU options for the instance.</p>" + }, + "CpuOptionsRequest": { + "type": "structure", + "members": { + "CoreCount": { + "shape": "Integer", + "documentation": "<p>The number of CPU cores for the instance.</p>" + }, + "ThreadsPerCore": { + "shape": "Integer", + "documentation": "<p>The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of <code>1</code>. Otherwise, specify the default value of <code>2</code>.</p>" + } + }, + "documentation": "<p>The CPU options for the instance. Both the core count and threads per core must be specified in the request.</p>" + }, + "CreateCapacityReservationRequest": { + "type": "structure", + "required": [ + "InstanceType", + "InstancePlatform", + "AvailabilityZone", + "InstanceCount" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p> <p>Constraint: Maximum 64 ASCII characters.</p>" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type for which to reserve capacity. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "InstancePlatform": { + "shape": "CapacityReservationInstancePlatform", + "documentation": "<p>The type of operating system for which to reserve capacity.</p>" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to create the Capacity Reservation.</p>" + }, + "Tenancy": { + "shape": "CapacityReservationTenancy", + "documentation": "<p>Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:</p> <ul> <li> <p> <code>default</code> - The Capacity Reservation is created on hardware that is shared with other AWS accounts.</p> </li> <li> <p> <code>dedicated</code> - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account.</p> </li> </ul>" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances for which to reserve capacity.</p>" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.</p>" + }, + "EphemeralStorage": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.</p>" + }, + "EndDate": { + "shape": "DateTime", + "documentation": "<p>The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to <code>expired</code> when it reaches its end date and time.</p> <p>You must provide an <code>EndDate</code> value if <code>EndDateType</code> is <code>limited</code>. Omit <code>EndDate</code> if <code>EndDateType</code> is <code>unlimited</code>.</p> <p>If the <code>EndDateType</code> is <code>limited</code>, the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.</p>" + }, + "EndDateType": { + "shape": "EndDateType", + "documentation": "<p>Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:</p> <ul> <li> <p> <code>unlimited</code> - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an <code>EndDate</code> if the <code>EndDateType</code> is <code>unlimited</code>.</p> </li> <li> <p> <code>limited</code> - The Capacity Reservation expires automatically at a specified date and time. You must provide an <code>EndDate</code> value if the <code>EndDateType</code> value is <code>limited</code>.</p> </li> </ul>" + }, + "InstanceMatchCriteria": { + "shape": "InstanceMatchCriteria", + "documentation": "<p>Indicates the type of instance launches that the Capacity Reservation accepts. The options include:</p> <ul> <li> <p> <code>open</code> - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.</p> </li> <li> <p> <code>targeted</code> - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity. </p> </li> </ul> <p>Default: <code>open</code> </p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the Capacity Reservation during launch.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateCapacityReservationResult": { + "type": "structure", + "members": { + "CapacityReservation": { + "shape": "CapacityReservation", + "documentation": "<p>Information about the Capacity Reservation.</p>", + "locationName": "capacityReservation" + } + } + }, + "CreateClientVpnEndpointRequest": { + "type": "structure", + "required": [ + "ClientCidrBlock", + "ServerCertificateArn", + "AuthenticationOptions", + "ConnectionLogOptions" + ], + "members": { + "ClientCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. The CIDR block should be /22 or greater.</p>" + }, + "ServerCertificateArn": { + "shape": "String", + "documentation": "<p>The ARN of the server certificate. For more information, see the <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/\">AWS Certificate Manager User Guide</a>.</p>" + }, + "AuthenticationOptions": { + "shape": "ClientVpnAuthenticationRequestList", + "documentation": "<p>Information about the authentication method to be used to authenticate clients.</p>", + "locationName": "Authentication" + }, + "ConnectionLogOptions": { + "shape": "ConnectionLogOptions", + "documentation": "<p>Information about the client connection logging options.</p> <p>If you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:</p> <ul> <li> <p>Client connection requests</p> </li> <li> <p>Client connection results (successful and unsuccessful)</p> </li> <li> <p>Reasons for unsuccessful client connection requests</p> </li> <li> <p>Client connection termination time</p> </li> </ul>" + }, + "DnsServers": { + "shape": "ValueStringList", + "documentation": "<p>Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address of the VPC that is to be associated with Client VPN endpoint is used as the DNS server.</p>" + }, + "TransportProtocol": { + "shape": "TransportProtocol", + "documentation": "<p>The transport protocol to be used by the VPN session.</p> <p>Default value: <code>udp</code> </p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the Client VPN endpoint.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the Client VPN endpoint during creation.</p>", + "locationName": "TagSpecification" + } + } + }, + "CreateClientVpnEndpointResult": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>", + "locationName": "clientVpnEndpointId" + }, + "Status": { + "shape": "ClientVpnEndpointStatus", + "documentation": "<p>The current state of the Client VPN endpoint.</p>", + "locationName": "status" + }, + "DnsName": { + "shape": "String", + "documentation": "<p>The DNS name to be used by clients when establishing their VPN session.</p>", + "locationName": "dnsName" + } + } + }, + "CreateClientVpnRouteRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "DestinationCidrBlock", + "TargetVpcSubnetId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint to which to add the route.</p>" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the route destination. For example:</p> <ul> <li> <p>To add a route for Internet access, enter <code>0.0.0.0/0</code> </p> </li> <li> <p>To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range</p> </li> <li> <p>To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range</p> </li> </ul> <p>Route address ranges cannot overlap with the CIDR range specified for client allocation.</p>" + }, + "TargetVpcSubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the route.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateClientVpnRouteResult": { + "type": "structure", + "members": { + "Status": { + "shape": "ClientVpnRouteStatus", + "documentation": "<p>The current state of the route.</p>", + "locationName": "status" + } + } + }, + "CreateCustomerGatewayRequest": { + "type": "structure", + "required": [ + "BgpAsn", + "PublicIp", + "Type" + ], + "members": { + "BgpAsn": { + "shape": "Integer", + "documentation": "<p>For devices that support BGP, the customer gateway's BGP ASN.</p> <p>Default: 65000</p>" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Internet-routable IP address for the customer gateway's outside interface. The address must be static.</p>", + "locationName": "IpAddress" + }, + "Type": { + "shape": "GatewayType", + "documentation": "<p>The type of VPN connection that this customer gateway supports (<code>ipsec.1</code>).</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CreateCustomerGateway.</p>" + }, + "CreateCustomerGatewayResult": { + "type": "structure", + "members": { + "CustomerGateway": { + "shape": "CustomerGateway", + "documentation": "<p>Information about the customer gateway.</p>", + "locationName": "customerGateway" + } + }, + "documentation": "<p>Contains the output of CreateCustomerGateway.</p>" + }, + "CreateDefaultSubnetRequest": { + "type": "structure", + "required": [ + "AvailabilityZone" + ], + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to create the default subnet.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateDefaultSubnetResult": { + "type": "structure", + "members": { + "Subnet": { + "shape": "Subnet", + "documentation": "<p>Information about the subnet.</p>", + "locationName": "subnet" + } + } + }, + "CreateDefaultVpcRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateDefaultVpcResult": { + "type": "structure", + "members": { + "Vpc": { + "shape": "Vpc", + "documentation": "<p>Information about the VPC.</p>", + "locationName": "vpc" + } + } + }, + "CreateDhcpOptionsRequest": { + "type": "structure", + "required": [ + "DhcpConfigurations" + ], + "members": { + "DhcpConfigurations": { + "shape": "NewDhcpConfigurationList", + "documentation": "<p>A DHCP configuration option.</p>", + "locationName": "dhcpConfiguration" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "CreateDhcpOptionsResult": { + "type": "structure", + "members": { + "DhcpOptions": { + "shape": "DhcpOptions", + "documentation": "<p>A set of DHCP options.</p>", + "locationName": "dhcpOptions" + } + } + }, + "CreateEgressOnlyInternetGatewayRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC for which to create the egress-only internet gateway.</p>" + } + } + }, + "CreateEgressOnlyInternetGatewayResult": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>", + "locationName": "clientToken" + }, + "EgressOnlyInternetGateway": { + "shape": "EgressOnlyInternetGateway", + "documentation": "<p>Information about the egress-only internet gateway.</p>", + "locationName": "egressOnlyInternetGateway" + } + } + }, + "CreateFleetError": { + "type": "structure", + "members": { + "LaunchTemplateAndOverrides": { + "shape": "LaunchTemplateAndOverridesResponse", + "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>", + "locationName": "launchTemplateAndOverrides" + }, + "Lifecycle": { + "shape": "InstanceLifecycle", + "documentation": "<p>Indicates if the instance that could not be launched was a Spot Instance or On-Demand Instance.</p>", + "locationName": "lifecycle" + }, + "ErrorCode": { + "shape": "String", + "documentation": "<p>The error code that indicates why the instance could not be launched. For more information about error codes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>", + "locationName": "errorCode" + }, + "ErrorMessage": { + "shape": "String", + "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see ee <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>", + "locationName": "errorMessage" + } + }, + "documentation": "<p>Describes the instances that could not be launched by the fleet.</p>" + }, + "CreateFleetErrorsSet": { + "type": "list", + "member": { + "shape": "CreateFleetError", + "locationName": "item" + } + }, + "CreateFleetInstance": { + "type": "structure", + "members": { + "LaunchTemplateAndOverrides": { + "shape": "LaunchTemplateAndOverridesResponse", + "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>", + "locationName": "launchTemplateAndOverrides" + }, + "Lifecycle": { + "shape": "InstanceLifecycle", + "documentation": "<p>Indicates if the instance that was launched is a Spot Instance or On-Demand Instance.</p>", + "locationName": "lifecycle" + }, + "InstanceIds": { + "shape": "InstanceIdsSet", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "instanceIds" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>The value is <code>Windows</code> for Windows instances; otherwise blank.</p>", + "locationName": "platform" + } + }, + "documentation": "<p>Describes the instances that were launched by the fleet.</p>" + }, + "CreateFleetInstancesSet": { + "type": "list", + "member": { + "shape": "CreateFleetInstance", + "locationName": "item" + } + }, + "CreateFleetRequest": { + "type": "structure", + "required": [ + "LaunchTemplateConfigs", + "TargetCapacitySpecification" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>" + }, + "SpotOptions": { + "shape": "SpotOptionsRequest", + "documentation": "<p>Describes the configuration of Spot Instances in an EC2 Fleet.</p>" + }, + "OnDemandOptions": { + "shape": "OnDemandOptionsRequest", + "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>" + }, + "ExcessCapacityTerminationPolicy": { + "shape": "FleetExcessCapacityTerminationPolicy", + "documentation": "<p>Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.</p>" + }, + "LaunchTemplateConfigs": { + "shape": "FleetLaunchTemplateConfigListRequest", + "documentation": "<p>The configuration for the EC2 Fleet.</p>" + }, + "TargetCapacitySpecification": { + "shape": "TargetCapacitySpecificationRequest", + "documentation": "<p>The <code>TotalTargetCapacity</code>, <code>OnDemandTargetCapacity</code>, <code>SpotTargetCapacity</code>, and <code>DefaultCapacityType</code> structure.</p>" + }, + "TerminateInstancesWithExpiration": { + "shape": "Boolean", + "documentation": "<p>Indicates whether running instances should be terminated when the EC2 Fleet expires.</p>" + }, + "Type": { + "shape": "FleetType", + "documentation": "<p>The type of the request. By default, the EC2 Fleet places an asynchronous request for your desired capacity, and maintains it by replenishing interrupted Spot Instances (<code>maintain</code>). A value of <code>instant</code> places a synchronous one-time request, and returns errors for any instances that could not be launched. A value of <code>request</code> places an asynchronous one-time request without maintaining capacity or submitting requests in alternative capacity pools if capacity is unavailable. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-configuration-strategies.html#ec2-fleet-request-type\">EC2 Fleet Request Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ValidFrom": { + "shape": "DateTime", + "documentation": "<p>The start date and time of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). The default is to start fulfilling the request immediately.</p>" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date and time of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.</p>" + }, + "ReplaceUnhealthyInstances": { + "shape": "Boolean", + "documentation": "<p>Indicates whether EC2 Fleet should replace unhealthy instances.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The key-value pair for tagging the EC2 Fleet request on creation. The value for <code>ResourceType</code> must be <code>fleet</code>, otherwise the fleet request fails. To tag instances at launch, specify the tags in the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template\">launch template</a>. For information about tagging after launch, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources\">Tagging Your Resources</a>. </p>", + "locationName": "TagSpecification" + } + } + }, + "CreateFleetResult": { + "type": "structure", + "members": { + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>", + "locationName": "fleetId" + }, + "Errors": { + "shape": "CreateFleetErrorsSet", + "documentation": "<p>Information about the instances that could not be launched by the fleet. Valid only when <b>Type</b> is set to <code>instant</code>.</p>", + "locationName": "errorSet" + }, + "Instances": { + "shape": "CreateFleetInstancesSet", + "documentation": "<p>Information about the instances that were launched by the fleet. Valid only when <b>Type</b> is set to <code>instant</code>.</p>", + "locationName": "fleetInstanceSet" + } + } + }, + "CreateFlowLogsRequest": { + "type": "structure", + "required": [ + "ResourceIds", + "ResourceType", + "TrafficType" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + }, + "DeliverLogsPermissionArn": { + "shape": "String", + "documentation": "<p>The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p>" + }, + "LogGroupName": { + "shape": "String", + "documentation": "<p>The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p>" + }, + "ResourceIds": { + "shape": "ValueStringList", + "documentation": "<p>The ID of the subnet, network interface, or VPC for which you want to create a flow log.</p> <p>Constraints: Maximum of 1000 resources</p>", + "locationName": "ResourceId" + }, + "ResourceType": { + "shape": "FlowLogsResourceType", + "documentation": "<p>The type of resource for which to create the flow log. For example, if you specified a VPC ID for the <code>ResourceId</code> property, specify <code>VPC</code> for this property.</p>" + }, + "TrafficType": { + "shape": "TrafficType", + "documentation": "<p>The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic.</p>" + }, + "LogDestinationType": { + "shape": "LogDestinationType", + "documentation": "<p>Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3. To publish flow log data to CloudWatch Logs, specify <code>cloud-watch-logs</code>. To publish flow log data to Amazon S3, specify <code>s3</code>.</p> <p>If you specify <code>LogDestinationType</code> as <code>s3</code>, do not specify <code>DeliverLogsPermissionArn</code> or <code>LogGroupName</code>.</p> <p>Default: <code>cloud-watch-logs</code> </p>" + }, + "LogDestination": { + "shape": "String", + "documentation": "<p>Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group or an Amazon S3 bucket. The value specified for this parameter depends on the value specified for <code>LogDestinationType</code>.</p> <p>If LogDestinationType is not specified or <code>cloud-watch-logs</code>, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group.</p> <p>If LogDestinationType is <code>s3</code>, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: <code>bucket_ARN/subfolder_name/</code>. For example, to specify a subfolder named <code>my-logs</code> in a bucket named <code>my-bucket</code>, use the following ARN: <code>arn:aws:s3:::my-bucket/my-logs/</code>. You cannot use <code>AWSLogs</code> as a subfolder name. This is a reserved term.</p>" + } + } + }, + "CreateFlowLogsResult": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.</p>", + "locationName": "clientToken" + }, + "FlowLogIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the flow logs.</p>", + "locationName": "flowLogIdSet" + }, + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the flow logs that could not be created successfully.</p>", + "locationName": "unsuccessful" + } + } + }, + "CreateFpgaImageRequest": { + "type": "structure", + "required": [ + "InputStorageLocation" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "InputStorageLocation": { + "shape": "StorageLocation", + "documentation": "<p>The location of the encrypted design checkpoint in Amazon S3. The input must be a tarball.</p>" + }, + "LogsStorageLocation": { + "shape": "StorageLocation", + "documentation": "<p>The location in Amazon S3 for the output logs.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the AFI.</p>" + }, + "Name": { + "shape": "String", + "documentation": "<p>A name for the AFI.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>" + } + } + }, + "CreateFpgaImageResult": { + "type": "structure", + "members": { + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The FPGA image identifier (AFI ID).</p>", + "locationName": "fpgaImageId" + }, + "FpgaImageGlobalId": { + "shape": "String", + "documentation": "<p>The global FPGA image identifier (AGFI ID).</p>", + "locationName": "fpgaImageGlobalId" + } + } + }, + "CreateImageRequest": { + "type": "structure", + "required": [ + "InstanceId", + "Name" + ], + "members": { + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingRequestList", + "documentation": "<p>The block device mappings. This parameter cannot be used to modify the encryption status of existing volumes or snapshots. To create an AMI with encrypted snapshots, use the <a>CopyImage</a> action.</p>", + "locationName": "blockDeviceMapping" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the new image.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Name": { + "shape": "String", + "documentation": "<p>A name for the new image.</p> <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>", + "locationName": "name" + }, + "NoReboot": { + "shape": "Boolean", + "documentation": "<p>By default, Amazon EC2 attempts to shut down and reboot the instance before creating the image. If the 'No Reboot' option is set, Amazon EC2 doesn't shut down the instance before creating the image. When this option is used, file system integrity on the created image can't be guaranteed.</p>", + "locationName": "noReboot" + } + } + }, + "CreateImageResult": { + "type": "structure", + "members": { + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the new AMI.</p>", + "locationName": "imageId" + } + } + }, + "CreateInstanceExportTaskRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the conversion task or the resource being exported. The maximum length is 255 bytes.</p>", + "locationName": "description" + }, + "ExportToS3Task": { + "shape": "ExportToS3TaskSpecification", + "documentation": "<p>The format and location for an instance export task.</p>", + "locationName": "exportToS3" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "TargetEnvironment": { + "shape": "ExportEnvironment", + "documentation": "<p>The target virtualization environment.</p>", + "locationName": "targetEnvironment" + } + } + }, + "CreateInstanceExportTaskResult": { + "type": "structure", + "members": { + "ExportTask": { + "shape": "ExportTask", + "documentation": "<p>Information about the instance export task.</p>", + "locationName": "exportTask" + } + } + }, + "CreateInternetGatewayRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "CreateInternetGatewayResult": { + "type": "structure", + "members": { + "InternetGateway": { + "shape": "InternetGateway", + "documentation": "<p>Information about the internet gateway.</p>", + "locationName": "internetGateway" + } + } + }, + "CreateKeyPairRequest": { + "type": "structure", + "required": [ + "KeyName" + ], + "members": { + "KeyName": { + "shape": "String", + "documentation": "<p>A unique name for the key pair.</p> <p>Constraints: Up to 255 ASCII characters</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "CreateLaunchTemplateRequest": { + "type": "structure", + "required": [ + "LaunchTemplateName", + "LaunchTemplateData" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraint: Maximum 128 ASCII characters.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>A name for the launch template.</p>" + }, + "VersionDescription": { + "shape": "VersionDescription", + "documentation": "<p>A description for the first version of the launch template.</p>" + }, + "LaunchTemplateData": { + "shape": "RequestLaunchTemplateData", + "documentation": "<p>The information for the launch template.</p>" + } + } + }, + "CreateLaunchTemplateResult": { + "type": "structure", + "members": { + "LaunchTemplate": { + "shape": "LaunchTemplate", + "documentation": "<p>Information about the launch template.</p>", + "locationName": "launchTemplate" + } + } + }, + "CreateLaunchTemplateVersionRequest": { + "type": "structure", + "required": [ + "LaunchTemplateData" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraint: Maximum 128 ASCII characters.</p>" + }, + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "SourceVersion": { + "shape": "String", + "documentation": "<p>The version number of the launch template version on which to base the new version. The new version inherits the same launch parameters as the source version, except for parameters that you specify in LaunchTemplateData.</p>" + }, + "VersionDescription": { + "shape": "VersionDescription", + "documentation": "<p>A description for the version of the launch template.</p>" + }, + "LaunchTemplateData": { + "shape": "RequestLaunchTemplateData", + "documentation": "<p>The information for the launch template.</p>" + } + } + }, + "CreateLaunchTemplateVersionResult": { + "type": "structure", + "members": { + "LaunchTemplateVersion": { + "shape": "LaunchTemplateVersion", + "documentation": "<p>Information about the launch template version.</p>", + "locationName": "launchTemplateVersion" + } + } + }, + "CreateNatGatewayRequest": { + "type": "structure", + "required": [ + "AllocationId", + "SubnetId" + ], + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>The allocation ID of an Elastic IP address to associate with the NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p> <p>Constraint: Maximum 64 ASCII characters.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The subnet in which to create the NAT gateway.</p>" + } + } + }, + "CreateNatGatewayResult": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier to ensure the idempotency of the request. Only returned if a client token was provided in the request.</p>", + "locationName": "clientToken" + }, + "NatGateway": { + "shape": "NatGateway", + "documentation": "<p>Information about the NAT gateway.</p>", + "locationName": "natGateway" + } + } + }, + "CreateNetworkAclEntryRequest": { + "type": "structure", + "required": [ + "Egress", + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" + ], + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 network range to allow or deny, in CIDR notation (for example <code>172.16.0.0/24</code>).</p>", + "locationName": "cidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Egress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet).</p>", + "locationName": "egress" + }, + "IcmpTypeCode": { + "shape": "IcmpTypeCode", + "documentation": "<p>ICMP protocol: The ICMP or ICMPv6 type and code. Required if specifying protocol 1 (ICMP) or protocol 58 (ICMPv6) with an IPv6 CIDR block.</p>", + "locationName": "Icmp" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 network range to allow or deny, in CIDR notation (for example <code>2001:db8:1234:1a00::/64</code>).</p>", + "locationName": "ipv6CidrBlock" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the network ACL.</p>", + "locationName": "networkAclId" + }, + "PortRange": { + "shape": "PortRange", + "documentation": "<p>TCP or UDP protocols: The range of ports the rule applies to. Required if specifying protocol 6 (TCP) or 17 (UDP).</p>", + "locationName": "portRange" + }, + "Protocol": { + "shape": "String", + "documentation": "<p>The protocol number. A value of \"-1\" means all protocols. If you specify \"-1\" or a protocol number other than \"6\" (TCP), \"17\" (UDP), or \"1\" (ICMP), traffic on all ports is allowed, regardless of any ports or ICMP types or codes that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and codes allowed, regardless of any that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv6 CIDR block, you must specify an ICMP type and code.</p>", + "locationName": "protocol" + }, + "RuleAction": { + "shape": "RuleAction", + "documentation": "<p>Indicates whether to allow or deny the traffic that matches the rule.</p>", + "locationName": "ruleAction" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.</p> <p>Constraints: Positive integer from 1 to 32766. The range 32767 to 65535 is reserved for internal use.</p>", + "locationName": "ruleNumber" + } + } + }, + "CreateNetworkAclRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "CreateNetworkAclResult": { + "type": "structure", + "members": { + "NetworkAcl": { + "shape": "NetworkAcl", + "documentation": "<p>Information about the network ACL.</p>", + "locationName": "networkAcl" + } + } + }, + "CreateNetworkInterfacePermissionRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId", + "Permission" + ], + "members": { + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>" + }, + "AwsAccountId": { + "shape": "String", + "documentation": "<p>The AWS account ID.</p>" + }, + "AwsService": { + "shape": "String", + "documentation": "<p>The AWS service. Currently not supported.</p>" + }, + "Permission": { + "shape": "InterfacePermissionType", + "documentation": "<p>The type of permission to grant.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + }, + "documentation": "<p>Contains the parameters for CreateNetworkInterfacePermission.</p>" + }, + "CreateNetworkInterfacePermissionResult": { + "type": "structure", + "members": { + "InterfacePermission": { + "shape": "NetworkInterfacePermission", + "documentation": "<p>Information about the permission for the network interface.</p>", + "locationName": "interfacePermission" + } + }, + "documentation": "<p>Contains the output of CreateNetworkInterfacePermission.</p>" + }, + "CreateNetworkInterfaceRequest": { + "type": "structure", + "required": [ + "SubnetId" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the network interface.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Groups": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>The IDs of one or more security groups.</p>", + "locationName": "SecurityGroupId" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses. If your subnet has the <code>AssignIpv6AddressOnCreation</code> attribute set to <code>true</code>, you can specify <code>0</code> to override this setting.</p>", + "locationName": "ipv6AddressCount" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressList", + "documentation": "<p>One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.</p>", + "locationName": "ipv6Addresses" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The primary private IPv4 address of the network interface. If you don't specify an IPv4 address, Amazon EC2 selects one for you from the subnet's IPv4 CIDR range. If you specify an IP address, you cannot indicate any IP addresses specified in <code>privateIpAddresses</code> as primary (only one IP address can be designated as primary).</p>", + "locationName": "privateIpAddress" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressSpecificationList", + "documentation": "<p>One or more private IPv4 addresses.</p>", + "locationName": "privateIpAddresses" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using <code>privateIpAddresses</code>.</p> <p>The number of IP addresses you can assign to a network interface varies by instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI\">IP Addresses Per ENI Per Instance Type</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>", + "locationName": "secondaryPrivateIpAddressCount" + }, + "InterfaceType": { + "shape": "NetworkInterfaceCreationType", + "documentation": "<p>Indicates the type of network interface. To create an Elastic Fabric Adapter (EFA), specify <code>efa</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html\"> Elastic Fabric Adapter</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>If you are not creating an EFA, specify <code>interface</code> or omit this parameter.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet to associate with the network interface.</p>", + "locationName": "subnetId" + } + }, + "documentation": "<p>Contains the parameters for CreateNetworkInterface.</p>" + }, + "CreateNetworkInterfaceResult": { + "type": "structure", + "members": { + "NetworkInterface": { + "shape": "NetworkInterface", + "documentation": "<p>Information about the network interface.</p>", + "locationName": "networkInterface" + } + }, + "documentation": "<p>Contains the output of CreateNetworkInterface.</p>" + }, + "CreatePlacementGroupRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>A name for the placement group. Must be unique within the scope of your account for the Region.</p> <p>Constraints: Up to 255 ASCII characters</p>", + "locationName": "groupName" + }, + "Strategy": { + "shape": "PlacementStrategy", + "documentation": "<p>The placement strategy.</p>", + "locationName": "strategy" + }, + "PartitionCount": { + "shape": "Integer", + "documentation": "<p>The number of partitions. Valid only when <b>Strategy</b> is set to <code>partition</code>.</p>" + } + } + }, + "CreateReservedInstancesListingRequest": { + "type": "structure", + "required": [ + "ClientToken", + "InstanceCount", + "PriceSchedules", + "ReservedInstancesId" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure idempotency of your listings. This helps avoid duplicate listings. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances that are a part of a Reserved Instance account to be listed in the Reserved Instance Marketplace. This number should be less than or equal to the instance count associated with the Reserved Instance ID specified in this call.</p>", + "locationName": "instanceCount" + }, + "PriceSchedules": { + "shape": "PriceScheduleSpecificationList", + "documentation": "<p>A list specifying the price of the Standard Reserved Instance for each month remaining in the Reserved Instance term.</p>", + "locationName": "priceSchedules" + }, + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The ID of the active Standard Reserved Instance.</p>", + "locationName": "reservedInstancesId" + } + }, + "documentation": "<p>Contains the parameters for CreateReservedInstancesListing.</p>" + }, + "CreateReservedInstancesListingResult": { + "type": "structure", + "members": { + "ReservedInstancesListings": { + "shape": "ReservedInstancesListingList", + "documentation": "<p>Information about the Standard Reserved Instance listing.</p>", + "locationName": "reservedInstancesListingsSet" + } + }, + "documentation": "<p>Contains the output of CreateReservedInstancesListing.</p>" + }, + "CreateRouteRequest": { + "type": "structure", + "required": [ + "RouteTableId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match.</p>", + "locationName": "destinationCidrBlock" + }, + "DestinationIpv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.</p>", + "locationName": "destinationIpv6CidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EgressOnlyInternetGatewayId": { + "shape": "String", + "documentation": "<p>[IPv6 traffic only] The ID of an egress-only internet gateway.</p>", + "locationName": "egressOnlyInternetGatewayId" + }, + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of an internet gateway or virtual private gateway attached to your VPC.</p>", + "locationName": "gatewayId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.</p>", + "locationName": "instanceId" + }, + "NatGatewayId": { + "shape": "String", + "documentation": "<p>[IPv4 traffic only] The ID of a NAT gateway.</p>", + "locationName": "natGatewayId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of a transit gateway.</p>" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of a network interface.</p>", + "locationName": "networkInterfaceId" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table for the route.</p>", + "locationName": "routeTableId" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of a VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + } + }, + "CreateRouteResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "CreateRouteTableRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "CreateRouteTableResult": { + "type": "structure", + "members": { + "RouteTable": { + "shape": "RouteTable", + "documentation": "<p>Information about the route table.</p>", + "locationName": "routeTable" + } + } + }, + "CreateSecurityGroupRequest": { + "type": "structure", + "required": [ + "Description", + "GroupName" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the security group. This is informational only.</p> <p>Constraints: Up to 255 characters in length</p> <p>Constraints for EC2-Classic: ASCII characters</p> <p>Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*</p>", + "locationName": "GroupDescription" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group.</p> <p>Constraints: Up to 255 characters in length. Cannot start with <code>sg-</code>.</p> <p>Constraints for EC2-Classic: ASCII characters</p> <p>Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the VPC. Required for EC2-VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "CreateSecurityGroupResult": { + "type": "structure", + "members": { + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + } + } + }, + "CreateSnapshotRequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the snapshot.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the EBS volume.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the snapshot during creation.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CreateSnapshot.</p>" + }, + "CreateSnapshotsRequest": { + "type": "structure", + "required": [ + "InstanceSpecification" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p> A description propagated to every snapshot specified by the instance.</p>" + }, + "InstanceSpecification": { + "shape": "InstanceSpecification", + "documentation": "<p>The instance to specify which volumes should be included in the snapshots.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>Tags to apply to every snapshot specified by the instance.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action without actually making the request. Provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.</p>" + }, + "CopyTagsFromSource": { + "shape": "CopyTagsFromSource", + "documentation": "<p>Copies the tags from the specified instance to all snapshots.</p>" + } + } + }, + "CreateSnapshotsResult": { + "type": "structure", + "members": { + "Snapshots": { + "shape": "SnapshotSet", + "documentation": "<p>List of snapshots.</p>", + "locationName": "snapshotSet" + } + } + }, + "CreateSpotDatafeedSubscriptionRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "String", + "documentation": "<p>The Amazon S3 bucket in which to store the Spot Instance data feed.</p>", + "locationName": "bucket" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Prefix": { + "shape": "String", + "documentation": "<p>A prefix for the data feed file names.</p>", + "locationName": "prefix" + } + }, + "documentation": "<p>Contains the parameters for CreateSpotDatafeedSubscription.</p>" + }, + "CreateSpotDatafeedSubscriptionResult": { + "type": "structure", + "members": { + "SpotDatafeedSubscription": { + "shape": "SpotDatafeedSubscription", + "documentation": "<p>The Spot Instance data feed subscription.</p>", + "locationName": "spotDatafeedSubscription" + } + }, + "documentation": "<p>Contains the output of CreateSpotDatafeedSubscription.</p>" + }, + "CreateSubnetRequest": { + "type": "structure", + "required": [ + "CidrBlock", + "VpcId" + ], + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the subnet.</p> <p>Default: AWS selects one for you. If you create more than one subnet in your VPC, we may not necessarily select a different zone for each subnet.</p>" + }, + "AvailabilityZoneId": { + "shape": "String", + "documentation": "<p>The AZ ID of the subnet.</p>" + }, + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 network range for the subnet, in CIDR notation. For example, <code>10.0.0.0/24</code>.</p>" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "CreateSubnetResult": { + "type": "structure", + "members": { + "Subnet": { + "shape": "Subnet", + "documentation": "<p>Information about the subnet.</p>", + "locationName": "subnet" + } + } + }, + "CreateTagsRequest": { + "type": "structure", + "required": [ + "Resources", + "Tags" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Resources": { + "shape": "ResourceIdList", + "documentation": "<p>The IDs of the resources, separated by spaces.</p> <p>Constraints: Up to 1000 resource IDs. We recommend breaking up this request into smaller batches.</p>", + "locationName": "ResourceId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags. The <code>value</code> parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.</p>", + "locationName": "Tag" + } + } + }, + "CreateTrafficMirrorFilterRequest": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror filter.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to assign to a Traffic Mirror filter.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + } + } + }, + "CreateTrafficMirrorFilterResult": { + "type": "structure", + "members": { + "TrafficMirrorFilter": { + "shape": "TrafficMirrorFilter", + "documentation": "<p>Information about the Traffic Mirror filter.</p>", + "locationName": "trafficMirrorFilter" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + } + } + }, + "CreateTrafficMirrorFilterRuleRequest": { + "type": "structure", + "required": [ + "TrafficMirrorFilterId", + "TrafficDirection", + "RuleNumber", + "RuleAction", + "DestinationCidrBlock", + "SourceCidrBlock" + ], + "members": { + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the filter that this rule is associated with.</p>" + }, + "TrafficDirection": { + "shape": "TrafficDirection", + "documentation": "<p>The type of traffic (<code>ingress</code> | <code>egress</code>).</p>" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.</p>" + }, + "RuleAction": { + "shape": "TrafficMirrorRuleAction", + "documentation": "<p>The action to take (<code>accept</code> | <code>reject</code>) on the filtered traffic.</p>" + }, + "DestinationPortRange": { + "shape": "TrafficMirrorPortRangeRequest", + "documentation": "<p>The destination port range.</p>" + }, + "SourcePortRange": { + "shape": "TrafficMirrorPortRangeRequest", + "documentation": "<p>The source port range.</p>" + }, + "Protocol": { + "shape": "Integer", + "documentation": "<p>The protocol, for example UDP, to assign to the Traffic Mirror rule.</p> <p>For information about the protocol value, see <a href=\"https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\">Protocol Numbers</a> on the Internet Assigned Numbers Authority (IANA) website.</p>" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The destination CIDR block to assign to the Traffic Mirror rule.</p>" + }, + "SourceCidrBlock": { + "shape": "String", + "documentation": "<p>The source CIDR block to assign to the Traffic Mirror rule.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror rule.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + } + } + }, + "CreateTrafficMirrorFilterRuleResult": { + "type": "structure", + "members": { + "TrafficMirrorFilterRule": { + "shape": "TrafficMirrorFilterRule", + "documentation": "<p>The Traffic Mirror rule.</p>", + "locationName": "trafficMirrorFilterRule" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + } + } + }, + "CreateTrafficMirrorSessionRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId", + "TrafficMirrorTargetId", + "TrafficMirrorFilterId", + "SessionNumber" + ], + "members": { + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the source network interface.</p>" + }, + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror target.</p>" + }, + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>" + }, + "PacketLength": { + "shape": "Integer", + "documentation": "<p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 1network0, then the first 100 bytes that meet the filter criteria are copied to the target.</p> <p>If you do not want to mirror the entire packet, use the <code>PacketLength</code> parameter to specify the number of bytes in each packet to mirror.</p>" + }, + "SessionNumber": { + "shape": "Integer", + "documentation": "<p>The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.</p> <p>Valid values are 1-32766.</p>" + }, + "VirtualNetworkId": { + "shape": "Integer", + "documentation": "<p>The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see <a href=\"https://tools.ietf.org/html/rfc7348\">RFC 7348</a>. If you do not specify a <code>VirtualNetworkId</code>, an account-wide unique id is chosen at random.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror session.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to assign to a Traffic Mirror session.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + } + } + }, + "CreateTrafficMirrorSessionResult": { + "type": "structure", + "members": { + "TrafficMirrorSession": { + "shape": "TrafficMirrorSession", + "documentation": "<p>Information about the Traffic Mirror session.</p>", + "locationName": "trafficMirrorSession" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + } + } + }, + "CreateTrafficMirrorTargetRequest": { + "type": "structure", + "members": { + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The network interface ID that is associated with the target.</p>" + }, + "NetworkLoadBalancerArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror target.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to assign to the Traffic Mirror target.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "idempotencyToken": true + } + } + }, + "CreateTrafficMirrorTargetResult": { + "type": "structure", + "members": { + "TrafficMirrorTarget": { + "shape": "TrafficMirrorTarget", + "documentation": "<p>Information about the Traffic Mirror target.</p>", + "locationName": "trafficMirrorTarget" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + } + } + }, + "CreateTransitGatewayRequest": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the transit gateway.</p>" + }, + "Options": { + "shape": "TransitGatewayRequestOptions", + "documentation": "<p>The transit gateway options.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the transit gateway.</p>", + "locationName": "TagSpecification" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateTransitGatewayResult": { + "type": "structure", + "members": { + "TransitGateway": { + "shape": "TransitGateway", + "documentation": "<p>Information about the transit gateway.</p>", + "locationName": "transitGateway" + } + } + }, + "CreateTransitGatewayRouteRequest": { + "type": "structure", + "required": [ + "DestinationCidrBlock", + "TransitGatewayRouteTableId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR range used for destination matches. Routing decisions are based on the most specific match.</p>" + }, + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "Blackhole": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to drop traffic that matches this route.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateTransitGatewayRouteResult": { + "type": "structure", + "members": { + "Route": { + "shape": "TransitGatewayRoute", + "documentation": "<p>Information about the route.</p>", + "locationName": "route" + } + } + }, + "CreateTransitGatewayRouteTableRequest": { + "type": "structure", + "required": [ + "TransitGatewayId" + ], + "members": { + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the transit gateway route table.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateTransitGatewayRouteTableResult": { + "type": "structure", + "members": { + "TransitGatewayRouteTable": { + "shape": "TransitGatewayRouteTable", + "documentation": "<p>Information about the transit gateway route table.</p>", + "locationName": "transitGatewayRouteTable" + } + } + }, + "CreateTransitGatewayVpcAttachmentRequest": { + "type": "structure", + "required": [ + "TransitGatewayId", + "VpcId", + "SubnetIds" + ], + "members": { + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "SubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.</p>" + }, + "Options": { + "shape": "CreateTransitGatewayVpcAttachmentRequestOptions", + "documentation": "<p>The VPC attachment options.</p>" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the VPC attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "CreateTransitGatewayVpcAttachmentRequestOptions": { + "type": "structure", + "members": { + "DnsSupport": { + "shape": "DnsSupportValue", + "documentation": "<p>Enable or disable DNS support. The default is <code>enable</code>.</p>" + }, + "Ipv6Support": { + "shape": "Ipv6SupportValue", + "documentation": "<p>Enable or disable IPv6 support. The default is <code>enable</code>.</p>" + } + }, + "documentation": "<p>Describes the options for a VPC attachment.</p>" + }, + "CreateTransitGatewayVpcAttachmentResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachment": { + "shape": "TransitGatewayVpcAttachment", + "documentation": "<p>Information about the VPC attachment.</p>", + "locationName": "transitGatewayVpcAttachment" + } + } + }, + "CreateVolumePermission": { + "type": "structure", + "members": { + "Group": { + "shape": "PermissionGroup", + "documentation": "<p>The group to be added or removed. The possible value is <code>all</code>.</p>", + "locationName": "group" + }, + "UserId": { + "shape": "String", + "documentation": "<p>The AWS account ID to be added or removed.</p>", + "locationName": "userId" + } + }, + "documentation": "<p>Describes the user or group to be added or removed from the list of create volume permissions for a volume.</p>" + }, + "CreateVolumePermissionList": { + "type": "list", + "member": { + "shape": "CreateVolumePermission", + "locationName": "item" + } + }, + "CreateVolumePermissionModifications": { + "type": "structure", + "members": { + "Add": { + "shape": "CreateVolumePermissionList", + "documentation": "<p>Adds the specified AWS account ID or group to the list.</p>" + }, + "Remove": { + "shape": "CreateVolumePermissionList", + "documentation": "<p>Removes the specified AWS account ID or group from the list.</p>" + } + }, + "documentation": "<p>Describes modifications to the list of create volume permissions for a volume.</p>" + }, + "CreateVolumeRequest": { + "type": "structure", + "required": [ + "AvailabilityZone" + ], + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to create the volume.</p>" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Specifies whether the volume should be encrypted. The effect of setting the encryption state to <code>true</code> depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default\">Encryption by Default</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Encrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p>", + "locationName": "encrypted" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum IOPS of 64,000 is guaranteed only on <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instances</a>. Other instance families guarantee performance up to 32,000 IOPS. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>This parameter is valid only for Provisioned IOPS SSD (io1) volumes.</p>" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>" + }, + "Size": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiBs.</p> <p>Constraints: 1-16,384 for <code>gp2</code>, 4-16,384 for <code>io1</code>, 500-16,384 for <code>st1</code>, 500-16,384 for <code>sc1</code>, and 1-1,024 for <code>standard</code>. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p> <note> <p>At least one of Size or SnapshotId is required.</p> </note>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The snapshot from which to create the volume.</p> <note> <p>At least one of Size or SnapshotId are required.</p> </note>" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> <p>Defaults: If no volume type is specified, the default is <code>standard</code> in us-east-1, eu-west-1, eu-central-1, us-west-2, us-west-1, sa-east-1, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, us-gov-west-1, and cn-north-1. In all other Regions, EBS defaults to <code>gp2</code>.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the volume during creation.</p>", + "locationName": "TagSpecification" + } + }, + "documentation": "<p>Contains the parameters for CreateVolume.</p>" + }, + "CreateVpcEndpointConnectionNotificationRequest": { + "type": "structure", + "required": [ + "ConnectionNotificationArn", + "ConnectionEvents" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint service.</p>" + }, + "VpcEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint. </p>" + }, + "ConnectionNotificationArn": { + "shape": "String", + "documentation": "<p>The ARN of the SNS topic for the notifications.</p>" + }, + "ConnectionEvents": { + "shape": "ValueStringList", + "documentation": "<p>One or more endpoint events for which to receive notifications. Valid values are <code>Accept</code>, <code>Connect</code>, <code>Delete</code>, and <code>Reject</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + } + } + }, + "CreateVpcEndpointConnectionNotificationResult": { + "type": "structure", + "members": { + "ConnectionNotification": { + "shape": "ConnectionNotification", + "documentation": "<p>Information about the notification.</p>", + "locationName": "connectionNotification" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>", + "locationName": "clientToken" + } + } + }, + "CreateVpcEndpointRequest": { + "type": "structure", + "required": [ + "VpcId", + "ServiceName" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VpcEndpointType": { + "shape": "VpcEndpointType", + "documentation": "<p>The type of endpoint.</p> <p>Default: Gateway</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC in which the endpoint will be used.</p>" + }, + "ServiceName": { + "shape": "String", + "documentation": "<p>The service name. To get a list of available services, use the <a>DescribeVpcEndpointServices</a> request, or get the name from the service provider.</p>" + }, + "PolicyDocument": { + "shape": "String", + "documentation": "<p>A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.</p>" + }, + "RouteTableIds": { + "shape": "ValueStringList", + "documentation": "<p>(Gateway endpoint) One or more route table IDs.</p>", + "locationName": "RouteTableId" + }, + "SubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) The ID of one or more subnets in which to create an endpoint network interface.</p>", + "locationName": "SubnetId" + }, + "SecurityGroupIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) The ID of one or more security groups to associate with the endpoint network interface.</p>", + "locationName": "SecurityGroupId" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + }, + "PrivateDnsEnabled": { + "shape": "Boolean", + "documentation": "<p>(Interface endpoint) Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, <code>kinesis.us-east-1.amazonaws.com</code>) which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.</p> <p>To use a private hosted zone, you must set the following VPC attributes to <code>true</code>: <code>enableDnsHostnames</code> and <code>enableDnsSupport</code>. Use <a>ModifyVpcAttribute</a> to set the VPC attributes.</p> <p>Default: <code>true</code> </p>" + } + }, + "documentation": "<p>Contains the parameters for CreateVpcEndpoint.</p>" + }, + "CreateVpcEndpointResult": { + "type": "structure", + "members": { + "VpcEndpoint": { + "shape": "VpcEndpoint", + "documentation": "<p>Information about the endpoint.</p>", + "locationName": "vpcEndpoint" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>", + "locationName": "clientToken" + } + }, + "documentation": "<p>Contains the output of CreateVpcEndpoint.</p>" + }, + "CreateVpcEndpointServiceConfigurationRequest": { + "type": "structure", + "required": [ + "NetworkLoadBalancerArns" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "AcceptanceRequired": { + "shape": "Boolean", + "documentation": "<p>Indicate whether requests from service consumers to create an endpoint to your service must be accepted. To accept a request, use <a>AcceptVpcEndpointConnections</a>.</p>" + }, + "NetworkLoadBalancerArns": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARNs) of one or more Network Load Balancers for your service.</p>", + "locationName": "NetworkLoadBalancerArn" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + } + } + }, + "CreateVpcEndpointServiceConfigurationResult": { + "type": "structure", + "members": { + "ServiceConfiguration": { + "shape": "ServiceConfiguration", + "documentation": "<p>Information about the service configuration.</p>", + "locationName": "serviceConfiguration" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request.</p>", + "locationName": "clientToken" + } + } + }, + "CreateVpcPeeringConnectionRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "PeerOwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the accepter VPC.</p> <p>Default: Your AWS account ID</p>", + "locationName": "peerOwnerId" + }, + "PeerVpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.</p>", + "locationName": "peerVpcId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the requester VPC. You must specify this parameter in the request.</p>", + "locationName": "vpcId" + }, + "PeerRegion": { + "shape": "String", + "documentation": "<p>The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.</p> <p>Default: The Region in which you make the request.</p>" + } + } + }, + "CreateVpcPeeringConnectionResult": { + "type": "structure", + "members": { + "VpcPeeringConnection": { + "shape": "VpcPeeringConnection", + "documentation": "<p>Information about the VPC peering connection.</p>", + "locationName": "vpcPeeringConnection" + } + } + }, + "CreateVpcRequest": { + "type": "structure", + "required": [ + "CidrBlock" + ], + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 network range for the VPC, in CIDR notation. For example, <code>10.0.0.0/16</code>.</p>" + }, + "AmazonProvidedIpv6CidrBlock": { + "shape": "Boolean", + "documentation": "<p>Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.</p>", + "locationName": "amazonProvidedIpv6CidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceTenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy options for instances launched into the VPC. For <code>default</code>, instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For <code>dedicated</code>, instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of <code>dedicated</code> or <code>host</code> into a dedicated tenancy VPC. </p> <p> <b>Important:</b> The <code>host</code> value cannot be used with this parameter. Use the <code>default</code> or <code>dedicated</code> values only.</p> <p>Default: <code>default</code> </p>", + "locationName": "instanceTenancy" + } + } + }, + "CreateVpcResult": { + "type": "structure", + "members": { + "Vpc": { + "shape": "Vpc", + "documentation": "<p>Information about the VPC.</p>", + "locationName": "vpc" + } + } + }, + "CreateVpnConnectionRequest": { + "type": "structure", + "required": [ + "CustomerGatewayId", + "Type" + ], + "members": { + "CustomerGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the customer gateway.</p>" + }, + "Type": { + "shape": "String", + "documentation": "<p>The type of VPN connection (<code>ipsec.1</code>).</p>" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway. If you specify a virtual private gateway, you cannot specify a transit gateway.</p>" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway. If you specify a transit gateway, you cannot specify a virtual private gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Options": { + "shape": "VpnConnectionOptionsSpecification", + "documentation": "<p>The options for the VPN connection.</p>", + "locationName": "options" + } + }, + "documentation": "<p>Contains the parameters for CreateVpnConnection.</p>" + }, + "CreateVpnConnectionResult": { + "type": "structure", + "members": { + "VpnConnection": { + "shape": "VpnConnection", + "documentation": "<p>Information about the VPN connection.</p>", + "locationName": "vpnConnection" + } + }, + "documentation": "<p>Contains the output of CreateVpnConnection.</p>" + }, + "CreateVpnConnectionRouteRequest": { + "type": "structure", + "required": [ + "DestinationCidrBlock", + "VpnConnectionId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR block associated with the local subnet of the customer network.</p>" + }, + "VpnConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPN connection.</p>" + } + }, + "documentation": "<p>Contains the parameters for CreateVpnConnectionRoute.</p>" + }, + "CreateVpnGatewayRequest": { + "type": "structure", + "required": [ + "Type" + ], + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the virtual private gateway.</p>" + }, + "Type": { + "shape": "GatewayType", + "documentation": "<p>The type of VPN connection this virtual private gateway supports.</p>" + }, + "AmazonSideAsn": { + "shape": "Long", + "documentation": "<p>A private Autonomous System Number (ASN) for the Amazon side of a BGP session. If you're using a 16-bit ASN, it must be in the 64512 to 65534 range. If you're using a 32-bit ASN, it must be in the 4200000000 to 4294967294 range.</p> <p>Default: 64512</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for CreateVpnGateway.</p>" + }, + "CreateVpnGatewayResult": { + "type": "structure", + "members": { + "VpnGateway": { + "shape": "VpnGateway", + "documentation": "<p>Information about the virtual private gateway.</p>", + "locationName": "vpnGateway" + } + }, + "documentation": "<p>Contains the output of CreateVpnGateway.</p>" + }, + "CreditSpecification": { + "type": "structure", + "members": { + "CpuCredits": { + "shape": "String", + "documentation": "<p>The credit option for CPU usage of a T2 or T3 instance. Valid values are <code>standard</code> and <code>unlimited</code>.</p>", + "locationName": "cpuCredits" + } + }, + "documentation": "<p>Describes the credit option for CPU usage of a T2 or T3 instance.</p>" + }, + "CreditSpecificationRequest": { + "type": "structure", + "required": [ + "CpuCredits" + ], + "members": { + "CpuCredits": { + "shape": "String", + "documentation": "<p>The credit option for CPU usage of a T2 or T3 instance. Valid values are <code>standard</code> and <code>unlimited</code>.</p>" + } + }, + "documentation": "<p>The credit option for CPU usage of a T2 or T3 instance.</p>" + }, + "CurrencyCodeValues": { + "type": "string", + "enum": [ + "USD" + ] + }, + "CustomerGateway": { + "type": "structure", + "members": { + "BgpAsn": { + "shape": "String", + "documentation": "<p>The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).</p>", + "locationName": "bgpAsn" + }, + "CustomerGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the customer gateway.</p>", + "locationName": "customerGatewayId" + }, + "IpAddress": { + "shape": "String", + "documentation": "<p>The Internet-routable IP address of the customer gateway's outside interface.</p>", + "locationName": "ipAddress" + }, + "State": { + "shape": "String", + "documentation": "<p>The current state of the customer gateway (<code>pending | available | deleting | deleted</code>).</p>", + "locationName": "state" + }, + "Type": { + "shape": "String", + "documentation": "<p>The type of VPN connection the customer gateway supports (<code>ipsec.1</code>).</p>", + "locationName": "type" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the customer gateway.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a customer gateway.</p>" + }, + "CustomerGatewayIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "CustomerGatewayId" + } + }, + "CustomerGatewayList": { + "type": "list", + "member": { + "shape": "CustomerGateway", + "locationName": "item" + } + }, + "DatafeedSubscriptionState": { + "type": "string", + "enum": [ + "Active", + "Inactive" + ] + }, + "DateTime": { + "type": "timestamp" + }, + "DefaultRouteTableAssociationValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "DefaultRouteTablePropagationValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "DefaultTargetCapacityType": { + "type": "string", + "enum": [ + "spot", + "on-demand" + ] + }, + "DeleteClientVpnEndpointRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN to be deleted.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteClientVpnEndpointResult": { + "type": "structure", + "members": { + "Status": { + "shape": "ClientVpnEndpointStatus", + "documentation": "<p>The current state of the Client VPN endpoint.</p>", + "locationName": "status" + } + } + }, + "DeleteClientVpnRouteRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "DestinationCidrBlock" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint from which the route is to be deleted.</p>" + }, + "TargetVpcSubnetId": { + "shape": "String", + "documentation": "<p>The ID of the target subnet used by the route.</p>" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the route to be deleted.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteClientVpnRouteResult": { + "type": "structure", + "members": { + "Status": { + "shape": "ClientVpnRouteStatus", + "documentation": "<p>The current state of the route.</p>", + "locationName": "status" + } + } + }, + "DeleteCustomerGatewayRequest": { + "type": "structure", + "required": [ + "CustomerGatewayId" + ], + "members": { + "CustomerGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the customer gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteCustomerGateway.</p>" + }, + "DeleteDhcpOptionsRequest": { + "type": "structure", + "required": [ + "DhcpOptionsId" + ], + "members": { + "DhcpOptionsId": { + "shape": "String", + "documentation": "<p>The ID of the DHCP options set.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DeleteEgressOnlyInternetGatewayRequest": { + "type": "structure", + "required": [ + "EgressOnlyInternetGatewayId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "EgressOnlyInternetGatewayId": { + "shape": "EgressOnlyInternetGatewayId", + "documentation": "<p>The ID of the egress-only internet gateway.</p>" + } + } + }, + "DeleteEgressOnlyInternetGatewayResult": { + "type": "structure", + "members": { + "ReturnCode": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "returnCode" + } + } + }, + "DeleteFleetError": { + "type": "structure", + "members": { + "Code": { + "shape": "DeleteFleetErrorCode", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The description for the error code.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes an EC2 Fleet error.</p>" + }, + "DeleteFleetErrorCode": { + "type": "string", + "enum": [ + "fleetIdDoesNotExist", + "fleetIdMalformed", + "fleetNotInDeletableState", + "unexpectedError" + ] + }, + "DeleteFleetErrorItem": { + "type": "structure", + "members": { + "Error": { + "shape": "DeleteFleetError", + "documentation": "<p>The error.</p>", + "locationName": "error" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>", + "locationName": "fleetId" + } + }, + "documentation": "<p>Describes an EC2 Fleet that was not successfully deleted.</p>" + }, + "DeleteFleetErrorSet": { + "type": "list", + "member": { + "shape": "DeleteFleetErrorItem", + "locationName": "item" + } + }, + "DeleteFleetSuccessItem": { + "type": "structure", + "members": { + "CurrentFleetState": { + "shape": "FleetStateCode", + "documentation": "<p>The current state of the EC2 Fleet.</p>", + "locationName": "currentFleetState" + }, + "PreviousFleetState": { + "shape": "FleetStateCode", + "documentation": "<p>The previous state of the EC2 Fleet.</p>", + "locationName": "previousFleetState" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>", + "locationName": "fleetId" + } + }, + "documentation": "<p>Describes an EC2 Fleet that was successfully deleted.</p>" + }, + "DeleteFleetSuccessSet": { + "type": "list", + "member": { + "shape": "DeleteFleetSuccessItem", + "locationName": "item" + } + }, + "DeleteFleetsRequest": { + "type": "structure", + "required": [ + "FleetIds", + "TerminateInstances" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FleetIds": { + "shape": "FleetIdSet", + "documentation": "<p>The IDs of the EC2 Fleets.</p>", + "locationName": "FleetId" + }, + "TerminateInstances": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to terminate instances for an EC2 Fleet if it is deleted successfully.</p>" + } + } + }, + "DeleteFleetsResult": { + "type": "structure", + "members": { + "SuccessfulFleetDeletions": { + "shape": "DeleteFleetSuccessSet", + "documentation": "<p>Information about the EC2 Fleets that are successfully deleted.</p>", + "locationName": "successfulFleetDeletionSet" + }, + "UnsuccessfulFleetDeletions": { + "shape": "DeleteFleetErrorSet", + "documentation": "<p>Information about the EC2 Fleets that are not successfully deleted.</p>", + "locationName": "unsuccessfulFleetDeletionSet" + } + } + }, + "DeleteFlowLogsRequest": { + "type": "structure", + "required": [ + "FlowLogIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FlowLogIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more flow log IDs.</p> <p>Constraint: Maximum of 1000 flow log IDs.</p>", + "locationName": "FlowLogId" + } + } + }, + "DeleteFlowLogsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the flow logs that could not be deleted successfully.</p>", + "locationName": "unsuccessful" + } + } + }, + "DeleteFpgaImageRequest": { + "type": "structure", + "required": [ + "FpgaImageId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the AFI.</p>" + } + } + }, + "DeleteFpgaImageResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>", + "locationName": "return" + } + } + }, + "DeleteInternetGatewayRequest": { + "type": "structure", + "required": [ + "InternetGatewayId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InternetGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the internet gateway.</p>", + "locationName": "internetGatewayId" + } + } + }, + "DeleteKeyPairRequest": { + "type": "structure", + "required": [ + "KeyName" + ], + "members": { + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DeleteLaunchTemplateRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + } + } + }, + "DeleteLaunchTemplateResult": { + "type": "structure", + "members": { + "LaunchTemplate": { + "shape": "LaunchTemplate", + "documentation": "<p>Information about the launch template.</p>", + "locationName": "launchTemplate" + } + } + }, + "DeleteLaunchTemplateVersionsRequest": { + "type": "structure", + "required": [ + "Versions" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "Versions": { + "shape": "VersionStringList", + "documentation": "<p>The version numbers of one or more launch template versions to delete.</p>", + "locationName": "LaunchTemplateVersion" + } + } + }, + "DeleteLaunchTemplateVersionsResponseErrorItem": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>", + "locationName": "launchTemplateId" + }, + "LaunchTemplateName": { + "shape": "String", + "documentation": "<p>The name of the launch template.</p>", + "locationName": "launchTemplateName" + }, + "VersionNumber": { + "shape": "Long", + "documentation": "<p>The version number of the launch template.</p>", + "locationName": "versionNumber" + }, + "ResponseError": { + "shape": "ResponseError", + "documentation": "<p>Information about the error.</p>", + "locationName": "responseError" + } + }, + "documentation": "<p>Describes a launch template version that could not be deleted.</p>" + }, + "DeleteLaunchTemplateVersionsResponseErrorSet": { + "type": "list", + "member": { + "shape": "DeleteLaunchTemplateVersionsResponseErrorItem", + "locationName": "item" + } + }, + "DeleteLaunchTemplateVersionsResponseSuccessItem": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>", + "locationName": "launchTemplateId" + }, + "LaunchTemplateName": { + "shape": "String", + "documentation": "<p>The name of the launch template.</p>", + "locationName": "launchTemplateName" + }, + "VersionNumber": { + "shape": "Long", + "documentation": "<p>The version number of the launch template.</p>", + "locationName": "versionNumber" + } + }, + "documentation": "<p>Describes a launch template version that was successfully deleted.</p>" + }, + "DeleteLaunchTemplateVersionsResponseSuccessSet": { + "type": "list", + "member": { + "shape": "DeleteLaunchTemplateVersionsResponseSuccessItem", + "locationName": "item" + } + }, + "DeleteLaunchTemplateVersionsResult": { + "type": "structure", + "members": { + "SuccessfullyDeletedLaunchTemplateVersions": { + "shape": "DeleteLaunchTemplateVersionsResponseSuccessSet", + "documentation": "<p>Information about the launch template versions that were successfully deleted.</p>", + "locationName": "successfullyDeletedLaunchTemplateVersionSet" + }, + "UnsuccessfullyDeletedLaunchTemplateVersions": { + "shape": "DeleteLaunchTemplateVersionsResponseErrorSet", + "documentation": "<p>Information about the launch template versions that could not be deleted.</p>", + "locationName": "unsuccessfullyDeletedLaunchTemplateVersionSet" + } + } + }, + "DeleteNatGatewayRequest": { + "type": "structure", + "required": [ + "NatGatewayId" + ], + "members": { + "NatGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the NAT gateway.</p>" + } + } + }, + "DeleteNatGatewayResult": { + "type": "structure", + "members": { + "NatGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the NAT gateway.</p>", + "locationName": "natGatewayId" + } + } + }, + "DeleteNetworkAclEntryRequest": { + "type": "structure", + "required": [ + "Egress", + "NetworkAclId", + "RuleNumber" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Egress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the rule is an egress rule.</p>", + "locationName": "egress" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the network ACL.</p>", + "locationName": "networkAclId" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The rule number of the entry to delete.</p>", + "locationName": "ruleNumber" + } + } + }, + "DeleteNetworkAclRequest": { + "type": "structure", + "required": [ + "NetworkAclId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the network ACL.</p>", + "locationName": "networkAclId" + } + } + }, + "DeleteNetworkInterfacePermissionRequest": { + "type": "structure", + "required": [ + "NetworkInterfacePermissionId" + ], + "members": { + "NetworkInterfacePermissionId": { + "shape": "String", + "documentation": "<p>The ID of the network interface permission.</p>" + }, + "Force": { + "shape": "Boolean", + "documentation": "<p>Specify <code>true</code> to remove the permission even if the network interface is attached to an instance.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + }, + "documentation": "<p>Contains the parameters for DeleteNetworkInterfacePermission.</p>" + }, + "DeleteNetworkInterfacePermissionResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds, otherwise returns an error.</p>", + "locationName": "return" + } + }, + "documentation": "<p>Contains the output for DeleteNetworkInterfacePermission.</p>" + }, + "DeleteNetworkInterfaceRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + }, + "documentation": "<p>Contains the parameters for DeleteNetworkInterface.</p>" + }, + "DeletePlacementGroupRequest": { + "type": "structure", + "required": [ + "GroupName" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group.</p>", + "locationName": "groupName" + } + } + }, + "DeleteRouteRequest": { + "type": "structure", + "required": [ + "RouteTableId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR range for the route. The value you specify must match the CIDR for the route exactly.</p>", + "locationName": "destinationCidrBlock" + }, + "DestinationIpv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR range for the route. The value you specify must match the CIDR for the route exactly.</p>", + "locationName": "destinationIpv6CidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + } + } + }, + "DeleteRouteTableRequest": { + "type": "structure", + "required": [ + "RouteTableId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + } + } + }, + "DeleteSecurityGroupRequest": { + "type": "structure", + "members": { + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group. Required for a nondefault VPC.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You can specify either the security group name or the security group ID.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DeleteSnapshotRequest": { + "type": "structure", + "required": [ + "SnapshotId" + ], + "members": { + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the EBS snapshot.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteSnapshot.</p>" + }, + "DeleteSpotDatafeedSubscriptionRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteSpotDatafeedSubscription.</p>" + }, + "DeleteSubnetRequest": { + "type": "structure", + "required": [ + "SubnetId" + ], + "members": { + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DeleteTagsRequest": { + "type": "structure", + "required": [ + "Resources" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Resources": { + "shape": "ResourceIdList", + "documentation": "<p>The IDs of the resources, separated by spaces.</p> <p>Constraints: Up to 1000 resource IDs. We recommend breaking up this request into smaller batches.</p>", + "locationName": "resourceId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags to delete. Specify a tag key and an optional tag value to delete specific tags. If you specify a tag key without a tag value, we delete any tag with this key regardless of its value. If you specify a tag key with an empty string as the tag value, we delete the tag only if its value is an empty string.</p> <p>If you omit this parameter, we delete all user-defined tags for the specified resources. We do not delete AWS-generated tags (tags that have the <code>aws:</code> prefix).</p>", + "locationName": "tag" + } + } + }, + "DeleteTrafficMirrorFilterRequest": { + "type": "structure", + "required": [ + "TrafficMirrorFilterId" + ], + "members": { + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTrafficMirrorFilterResult": { + "type": "structure", + "members": { + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>", + "locationName": "trafficMirrorFilterId" + } + } + }, + "DeleteTrafficMirrorFilterRuleRequest": { + "type": "structure", + "required": [ + "TrafficMirrorFilterRuleId" + ], + "members": { + "TrafficMirrorFilterRuleId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror rule.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTrafficMirrorFilterRuleResult": { + "type": "structure", + "members": { + "TrafficMirrorFilterRuleId": { + "shape": "String", + "documentation": "<p>The ID of the deleted Traffic Mirror rule.</p>", + "locationName": "trafficMirrorFilterRuleId" + } + } + }, + "DeleteTrafficMirrorSessionRequest": { + "type": "structure", + "required": [ + "TrafficMirrorSessionId" + ], + "members": { + "TrafficMirrorSessionId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror session.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTrafficMirrorSessionResult": { + "type": "structure", + "members": { + "TrafficMirrorSessionId": { + "shape": "String", + "documentation": "<p>The ID of the deleted Traffic Mirror session.</p>", + "locationName": "trafficMirrorSessionId" + } + } + }, + "DeleteTrafficMirrorTargetRequest": { + "type": "structure", + "required": [ + "TrafficMirrorTargetId" + ], + "members": { + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror target.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTrafficMirrorTargetResult": { + "type": "structure", + "members": { + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The ID of the deleted Traffic Mirror target.</p>", + "locationName": "trafficMirrorTargetId" + } + } + }, + "DeleteTransitGatewayRequest": { + "type": "structure", + "required": [ + "TransitGatewayId" + ], + "members": { + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTransitGatewayResult": { + "type": "structure", + "members": { + "TransitGateway": { + "shape": "TransitGateway", + "documentation": "<p>Information about the deleted transit gateway.</p>", + "locationName": "transitGateway" + } + } + }, + "DeleteTransitGatewayRouteRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "DestinationCidrBlock" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR range for the route. This must match the CIDR for the route exactly.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTransitGatewayRouteResult": { + "type": "structure", + "members": { + "Route": { + "shape": "TransitGatewayRoute", + "documentation": "<p>Information about the route.</p>", + "locationName": "route" + } + } + }, + "DeleteTransitGatewayRouteTableRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTransitGatewayRouteTableResult": { + "type": "structure", + "members": { + "TransitGatewayRouteTable": { + "shape": "TransitGatewayRouteTable", + "documentation": "<p>Information about the deleted transit gateway route table.</p>", + "locationName": "transitGatewayRouteTable" + } + } + }, + "DeleteTransitGatewayVpcAttachmentRequest": { + "type": "structure", + "required": [ + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeleteTransitGatewayVpcAttachmentResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachment": { + "shape": "TransitGatewayVpcAttachment", + "documentation": "<p>Information about the deleted VPC attachment.</p>", + "locationName": "transitGatewayVpcAttachment" + } + } + }, + "DeleteVolumeRequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteVolume.</p>" + }, + "DeleteVpcEndpointConnectionNotificationsRequest": { + "type": "structure", + "required": [ + "ConnectionNotificationIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ConnectionNotificationIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more notification IDs.</p>", + "locationName": "ConnectionNotificationId" + } + } + }, + "DeleteVpcEndpointConnectionNotificationsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the notifications that could not be deleted successfully.</p>", + "locationName": "unsuccessful" + } + } + }, + "DeleteVpcEndpointServiceConfigurationsRequest": { + "type": "structure", + "required": [ + "ServiceIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more services.</p>", + "locationName": "ServiceId" + } + } + }, + "DeleteVpcEndpointServiceConfigurationsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the service configurations that were not deleted, if applicable.</p>", + "locationName": "unsuccessful" + } + } + }, + "DeleteVpcEndpointsRequest": { + "type": "structure", + "required": [ + "VpcEndpointIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VpcEndpointIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more VPC endpoint IDs.</p>", + "locationName": "VpcEndpointId" + } + }, + "documentation": "<p>Contains the parameters for DeleteVpcEndpoints.</p>" + }, + "DeleteVpcEndpointsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the VPC endpoints that were not successfully deleted.</p>", + "locationName": "unsuccessful" + } + }, + "documentation": "<p>Contains the output of DeleteVpcEndpoints.</p>" + }, + "DeleteVpcPeeringConnectionRequest": { + "type": "structure", + "required": [ + "VpcPeeringConnectionId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + } + }, + "DeleteVpcPeeringConnectionResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "DeleteVpcRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DeleteVpnConnectionRequest": { + "type": "structure", + "required": [ + "VpnConnectionId" + ], + "members": { + "VpnConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPN connection.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteVpnConnection.</p>" + }, + "DeleteVpnConnectionRouteRequest": { + "type": "structure", + "required": [ + "DestinationCidrBlock", + "VpnConnectionId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR block associated with the local subnet of the customer network.</p>" + }, + "VpnConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPN connection.</p>" + } + }, + "documentation": "<p>Contains the parameters for DeleteVpnConnectionRoute.</p>" + }, + "DeleteVpnGatewayRequest": { + "type": "structure", + "required": [ + "VpnGatewayId" + ], + "members": { + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeleteVpnGateway.</p>" + }, + "DeprovisionByoipCidrRequest": { + "type": "structure", + "required": [ + "Cidr" + ], + "members": { + "Cidr": { + "shape": "String", + "documentation": "<p>The public IPv4 address range, in CIDR notation. The prefix must be the same prefix that you specified when you provisioned the address range.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DeprovisionByoipCidrResult": { + "type": "structure", + "members": { + "ByoipCidr": { + "shape": "ByoipCidr", + "documentation": "<p>Information about the address range.</p>", + "locationName": "byoipCidr" + } + } + }, + "DeregisterImageRequest": { + "type": "structure", + "required": [ + "ImageId" + ], + "members": { + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DeregisterImage.</p>" + }, + "DescribeAccountAttributesRequest": { + "type": "structure", + "members": { + "AttributeNames": { + "shape": "AccountAttributeNameStringList", + "documentation": "<p>The account attribute names.</p>", + "locationName": "attributeName" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeAccountAttributesResult": { + "type": "structure", + "members": { + "AccountAttributes": { + "shape": "AccountAttributeList", + "documentation": "<p>Information about the account attributes.</p>", + "locationName": "accountAttributeSet" + } + } + }, + "DescribeAddressesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p> <ul> <li> <p> <code>allocation-id</code> - [EC2-VPC] The allocation ID for the address.</p> </li> <li> <p> <code>association-id</code> - [EC2-VPC] The association ID for the address.</p> </li> <li> <p> <code>domain</code> - Indicates whether the address is for use in EC2-Classic (<code>standard</code>) or in a VPC (<code>vpc</code>).</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance the address is associated with, if any.</p> </li> <li> <p> <code>network-interface-id</code> - [EC2-VPC] The ID of the network interface that the address is associated with, if any.</p> </li> <li> <p> <code>network-interface-owner-id</code> - The AWS account ID of the owner.</p> </li> <li> <p> <code>private-ip-address</code> - [EC2-VPC] The private IP address associated with the Elastic IP address.</p> </li> <li> <p> <code>public-ip</code> - The Elastic IP address.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "PublicIps": { + "shape": "PublicIpStringList", + "documentation": "<p>One or more Elastic IP addresses.</p> <p>Default: Describes all your Elastic IP addresses.</p>", + "locationName": "PublicIp" + }, + "AllocationIds": { + "shape": "AllocationIdList", + "documentation": "<p>[EC2-VPC] Information about the allocation IDs.</p>", + "locationName": "AllocationId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeAddressesResult": { + "type": "structure", + "members": { + "Addresses": { + "shape": "AddressList", + "documentation": "<p>Information about the Elastic IP addresses.</p>", + "locationName": "addressesSet" + } + } + }, + "DescribeAggregateIdFormatRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeAggregateIdFormatResult": { + "type": "structure", + "members": { + "UseLongIdsAggregated": { + "shape": "Boolean", + "documentation": "<p>Indicates whether all resource types in the Region are configured to use longer IDs. This value is only <code>true</code> if all users are configured to use longer IDs for all resources types in the Region.</p>", + "locationName": "useLongIdsAggregated" + }, + "Statuses": { + "shape": "IdFormatList", + "documentation": "<p>Information about each resource's ID format.</p>", + "locationName": "statusSet" + } + } + }, + "DescribeAvailabilityZonesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>message</code> - Information about the Availability Zone.</p> </li> <li> <p> <code>region-name</code> - The name of the Region for the Availability Zone (for example, <code>us-east-1</code>).</p> </li> <li> <p> <code>state</code> - The state of the Availability Zone (<code>available</code> | <code>information</code> | <code>impaired</code> | <code>unavailable</code>).</p> </li> <li> <p> <code>zone-id</code> - The ID of the Availability Zone (for example, <code>use1-az1</code>).</p> </li> <li> <p> <code>zone-name</code> - The name of the Availability Zone (for example, <code>us-east-1a</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "ZoneNames": { + "shape": "ZoneNameStringList", + "documentation": "<p>The names of the Availability Zones.</p>", + "locationName": "ZoneName" + }, + "ZoneIds": { + "shape": "ZoneIdStringList", + "documentation": "<p>The IDs of the Availability Zones.</p>", + "locationName": "ZoneId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeAvailabilityZonesResult": { + "type": "structure", + "members": { + "AvailabilityZones": { + "shape": "AvailabilityZoneList", + "documentation": "<p>Information about the Availability Zones.</p>", + "locationName": "availabilityZoneInfo" + } + } + }, + "DescribeBundleTasksRequest": { + "type": "structure", + "members": { + "BundleIds": { + "shape": "BundleIdStringList", + "documentation": "<p>The bundle task IDs.</p> <p>Default: Describes all your bundle tasks.</p>", + "locationName": "BundleId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>bundle-id</code> - The ID of the bundle task.</p> </li> <li> <p> <code>error-code</code> - If the task failed, the error code returned.</p> </li> <li> <p> <code>error-message</code> - If the task failed, the error message returned.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>progress</code> - The level of task completion, as a percentage (for example, 20%).</p> </li> <li> <p> <code>s3-bucket</code> - The Amazon S3 bucket to store the AMI.</p> </li> <li> <p> <code>s3-prefix</code> - The beginning of the AMI name.</p> </li> <li> <p> <code>start-time</code> - The time the task started (for example, 2013-09-15T17:15:20.000Z).</p> </li> <li> <p> <code>state</code> - The state of the task (<code>pending</code> | <code>waiting-for-shutdown</code> | <code>bundling</code> | <code>storing</code> | <code>cancelling</code> | <code>complete</code> | <code>failed</code>).</p> </li> <li> <p> <code>update-time</code> - The time of the most recent update for the task.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeBundleTasksResult": { + "type": "structure", + "members": { + "BundleTasks": { + "shape": "BundleTaskList", + "documentation": "<p>Information about the bundle tasks.</p>", + "locationName": "bundleInstanceTasksSet" + } + } + }, + "DescribeByoipCidrsRequest": { + "type": "structure", + "required": [ + "MaxResults" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeByoipCidrsResult": { + "type": "structure", + "members": { + "ByoipCidrs": { + "shape": "ByoipCidrSet", + "documentation": "<p>Information about your address ranges.</p>", + "locationName": "byoipCidrSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeCapacityReservationsMaxResults": { + "type": "integer", + "max": 1000, + "min": 1 + }, + "DescribeCapacityReservationsRequest": { + "type": "structure", + "members": { + "CapacityReservationIds": { + "shape": "CapacityReservationIdSet", + "documentation": "<p>The ID of the Capacity Reservation.</p>", + "locationName": "CapacityReservationId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeCapacityReservationsMaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeCapacityReservationsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "CapacityReservations": { + "shape": "CapacityReservationSet", + "documentation": "<p>Information about the Capacity Reservations.</p>", + "locationName": "capacityReservationSet" + } + } + }, + "DescribeClassicLinkInstancesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>group-id</code> - The ID of a VPC security group that's associated with the instance.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC to which the instance is linked.</p> <p> <code>vpc-id</code> - The ID of the VPC that the instance is linked to.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>One or more instance IDs. Must be instances linked to a VPC through ClassicLink.</p>", + "locationName": "InstanceId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClassicLinkInstancesResult": { + "type": "structure", + "members": { + "Instances": { + "shape": "ClassicLinkInstanceList", + "documentation": "<p>Information about one or more linked EC2-Classic instances.</p>", + "locationName": "instancesSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClientVpnAuthorizationRulesRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>" + } + } + }, + "DescribeClientVpnAuthorizationRulesResult": { + "type": "structure", + "members": { + "AuthorizationRules": { + "shape": "AuthorizationRuleSet", + "documentation": "<p>Information about the authorization rules.</p>", + "locationName": "authorizationRule" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClientVpnConnectionsRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>", + "locationName": "Filter" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeClientVpnConnectionsResult": { + "type": "structure", + "members": { + "Connections": { + "shape": "ClientVpnConnectionSet", + "documentation": "<p>Information about the active and terminated client connections.</p>", + "locationName": "connections" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClientVpnEndpointsRequest": { + "type": "structure", + "members": { + "ClientVpnEndpointIds": { + "shape": "ValueStringList", + "documentation": "<p>The ID of the Client VPN endpoint.</p>", + "locationName": "ClientVpnEndpointId" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeClientVpnEndpointsResult": { + "type": "structure", + "members": { + "ClientVpnEndpoints": { + "shape": "EndpointSet", + "documentation": "<p>Information about the Client VPN endpoints.</p>", + "locationName": "clientVpnEndpoint" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClientVpnRoutesRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeClientVpnRoutesResult": { + "type": "structure", + "members": { + "Routes": { + "shape": "ClientVpnRouteSet", + "documentation": "<p>Information about the Client VPN endpoint routes.</p>", + "locationName": "routes" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeClientVpnTargetNetworksRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "AssociationIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the target network associations.</p>" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the nextToken value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. Filter names and values are case-sensitive.</p>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeClientVpnTargetNetworksResult": { + "type": "structure", + "members": { + "ClientVpnTargetNetworks": { + "shape": "TargetNetworkSet", + "documentation": "<p>Information about the associated target networks.</p>", + "locationName": "clientVpnTargetNetworks" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeConversionTaskList": { + "type": "list", + "member": { + "shape": "ConversionTask", + "locationName": "item" + } + }, + "DescribeConversionTasksRequest": { + "type": "structure", + "members": { + "ConversionTaskIds": { + "shape": "ConversionIdStringList", + "documentation": "<p>The conversion task IDs.</p>", + "locationName": "conversionTaskId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeConversionTasksResult": { + "type": "structure", + "members": { + "ConversionTasks": { + "shape": "DescribeConversionTaskList", + "documentation": "<p>Information about the conversion tasks.</p>", + "locationName": "conversionTasks" + } + } + }, + "DescribeCustomerGatewaysRequest": { + "type": "structure", + "members": { + "CustomerGatewayIds": { + "shape": "CustomerGatewayIdStringList", + "documentation": "<p>One or more customer gateway IDs.</p> <p>Default: Describes all your customer gateways.</p>", + "locationName": "CustomerGatewayId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>bgp-asn</code> - The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).</p> </li> <li> <p> <code>customer-gateway-id</code> - The ID of the customer gateway.</p> </li> <li> <p> <code>ip-address</code> - The IP address of the customer gateway's Internet-routable external interface.</p> </li> <li> <p> <code>state</code> - The state of the customer gateway (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>type</code> - The type of customer gateway. Currently, the only supported type is <code>ipsec.1</code>.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeCustomerGateways.</p>" + }, + "DescribeCustomerGatewaysResult": { + "type": "structure", + "members": { + "CustomerGateways": { + "shape": "CustomerGatewayList", + "documentation": "<p>Information about one or more customer gateways.</p>", + "locationName": "customerGatewaySet" + } + }, + "documentation": "<p>Contains the output of DescribeCustomerGateways.</p>" + }, + "DescribeDhcpOptionsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeDhcpOptionsRequest": { + "type": "structure", + "members": { + "DhcpOptionsIds": { + "shape": "DhcpOptionsIdStringList", + "documentation": "<p>The IDs of one or more DHCP options sets.</p> <p>Default: Describes all your DHCP options sets.</p>", + "locationName": "DhcpOptionsId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>dhcp-options-id</code> - The ID of a DHCP options set.</p> </li> <li> <p> <code>key</code> - The key for one of the options (for example, <code>domain-name</code>).</p> </li> <li> <p> <code>value</code> - The value for one of the options.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the DHCP options set.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeDhcpOptionsMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeDhcpOptionsResult": { + "type": "structure", + "members": { + "DhcpOptions": { + "shape": "DhcpOptionsList", + "documentation": "<p>Information about one or more DHCP options sets.</p>", + "locationName": "dhcpOptionsSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeEgressOnlyInternetGatewaysRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "EgressOnlyInternetGatewayIds": { + "shape": "EgressOnlyInternetGatewayIdList", + "documentation": "<p>One or more egress-only internet gateway IDs.</p>", + "locationName": "EgressOnlyInternetGatewayId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeEgressOnlyInternetGatewaysResult": { + "type": "structure", + "members": { + "EgressOnlyInternetGateways": { + "shape": "EgressOnlyInternetGatewayList", + "documentation": "<p>Information about the egress-only internet gateways.</p>", + "locationName": "egressOnlyInternetGatewaySet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeElasticGpusMaxResults": { + "type": "integer", + "max": 1000, + "min": 10 + }, + "DescribeElasticGpusRequest": { + "type": "structure", + "members": { + "ElasticGpuIds": { + "shape": "ElasticGpuIdSet", + "documentation": "<p>The Elastic Graphics accelerator IDs.</p>", + "locationName": "ElasticGpuId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone in which the Elastic Graphics accelerator resides.</p> </li> <li> <p> <code>elastic-gpu-health</code> - The status of the Elastic Graphics accelerator (<code>OK</code> | <code>IMPAIRED</code>).</p> </li> <li> <p> <code>elastic-gpu-state</code> - The state of the Elastic Graphics accelerator (<code>ATTACHED</code>).</p> </li> <li> <p> <code>elastic-gpu-type</code> - The type of Elastic Graphics accelerator; for example, <code>eg1.medium</code>.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance to which the Elastic Graphics accelerator is associated.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "DescribeElasticGpusMaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 5 and 1000.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + } + } + }, + "DescribeElasticGpusResult": { + "type": "structure", + "members": { + "ElasticGpuSet": { + "shape": "ElasticGpuSet", + "documentation": "<p>Information about the Elastic Graphics accelerators.</p>", + "locationName": "elasticGpuSet" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The total number of items to return. If the total number of items available is more than the value specified in max-items then a Next-Token will be provided in the output that you can use to resume pagination.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeExportTasksRequest": { + "type": "structure", + "members": { + "ExportTaskIds": { + "shape": "ExportTaskIdStringList", + "documentation": "<p>The export task IDs.</p>", + "locationName": "exportTaskId" + } + } + }, + "DescribeExportTasksResult": { + "type": "structure", + "members": { + "ExportTasks": { + "shape": "ExportTaskList", + "documentation": "<p>Information about the export tasks.</p>", + "locationName": "exportTaskSet" + } + } + }, + "DescribeFleetError": { + "type": "structure", + "members": { + "LaunchTemplateAndOverrides": { + "shape": "LaunchTemplateAndOverridesResponse", + "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>", + "locationName": "launchTemplateAndOverrides" + }, + "Lifecycle": { + "shape": "InstanceLifecycle", + "documentation": "<p>Indicates if the instance that could not be launched was a Spot Instance or On-Demand Instance.</p>", + "locationName": "lifecycle" + }, + "ErrorCode": { + "shape": "String", + "documentation": "<p>The error code that indicates why the instance could not be launched. For more information about error codes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>", + "locationName": "errorCode" + }, + "ErrorMessage": { + "shape": "String", + "documentation": "<p>The error message that describes why the instance could not be launched. For more information about error messages, see ee <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html.html\">Error Codes</a>.</p>", + "locationName": "errorMessage" + } + }, + "documentation": "<p>Describes the instances that could not be launched by the fleet.</p>" + }, + "DescribeFleetHistoryRequest": { + "type": "structure", + "required": [ + "FleetId", + "StartTime" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "EventType": { + "shape": "FleetEventType", + "documentation": "<p>The type of events to describe. By default, all events are described.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The start date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>" + } + } + }, + "DescribeFleetHistoryResult": { + "type": "structure", + "members": { + "HistoryRecords": { + "shape": "HistoryRecordSet", + "documentation": "<p>Information about the events in the history of the EC2 Fleet.</p>", + "locationName": "historyRecordSet" + }, + "LastEvaluatedTime": { + "shape": "DateTime", + "documentation": "<p>The last date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). All records up to this time were retrieved.</p> <p>If <code>nextToken</code> indicates that there are more results, this value is not present.</p>", + "locationName": "lastEvaluatedTime" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC Fleet.</p>", + "locationName": "fleetId" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The start date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "startTime" + } + } + }, + "DescribeFleetInstancesRequest": { + "type": "structure", + "required": [ + "FleetId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-type</code> - The instance type.</p> </li> </ul>", + "locationName": "Filter" + } + } + }, + "DescribeFleetInstancesResult": { + "type": "structure", + "members": { + "ActiveInstances": { + "shape": "ActiveInstanceSet", + "documentation": "<p>The running instances. This list is refreshed periodically and might be out of date.</p>", + "locationName": "activeInstanceSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>", + "locationName": "fleetId" + } + } + }, + "DescribeFleetsErrorSet": { + "type": "list", + "member": { + "shape": "DescribeFleetError", + "locationName": "item" + } + }, + "DescribeFleetsInstances": { + "type": "structure", + "members": { + "LaunchTemplateAndOverrides": { + "shape": "LaunchTemplateAndOverridesResponse", + "documentation": "<p>The launch templates and overrides that were used for launching the instances. Any parameters that you specify in the Overrides override the same parameters in the launch template.</p>", + "locationName": "launchTemplateAndOverrides" + }, + "Lifecycle": { + "shape": "InstanceLifecycle", + "documentation": "<p>Indicates if the instance that was launched is a Spot Instance or On-Demand Instance.</p>", + "locationName": "lifecycle" + }, + "InstanceIds": { + "shape": "InstanceIdsSet", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "instanceIds" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>The value is <code>Windows</code> for Windows instances; otherwise blank.</p>", + "locationName": "platform" + } + }, + "documentation": "<p>Describes the instances that were launched by the fleet.</p>" + }, + "DescribeFleetsInstancesSet": { + "type": "list", + "member": { + "shape": "DescribeFleetsInstances", + "locationName": "item" + } + }, + "DescribeFleetsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>" + }, + "FleetIds": { + "shape": "FleetIdSet", + "documentation": "<p>The ID of the EC2 Fleets.</p>", + "locationName": "FleetId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>activity-status</code> - The progress of the EC2 Fleet ( <code>error</code> | <code>pending-fulfillment</code> | <code>pending-termination</code> | <code>fulfilled</code>).</p> </li> <li> <p> <code>excess-capacity-termination-policy</code> - Indicates whether to terminate running instances if the target capacity is decreased below the current EC2 Fleet size (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>fleet-state</code> - The state of the EC2 Fleet (<code>submitted</code> | <code>active</code> | <code>deleted</code> | <code>failed</code> | <code>deleted-running</code> | <code>deleted-terminating</code> | <code>modifying</code>).</p> </li> <li> <p> <code>replace-unhealthy-instances</code> - Indicates whether EC2 Fleet should replace unhealthy instances (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>type</code> - The type of request (<code>instant</code> | <code>request</code> | <code>maintain</code>).</p> </li> </ul>", + "locationName": "Filter" + } + } + }, + "DescribeFleetsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "Fleets": { + "shape": "FleetSet", + "documentation": "<p>Information about the EC2 Fleets.</p>", + "locationName": "fleetSet" + } + } + }, + "DescribeFlowLogsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filter": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>deliver-log-status</code> - The status of the logs delivery (<code>SUCCESS</code> | <code>FAILED</code>).</p> </li> <li> <p> <code>log-destination-type</code> - The type of destination to which the flow log publishes data. Possible destination types include <code>cloud-watch-logs</code> and <code>S3</code>.</p> </li> <li> <p> <code>flow-log-id</code> - The ID of the flow log.</p> </li> <li> <p> <code>log-group-name</code> - The name of the log group.</p> </li> <li> <p> <code>resource-id</code> - The ID of the VPC, subnet, or network interface.</p> </li> <li> <p> <code>traffic-type</code> - The type of traffic (<code>ACCEPT</code> | <code>REJECT</code> | <code>ALL</code>).</p> </li> </ul>" + }, + "FlowLogIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more flow log IDs.</p> <p>Constraint: Maximum of 1000 flow log IDs.</p>", + "locationName": "FlowLogId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeFlowLogsResult": { + "type": "structure", + "members": { + "FlowLogs": { + "shape": "FlowLogSet", + "documentation": "<p>Information about the flow logs.</p>", + "locationName": "flowLogSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeFpgaImageAttributeRequest": { + "type": "structure", + "required": [ + "FpgaImageId", + "Attribute" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the AFI.</p>" + }, + "Attribute": { + "shape": "FpgaImageAttributeName", + "documentation": "<p>The AFI attribute.</p>" + } + } + }, + "DescribeFpgaImageAttributeResult": { + "type": "structure", + "members": { + "FpgaImageAttribute": { + "shape": "FpgaImageAttribute", + "documentation": "<p>Information about the attribute.</p>", + "locationName": "fpgaImageAttribute" + } + } + }, + "DescribeFpgaImagesRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FpgaImageIds": { + "shape": "FpgaImageIdList", + "documentation": "<p>The AFI IDs.</p>", + "locationName": "FpgaImageId" + }, + "Owners": { + "shape": "OwnerStringList", + "documentation": "<p>Filters the AFI by owner. Specify an AWS account ID, <code>self</code> (owner is the sender of the request), or an AWS owner alias (valid values are <code>amazon</code> | <code>aws-marketplace</code>).</p>", + "locationName": "Owner" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>create-time</code> - The creation time of the AFI.</p> </li> <li> <p> <code>fpga-image-id</code> - The FPGA image identifier (AFI ID).</p> </li> <li> <p> <code>fpga-image-global-id</code> - The global FPGA image identifier (AGFI ID).</p> </li> <li> <p> <code>name</code> - The name of the AFI.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the AFI owner.</p> </li> <li> <p> <code>product-code</code> - The product code.</p> </li> <li> <p> <code>shell-version</code> - The version of the AWS Shell that was used to create the bitstream.</p> </li> <li> <p> <code>state</code> - The state of the AFI (<code>pending</code> | <code>failed</code> | <code>available</code> | <code>unavailable</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>update-time</code> - The time of the most recent update.</p> </li> </ul>", + "locationName": "Filter" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return in a single call.</p>" + } + } + }, + "DescribeFpgaImagesResult": { + "type": "structure", + "members": { + "FpgaImages": { + "shape": "FpgaImageList", + "documentation": "<p>Information about the FPGA images.</p>", + "locationName": "fpgaImageSet" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeHostReservationOfferingsRequest": { + "type": "structure", + "members": { + "Filter": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-family</code> - The instance family of the offering (for example, <code>m4</code>).</p> </li> <li> <p> <code>payment-option</code> - The payment option (<code>NoUpfront</code> | <code>PartialUpfront</code> | <code>AllUpfront</code>).</p> </li> </ul>" + }, + "MaxDuration": { + "shape": "Integer", + "documentation": "<p>This is the maximum duration of the reservation to purchase, specified in seconds. Reservations are available in one-year and three-year terms. The number of seconds specified must be the number of seconds in a year (365x24x60x60) times one of the supported durations (1 or 3). For example, specify 94608000 for three years.</p>" + }, + "MaxResults": { + "shape": "DescribeHostReservationsMaxResults", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>" + }, + "MinDuration": { + "shape": "Integer", + "documentation": "<p>This is the minimum duration of the reservation you'd like to purchase, specified in seconds. Reservations are available in one-year and three-year terms. The number of seconds specified must be the number of seconds in a year (365x24x60x60) times one of the supported durations (1 or 3). For example, specify 31536000 for one year.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results.</p>" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The ID of the reservation offering.</p>" + } + } + }, + "DescribeHostReservationOfferingsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "OfferingSet": { + "shape": "HostOfferingSet", + "documentation": "<p>Information about the offerings.</p>", + "locationName": "offeringSet" + } + } + }, + "DescribeHostReservationsMaxResults": { + "type": "integer", + "max": 500, + "min": 5 + }, + "DescribeHostReservationsRequest": { + "type": "structure", + "members": { + "Filter": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-family</code> - The instance family (for example, <code>m4</code>).</p> </li> <li> <p> <code>payment-option</code> - The payment option (<code>NoUpfront</code> | <code>PartialUpfront</code> | <code>AllUpfront</code>).</p> </li> <li> <p> <code>state</code> - The state of the reservation (<code>payment-pending</code> | <code>payment-failed</code> | <code>active</code> | <code>retired</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>" + }, + "HostReservationIdSet": { + "shape": "HostReservationIdSet", + "documentation": "<p>The host reservation IDs.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results.</p>" + } + } + }, + "DescribeHostReservationsResult": { + "type": "structure", + "members": { + "HostReservationSet": { + "shape": "HostReservationSet", + "documentation": "<p>Details about the reservation's configuration.</p>", + "locationName": "hostReservationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeHostsRequest": { + "type": "structure", + "members": { + "Filter": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>auto-placement</code> - Whether auto-placement is enabled or disabled (<code>on</code> | <code>off</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the host.</p> </li> <li> <p> <code>client-token</code> - The idempotency token that you provided when you allocated the host.</p> </li> <li> <p> <code>host-reservation-id</code> - The ID of the reservation assigned to this host.</p> </li> <li> <p> <code>instance-type</code> - The instance type size that the Dedicated Host is configured to support.</p> </li> <li> <p> <code>state</code> - The allocation state of the Dedicated Host (<code>available</code> | <code>under-assessment</code> | <code>permanent-failure</code> | <code>released</code> | <code>released-permanent-failure</code>).</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "filter" + }, + "HostIds": { + "shape": "RequestHostIdList", + "documentation": "<p>The IDs of the Dedicated Hosts. The IDs are used for targeted instance launches.</p>", + "locationName": "hostId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned <code>nextToken</code> value. This value can be between 5 and 500. If <code>maxResults</code> is given a larger value than 500, you receive an error.</p> <p>You cannot specify this parameter and the host IDs parameter in the same request.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeHostsResult": { + "type": "structure", + "members": { + "Hosts": { + "shape": "HostList", + "documentation": "<p>Information about the Dedicated Hosts.</p>", + "locationName": "hostSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeIamInstanceProfileAssociationsRequest": { + "type": "structure", + "members": { + "AssociationIds": { + "shape": "AssociationIdList", + "documentation": "<p>The IAM instance profile associations.</p>", + "locationName": "AssociationId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>state</code> - The state of the association (<code>associating</code> | <code>associated</code> | <code>disassociating</code> | <code>disassociated</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to request the next page of results.</p>" + } + } + }, + "DescribeIamInstanceProfileAssociationsResult": { + "type": "structure", + "members": { + "IamInstanceProfileAssociations": { + "shape": "IamInstanceProfileAssociationSet", + "documentation": "<p>Information about the IAM instance profile associations.</p>", + "locationName": "iamInstanceProfileAssociationSet" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeIdFormatRequest": { + "type": "structure", + "members": { + "Resource": { + "shape": "String", + "documentation": "<p>The type of resource: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code> </p>" + } + } + }, + "DescribeIdFormatResult": { + "type": "structure", + "members": { + "Statuses": { + "shape": "IdFormatList", + "documentation": "<p>Information about the ID format for the resource.</p>", + "locationName": "statusSet" + } + } + }, + "DescribeIdentityIdFormatRequest": { + "type": "structure", + "required": [ + "PrincipalArn" + ], + "members": { + "PrincipalArn": { + "shape": "String", + "documentation": "<p>The ARN of the principal, which can be an IAM role, IAM user, or the root user.</p>", + "locationName": "principalArn" + }, + "Resource": { + "shape": "String", + "documentation": "<p>The type of resource: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code> </p>", + "locationName": "resource" + } + } + }, + "DescribeIdentityIdFormatResult": { + "type": "structure", + "members": { + "Statuses": { + "shape": "IdFormatList", + "documentation": "<p>Information about the ID format for the resources.</p>", + "locationName": "statusSet" + } + } + }, + "DescribeImageAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "ImageId" + ], + "members": { + "Attribute": { + "shape": "ImageAttributeName", + "documentation": "<p>The AMI attribute.</p> <p> <b>Note</b>: Depending on your account privileges, the <code>blockDeviceMapping</code> attribute may return a <code>Client.AuthFailure</code> error. If this happens, use <a>DescribeImages</a> to get information about the block device mapping for the AMI.</p>" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeImageAttribute.</p>" + }, + "DescribeImagesRequest": { + "type": "structure", + "members": { + "ExecutableUsers": { + "shape": "ExecutableByStringList", + "documentation": "<p>Scopes the images by users with explicit launch permissions. Specify an AWS account ID, <code>self</code> (the sender of the request), or <code>all</code> (public AMIs).</p>", + "locationName": "ExecutableBy" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>architecture</code> - The image architecture (<code>i386</code> | <code>x86_64</code> | <code>arm64</code>).</p> </li> <li> <p> <code>block-device-mapping.delete-on-termination</code> - A Boolean value that indicates whether the Amazon EBS volume is deleted on instance termination.</p> </li> <li> <p> <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p> </li> <li> <p> <code>block-device-mapping.snapshot-id</code> - The ID of the snapshot used for the EBS volume.</p> </li> <li> <p> <code>block-device-mapping.volume-size</code> - The volume size of the EBS volume, in GiB.</p> </li> <li> <p> <code>block-device-mapping.volume-type</code> - The volume type of the EBS volume (<code>gp2</code> | <code>io1</code> | <code>st1 </code>| <code>sc1</code> | <code>standard</code>).</p> </li> <li> <p> <code>block-device-mapping.encrypted</code> - A Boolean that indicates whether the EBS volume is encrypted.</p> </li> <li> <p> <code>description</code> - The description of the image (provided during image creation).</p> </li> <li> <p> <code>ena-support</code> - A Boolean that indicates whether enhanced networking with ENA is enabled.</p> </li> <li> <p> <code>hypervisor</code> - The hypervisor type (<code>ovm</code> | <code>xen</code>).</p> </li> <li> <p> <code>image-id</code> - The ID of the image.</p> </li> <li> <p> <code>image-type</code> - The image type (<code>machine</code> | <code>kernel</code> | <code>ramdisk</code>).</p> </li> <li> <p> <code>is-public</code> - A Boolean that indicates whether the image is public.</p> </li> <li> <p> <code>kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>manifest-location</code> - The location of the image manifest.</p> </li> <li> <p> <code>name</code> - The name of the AMI (provided during image creation).</p> </li> <li> <p> <code>owner-alias</code> - String value from an Amazon-maintained list (<code>amazon</code> | <code>aws-marketplace</code> | <code>microsoft</code>) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the image owner.</p> </li> <li> <p> <code>platform</code> - The platform. To only list Windows-based AMIs, use <code>windows</code>.</p> </li> <li> <p> <code>product-code</code> - The product code.</p> </li> <li> <p> <code>product-code.type</code> - The type of the product code (<code>devpay</code> | <code>marketplace</code>).</p> </li> <li> <p> <code>ramdisk-id</code> - The RAM disk ID.</p> </li> <li> <p> <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> | <code>instance-store</code>).</p> </li> <li> <p> <code>state</code> - The state of the image (<code>available</code> | <code>pending</code> | <code>failed</code>).</p> </li> <li> <p> <code>state-reason-code</code> - The reason code for the state change.</p> </li> <li> <p> <code>state-reason-message</code> - The message for the state change.</p> </li> <li> <p> <code>sriov-net-support</code> - A value of <code>simple</code> indicates that enhanced networking with the Intel 82599 VF interface is enabled.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>virtualization-type</code> - The virtualization type (<code>paravirtual</code> | <code>hvm</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "ImageIds": { + "shape": "ImageIdStringList", + "documentation": "<p>The image IDs.</p> <p>Default: Describes all images available to you.</p>", + "locationName": "ImageId" + }, + "Owners": { + "shape": "OwnerStringList", + "documentation": "<p>Filters the images by the owner. Specify an AWS account ID, <code>self</code> (owner is the sender of the request), or an AWS owner alias (valid values are <code>amazon</code> | <code>aws-marketplace</code> | <code>microsoft</code>). Omitting this option returns all images for which you have launch permissions, regardless of ownership.</p>", + "locationName": "Owner" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeImagesResult": { + "type": "structure", + "members": { + "Images": { + "shape": "ImageList", + "documentation": "<p>Information about the images.</p>", + "locationName": "imagesSet" + } + } + }, + "DescribeImportImageTasksRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>Filter tasks using the <code>task-state</code> filter and one of the following values: active, completed, deleting, deleted.</p>" + }, + "ImportTaskIds": { + "shape": "ImportTaskIdList", + "documentation": "<p>A list of import image task IDs.</p>", + "locationName": "ImportTaskId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>A token that indicates the next page of results.</p>" + } + } + }, + "DescribeImportImageTasksResult": { + "type": "structure", + "members": { + "ImportImageTasks": { + "shape": "ImportImageTaskList", + "documentation": "<p>A list of zero or more import image tasks that are currently active or were completed or canceled in the previous 7 days.</p>", + "locationName": "importImageTaskSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeImportSnapshotTasksRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p>" + }, + "ImportTaskIds": { + "shape": "ImportTaskIdList", + "documentation": "<p>A list of import snapshot task IDs.</p>", + "locationName": "ImportTaskId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>A token that indicates the next page of results.</p>" + } + } + }, + "DescribeImportSnapshotTasksResult": { + "type": "structure", + "members": { + "ImportSnapshotTasks": { + "shape": "ImportSnapshotTaskList", + "documentation": "<p>A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the previous 7 days.</p>", + "locationName": "importSnapshotTaskSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to get the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeInstanceAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "InstanceId" + ], + "members": { + "Attribute": { + "shape": "InstanceAttributeName", + "documentation": "<p>The instance attribute.</p> <p>Note: The <code>enaSupport</code> attribute is not supported at this time.</p>", + "locationName": "attribute" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + } + } + }, + "DescribeInstanceCreditSpecificationsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeInstanceCreditSpecificationsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> </ul>", + "locationName": "Filter" + }, + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The instance IDs.</p> <p>Default: Describes all your instances.</p> <p>Constraints: Maximum 1000 explicitly specified instance IDs.</p>", + "locationName": "InstanceId" + }, + "MaxResults": { + "shape": "DescribeInstanceCreditSpecificationsMaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 5 and 1000. You cannot specify this parameter and the instance IDs parameter in the same call.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + } + } + }, + "DescribeInstanceCreditSpecificationsResult": { + "type": "structure", + "members": { + "InstanceCreditSpecifications": { + "shape": "InstanceCreditSpecificationList", + "documentation": "<p>Information about the credit option for CPU usage of an instance.</p>", + "locationName": "instanceCreditSpecificationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeInstanceStatusRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone of the instance.</p> </li> <li> <p> <code>event.code</code> - The code for the scheduled event (<code>instance-reboot</code> | <code>system-reboot</code> | <code>system-maintenance</code> | <code>instance-retirement</code> | <code>instance-stop</code>).</p> </li> <li> <p> <code>event.description</code> - A description of the event.</p> </li> <li> <p> <code>event.instance-event-id</code> - The ID of the event whose date and time you are modifying.</p> </li> <li> <p> <code>event.not-after</code> - The latest end time for the scheduled event (for example, <code>2014-09-15T17:15:20.000Z</code>).</p> </li> <li> <p> <code>event.not-before</code> - The earliest start time for the scheduled event (for example, <code>2014-09-15T17:15:20.000Z</code>).</p> </li> <li> <p> <code>event.not-before-deadline</code> - The deadline for starting the event (for example, <code>2014-09-15T17:15:20.000Z</code>).</p> </li> <li> <p> <code>instance-state-code</code> - The code for the instance state, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).</p> </li> <li> <p> <code>instance-state-name</code> - The state of the instance (<code>pending</code> | <code>running</code> | <code>shutting-down</code> | <code>terminated</code> | <code>stopping</code> | <code>stopped</code>).</p> </li> <li> <p> <code>instance-status.reachability</code> - Filters on instance status where the name is <code>reachability</code> (<code>passed</code> | <code>failed</code> | <code>initializing</code> | <code>insufficient-data</code>).</p> </li> <li> <p> <code>instance-status.status</code> - The status of the instance (<code>ok</code> | <code>impaired</code> | <code>initializing</code> | <code>insufficient-data</code> | <code>not-applicable</code>).</p> </li> <li> <p> <code>system-status.reachability</code> - Filters on system status where the name is <code>reachability</code> (<code>passed</code> | <code>failed</code> | <code>initializing</code> | <code>insufficient-data</code>).</p> </li> <li> <p> <code>system-status.status</code> - The system status of the instance (<code>ok</code> | <code>impaired</code> | <code>initializing</code> | <code>insufficient-data</code> | <code>not-applicable</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The instance IDs.</p> <p>Default: Describes all your instances.</p> <p>Constraints: Maximum 100 explicitly specified instance IDs.</p>", + "locationName": "InstanceId" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 5 and 1000. You cannot specify this parameter and the instance IDs parameter in the same call.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "IncludeAllInstances": { + "shape": "Boolean", + "documentation": "<p>When <code>true</code>, includes the health status for all instances. When <code>false</code>, includes the health status for running instances only.</p> <p>Default: <code>false</code> </p>", + "locationName": "includeAllInstances" + } + } + }, + "DescribeInstanceStatusResult": { + "type": "structure", + "members": { + "InstanceStatuses": { + "shape": "InstanceStatusList", + "documentation": "<p>Information about the status of the instances.</p>", + "locationName": "instanceStatusSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeInstancesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>affinity</code> - The affinity setting for an instance running on a Dedicated Host (<code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>architecture</code> - The instance architecture (<code>i386</code> | <code>x86_64</code> | <code>arm64</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the instance.</p> </li> <li> <p> <code>block-device-mapping.attach-time</code> - The attach time for an EBS volume mapped to the instance, for example, <code>2010-09-15T17:15:20.000Z</code>.</p> </li> <li> <p> <code>block-device-mapping.delete-on-termination</code> - A Boolean that indicates whether the EBS volume is deleted on instance termination.</p> </li> <li> <p> <code>block-device-mapping.device-name</code> - The device name specified in the block device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p> </li> <li> <p> <code>block-device-mapping.status</code> - The status for the EBS volume (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>block-device-mapping.volume-id</code> - The volume ID of the EBS volume.</p> </li> <li> <p> <code>client-token</code> - The idempotency token you provided when you launched the instance.</p> </li> <li> <p> <code>dns-name</code> - The public DNS name of the instance.</p> </li> <li> <p> <code>group-id</code> - The ID of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>group-name</code> - The name of the security group for the instance. EC2-Classic only.</p> </li> <li> <p> <code>hibernation-options.configured</code> - A Boolean that indicates whether the instance is enabled for hibernation. A value of <code>true</code> means that the instance is enabled for hibernation. </p> </li> <li> <p> <code>host-id</code> - The ID of the Dedicated Host on which the instance is running, if applicable.</p> </li> <li> <p> <code>hypervisor</code> - The hypervisor type of the instance (<code>ovm</code> | <code>xen</code>).</p> </li> <li> <p> <code>iam-instance-profile.arn</code> - The instance profile associated with the instance. Specified as an ARN.</p> </li> <li> <p> <code>image-id</code> - The ID of the image used to launch the instance.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance.</p> </li> <li> <p> <code>instance-lifecycle</code> - Indicates whether this is a Spot Instance or a Scheduled Instance (<code>spot</code> | <code>scheduled</code>).</p> </li> <li> <p> <code>instance-state-code</code> - The state of the instance, as a 16-bit unsigned integer. The high byte is used for internal purposes and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).</p> </li> <li> <p> <code>instance-state-name</code> - The state of the instance (<code>pending</code> | <code>running</code> | <code>shutting-down</code> | <code>terminated</code> | <code>stopping</code> | <code>stopped</code>).</p> </li> <li> <p> <code>instance-type</code> - The type of instance (for example, <code>t2.micro</code>).</p> </li> <li> <p> <code>instance.group-id</code> - The ID of the security group for the instance. </p> </li> <li> <p> <code>instance.group-name</code> - The name of the security group for the instance. </p> </li> <li> <p> <code>ip-address</code> - The public IPv4 address of the instance.</p> </li> <li> <p> <code>kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair used when the instance was launched.</p> </li> <li> <p> <code>launch-index</code> - When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on). </p> </li> <li> <p> <code>launch-time</code> - The time when the instance was launched.</p> </li> <li> <p> <code>monitoring-state</code> - Indicates whether detailed monitoring is enabled (<code>disabled</code> | <code>enabled</code>).</p> </li> <li> <p> <code>network-interface.addresses.private-ip-address</code> - The private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.addresses.primary</code> - Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.</p> </li> <li> <p> <code>network-interface.addresses.association.public-ip</code> - The ID of the association of an Elastic IP address (IPv4) with a network interface.</p> </li> <li> <p> <code>network-interface.addresses.association.ip-owner-id</code> - The owner ID of the private IPv4 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>network-interface.association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>network-interface.association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>network-interface.association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>network-interface.attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>network-interface.attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>network-interface.attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>network-interface.attachment.attach-time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>network-interface.attachment.delete-on-termination</code> - Specifies whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>network-interface.availability-zone</code> - The Availability Zone for the network interface.</p> </li> <li> <p> <code>network-interface.description</code> - The description of the network interface.</p> </li> <li> <p> <code>network-interface.group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.ipv6-addresses.ipv6-address</code> - The IPv6 address associated with the network interface.</p> </li> <li> <p> <code>network-interface.mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface.network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>network-interface.owner-id</code> - The ID of the owner of the network interface.</p> </li> <li> <p> <code>network-interface.private-dns-name</code> - The private DNS name of the network interface.</p> </li> <li> <p> <code>network-interface.requester-id</code> - The requester ID for the network interface.</p> </li> <li> <p> <code>network-interface.requester-managed</code> - Indicates whether the network interface is being managed by AWS.</p> </li> <li> <p> <code>network-interface.status</code> - The status of the network interface (<code>available</code>) | <code>in-use</code>).</p> </li> <li> <p> <code>network-interface.source-dest-check</code> - Whether the network interface performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC.</p> </li> <li> <p> <code>network-interface.subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>network-interface.vpc-id</code> - The ID of the VPC for the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the instance owner.</p> </li> <li> <p> <code>placement-group-name</code> - The name of the placement group for the instance.</p> </li> <li> <p> <code>placement-partition-number</code> - The partition in which the instance is located.</p> </li> <li> <p> <code>platform</code> - The platform. To list only Windows instances, use <code>windows</code>.</p> </li> <li> <p> <code>private-dns-name</code> - The private IPv4 DNS name of the instance.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address of the instance.</p> </li> <li> <p> <code>product-code</code> - The product code associated with the AMI used to launch the instance.</p> </li> <li> <p> <code>product-code.type</code> - The type of product code (<code>devpay</code> | <code>marketplace</code>).</p> </li> <li> <p> <code>ramdisk-id</code> - The RAM disk ID.</p> </li> <li> <p> <code>reason</code> - The reason for the current state of the instance (for example, shows \"User Initiated [date]\" when you stop or terminate the instance). Similar to the state-reason-code filter.</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>reservation-id</code> - The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you get one reservation ID. If you launch ten instances using the same launch request, you also get one reservation ID.</p> </li> <li> <p> <code>root-device-name</code> - The device name of the root device volume (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>root-device-type</code> - The type of the root device volume (<code>ebs</code> | <code>instance-store</code>).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the instance performs source/destination checking. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the instance to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>spot-instance-request-id</code> - The ID of the Spot Instance request.</p> </li> <li> <p> <code>state-reason-code</code> - The reason code for the state change.</p> </li> <li> <p> <code>state-reason-message</code> - A message that describes the state change.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the instance.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources that have a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>tenancy</code> - The tenancy of an instance (<code>dedicated</code> | <code>default</code> | <code>host</code>).</p> </li> <li> <p> <code>virtualization-type</code> - The virtualization type of the instance (<code>paravirtual</code> | <code>hvm</code>).</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC that the instance is running in.</p> </li> </ul>", + "locationName": "Filter" + }, + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The instance IDs.</p> <p>Default: Describes all your instances.</p>", + "locationName": "InstanceId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 5 and 1000. You cannot specify this parameter and the instance IDs parameter in the same call.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeInstancesResult": { + "type": "structure", + "members": { + "Reservations": { + "shape": "ReservationList", + "documentation": "<p>Information about the reservations.</p>", + "locationName": "reservationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeInternetGatewaysMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeInternetGatewaysRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>attachment.state</code> - The current state of the attachment between the gateway and the VPC (<code>available</code>). Present only if a VPC is attached.</p> </li> <li> <p> <code>attachment.vpc-id</code> - The ID of an attached VPC.</p> </li> <li> <p> <code>internet-gateway-id</code> - The ID of the Internet gateway.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the internet gateway.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InternetGatewayIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more internet gateway IDs.</p> <p>Default: Describes all your internet gateways.</p>", + "locationName": "internetGatewayId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeInternetGatewaysMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeInternetGatewaysResult": { + "type": "structure", + "members": { + "InternetGateways": { + "shape": "InternetGatewayList", + "documentation": "<p>Information about one or more internet gateways.</p>", + "locationName": "internetGatewaySet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeKeyPairsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>fingerprint</code> - The fingerprint of the key pair.</p> </li> <li> <p> <code>key-name</code> - The name of the key pair.</p> </li> </ul>", + "locationName": "Filter" + }, + "KeyNames": { + "shape": "KeyNameStringList", + "documentation": "<p>The key pair names.</p> <p>Default: Describes all your key pairs.</p>", + "locationName": "KeyName" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeKeyPairsResult": { + "type": "structure", + "members": { + "KeyPairs": { + "shape": "KeyPairList", + "documentation": "<p>Information about the key pairs.</p>", + "locationName": "keySet" + } + } + }, + "DescribeLaunchTemplateVersionsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "Versions": { + "shape": "VersionStringList", + "documentation": "<p>One or more versions of the launch template.</p>", + "locationName": "LaunchTemplateVersion" + }, + "MinVersion": { + "shape": "String", + "documentation": "<p>The version number after which to describe launch template versions.</p>" + }, + "MaxVersion": { + "shape": "String", + "documentation": "<p>The version number up to which to describe launch template versions.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 1 and 200.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>create-time</code> - The time the launch template version was created.</p> </li> <li> <p> <code>ebs-optimized</code> - A boolean that indicates whether the instance is optimized for Amazon EBS I/O.</p> </li> <li> <p> <code>iam-instance-profile</code> - The ARN of the IAM instance profile.</p> </li> <li> <p> <code>image-id</code> - The ID of the AMI.</p> </li> <li> <p> <code>instance-type</code> - The instance type.</p> </li> <li> <p> <code>is-default-version</code> - A boolean that indicates whether the launch template version is the default version.</p> </li> <li> <p> <code>kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>ram-disk-id</code> - The RAM disk ID.</p> </li> </ul>", + "locationName": "Filter" + } + } + }, + "DescribeLaunchTemplateVersionsResult": { + "type": "structure", + "members": { + "LaunchTemplateVersions": { + "shape": "LaunchTemplateVersionSet", + "documentation": "<p>Information about the launch template versions.</p>", + "locationName": "launchTemplateVersionSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeLaunchTemplatesMaxResults": { + "type": "integer", + "max": 200, + "min": 1 + }, + "DescribeLaunchTemplatesRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "LaunchTemplateIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more launch template IDs.</p>", + "locationName": "LaunchTemplateId" + }, + "LaunchTemplateNames": { + "shape": "LaunchTemplateNameStringList", + "documentation": "<p>One or more launch template names.</p>", + "locationName": "LaunchTemplateName" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>create-time</code> - The time the launch template was created.</p> </li> <li> <p> <code>launch-template-name</code> - The name of the launch template.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeLaunchTemplatesMaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. This value can be between 1 and 200.</p>" + } + } + }, + "DescribeLaunchTemplatesResult": { + "type": "structure", + "members": { + "LaunchTemplates": { + "shape": "LaunchTemplateSet", + "documentation": "<p>Information about the launch templates.</p>", + "locationName": "launchTemplates" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeMovingAddressesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>moving-status</code> - The status of the Elastic IP address (<code>MovingToVpc</code> | <code>RestoringToClassic</code>).</p> </li> </ul>", + "locationName": "filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value outside of this range, an error is returned.</p> <p>Default: If no value is provided, the default is 1000.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>", + "locationName": "nextToken" + }, + "PublicIps": { + "shape": "ValueStringList", + "documentation": "<p>One or more Elastic IP addresses.</p>", + "locationName": "publicIp" + } + } + }, + "DescribeMovingAddressesResult": { + "type": "structure", + "members": { + "MovingAddressStatuses": { + "shape": "MovingAddressStatusSet", + "documentation": "<p>The status for each Elastic IP address.</p>", + "locationName": "movingAddressStatusSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeNatGatewaysRequest": { + "type": "structure", + "members": { + "Filter": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>nat-gateway-id</code> - The ID of the NAT gateway.</p> </li> <li> <p> <code>state</code> - The state of the NAT gateway (<code>pending</code> | <code>failed</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet in which the NAT gateway resides.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC in which the NAT gateway resides.</p> </li> </ul>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NatGatewayIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more NAT gateway IDs.</p>", + "locationName": "NatGatewayId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeNatGatewaysResult": { + "type": "structure", + "members": { + "NatGateways": { + "shape": "NatGatewayList", + "documentation": "<p>Information about the NAT gateways.</p>", + "locationName": "natGatewaySet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeNetworkAclsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeNetworkAclsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>association.association-id</code> - The ID of an association ID for the ACL.</p> </li> <li> <p> <code>association.network-acl-id</code> - The ID of the network ACL involved in the association.</p> </li> <li> <p> <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p> </li> <li> <p> <code>default</code> - Indicates whether the ACL is the default network ACL for the VPC.</p> </li> <li> <p> <code>entry.cidr</code> - The IPv4 CIDR range specified in the entry.</p> </li> <li> <p> <code>entry.icmp.code</code> - The ICMP code specified in the entry, if any.</p> </li> <li> <p> <code>entry.icmp.type</code> - The ICMP type specified in the entry, if any.</p> </li> <li> <p> <code>entry.ipv6-cidr</code> - The IPv6 CIDR range specified in the entry.</p> </li> <li> <p> <code>entry.port-range.from</code> - The start of the port range specified in the entry. </p> </li> <li> <p> <code>entry.port-range.to</code> - The end of the port range specified in the entry. </p> </li> <li> <p> <code>entry.protocol</code> - The protocol specified in the entry (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p> </li> <li> <p> <code>entry.rule-action</code> - Allows or denies the matching traffic (<code>allow</code> | <code>deny</code>).</p> </li> <li> <p> <code>entry.rule-number</code> - The number of an entry (in other words, rule) in the set of ACL entries.</p> </li> <li> <p> <code>network-acl-id</code> - The ID of the network ACL.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the network ACL.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the network ACL.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkAclIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more network ACL IDs.</p> <p>Default: Describes all your network ACLs.</p>", + "locationName": "NetworkAclId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeNetworkAclsMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeNetworkAclsResult": { + "type": "structure", + "members": { + "NetworkAcls": { + "shape": "NetworkAclList", + "documentation": "<p>Information about one or more network ACLs.</p>", + "locationName": "networkAclSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeNetworkInterfaceAttributeRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "Attribute": { + "shape": "NetworkInterfaceAttribute", + "documentation": "<p>The attribute of the network interface. This parameter is required.</p>", + "locationName": "attribute" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + }, + "documentation": "<p>Contains the parameters for DescribeNetworkInterfaceAttribute.</p>" + }, + "DescribeNetworkInterfaceAttributeResult": { + "type": "structure", + "members": { + "Attachment": { + "shape": "NetworkInterfaceAttachment", + "documentation": "<p>The attachment (if any) of the network interface.</p>", + "locationName": "attachment" + }, + "Description": { + "shape": "AttributeValue", + "documentation": "<p>The description of the network interface.</p>", + "locationName": "description" + }, + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>The security groups associated with the network interface.</p>", + "locationName": "groupSet" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "SourceDestCheck": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether source/destination checking is enabled.</p>", + "locationName": "sourceDestCheck" + } + }, + "documentation": "<p>Contains the output of DescribeNetworkInterfaceAttribute.</p>" + }, + "DescribeNetworkInterfacePermissionsMaxResults": { + "type": "integer", + "max": 255, + "min": 5 + }, + "DescribeNetworkInterfacePermissionsRequest": { + "type": "structure", + "members": { + "NetworkInterfacePermissionIds": { + "shape": "NetworkInterfacePermissionIdList", + "documentation": "<p>One or more network interface permission IDs.</p>", + "locationName": "NetworkInterfacePermissionId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>network-interface-permission.network-interface-permission-id</code> - The ID of the permission.</p> </li> <li> <p> <code>network-interface-permission.network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>network-interface-permission.aws-account-id</code> - The AWS account ID.</p> </li> <li> <p> <code>network-interface-permission.aws-service</code> - The AWS service.</p> </li> <li> <p> <code>network-interface-permission.permission</code> - The type of permission (<code>INSTANCE-ATTACH</code> | <code>EIP-ASSOCIATE</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeNetworkInterfacePermissionsMaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value. If this parameter is not specified, up to 50 results are returned by default.</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeNetworkInterfacePermissions.</p>" + }, + "DescribeNetworkInterfacePermissionsResult": { + "type": "structure", + "members": { + "NetworkInterfacePermissions": { + "shape": "NetworkInterfacePermissionList", + "documentation": "<p>The network interface permissions.</p>", + "locationName": "networkInterfacePermissions" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output for DescribeNetworkInterfacePermissions.</p>" + }, + "DescribeNetworkInterfacesMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeNetworkInterfacesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>addresses.private-ip-address</code> - The private IPv4 addresses associated with the network interface.</p> </li> <li> <p> <code>addresses.primary</code> - Whether the private IPv4 address is the primary IP address associated with the network interface. </p> </li> <li> <p> <code>addresses.association.public-ip</code> - The association ID returned when the network interface was associated with the Elastic IP address (IPv4).</p> </li> <li> <p> <code>addresses.association.owner-id</code> - The owner ID of the addresses associated with the network interface.</p> </li> <li> <p> <code>association.association-id</code> - The association ID returned when the network interface was associated with an IPv4 address.</p> </li> <li> <p> <code>association.allocation-id</code> - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.</p> </li> <li> <p> <code>association.ip-owner-id</code> - The owner of the Elastic IP address (IPv4) associated with the network interface.</p> </li> <li> <p> <code>association.public-ip</code> - The address of the Elastic IP address (IPv4) bound to the network interface.</p> </li> <li> <p> <code>association.public-dns-name</code> - The public DNS name for the network interface (IPv4).</p> </li> <li> <p> <code>attachment.attachment-id</code> - The ID of the interface attachment.</p> </li> <li> <p> <code>attachment.attach.time</code> - The time that the network interface was attached to an instance.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Indicates whether the attachment is deleted when an instance is terminated.</p> </li> <li> <p> <code>attachment.device-index</code> - The device index to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.instance-owner-id</code> - The owner ID of the instance to which the network interface is attached.</p> </li> <li> <p> <code>attachment.nat-gateway-id</code> - The ID of the NAT gateway to which the network interface is attached.</p> </li> <li> <p> <code>attachment.status</code> - The status of the attachment (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the network interface.</p> </li> <li> <p> <code>description</code> - The description of the network interface.</p> </li> <li> <p> <code>group-id</code> - The ID of a security group associated with the network interface.</p> </li> <li> <p> <code>group-name</code> - The name of a security group associated with the network interface.</p> </li> <li> <p> <code>ipv6-addresses.ipv6-address</code> - An IPv6 address associated with the network interface.</p> </li> <li> <p> <code>mac-address</code> - The MAC address of the network interface.</p> </li> <li> <p> <code>network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the network interface owner.</p> </li> <li> <p> <code>private-ip-address</code> - The private IPv4 address or addresses of the network interface.</p> </li> <li> <p> <code>private-dns-name</code> - The private DNS name of the network interface (IPv4).</p> </li> <li> <p> <code>requester-id</code> - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>requester-managed</code> - Indicates whether the network interface is being managed by an AWS service (for example, AWS Management Console, Auto Scaling, and so on).</p> </li> <li> <p> <code>source-dest-check</code> - Indicates whether the network interface performs source/destination checking. A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled. The value must be <code>false</code> for the network interface to perform network address translation (NAT) in your VPC. </p> </li> <li> <p> <code>status</code> - The status of the network interface. If the network interface is not attached to an instance, the status is <code>available</code>; if a network interface is attached to an instance the status is <code>in-use</code>.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet for the network interface.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the network interface.</p> </li> </ul>", + "locationName": "filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkInterfaceIds": { + "shape": "NetworkInterfaceIdList", + "documentation": "<p>One or more network interface IDs.</p> <p>Default: Describes all your network interfaces.</p>", + "locationName": "NetworkInterfaceId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeNetworkInterfacesMaxResults", + "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeNetworkInterfaces.</p>" + }, + "DescribeNetworkInterfacesResult": { + "type": "structure", + "members": { + "NetworkInterfaces": { + "shape": "NetworkInterfaceList", + "documentation": "<p>Information about one or more network interfaces.</p>", + "locationName": "networkInterfaceSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeNetworkInterfaces.</p>" + }, + "DescribePlacementGroupsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>group-name</code> - The name of the placement group.</p> </li> <li> <p> <code>state</code> - The state of the placement group (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>strategy</code> - The strategy of the placement group (<code>cluster</code> | <code>spread</code> | <code>partition</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "GroupNames": { + "shape": "PlacementGroupStringList", + "documentation": "<p>The names of the placement groups.</p> <p>Default: Describes all your placement groups, or only those otherwise specified.</p>", + "locationName": "groupName" + } + } + }, + "DescribePlacementGroupsResult": { + "type": "structure", + "members": { + "PlacementGroups": { + "shape": "PlacementGroupList", + "documentation": "<p>Information about the placement groups.</p>", + "locationName": "placementGroupSet" + } + } + }, + "DescribePrefixListsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>prefix-list-id</code>: The ID of a prefix list.</p> </li> <li> <p> <code>prefix-list-name</code>: The name of a prefix list.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "PrefixListIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more prefix list IDs.</p>", + "locationName": "PrefixListId" + } + } + }, + "DescribePrefixListsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "PrefixLists": { + "shape": "PrefixListSet", + "documentation": "<p>All available prefix lists.</p>", + "locationName": "prefixListSet" + } + } + }, + "DescribePrincipalIdFormatRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Resources": { + "shape": "ResourceList", + "documentation": "<p>The type of resource: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>instance</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>reservation</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>snapshot</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code> </p>", + "locationName": "Resource" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. </p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + } + } + }, + "DescribePrincipalIdFormatResult": { + "type": "structure", + "members": { + "Principals": { + "shape": "PrincipalIdFormatList", + "documentation": "<p>Information about the ID format settings for the ARN.</p>", + "locationName": "principalSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is null when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribePublicIpv4PoolsRequest": { + "type": "structure", + "members": { + "PoolIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the address pools.</p>", + "locationName": "PoolId" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "PoolMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribePublicIpv4PoolsResult": { + "type": "structure", + "members": { + "PublicIpv4Pools": { + "shape": "PublicIpv4PoolSet", + "documentation": "<p>Information about the address pools.</p>", + "locationName": "publicIpv4PoolSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeRegionsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>endpoint</code> - The endpoint of the Region (for example, <code>ec2.us-east-1.amazonaws.com</code>).</p> </li> <li> <p> <code>region-name</code> - The name of the Region (for example, <code>us-east-1</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "RegionNames": { + "shape": "RegionNameStringList", + "documentation": "<p>The names of the Regions.</p>", + "locationName": "RegionName" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeRegionsResult": { + "type": "structure", + "members": { + "Regions": { + "shape": "RegionList", + "documentation": "<p>Information about the Regions.</p>", + "locationName": "regionInfo" + } + } + }, + "DescribeReservedInstancesListingsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>reserved-instances-id</code> - The ID of the Reserved Instances.</p> </li> <li> <p> <code>reserved-instances-listing-id</code> - The ID of the Reserved Instances listing.</p> </li> <li> <p> <code>status</code> - The status of the Reserved Instance listing (<code>pending</code> | <code>active</code> | <code>cancelled</code> | <code>closed</code>).</p> </li> <li> <p> <code>status-message</code> - The reason for the status.</p> </li> </ul>", + "locationName": "Filter" + }, + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>One or more Reserved Instance IDs.</p>", + "locationName": "reservedInstancesId" + }, + "ReservedInstancesListingId": { + "shape": "String", + "documentation": "<p>One or more Reserved Instance listing IDs.</p>", + "locationName": "reservedInstancesListingId" + } + }, + "documentation": "<p>Contains the parameters for DescribeReservedInstancesListings.</p>" + }, + "DescribeReservedInstancesListingsResult": { + "type": "structure", + "members": { + "ReservedInstancesListings": { + "shape": "ReservedInstancesListingList", + "documentation": "<p>Information about the Reserved Instance listing.</p>", + "locationName": "reservedInstancesListingsSet" + } + }, + "documentation": "<p>Contains the output of DescribeReservedInstancesListings.</p>" + }, + "DescribeReservedInstancesModificationsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>client-token</code> - The idempotency token for the modification request.</p> </li> <li> <p> <code>create-date</code> - The time when the modification request was created.</p> </li> <li> <p> <code>effective-date</code> - The time when the modification becomes effective.</p> </li> <li> <p> <code>modification-result.reserved-instances-id</code> - The ID for the Reserved Instances created as part of the modification request. This ID is only available when the status of the modification is <code>fulfilled</code>.</p> </li> <li> <p> <code>modification-result.target-configuration.availability-zone</code> - The Availability Zone for the new Reserved Instances.</p> </li> <li> <p> <code>modification-result.target-configuration.instance-count </code> - The number of new Reserved Instances.</p> </li> <li> <p> <code>modification-result.target-configuration.instance-type</code> - The instance type of the new Reserved Instances.</p> </li> <li> <p> <code>modification-result.target-configuration.platform</code> - The network platform of the new Reserved Instances (<code>EC2-Classic</code> | <code>EC2-VPC</code>).</p> </li> <li> <p> <code>reserved-instances-id</code> - The ID of the Reserved Instances modified.</p> </li> <li> <p> <code>reserved-instances-modification-id</code> - The ID of the modification request.</p> </li> <li> <p> <code>status</code> - The status of the Reserved Instances modification request (<code>processing</code> | <code>fulfilled</code> | <code>failed</code>).</p> </li> <li> <p> <code>status-message</code> - The reason for the status.</p> </li> <li> <p> <code>update-date</code> - The time when the modification request was last updated.</p> </li> </ul>", + "locationName": "Filter" + }, + "ReservedInstancesModificationIds": { + "shape": "ReservedInstancesModificationIdStringList", + "documentation": "<p>IDs for the submitted modification request.</p>", + "locationName": "ReservedInstancesModificationId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the parameters for DescribeReservedInstancesModifications.</p>" + }, + "DescribeReservedInstancesModificationsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "ReservedInstancesModifications": { + "shape": "ReservedInstancesModificationList", + "documentation": "<p>The Reserved Instance modification information.</p>", + "locationName": "reservedInstancesModificationsSet" + } + }, + "documentation": "<p>Contains the output of DescribeReservedInstancesModifications.</p>" + }, + "DescribeReservedInstancesOfferingsRequest": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which the Reserved Instance can be used.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be used.</p> </li> <li> <p> <code>duration</code> - The duration of the Reserved Instance (for example, one year or three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p> </li> <li> <p> <code>fixed-price</code> - The purchase price of the Reserved Instance (for example, 9800.0).</p> </li> <li> <p> <code>instance-type</code> - The instance type that is covered by the reservation.</p> </li> <li> <p> <code>marketplace</code> - Set to <code>true</code> to show only Reserved Instance Marketplace offerings. When this filter is not used, which is the default behavior, all offerings from both AWS and the Reserved Instance Marketplace are listed.</p> </li> <li> <p> <code>product-description</code> - The Reserved Instance product platform description. Instances that include <code>(Amazon VPC)</code> in the product platform description will only be displayed to EC2-Classic account holders and are for use with Amazon VPC. (<code>Linux/UNIX</code> | <code>Linux/UNIX (Amazon VPC)</code> | <code>SUSE Linux</code> | <code>SUSE Linux (Amazon VPC)</code> | <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux (Amazon VPC)</code> | <code>Windows</code> | <code>Windows (Amazon VPC)</code> | <code>Windows with SQL Server Standard</code> | <code>Windows with SQL Server Standard (Amazon VPC)</code> | <code>Windows with SQL Server Web</code> | <code> Windows with SQL Server Web (Amazon VPC)</code> | <code>Windows with SQL Server Enterprise</code> | <code>Windows with SQL Server Enterprise (Amazon VPC)</code>) </p> </li> <li> <p> <code>reserved-instances-offering-id</code> - The Reserved Instances offering ID.</p> </li> <li> <p> <code>scope</code> - The scope of the Reserved Instance (<code>Availability Zone</code> or <code>Region</code>).</p> </li> <li> <p> <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for example, 0.84).</p> </li> </ul>", + "locationName": "Filter" + }, + "IncludeMarketplace": { + "shape": "Boolean", + "documentation": "<p>Include Reserved Instance Marketplace offerings in the response.</p>" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type that the reservation will cover (for example, <code>m1.small</code>). For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "MaxDuration": { + "shape": "Long", + "documentation": "<p>The maximum duration (in seconds) to filter when searching for offerings.</p> <p>Default: 94608000 (3 years)</p>" + }, + "MaxInstanceCount": { + "shape": "Integer", + "documentation": "<p>The maximum number of instances to filter when searching for offerings.</p> <p>Default: 20</p>" + }, + "MinDuration": { + "shape": "Long", + "documentation": "<p>The minimum duration (in seconds) to filter when searching for offerings.</p> <p>Default: 2592000 (1 month)</p>" + }, + "OfferingClass": { + "shape": "OfferingClassType", + "documentation": "<p>The offering class of the Reserved Instance. Can be <code>standard</code> or <code>convertible</code>.</p>" + }, + "ProductDescription": { + "shape": "RIProductDescription", + "documentation": "<p>The Reserved Instance product platform description. Instances that include <code>(Amazon VPC)</code> in the description are for use with Amazon VPC.</p>" + }, + "ReservedInstancesOfferingIds": { + "shape": "ReservedInstancesOfferingIdStringList", + "documentation": "<p>One or more Reserved Instances offering IDs.</p>", + "locationName": "ReservedInstancesOfferingId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceTenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instances covered by the reservation. A Reserved Instance with a tenancy of <code>dedicated</code> is applied to instances that run in a VPC on single-tenant hardware (i.e., Dedicated Instances).</p> <p> <b>Important:</b> The <code>host</code> value cannot be used with this parameter. Use the <code>default</code> or <code>dedicated</code> values only.</p> <p>Default: <code>default</code> </p>", + "locationName": "instanceTenancy" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. The maximum is 100.</p> <p>Default: 100</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>", + "locationName": "nextToken" + }, + "OfferingType": { + "shape": "OfferingTypeValues", + "documentation": "<p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API version, you only have access to the <code>Medium Utilization</code> Reserved Instance offering type. </p>", + "locationName": "offeringType" + } + }, + "documentation": "<p>Contains the parameters for DescribeReservedInstancesOfferings.</p>" + }, + "DescribeReservedInstancesOfferingsResult": { + "type": "structure", + "members": { + "ReservedInstancesOfferings": { + "shape": "ReservedInstancesOfferingList", + "documentation": "<p>A list of Reserved Instances offerings.</p>", + "locationName": "reservedInstancesOfferingsSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeReservedInstancesOfferings.</p>" + }, + "DescribeReservedInstancesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone where the Reserved Instance can be used.</p> </li> <li> <p> <code>duration</code> - The duration of the Reserved Instance (one year or three years), in seconds (<code>31536000</code> | <code>94608000</code>).</p> </li> <li> <p> <code>end</code> - The time when the Reserved Instance expires (for example, 2015-08-07T11:54:42.000Z).</p> </li> <li> <p> <code>fixed-price</code> - The purchase price of the Reserved Instance (for example, 9800.0).</p> </li> <li> <p> <code>instance-type</code> - The instance type that is covered by the reservation.</p> </li> <li> <p> <code>scope</code> - The scope of the Reserved Instance (<code>Region</code> or <code>Availability Zone</code>).</p> </li> <li> <p> <code>product-description</code> - The Reserved Instance product platform description. Instances that include <code>(Amazon VPC)</code> in the product platform description will only be displayed to EC2-Classic account holders and are for use with Amazon VPC (<code>Linux/UNIX</code> | <code>Linux/UNIX (Amazon VPC)</code> | <code>SUSE Linux</code> | <code>SUSE Linux (Amazon VPC)</code> | <code>Red Hat Enterprise Linux</code> | <code>Red Hat Enterprise Linux (Amazon VPC)</code> | <code>Windows</code> | <code>Windows (Amazon VPC)</code> | <code>Windows with SQL Server Standard</code> | <code>Windows with SQL Server Standard (Amazon VPC)</code> | <code>Windows with SQL Server Web</code> | <code>Windows with SQL Server Web (Amazon VPC)</code> | <code>Windows with SQL Server Enterprise</code> | <code>Windows with SQL Server Enterprise (Amazon VPC)</code>).</p> </li> <li> <p> <code>reserved-instances-id</code> - The ID of the Reserved Instance.</p> </li> <li> <p> <code>start</code> - The time at which the Reserved Instance purchase request was placed (for example, 2014-08-07T11:54:42.000Z).</p> </li> <li> <p> <code>state</code> - The state of the Reserved Instance (<code>payment-pending</code> | <code>active</code> | <code>payment-failed</code> | <code>retired</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>usage-price</code> - The usage price of the Reserved Instance, per hour (for example, 0.84).</p> </li> </ul>", + "locationName": "Filter" + }, + "OfferingClass": { + "shape": "OfferingClassType", + "documentation": "<p>Describes whether the Reserved Instance is Standard or Convertible.</p>" + }, + "ReservedInstancesIds": { + "shape": "ReservedInstancesIdStringList", + "documentation": "<p>One or more Reserved Instance IDs.</p> <p>Default: Describes all your Reserved Instances, or only those otherwise specified.</p>", + "locationName": "ReservedInstancesId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "OfferingType": { + "shape": "OfferingTypeValues", + "documentation": "<p>The Reserved Instance offering type. If you are using tools that predate the 2011-11-01 API version, you only have access to the <code>Medium Utilization</code> Reserved Instance offering type.</p>", + "locationName": "offeringType" + } + }, + "documentation": "<p>Contains the parameters for DescribeReservedInstances.</p>" + }, + "DescribeReservedInstancesResult": { + "type": "structure", + "members": { + "ReservedInstances": { + "shape": "ReservedInstancesList", + "documentation": "<p>A list of Reserved Instances.</p>", + "locationName": "reservedInstancesSet" + } + }, + "documentation": "<p>Contains the output for DescribeReservedInstances.</p>" + }, + "DescribeRouteTablesMaxResults": { + "type": "integer", + "max": 100, + "min": 5 + }, + "DescribeRouteTablesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>association.route-table-association-id</code> - The ID of an association ID for the route table.</p> </li> <li> <p> <code>association.route-table-id</code> - The ID of the route table involved in the association.</p> </li> <li> <p> <code>association.subnet-id</code> - The ID of the subnet involved in the association.</p> </li> <li> <p> <code>association.main</code> - Indicates whether the route table is the main route table for the VPC (<code>true</code> | <code>false</code>). Route tables that do not have an association ID are not returned in the response.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the route table.</p> </li> <li> <p> <code>route-table-id</code> - The ID of the route table.</p> </li> <li> <p> <code>route.destination-cidr-block</code> - The IPv4 CIDR range specified in a route in the table.</p> </li> <li> <p> <code>route.destination-ipv6-cidr-block</code> - The IPv6 CIDR range specified in a route in the route table.</p> </li> <li> <p> <code>route.destination-prefix-list-id</code> - The ID (prefix) of the AWS service specified in a route in the table.</p> </li> <li> <p> <code>route.egress-only-internet-gateway-id</code> - The ID of an egress-only Internet gateway specified in a route in the route table.</p> </li> <li> <p> <code>route.gateway-id</code> - The ID of a gateway specified in a route in the table.</p> </li> <li> <p> <code>route.instance-id</code> - The ID of an instance specified in a route in the table.</p> </li> <li> <p> <code>route.nat-gateway-id</code> - The ID of a NAT gateway.</p> </li> <li> <p> <code>route.transit-gateway-id</code> - The ID of a transit gateway.</p> </li> <li> <p> <code>route.origin</code> - Describes how the route was created. <code>CreateRouteTable</code> indicates that the route was automatically created when the route table was created; <code>CreateRoute</code> indicates that the route was manually added to the route table; <code>EnableVgwRoutePropagation</code> indicates that the route was propagated by route propagation.</p> </li> <li> <p> <code>route.state</code> - The state of a route in the route table (<code>active</code> | <code>blackhole</code>). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).</p> </li> <li> <p> <code>route.vpc-peering-connection-id</code> - The ID of a VPC peering connection specified in a route in the table.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of a transit gateway.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the route table.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "RouteTableIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more route table IDs.</p> <p>Default: Describes all your route tables.</p>", + "locationName": "RouteTableId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeRouteTablesMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeRouteTablesResult": { + "type": "structure", + "members": { + "RouteTables": { + "shape": "RouteTableList", + "documentation": "<p>Information about one or more route tables.</p>", + "locationName": "routeTableSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeRouteTables.</p>" + }, + "DescribeScheduledInstanceAvailabilityRequest": { + "type": "structure", + "required": [ + "FirstSlotStartTimeRange", + "Recurrence" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone (for example, <code>us-west-2a</code>).</p> </li> <li> <p> <code>instance-type</code> - The instance type (for example, <code>c4.large</code>).</p> </li> <li> <p> <code>network-platform</code> - The network platform (<code>EC2-Classic</code> or <code>EC2-VPC</code>).</p> </li> <li> <p> <code>platform</code> - The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "FirstSlotStartTimeRange": { + "shape": "SlotDateTimeRangeRequest", + "documentation": "<p>The time period for the first schedule to start.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. This value can be between 5 and 300. The default value is 300. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "MaxSlotDurationInHours": { + "shape": "Integer", + "documentation": "<p>The maximum available duration, in hours. This value must be greater than <code>MinSlotDurationInHours</code> and less than 1,720.</p>" + }, + "MinSlotDurationInHours": { + "shape": "Integer", + "documentation": "<p>The minimum available duration, in hours. The minimum required duration is 1,200 hours per year. For example, the minimum daily schedule is 4 hours, the minimum weekly schedule is 24 hours, and the minimum monthly schedule is 100 hours.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>" + }, + "Recurrence": { + "shape": "ScheduledInstanceRecurrenceRequest", + "documentation": "<p>The schedule recurrence.</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeScheduledInstanceAvailability.</p>" + }, + "DescribeScheduledInstanceAvailabilityResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "ScheduledInstanceAvailabilitySet": { + "shape": "ScheduledInstanceAvailabilitySet", + "documentation": "<p>Information about the available Scheduled Instances.</p>", + "locationName": "scheduledInstanceAvailabilitySet" + } + }, + "documentation": "<p>Contains the output of DescribeScheduledInstanceAvailability.</p>" + }, + "DescribeScheduledInstancesRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone (for example, <code>us-west-2a</code>).</p> </li> <li> <p> <code>instance-type</code> - The instance type (for example, <code>c4.large</code>).</p> </li> <li> <p> <code>network-platform</code> - The network platform (<code>EC2-Classic</code> or <code>EC2-VPC</code>).</p> </li> <li> <p> <code>platform</code> - The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. This value can be between 5 and 300. The default value is 100. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>" + }, + "ScheduledInstanceIds": { + "shape": "ScheduledInstanceIdRequestSet", + "documentation": "<p>The Scheduled Instance IDs.</p>", + "locationName": "ScheduledInstanceId" + }, + "SlotStartTimeRange": { + "shape": "SlotStartTimeRangeRequest", + "documentation": "<p>The time period for the first schedule to start.</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeScheduledInstances.</p>" + }, + "DescribeScheduledInstancesResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "ScheduledInstanceSet": { + "shape": "ScheduledInstanceSet", + "documentation": "<p>Information about the Scheduled Instances.</p>", + "locationName": "scheduledInstanceSet" + } + }, + "documentation": "<p>Contains the output of DescribeScheduledInstances.</p>" + }, + "DescribeSecurityGroupReferencesRequest": { + "type": "structure", + "required": [ + "GroupId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "GroupId": { + "shape": "GroupIds", + "documentation": "<p>The IDs of the security groups in your account.</p>" + } + } + }, + "DescribeSecurityGroupReferencesResult": { + "type": "structure", + "members": { + "SecurityGroupReferenceSet": { + "shape": "SecurityGroupReferences", + "documentation": "<p>Information about the VPCs with the referencing security groups.</p>", + "locationName": "securityGroupReferenceSet" + } + } + }, + "DescribeSecurityGroupsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeSecurityGroupsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.</p> <ul> <li> <p> <code>description</code> - The description of the security group.</p> </li> <li> <p> <code>egress.ip-permission.cidr</code> - An IPv4 CIDR block for an outbound security group rule.</p> </li> <li> <p> <code>egress.ip-permission.from-port</code> - For an outbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.</p> </li> <li> <p> <code>egress.ip-permission.group-id</code> - The ID of a security group that has been referenced in an outbound security group rule.</p> </li> <li> <p> <code>egress.ip-permission.group-name</code> - The name of a security group that has been referenced in an outbound security group rule.</p> </li> <li> <p> <code>egress.ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an outbound security group rule.</p> </li> <li> <p> <code>egress.ip-permission.prefix-list-id</code> - The ID (prefix) of the AWS service to which a security group rule allows outbound access.</p> </li> <li> <p> <code>egress.ip-permission.protocol</code> - The IP protocol for an outbound security group rule (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p> </li> <li> <p> <code>egress.ip-permission.to-port</code> - For an outbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.</p> </li> <li> <p> <code>egress.ip-permission.user-id</code> - The ID of an AWS account that has been referenced in an outbound security group rule.</p> </li> <li> <p> <code>group-id</code> - The ID of the security group. </p> </li> <li> <p> <code>group-name</code> - The name of the security group.</p> </li> <li> <p> <code>ip-permission.cidr</code> - An IPv4 CIDR block for an inbound security group rule.</p> </li> <li> <p> <code>ip-permission.from-port</code> - For an inbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.</p> </li> <li> <p> <code>ip-permission.group-id</code> - The ID of a security group that has been referenced in an inbound security group rule.</p> </li> <li> <p> <code>ip-permission.group-name</code> - The name of a security group that has been referenced in an inbound security group rule.</p> </li> <li> <p> <code>ip-permission.ipv6-cidr</code> - An IPv6 CIDR block for an inbound security group rule.</p> </li> <li> <p> <code>ip-permission.prefix-list-id</code> - The ID (prefix) of the AWS service from which a security group rule allows inbound access.</p> </li> <li> <p> <code>ip-permission.protocol</code> - The IP protocol for an inbound security group rule (<code>tcp</code> | <code>udp</code> | <code>icmp</code> or a protocol number).</p> </li> <li> <p> <code>ip-permission.to-port</code> - For an inbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.</p> </li> <li> <p> <code>ip-permission.user-id</code> - The ID of an AWS account that has been referenced in an inbound security group rule.</p> </li> <li> <p> <code>owner-id</code> - The AWS account ID of the owner of the security group.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC specified when the security group was created.</p> </li> </ul>", + "locationName": "Filter" + }, + "GroupIds": { + "shape": "GroupIdStringList", + "documentation": "<p>The IDs of the security groups. Required for security groups in a nondefault VPC.</p> <p>Default: Describes all your security groups.</p>", + "locationName": "GroupId" + }, + "GroupNames": { + "shape": "GroupNameStringList", + "documentation": "<p>[EC2-Classic and default VPC only] The names of the security groups. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the <code>group-name</code> filter to describe security groups by name.</p> <p>Default: Describes all your security groups.</p>", + "locationName": "GroupName" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeSecurityGroupsMaxResults", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000. If this parameter is not specified, then all results are returned.</p>" + } + } + }, + "DescribeSecurityGroupsResult": { + "type": "structure", + "members": { + "SecurityGroups": { + "shape": "SecurityGroupList", + "documentation": "<p>Information about the security groups.</p>", + "locationName": "securityGroupInfo" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeSnapshotAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "SnapshotId" + ], + "members": { + "Attribute": { + "shape": "SnapshotAttributeName", + "documentation": "<p>The snapshot attribute you would like to view.</p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the EBS snapshot.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeSnapshotAttribute.</p>" + }, + "DescribeSnapshotAttributeResult": { + "type": "structure", + "members": { + "CreateVolumePermissions": { + "shape": "CreateVolumePermissionList", + "documentation": "<p>The users and groups that have the permissions for creating volumes from the snapshot.</p>", + "locationName": "createVolumePermission" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>The product codes.</p>", + "locationName": "productCodes" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the EBS snapshot.</p>", + "locationName": "snapshotId" + } + }, + "documentation": "<p>Contains the output of DescribeSnapshotAttribute.</p>" + }, + "DescribeSnapshotsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>description</code> - A description of the snapshot.</p> </li> <li> <p> <code>encrypted</code> - Indicates whether the snapshot is encrypted (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>owner-alias</code> - Value from an Amazon-maintained list (<code>amazon</code> | <code>self</code> | <code>all</code> | <code>aws-marketplace</code> | <code>microsoft</code>) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the snapshot.</p> </li> <li> <p> <code>progress</code> - The progress of the snapshot, as a percentage (for example, 80%).</p> </li> <li> <p> <code>snapshot-id</code> - The snapshot ID.</p> </li> <li> <p> <code>start-time</code> - The time stamp when the snapshot was initiated.</p> </li> <li> <p> <code>status</code> - The status of the snapshot (<code>pending</code> | <code>completed</code> | <code>error</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>volume-id</code> - The ID of the volume the snapshot is for.</p> </li> <li> <p> <code>volume-size</code> - The size of the volume, in GiB.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of snapshot results returned by <code>DescribeSnapshots</code> in paginated output. When this parameter is used, <code>DescribeSnapshots</code> only returns <code>MaxResults</code> results in a single page along with a <code>NextToken</code> response element. The remaining results of the initial request can be seen by sending another <code>DescribeSnapshots</code> request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned. If this parameter is not used, then <code>DescribeSnapshots</code> returns all results. You cannot specify this parameter and the snapshot IDs parameter in the same request.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>NextToken</code> value returned from a previous paginated <code>DescribeSnapshots</code> request where <code>MaxResults</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>NextToken</code> value. This value is <code>null</code> when there are no more results to return.</p>" + }, + "OwnerIds": { + "shape": "OwnerStringList", + "documentation": "<p>Describes the snapshots owned by these owners.</p>", + "locationName": "Owner" + }, + "RestorableByUserIds": { + "shape": "RestorableByStringList", + "documentation": "<p>The IDs of the AWS accounts that can create volumes from the snapshot.</p>", + "locationName": "RestorableBy" + }, + "SnapshotIds": { + "shape": "SnapshotIdStringList", + "documentation": "<p>The snapshot IDs.</p> <p>Default: Describes the snapshots for which you have create volume permissions.</p>", + "locationName": "SnapshotId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeSnapshotsResult": { + "type": "structure", + "members": { + "Snapshots": { + "shape": "SnapshotList", + "documentation": "<p>Information about the snapshots.</p>", + "locationName": "snapshotSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>NextToken</code> value to include in a future <code>DescribeSnapshots</code> request. When the results of a <code>DescribeSnapshots</code> request exceed <code>MaxResults</code>, this value can be used to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeSpotDatafeedSubscriptionRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotDatafeedSubscription.</p>" + }, + "DescribeSpotDatafeedSubscriptionResult": { + "type": "structure", + "members": { + "SpotDatafeedSubscription": { + "shape": "SpotDatafeedSubscription", + "documentation": "<p>The Spot Instance data feed subscription.</p>", + "locationName": "spotDatafeedSubscription" + } + }, + "documentation": "<p>Contains the output of DescribeSpotDatafeedSubscription.</p>" + }, + "DescribeSpotFleetInstancesRequest": { + "type": "structure", + "required": [ + "SpotFleetRequestId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotFleetInstances.</p>" + }, + "DescribeSpotFleetInstancesResponse": { + "type": "structure", + "members": { + "ActiveInstances": { + "shape": "ActiveInstanceSet", + "documentation": "<p>The running instances. This list is refreshed periodically and might be out of date.</p>", + "locationName": "activeInstanceSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Contains the output of DescribeSpotFleetInstances.</p>" + }, + "DescribeSpotFleetRequestHistoryRequest": { + "type": "structure", + "required": [ + "SpotFleetRequestId", + "StartTime" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EventType": { + "shape": "EventType", + "documentation": "<p>The type of events to describe. By default, all events are described.</p>", + "locationName": "eventType" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The starting date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "startTime" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotFleetRequestHistory.</p>" + }, + "DescribeSpotFleetRequestHistoryResponse": { + "type": "structure", + "members": { + "HistoryRecords": { + "shape": "HistoryRecords", + "documentation": "<p>Information about the events in the history of the Spot Fleet request.</p>", + "locationName": "historyRecordSet" + }, + "LastEvaluatedTime": { + "shape": "DateTime", + "documentation": "<p>The last date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). All records up to this time were retrieved.</p> <p>If <code>nextToken</code> indicates that there are more results, this value is not present.</p>", + "locationName": "lastEvaluatedTime" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The starting date and time for the events, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "startTime" + } + }, + "documentation": "<p>Contains the output of DescribeSpotFleetRequestHistory.</p>" + }, + "DescribeSpotFleetRequestsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the Spot Fleet requests.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotFleetRequests.</p>" + }, + "DescribeSpotFleetRequestsResponse": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "SpotFleetRequestConfigs": { + "shape": "SpotFleetRequestConfigSet", + "documentation": "<p>Information about the configuration of your Spot Fleet.</p>", + "locationName": "spotFleetRequestConfigSet" + } + }, + "documentation": "<p>Contains the output of DescribeSpotFleetRequests.</p>" + }, + "DescribeSpotInstanceRequestsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>availability-zone-group</code> - The Availability Zone group.</p> </li> <li> <p> <code>create-time</code> - The time stamp when the Spot Instance request was created.</p> </li> <li> <p> <code>fault-code</code> - The fault code related to the request.</p> </li> <li> <p> <code>fault-message</code> - The fault message related to the request.</p> </li> <li> <p> <code>instance-id</code> - The ID of the instance that fulfilled the request.</p> </li> <li> <p> <code>launch-group</code> - The Spot Instance launch group.</p> </li> <li> <p> <code>launch.block-device-mapping.delete-on-termination</code> - Indicates whether the EBS volume is deleted on instance termination.</p> </li> <li> <p> <code>launch.block-device-mapping.device-name</code> - The device name for the volume in the block device mapping (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p> </li> <li> <p> <code>launch.block-device-mapping.snapshot-id</code> - The ID of the snapshot for the EBS volume.</p> </li> <li> <p> <code>launch.block-device-mapping.volume-size</code> - The size of the EBS volume, in GiB.</p> </li> <li> <p> <code>launch.block-device-mapping.volume-type</code> - The type of EBS volume: <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code>for Cold HDD, or <code>standard</code> for Magnetic.</p> </li> <li> <p> <code>launch.group-id</code> - The ID of the security group for the instance.</p> </li> <li> <p> <code>launch.group-name</code> - The name of the security group for the instance.</p> </li> <li> <p> <code>launch.image-id</code> - The ID of the AMI.</p> </li> <li> <p> <code>launch.instance-type</code> - The type of instance (for example, <code>m3.medium</code>).</p> </li> <li> <p> <code>launch.kernel-id</code> - The kernel ID.</p> </li> <li> <p> <code>launch.key-name</code> - The name of the key pair the instance launched with.</p> </li> <li> <p> <code>launch.monitoring-enabled</code> - Whether detailed monitoring is enabled for the Spot Instance.</p> </li> <li> <p> <code>launch.ramdisk-id</code> - The RAM disk ID.</p> </li> <li> <p> <code>launched-availability-zone</code> - The Availability Zone in which the request is launched.</p> </li> <li> <p> <code>network-interface.addresses.primary</code> - Indicates whether the IP address is the primary private IP address.</p> </li> <li> <p> <code>network-interface.delete-on-termination</code> - Indicates whether the network interface is deleted when the instance is terminated.</p> </li> <li> <p> <code>network-interface.description</code> - A description of the network interface.</p> </li> <li> <p> <code>network-interface.device-index</code> - The index of the device for the network interface attachment on the instance.</p> </li> <li> <p> <code>network-interface.group-id</code> - The ID of the security group associated with the network interface.</p> </li> <li> <p> <code>network-interface.network-interface-id</code> - The ID of the network interface.</p> </li> <li> <p> <code>network-interface.private-ip-address</code> - The primary private IP address of the network interface.</p> </li> <li> <p> <code>network-interface.subnet-id</code> - The ID of the subnet for the instance.</p> </li> <li> <p> <code>product-description</code> - The product description associated with the instance (<code>Linux/UNIX</code> | <code>Windows</code>).</p> </li> <li> <p> <code>spot-instance-request-id</code> - The Spot Instance request ID.</p> </li> <li> <p> <code>spot-price</code> - The maximum hourly price for any Spot Instance launched to fulfill the request.</p> </li> <li> <p> <code>state</code> - The state of the Spot Instance request (<code>open</code> | <code>active</code> | <code>closed</code> | <code>cancelled</code> | <code>failed</code>). Spot request status information can help you track your Amazon EC2 Spot Instance requests. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html\">Spot Request Status</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p> </li> <li> <p> <code>status-code</code> - The short code describing the most recent evaluation of your Spot Instance request.</p> </li> <li> <p> <code>status-message</code> - The message explaining the status of the Spot Instance request.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>type</code> - The type of Spot Instance request (<code>one-time</code> | <code>persistent</code>).</p> </li> <li> <p> <code>valid-from</code> - The start date of the request.</p> </li> <li> <p> <code>valid-until</code> - The end date of the request.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "SpotInstanceRequestIds": { + "shape": "SpotInstanceRequestIdList", + "documentation": "<p>One or more Spot Instance request IDs.</p>", + "locationName": "SpotInstanceRequestId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next set of results. This value is <code>null</code> when there are no more results to return.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 5 and 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotInstanceRequests.</p>" + }, + "DescribeSpotInstanceRequestsResult": { + "type": "structure", + "members": { + "SpotInstanceRequests": { + "shape": "SpotInstanceRequestList", + "documentation": "<p>One or more Spot Instance requests.</p>", + "locationName": "spotInstanceRequestSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next set of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeSpotInstanceRequests.</p>" + }, + "DescribeSpotPriceHistoryRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone for which prices should be returned.</p> </li> <li> <p> <code>instance-type</code> - The type of instance (for example, <code>m3.medium</code>).</p> </li> <li> <p> <code>product-description</code> - The product description for the Spot price (<code>Linux/UNIX</code> | <code>SUSE Linux</code> | <code>Windows</code> | <code>Linux/UNIX (Amazon VPC)</code> | <code>SUSE Linux (Amazon VPC)</code> | <code>Windows (Amazon VPC)</code>).</p> </li> <li> <p> <code>spot-price</code> - The Spot price. The value must match exactly (or use wildcards; greater than or less than comparison is not supported).</p> </li> <li> <p> <code>timestamp</code> - The time stamp of the Spot price history, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). You can use wildcards (* and ?). Greater than or less than comparison is not supported.</p> </li> </ul>", + "locationName": "Filter" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>Filters the results by the specified Availability Zone.</p>", + "locationName": "availabilityZone" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EndTime": { + "shape": "DateTime", + "documentation": "<p>The date and time, up to the current date, from which to stop retrieving the price history data, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "endTime" + }, + "InstanceTypes": { + "shape": "InstanceTypeList", + "documentation": "<p>Filters the results by the specified instance types.</p>", + "locationName": "InstanceType" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of results.</p>", + "locationName": "nextToken" + }, + "ProductDescriptions": { + "shape": "ProductDescriptionList", + "documentation": "<p>Filters the results by the specified basic product descriptions.</p>", + "locationName": "ProductDescription" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The date and time, up to the past 90 days, from which to start retrieving the price history data, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "startTime" + } + }, + "documentation": "<p>Contains the parameters for DescribeSpotPriceHistory.</p>" + }, + "DescribeSpotPriceHistoryResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token required to retrieve the next set of results. This value is null or an empty string when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "SpotPriceHistory": { + "shape": "SpotPriceHistoryList", + "documentation": "<p>The historical Spot prices.</p>", + "locationName": "spotPriceHistorySet" + } + }, + "documentation": "<p>Contains the output of DescribeSpotPriceHistory.</p>" + }, + "DescribeStaleSecurityGroupsMaxResults": { + "type": "integer", + "max": 255, + "min": 5 + }, + "DescribeStaleSecurityGroupsNextToken": { + "type": "string", + "max": 1024, + "min": 1 + }, + "DescribeStaleSecurityGroupsRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "MaxResults": { + "shape": "DescribeStaleSecurityGroupsMaxResults", + "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p>" + }, + "NextToken": { + "shape": "DescribeStaleSecurityGroupsNextToken", + "documentation": "<p>The token for the next set of items to return. (You received this token from a prior call.)</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + } + } + }, + "DescribeStaleSecurityGroupsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>", + "locationName": "nextToken" + }, + "StaleSecurityGroupSet": { + "shape": "StaleSecurityGroupSet", + "documentation": "<p>Information about the stale security groups.</p>", + "locationName": "staleSecurityGroupSet" + } + } + }, + "DescribeSubnetsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeSubnetsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>availability-zone</code> - The Availability Zone for the subnet. You can also use <code>availabilityZone</code> as the filter name.</p> </li> <li> <p> <code>availability-zone-id</code> - The ID of the Availability Zone for the subnet. You can also use <code>availabilityZoneId</code> as the filter name.</p> </li> <li> <p> <code>available-ip-address-count</code> - The number of IPv4 addresses in the subnet that are available.</p> </li> <li> <p> <code>cidr-block</code> - The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use <code>cidr</code> or <code>cidrBlock</code> as the filter names.</p> </li> <li> <p> <code>default-for-az</code> - Indicates whether this is the default subnet for the Availability Zone. You can also use <code>defaultForAz</code> as the filter name.</p> </li> <li> <p> <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR block associated with the subnet.</p> </li> <li> <p> <code>ipv6-cidr-block-association.association-id</code> - An association ID for an IPv6 CIDR block associated with the subnet.</p> </li> <li> <p> <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR block associated with the subnet.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the subnet.</p> </li> <li> <p> <code>state</code> - The state of the subnet (<code>pending</code> | <code>available</code>).</p> </li> <li> <p> <code>subnet-arn</code> - The Amazon Resource Name (ARN) of the subnet.</p> </li> <li> <p> <code>subnet-id</code> - The ID of the subnet.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC for the subnet.</p> </li> </ul>", + "locationName": "Filter" + }, + "SubnetIds": { + "shape": "SubnetIdStringList", + "documentation": "<p>One or more subnet IDs.</p> <p>Default: Describes all your subnets.</p>", + "locationName": "SubnetId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeSubnetsMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeSubnetsResult": { + "type": "structure", + "members": { + "Subnets": { + "shape": "SubnetList", + "documentation": "<p>Information about one or more subnets.</p>", + "locationName": "subnetSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTagsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>key</code> - The tag key.</p> </li> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>customer-gateway</code> | <code>dedicated-host</code> | <code>dhcp-options</code> | <code>elastic-ip</code> | <code>fleet</code> | <code>fpga-image</code> | <code>image</code> | <code>instance</code> | <code>host-reservation</code> | <code>internet-gateway</code> | <code>launch-template</code> | <code>natgateway</code> | <code>network-acl</code> | <code>network-interface</code> | <code>reserved-instances</code> | <code>route-table</code> | <code>security-group</code> | <code>snapshot</code> | <code>spot-instances-request</code> | <code>subnet</code> | <code>volume</code> | <code>vpc</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of the tag. For example, specify \"tag:Owner\" for the filter name and \"TeamA\" for the filter value to find resources with the tag \"Owner=TeamA\".</p> </li> <li> <p> <code>value</code> - The tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. This value can be between 5 and 1000. To retrieve the remaining results, make another call with the returned <code>NextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTagsResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "Tags": { + "shape": "TagDescriptionList", + "documentation": "<p>The tags.</p>", + "locationName": "tagSet" + } + } + }, + "DescribeTrafficMirrorFiltersRequest": { + "type": "structure", + "members": { + "TrafficMirrorFilterIds": { + "shape": "ValueStringList", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>", + "locationName": "TrafficMirrorFilterId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>description</code>: The Traffic Mirror filter description.</p> </li> <li> <p> <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TrafficMirroringMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeTrafficMirrorFiltersResult": { + "type": "structure", + "members": { + "TrafficMirrorFilters": { + "shape": "TrafficMirrorFilterSet", + "documentation": "<p>Information about one or more Traffic Mirror filters.</p>", + "locationName": "trafficMirrorFilterSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTrafficMirrorSessionsRequest": { + "type": "structure", + "members": { + "TrafficMirrorSessionIds": { + "shape": "ValueStringList", + "documentation": "<p>The ID of the Traffic Mirror session.</p>", + "locationName": "TrafficMirrorSessionId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>description</code>: The Traffic Mirror session description.</p> </li> <li> <p> <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p> </li> <li> <p> <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p> </li> <li> <p> <code>packet-length</code>: The assigned number of packets to mirror. </p> </li> <li> <p> <code>session-number</code>: The assigned session number. </p> </li> <li> <p> <code>traffic-mirror-filter-id</code>: The ID of the Traffic Mirror filter.</p> </li> <li> <p> <code>traffic-mirror-session-id</code>: The ID of the Traffic Mirror session.</p> </li> <li> <p> <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p> </li> <li> <p> <code>virtual-network-id</code>: The virtual network ID of the Traffic Mirror session.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TrafficMirroringMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeTrafficMirrorSessionsResult": { + "type": "structure", + "members": { + "TrafficMirrorSessions": { + "shape": "TrafficMirrorSessionSet", + "documentation": "<p>Describes one or more Traffic Mirror sessions. By default, all Traffic Mirror sessions are described. Alternatively, you can filter the results.</p>", + "locationName": "trafficMirrorSessionSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTrafficMirrorTargetsRequest": { + "type": "structure", + "members": { + "TrafficMirrorTargetIds": { + "shape": "ValueStringList", + "documentation": "<p>The ID of the Traffic Mirror targets.</p>", + "locationName": "TrafficMirrorTargetId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>description</code>: The Traffic Mirror target description.</p> </li> <li> <p> <code>network-interface-id</code>: The ID of the Traffic Mirror session network interface.</p> </li> <li> <p> <code>network-load-balancer-arn</code>: The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the session.</p> </li> <li> <p> <code>owner-id</code>: The ID of the account that owns the Traffic Mirror session.</p> </li> <li> <p> <code>traffic-mirror-target-id</code>: The ID of the Traffic Mirror target.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TrafficMirroringMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>" + } + } + }, + "DescribeTrafficMirrorTargetsResult": { + "type": "structure", + "members": { + "TrafficMirrorTargets": { + "shape": "TrafficMirrorTargetSet", + "documentation": "<p>Information about one or more Traffic Mirror targets.</p>", + "locationName": "trafficMirrorTargetSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. The value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTransitGatewayAttachmentsRequest": { + "type": "structure", + "members": { + "TransitGatewayAttachmentIds": { + "shape": "TransitGatewayAttachmentIdStringList", + "documentation": "<p>The IDs of the attachments.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>association.state</code> - The state of the association (<code>associating</code> | <code>associated</code> | <code>disassociating</code>).</p> </li> <li> <p> <code>association.transit-gateway-route-table-id</code> - The ID of the route table for the transit gateway.</p> </li> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-owner-id</code> - The ID of the AWS account that owns the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>state</code> - The state of the attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> <li> <p> <code>transit-gateway-owner-id</code> - The ID of the AWS account that owns the transit gateway.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeTransitGatewayAttachmentsResult": { + "type": "structure", + "members": { + "TransitGatewayAttachments": { + "shape": "TransitGatewayAttachmentList", + "documentation": "<p>Information about the attachments.</p>", + "locationName": "transitGatewayAttachments" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTransitGatewayRouteTablesRequest": { + "type": "structure", + "members": { + "TransitGatewayRouteTableIds": { + "shape": "TransitGatewayRouteTableIdStringList", + "documentation": "<p>The IDs of the transit gateway route tables.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>default-association-route-table</code> - Indicates whether this is the default association route table for the transit gateway (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>default-propagation-route-table</code> - Indicates whether this is the default propagation route table for the transit gateway (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>state</code> - The state of the attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> <li> <p> <code>transit-gateway-route-table-id</code> - The ID of the transit gateway route table.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeTransitGatewayRouteTablesResult": { + "type": "structure", + "members": { + "TransitGatewayRouteTables": { + "shape": "TransitGatewayRouteTableList", + "documentation": "<p>Information about the transit gateway route tables.</p>", + "locationName": "transitGatewayRouteTables" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTransitGatewayVpcAttachmentsRequest": { + "type": "structure", + "members": { + "TransitGatewayAttachmentIds": { + "shape": "TransitGatewayAttachmentIdStringList", + "documentation": "<p>The IDs of the attachments.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>state</code> - The state of the attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeTransitGatewayVpcAttachmentsResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachments": { + "shape": "TransitGatewayVpcAttachmentList", + "documentation": "<p>Information about the VPC attachments.</p>", + "locationName": "transitGatewayVpcAttachments" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeTransitGatewaysRequest": { + "type": "structure", + "members": { + "TransitGatewayIds": { + "shape": "TransitGatewayIdStringList", + "documentation": "<p>The IDs of the transit gateways.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>options.propagation-default-route-table-id</code> - The ID of the default propagation route table.</p> </li> <li> <p> <code>options.amazon-side-asn</code> - The private ASN for the Amazon side of a BGP session.</p> </li> <li> <p> <code>options.association-default-route-table-id</code> - The ID of the default association route table.</p> </li> <li> <p> <code>options.auto-accept-shared-attachments</code> - Indicates whether there is automatic acceptance of attachment requests (<code>enable</code> | <code>disable</code>).</p> </li> <li> <p> <code>options.default-route-table-association</code> - Indicates whether resource attachments are automatically associated with the default association route table (<code>enable</code> | <code>disable</code>).</p> </li> <li> <p> <code>options.default-route-table-propagation</code> - Indicates whether resource attachments automatically propagate routes to the default propagation route table (<code>enable</code> | <code>disable</code>).</p> </li> <li> <p> <code>options.dns-support</code> - Indicates whether DNS support is enabled (<code>enable</code> | <code>disable</code>).</p> </li> <li> <p> <code>options.vpn-ecmp-support</code> - Indicates whether Equal Cost Multipath Protocol support is enabled (<code>enable</code> | <code>disable</code>).</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the transit gateway.</p> </li> <li> <p> <code>state</code> - The state of the attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-id</code> - The ID of the transit gateway.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DescribeTransitGatewaysResult": { + "type": "structure", + "members": { + "TransitGateways": { + "shape": "TransitGatewayList", + "documentation": "<p>Information about the transit gateways.</p>", + "locationName": "transitGatewaySet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVolumeAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "VolumeId" + ], + "members": { + "Attribute": { + "shape": "VolumeAttributeName", + "documentation": "<p>The attribute of the volume. This parameter is required.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeVolumeAttribute.</p>" + }, + "DescribeVolumeAttributeResult": { + "type": "structure", + "members": { + "AutoEnableIO": { + "shape": "AttributeBooleanValue", + "documentation": "<p>The state of <code>autoEnableIO</code> attribute.</p>", + "locationName": "autoEnableIO" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>A list of product codes.</p>", + "locationName": "productCodes" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>", + "locationName": "volumeId" + } + }, + "documentation": "<p>Contains the output of DescribeVolumeAttribute.</p>" + }, + "DescribeVolumeStatusRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>action.code</code> - The action code for the event (for example, <code>enable-volume-io</code>).</p> </li> <li> <p> <code>action.description</code> - A description of the action.</p> </li> <li> <p> <code>action.event-id</code> - The event ID associated with the action.</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone of the instance.</p> </li> <li> <p> <code>event.description</code> - A description of the event.</p> </li> <li> <p> <code>event.event-id</code> - The event ID.</p> </li> <li> <p> <code>event.event-type</code> - The event type (for <code>io-enabled</code>: <code>passed</code> | <code>failed</code>; for <code>io-performance</code>: <code>io-performance:degraded</code> | <code>io-performance:severely-degraded</code> | <code>io-performance:stalled</code>).</p> </li> <li> <p> <code>event.not-after</code> - The latest end time for the event.</p> </li> <li> <p> <code>event.not-before</code> - The earliest start time for the event.</p> </li> <li> <p> <code>volume-status.details-name</code> - The cause for <code>volume-status.status</code> (<code>io-enabled</code> | <code>io-performance</code>).</p> </li> <li> <p> <code>volume-status.details-status</code> - The status of <code>volume-status.details-name</code> (for <code>io-enabled</code>: <code>passed</code> | <code>failed</code>; for <code>io-performance</code>: <code>normal</code> | <code>degraded</code> | <code>severely-degraded</code> | <code>stalled</code>).</p> </li> <li> <p> <code>volume-status.status</code> - The status of the volume (<code>ok</code> | <code>impaired</code> | <code>warning</code> | <code>insufficient-data</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of volume results returned by <code>DescribeVolumeStatus</code> in paginated output. When this parameter is used, the request only returns <code>MaxResults</code> results in a single page along with a <code>NextToken</code> response element. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned. If this parameter is not used, then <code>DescribeVolumeStatus</code> returns all results. You cannot specify this parameter and the volume IDs parameter in the same request.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>NextToken</code> value to include in a future <code>DescribeVolumeStatus</code> request. When the results of the request exceed <code>MaxResults</code>, this value can be used to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>" + }, + "VolumeIds": { + "shape": "VolumeIdStringList", + "documentation": "<p>The IDs of the volumes.</p> <p>Default: Describes all your volumes.</p>", + "locationName": "VolumeId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeVolumeStatusResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "VolumeStatuses": { + "shape": "VolumeStatusList", + "documentation": "<p>Information about the status of the volumes.</p>", + "locationName": "volumeStatusSet" + } + } + }, + "DescribeVolumesModificationsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VolumeIds": { + "shape": "VolumeIdStringList", + "documentation": "<p>The IDs of the volumes for which in-progress modifications will be described.</p>", + "locationName": "VolumeId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters. Supported filters: <code>volume-id</code>, <code>modification-state</code>, <code>target-size</code>, <code>target-iops</code>, <code>target-volume-type</code>, <code>original-size</code>, <code>original-iops</code>, <code>original-volume-type</code>, <code>start-time</code>. </p>", + "locationName": "Filter" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>nextToken</code> value returned by a previous paginated request.</p>" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results (up to a limit of 500) to be returned in a paginated request.</p>" + } + } + }, + "DescribeVolumesModificationsResult": { + "type": "structure", + "members": { + "VolumesModifications": { + "shape": "VolumeModificationList", + "documentation": "<p>Information about the volume modifications.</p>", + "locationName": "volumeModificationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>Token for pagination, null if there are no more results </p>", + "locationName": "nextToken" + } + } + }, + "DescribeVolumesRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>The filters.</p> <ul> <li> <p> <code>attachment.attach-time</code> - The time stamp when the attachment initiated.</p> </li> <li> <p> <code>attachment.delete-on-termination</code> - Whether the volume is deleted on instance termination.</p> </li> <li> <p> <code>attachment.device</code> - The device name specified in the block device mapping (for example, <code>/dev/sda1</code>).</p> </li> <li> <p> <code>attachment.instance-id</code> - The ID of the instance the volume is attached to.</p> </li> <li> <p> <code>attachment.status</code> - The attachment state (<code>attaching</code> | <code>attached</code> | <code>detaching</code>).</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone in which the volume was created.</p> </li> <li> <p> <code>create-time</code> - The time stamp when the volume was created.</p> </li> <li> <p> <code>encrypted</code> - Indicates whether the volume is encrypted (<code>true</code> | <code>false</code>)</p> </li> <li> <p> <code>size</code> - The size of the volume, in GiB.</p> </li> <li> <p> <code>snapshot-id</code> - The snapshot from which the volume was created.</p> </li> <li> <p> <code>status</code> - The status of the volume (<code>creating</code> | <code>available</code> | <code>in-use</code> | <code>deleting</code> | <code>deleted</code> | <code>error</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>volume-id</code> - The volume ID.</p> </li> <li> <p> <code>volume-type</code> - The Amazon EBS volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p> </li> </ul>", + "locationName": "Filter" + }, + "VolumeIds": { + "shape": "VolumeIdStringList", + "documentation": "<p>The volume IDs.</p>", + "locationName": "VolumeId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of volume results returned by <code>DescribeVolumes</code> in paginated output. When this parameter is used, <code>DescribeVolumes</code> only returns <code>MaxResults</code> results in a single page along with a <code>NextToken</code> response element. The remaining results of the initial request can be seen by sending another <code>DescribeVolumes</code> request with the returned <code>NextToken</code> value. This value can be between 5 and 500; if <code>MaxResults</code> is given a value larger than 500, only 500 results are returned. If this parameter is not used, then <code>DescribeVolumes</code> returns all results. You cannot specify this parameter and the volume IDs parameter in the same request.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>NextToken</code> value returned from a previous paginated <code>DescribeVolumes</code> request where <code>MaxResults</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>NextToken</code> value. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVolumesResult": { + "type": "structure", + "members": { + "Volumes": { + "shape": "VolumeList", + "documentation": "<p>Information about the volumes.</p>", + "locationName": "volumeSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The <code>NextToken</code> value to include in a future <code>DescribeVolumes</code> request. When the results of a <code>DescribeVolumes</code> request exceed <code>MaxResults</code>, this value can be used to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "VpcId" + ], + "members": { + "Attribute": { + "shape": "VpcAttributeName", + "documentation": "<p>The VPC attribute.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DescribeVpcAttributeResult": { + "type": "structure", + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "EnableDnsHostnames": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether the instances launched in the VPC get DNS hostnames. If this attribute is <code>true</code>, instances in the VPC get DNS hostnames; otherwise, they do not.</p>", + "locationName": "enableDnsHostnames" + }, + "EnableDnsSupport": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether DNS resolution is enabled for the VPC. If this attribute is <code>true</code>, the Amazon DNS server resolves DNS hostnames for your instances to their corresponding IP addresses; otherwise, it does not.</p>", + "locationName": "enableDnsSupport" + } + } + }, + "DescribeVpcClassicLinkDnsSupportRequest": { + "type": "structure", + "members": { + "MaxResults": { + "shape": "MaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>", + "locationName": "maxResults" + }, + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token for the next page of results.</p>", + "locationName": "nextToken" + }, + "VpcIds": { + "shape": "VpcClassicLinkIdList", + "documentation": "<p>One or more VPC IDs.</p>" + } + } + }, + "DescribeVpcClassicLinkDnsSupportResult": { + "type": "structure", + "members": { + "NextToken": { + "shape": "NextToken", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + }, + "Vpcs": { + "shape": "ClassicLinkDnsSupportList", + "documentation": "<p>Information about the ClassicLink DNS support status of the VPCs.</p>", + "locationName": "vpcs" + } + } + }, + "DescribeVpcClassicLinkRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>is-classic-link-enabled</code> - Whether the VPC is enabled for ClassicLink (<code>true</code> | <code>false</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcIds": { + "shape": "VpcClassicLinkIdList", + "documentation": "<p>One or more VPCs for which you want to describe the ClassicLink status.</p>", + "locationName": "VpcId" + } + } + }, + "DescribeVpcClassicLinkResult": { + "type": "structure", + "members": { + "Vpcs": { + "shape": "VpcClassicLinkList", + "documentation": "<p>The ClassicLink status of one or more VPCs.</p>", + "locationName": "vpcSet" + } + } + }, + "DescribeVpcEndpointConnectionNotificationsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ConnectionNotificationId": { + "shape": "String", + "documentation": "<p>The ID of the notification.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>connection-notification-arn</code> - The ARN of SNS topic for the notification.</p> </li> <li> <p> <code>connection-notification-id</code> - The ID of the notification.</p> </li> <li> <p> <code>connection-notification-state</code> - The state of the notification (<code>Enabled</code> | <code>Disabled</code>).</p> </li> <li> <p> <code>connection-notification-type</code> - The type of notification (<code>Topic</code>).</p> </li> <li> <p> <code>service-id</code> - The ID of the endpoint service.</p> </li> <li> <p> <code>vpc-endpoint-id</code> - The ID of the VPC endpoint.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return in a single call. To retrieve the remaining results, make another request with the returned <code>NextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to request the next page of results.</p>" + } + } + }, + "DescribeVpcEndpointConnectionNotificationsResult": { + "type": "structure", + "members": { + "ConnectionNotificationSet": { + "shape": "ConnectionNotificationSet", + "documentation": "<p>One or more notifications.</p>", + "locationName": "connectionNotificationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcEndpointConnectionsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-id</code> - The ID of the service.</p> </li> <li> <p> <code>vpc-endpoint-owner</code> - The AWS account number of the owner of the endpoint.</p> </li> <li> <p> <code>vpc-endpoint-state</code> - The state of the endpoint (<code>pendingAcceptance</code> | <code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code> | <code>rejected</code> | <code>failed</code>).</p> </li> <li> <p> <code>vpc-endpoint-id</code> - The ID of the endpoint.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + } + } + }, + "DescribeVpcEndpointConnectionsResult": { + "type": "structure", + "members": { + "VpcEndpointConnections": { + "shape": "VpcEndpointConnectionSet", + "documentation": "<p>Information about one or more VPC endpoint connections.</p>", + "locationName": "vpcEndpointConnectionSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcEndpointServiceConfigurationsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more services.</p>", + "locationName": "ServiceId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code> - The name of the service.</p> </li> <li> <p> <code>service-id</code> - The ID of the service.</p> </li> <li> <p> <code>service-state</code> - The state of the service (<code>Pending</code> | <code>Available</code> | <code>Deleting</code> | <code>Deleted</code> | <code>Failed</code>). </p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + } + } + }, + "DescribeVpcEndpointServiceConfigurationsResult": { + "type": "structure", + "members": { + "ServiceConfigurations": { + "shape": "ServiceConfigurationSet", + "documentation": "<p>Information about one or more services.</p>", + "locationName": "serviceConfigurationSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcEndpointServicePermissionsRequest": { + "type": "structure", + "required": [ + "ServiceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>principal</code> - The ARN of the principal.</p> </li> <li> <p> <code>principal-type</code> - The principal type (<code>All</code> | <code>Service</code> | <code>OrganizationUnit</code> | <code>Account</code> | <code>User</code> | <code>Role</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned <code>NextToken</code> value. This value can be between 5 and 1000; if <code>MaxResults</code> is given a value larger than 1000, only 1000 results are returned.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to retrieve the next page of results.</p>" + } + } + }, + "DescribeVpcEndpointServicePermissionsResult": { + "type": "structure", + "members": { + "AllowedPrincipals": { + "shape": "AllowedPrincipalSet", + "documentation": "<p>Information about one or more allowed principals.</p>", + "locationName": "allowedPrincipals" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcEndpointServicesRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceNames": { + "shape": "ValueStringList", + "documentation": "<p>One or more service names.</p>", + "locationName": "ServiceName" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code>: The name of the service.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of items to return. (You received this token from a prior call.)</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeVpcEndpointServices.</p>" + }, + "DescribeVpcEndpointServicesResult": { + "type": "structure", + "members": { + "ServiceNames": { + "shape": "ValueStringList", + "documentation": "<p>A list of supported services.</p>", + "locationName": "serviceNameSet" + }, + "ServiceDetails": { + "shape": "ServiceDetailSet", + "documentation": "<p>Information about the service.</p>", + "locationName": "serviceDetailSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeVpcEndpointServices.</p>" + }, + "DescribeVpcEndpointsRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VpcEndpointIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more endpoint IDs.</p>", + "locationName": "VpcEndpointId" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>service-name</code>: The name of the service.</p> </li> <li> <p> <code>vpc-id</code>: The ID of the VPC in which the endpoint resides.</p> </li> <li> <p> <code>vpc-endpoint-id</code>: The ID of the endpoint.</p> </li> <li> <p> <code>vpc-endpoint-state</code>: The state of the endpoint. (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>)</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "Integer", + "documentation": "<p>The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.</p> <p>Constraint: If the value is greater than 1000, we return only 1000 items.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next set of items to return. (You received this token from a prior call.)</p>" + } + }, + "documentation": "<p>Contains the parameters for DescribeVpcEndpoints.</p>" + }, + "DescribeVpcEndpointsResult": { + "type": "structure", + "members": { + "VpcEndpoints": { + "shape": "VpcEndpointSet", + "documentation": "<p>Information about the endpoints.</p>", + "locationName": "vpcEndpointSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.</p>", + "locationName": "nextToken" + } + }, + "documentation": "<p>Contains the output of DescribeVpcEndpoints.</p>" + }, + "DescribeVpcPeeringConnectionsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeVpcPeeringConnectionsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>accepter-vpc-info.cidr-block</code> - The IPv4 CIDR block of the accepter VPC.</p> </li> <li> <p> <code>accepter-vpc-info.owner-id</code> - The AWS account ID of the owner of the accepter VPC.</p> </li> <li> <p> <code>accepter-vpc-info.vpc-id</code> - The ID of the accepter VPC.</p> </li> <li> <p> <code>expiration-time</code> - The expiration date and time for the VPC peering connection.</p> </li> <li> <p> <code>requester-vpc-info.cidr-block</code> - The IPv4 CIDR block of the requester's VPC.</p> </li> <li> <p> <code>requester-vpc-info.owner-id</code> - The AWS account ID of the owner of the requester VPC.</p> </li> <li> <p> <code>requester-vpc-info.vpc-id</code> - The ID of the requester VPC.</p> </li> <li> <p> <code>status-code</code> - The status of the VPC peering connection (<code>pending-acceptance</code> | <code>failed</code> | <code>expired</code> | <code>provisioning</code> | <code>active</code> | <code>deleting</code> | <code>deleted</code> | <code>rejected</code>).</p> </li> <li> <p> <code>status-message</code> - A message that provides more information about the status of the VPC peering connection, if applicable.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-peering-connection-id</code> - The ID of the VPC peering connection.</p> </li> </ul>", + "locationName": "Filter" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcPeeringConnectionIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more VPC peering connection IDs.</p> <p>Default: Describes all your VPC peering connections.</p>", + "locationName": "VpcPeeringConnectionId" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeVpcPeeringConnectionsMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeVpcPeeringConnectionsResult": { + "type": "structure", + "members": { + "VpcPeeringConnections": { + "shape": "VpcPeeringConnectionList", + "documentation": "<p>Information about the VPC peering connections.</p>", + "locationName": "vpcPeeringConnectionSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpcsMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "DescribeVpcsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>cidr</code> - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, <code>/28</code>).</p> </li> <li> <p> <code>cidr-block-association.cidr-block</code> - An IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.association-id</code> - The association ID for an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>cidr-block-association.state</code> - The state of an IPv4 CIDR block associated with the VPC.</p> </li> <li> <p> <code>dhcp-options-id</code> - The ID of a set of DHCP options.</p> </li> <li> <p> <code>ipv6-cidr-block-association.ipv6-cidr-block</code> - An IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.association-id</code> - The association ID for an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>ipv6-cidr-block-association.state</code> - The state of an IPv6 CIDR block associated with the VPC.</p> </li> <li> <p> <code>isDefault</code> - Indicates whether the VPC is the default VPC.</p> </li> <li> <p> <code>owner-id</code> - The ID of the AWS account that owns the VPC.</p> </li> <li> <p> <code>state</code> - The state of the VPC (<code>pending</code> | <code>available</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>vpc-id</code> - The ID of the VPC.</p> </li> </ul>", + "locationName": "Filter" + }, + "VpcIds": { + "shape": "VpcIdStringList", + "documentation": "<p>One or more VPC IDs.</p> <p>Default: Describes all your VPCs.</p>", + "locationName": "VpcId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "MaxResults": { + "shape": "DescribeVpcsMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + } + } + }, + "DescribeVpcsResult": { + "type": "structure", + "members": { + "Vpcs": { + "shape": "VpcList", + "documentation": "<p>Information about one or more VPCs.</p>", + "locationName": "vpcSet" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "DescribeVpnConnectionsRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>customer-gateway-configuration</code> - The configuration information for the customer gateway.</p> </li> <li> <p> <code>customer-gateway-id</code> - The ID of a customer gateway associated with the VPN connection.</p> </li> <li> <p> <code>state</code> - The state of the VPN connection (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>option.static-routes-only</code> - Indicates whether the connection has static routes only. Used for devices that do not support Border Gateway Protocol (BGP).</p> </li> <li> <p> <code>route.destination-cidr-block</code> - The destination CIDR block. This corresponds to the subnet used in a customer data center.</p> </li> <li> <p> <code>bgp-asn</code> - The BGP Autonomous System Number (ASN) associated with a BGP device.</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>type</code> - The type of VPN connection. Currently the only supported type is <code>ipsec.1</code>.</p> </li> <li> <p> <code>vpn-connection-id</code> - The ID of the VPN connection.</p> </li> <li> <p> <code>vpn-gateway-id</code> - The ID of a virtual private gateway associated with the VPN connection.</p> </li> </ul>", + "locationName": "Filter" + }, + "VpnConnectionIds": { + "shape": "VpnConnectionIdStringList", + "documentation": "<p>One or more VPN connection IDs.</p> <p>Default: Describes your VPN connections.</p>", + "locationName": "VpnConnectionId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeVpnConnections.</p>" + }, + "DescribeVpnConnectionsResult": { + "type": "structure", + "members": { + "VpnConnections": { + "shape": "VpnConnectionList", + "documentation": "<p>Information about one or more VPN connections.</p>", + "locationName": "vpnConnectionSet" + } + }, + "documentation": "<p>Contains the output of DescribeVpnConnections.</p>" + }, + "DescribeVpnGatewaysRequest": { + "type": "structure", + "members": { + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters.</p> <ul> <li> <p> <code>amazon-side-asn</code> - The Autonomous System Number (ASN) for the Amazon side of the gateway.</p> </li> <li> <p> <code>attachment.state</code> - The current state of the attachment between the gateway and the VPC (<code>attaching</code> | <code>attached</code> | <code>detaching</code> | <code>detached</code>).</p> </li> <li> <p> <code>attachment.vpc-id</code> - The ID of an attached VPC.</p> </li> <li> <p> <code>availability-zone</code> - The Availability Zone for the virtual private gateway (if applicable).</p> </li> <li> <p> <code>state</code> - The state of the virtual private gateway (<code>pending</code> | <code>available</code> | <code>deleting</code> | <code>deleted</code>).</p> </li> <li> <p> <code>tag</code>:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key <code>Owner</code> and the value <code>TeamA</code>, specify <code>tag:Owner</code> for the filter name and <code>TeamA</code> for the filter value.</p> </li> <li> <p> <code>tag-key</code> - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.</p> </li> <li> <p> <code>type</code> - The type of virtual private gateway. Currently the only supported type is <code>ipsec.1</code>.</p> </li> <li> <p> <code>vpn-gateway-id</code> - The ID of the virtual private gateway.</p> </li> </ul>", + "locationName": "Filter" + }, + "VpnGatewayIds": { + "shape": "VpnGatewayIdStringList", + "documentation": "<p>One or more virtual private gateway IDs.</p> <p>Default: Describes all your virtual private gateways.</p>", + "locationName": "VpnGatewayId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DescribeVpnGateways.</p>" + }, + "DescribeVpnGatewaysResult": { + "type": "structure", + "members": { + "VpnGateways": { + "shape": "VpnGatewayList", + "documentation": "<p>Information about one or more virtual private gateways.</p>", + "locationName": "vpnGatewaySet" + } + }, + "documentation": "<p>Contains the output of DescribeVpnGateways.</p>" + }, + "DetachClassicLinkVpcRequest": { + "type": "structure", + "required": [ + "InstanceId", + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance to unlink from the VPC.</p>", + "locationName": "instanceId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC to which the instance is linked.</p>", + "locationName": "vpcId" + } + } + }, + "DetachClassicLinkVpcResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "DetachInternetGatewayRequest": { + "type": "structure", + "required": [ + "InternetGatewayId", + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InternetGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the internet gateway.</p>", + "locationName": "internetGatewayId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "DetachNetworkInterfaceRequest": { + "type": "structure", + "required": [ + "AttachmentId" + ], + "members": { + "AttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "attachmentId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Force": { + "shape": "Boolean", + "documentation": "<p>Specifies whether to force a detachment.</p>", + "locationName": "force" + } + }, + "documentation": "<p>Contains the parameters for DetachNetworkInterface.</p>" + }, + "DetachVolumeRequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "Device": { + "shape": "String", + "documentation": "<p>The device name.</p>" + }, + "Force": { + "shape": "Boolean", + "documentation": "<p>Forces detachment if the previous detachment attempt did not occur cleanly (for example, logging into an instance, unmounting the volume, and detaching normally). This option can lead to data loss or a corrupted file system. Use this option only as a last resort to detach a volume from a failed instance. The instance won't have an opportunity to flush file system caches or file system metadata. If you use this option, you must perform file system check and repair procedures.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DetachVolume.</p>" + }, + "DetachVpnGatewayRequest": { + "type": "structure", + "required": [ + "VpcId", + "VpnGatewayId" + ], + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for DetachVpnGateway.</p>" + }, + "DeviceType": { + "type": "string", + "enum": [ + "ebs", + "instance-store" + ] + }, + "DhcpConfiguration": { + "type": "structure", + "members": { + "Key": { + "shape": "String", + "documentation": "<p>The name of a DHCP option.</p>", + "locationName": "key" + }, + "Values": { + "shape": "DhcpConfigurationValueList", + "documentation": "<p>One or more values for the DHCP option.</p>", + "locationName": "valueSet" + } + }, + "documentation": "<p>Describes a DHCP configuration option.</p>" + }, + "DhcpConfigurationList": { + "type": "list", + "member": { + "shape": "DhcpConfiguration", + "locationName": "item" + } + }, + "DhcpConfigurationValueList": { + "type": "list", + "member": { + "shape": "AttributeValue", + "locationName": "item" + } + }, + "DhcpOptions": { + "type": "structure", + "members": { + "DhcpConfigurations": { + "shape": "DhcpConfigurationList", + "documentation": "<p>One or more DHCP options in the set.</p>", + "locationName": "dhcpConfigurationSet" + }, + "DhcpOptionsId": { + "shape": "String", + "documentation": "<p>The ID of the set of DHCP options.</p>", + "locationName": "dhcpOptionsId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the DHCP options set.</p>", + "locationName": "ownerId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the DHCP options set.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a set of DHCP options.</p>" + }, + "DhcpOptionsIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "DhcpOptionsId" + } + }, + "DhcpOptionsList": { + "type": "list", + "member": { + "shape": "DhcpOptions", + "locationName": "item" + } + }, + "DirectoryServiceAuthentication": { + "type": "structure", + "members": { + "DirectoryId": { + "shape": "String", + "documentation": "<p>The ID of the Active Directory used for authentication.</p>", + "locationName": "directoryId" + } + }, + "documentation": "<p>Describes an Active Directory.</p>" + }, + "DirectoryServiceAuthenticationRequest": { + "type": "structure", + "members": { + "DirectoryId": { + "shape": "String", + "documentation": "<p>The ID of the Active Directory to be used for authentication.</p>" + } + }, + "documentation": "<p>Describes the Active Directory to be used for client authentication.</p>" + }, + "DisableEbsEncryptionByDefaultRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>. </p>" + } + } + }, + "DisableEbsEncryptionByDefaultResult": { + "type": "structure", + "members": { + "EbsEncryptionByDefault": { + "shape": "Boolean", + "documentation": "<p>The updated status of encryption by default.</p>", + "locationName": "ebsEncryptionByDefault" + } + } + }, + "DisableTransitGatewayRouteTablePropagationRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the propagation route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DisableTransitGatewayRouteTablePropagationResult": { + "type": "structure", + "members": { + "Propagation": { + "shape": "TransitGatewayPropagation", + "documentation": "<p>Information about route propagation.</p>", + "locationName": "propagation" + } + } + }, + "DisableVgwRoutePropagationRequest": { + "type": "structure", + "required": [ + "GatewayId", + "RouteTableId" + ], + "members": { + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>" + } + }, + "documentation": "<p>Contains the parameters for DisableVgwRoutePropagation.</p>" + }, + "DisableVpcClassicLinkDnsSupportRequest": { + "type": "structure", + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + } + } + }, + "DisableVpcClassicLinkDnsSupportResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "DisableVpcClassicLinkRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "DisableVpcClassicLinkResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "DisassociateAddressRequest": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The association ID. Required for EC2-VPC.</p>" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>[EC2-Classic] The Elastic IP address. Required for EC2-Classic.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DisassociateClientVpnTargetNetworkRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "AssociationId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint from which to disassociate the target network.</p>" + }, + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the target network association.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DisassociateClientVpnTargetNetworkResult": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the target network association.</p>", + "locationName": "associationId" + }, + "Status": { + "shape": "AssociationStatus", + "documentation": "<p>The current state of the target network association.</p>", + "locationName": "status" + } + } + }, + "DisassociateIamInstanceProfileRequest": { + "type": "structure", + "required": [ + "AssociationId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the IAM instance profile association.</p>" + } + } + }, + "DisassociateIamInstanceProfileResult": { + "type": "structure", + "members": { + "IamInstanceProfileAssociation": { + "shape": "IamInstanceProfileAssociation", + "documentation": "<p>Information about the IAM instance profile association.</p>", + "locationName": "iamInstanceProfileAssociation" + } + } + }, + "DisassociateRouteTableRequest": { + "type": "structure", + "required": [ + "AssociationId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID representing the current association between the route table and subnet.</p>", + "locationName": "associationId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "DisassociateSubnetCidrBlockRequest": { + "type": "structure", + "required": [ + "AssociationId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID for the CIDR block.</p>", + "locationName": "associationId" + } + } + }, + "DisassociateSubnetCidrBlockResult": { + "type": "structure", + "members": { + "Ipv6CidrBlockAssociation": { + "shape": "SubnetIpv6CidrBlockAssociation", + "documentation": "<p>Information about the IPv6 CIDR block association.</p>", + "locationName": "ipv6CidrBlockAssociation" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + } + } + }, + "DisassociateTransitGatewayRouteTableRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "DisassociateTransitGatewayRouteTableResult": { + "type": "structure", + "members": { + "Association": { + "shape": "TransitGatewayAssociation", + "documentation": "<p>Information about the association.</p>", + "locationName": "association" + } + } + }, + "DisassociateVpcCidrBlockRequest": { + "type": "structure", + "required": [ + "AssociationId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID for the CIDR block.</p>", + "locationName": "associationId" + } + } + }, + "DisassociateVpcCidrBlockResult": { + "type": "structure", + "members": { + "Ipv6CidrBlockAssociation": { + "shape": "VpcIpv6CidrBlockAssociation", + "documentation": "<p>Information about the IPv6 CIDR block association.</p>", + "locationName": "ipv6CidrBlockAssociation" + }, + "CidrBlockAssociation": { + "shape": "VpcCidrBlockAssociation", + "documentation": "<p>Information about the IPv4 CIDR block association.</p>", + "locationName": "cidrBlockAssociation" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "DiskImage": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the disk image.</p>" + }, + "Image": { + "shape": "DiskImageDetail", + "documentation": "<p>Information about the disk image.</p>" + }, + "Volume": { + "shape": "VolumeDetail", + "documentation": "<p>Information about the volume.</p>" + } + }, + "documentation": "<p>Describes a disk image.</p>" + }, + "DiskImageDescription": { + "type": "structure", + "members": { + "Checksum": { + "shape": "String", + "documentation": "<p>The checksum computed for the disk image.</p>", + "locationName": "checksum" + }, + "Format": { + "shape": "DiskImageFormat", + "documentation": "<p>The disk image format.</p>", + "locationName": "format" + }, + "ImportManifestUrl": { + "shape": "String", + "documentation": "<p>A presigned URL for the import manifest stored in Amazon S3. For information about creating a presigned URL for an Amazon S3 object, read the \"Query String Request Authentication Alternative\" section of the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">Authenticating REST Requests</a> topic in the <i>Amazon Simple Storage Service Developer Guide</i>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>", + "locationName": "importManifestUrl" + }, + "Size": { + "shape": "Long", + "documentation": "<p>The size of the disk image, in GiB.</p>", + "locationName": "size" + } + }, + "documentation": "<p>Describes a disk image.</p>" + }, + "DiskImageDetail": { + "type": "structure", + "required": [ + "Bytes", + "Format", + "ImportManifestUrl" + ], + "members": { + "Bytes": { + "shape": "Long", + "documentation": "<p>The size of the disk image, in GiB.</p>", + "locationName": "bytes" + }, + "Format": { + "shape": "DiskImageFormat", + "documentation": "<p>The disk image format.</p>", + "locationName": "format" + }, + "ImportManifestUrl": { + "shape": "String", + "documentation": "<p>A presigned URL for the import manifest stored in Amazon S3 and presented here as an Amazon S3 presigned URL. For information about creating a presigned URL for an Amazon S3 object, read the \"Query String Request Authentication Alternative\" section of the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html\">Authenticating REST Requests</a> topic in the <i>Amazon Simple Storage Service Developer Guide</i>.</p> <p>For information about the import manifest referenced by this API action, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html\">VM Import Manifest</a>.</p>", + "locationName": "importManifestUrl" + } + }, + "documentation": "<p>Describes a disk image.</p>" + }, + "DiskImageFormat": { + "type": "string", + "enum": [ + "VMDK", + "RAW", + "VHD" + ] + }, + "DiskImageList": { + "type": "list", + "member": { + "shape": "DiskImage" + } + }, + "DiskImageVolumeDescription": { + "type": "structure", + "members": { + "Id": { + "shape": "String", + "documentation": "<p>The volume identifier.</p>", + "locationName": "id" + }, + "Size": { + "shape": "Long", + "documentation": "<p>The size of the volume, in GiB.</p>", + "locationName": "size" + } + }, + "documentation": "<p>Describes a disk image volume.</p>" + }, + "DnsEntry": { + "type": "structure", + "members": { + "DnsName": { + "shape": "String", + "documentation": "<p>The DNS name.</p>", + "locationName": "dnsName" + }, + "HostedZoneId": { + "shape": "String", + "documentation": "<p>The ID of the private hosted zone.</p>", + "locationName": "hostedZoneId" + } + }, + "documentation": "<p>Describes a DNS entry.</p>" + }, + "DnsEntrySet": { + "type": "list", + "member": { + "shape": "DnsEntry", + "locationName": "item" + } + }, + "DnsServersOptionsModifyStructure": { + "type": "structure", + "members": { + "CustomDnsServers": { + "shape": "ValueStringList", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the DNS servers to be used. You can specify up to two DNS servers. Ensure that the DNS servers can be reached by the clients. The specified values overwrite the existing values.</p>" + }, + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether DNS servers should be used. Specify <code>False</code> to delete the existing DNS servers.</p>" + } + }, + "documentation": "<p>Information about the DNS server to be used.</p>" + }, + "DnsSupportValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "DomainType": { + "type": "string", + "enum": [ + "vpc", + "standard" + ] + }, + "Double": { + "type": "double" + }, + "EbsBlockDevice": { + "type": "structure", + "members": { + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination.</p>", + "locationName": "deleteOnTermination" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For <code>io1</code> volumes, this represents the number of IOPS that are provisioned for the volume. For <code>gp2</code> volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Constraints: Range is 100-16,000 IOPS for <code>gp2</code> volumes and 100 to 64,000IOPS for <code>io1</code> volumes in most Regions. Maximum <code>io1</code> IOPS of 64,000 is guaranteed only on <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instances</a>. Other instance families guarantee performance up to 32,000 IOPS. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Condition: This parameter is required for requests to create <code>io1</code> volumes; it is not used in requests to create <code>gp2</code>, <code>st1</code>, <code>sc1</code>, or <code>standard</code> volumes.</p>", + "locationName": "iops" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>", + "locationName": "snapshotId" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiB.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p> <p>Constraints: 1-16384 for General Purpose SSD (<code>gp2</code>), 4-16384 for Provisioned IOPS SSD (<code>io1</code>), 500-16384 for Throughput Optimized HDD (<code>st1</code>), 500-16384 for Cold HDD (<code>sc1</code>), and 1-1024 for Magnetic (<code>standard</code>) volumes. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.</p>", + "locationName": "volumeSize" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The volume type. If you set the type to <code>io1</code>, you must also set the <b>Iops</b> property.</p> <p>Default: <code>standard</code> </p>", + "locationName": "volumeType" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to <code>true</code> depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>In no case can you remove encryption from an encrypted volume.</p> <p>Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances\">Supported Instance Types</a>.</p>", + "locationName": "encrypted" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted.</p> <p>This parameter is only supported on <code>BlockDeviceMapping</code> objects called by <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html\">RunInstances</a>, <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html\">RequestSpotFleet</a>, and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html\">RequestSpotInstances</a>.</p>" + } + }, + "documentation": "<p>Describes a block device for an EBS volume.</p>" + }, + "EbsInstanceBlockDevice": { + "type": "structure", + "members": { + "AttachTime": { + "shape": "DateTime", + "documentation": "<p>The time stamp when the attachment initiated.</p>", + "locationName": "attachTime" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the volume is deleted on instance termination.</p>", + "locationName": "deleteOnTermination" + }, + "Status": { + "shape": "AttachmentStatus", + "documentation": "<p>The attachment state.</p>", + "locationName": "status" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the EBS volume.</p>", + "locationName": "volumeId" + } + }, + "documentation": "<p>Describes a parameter used to set up an EBS volume in a block device mapping.</p>" + }, + "EbsInstanceBlockDeviceSpecification": { + "type": "structure", + "members": { + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the volume is deleted on instance termination.</p>", + "locationName": "deleteOnTermination" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the EBS volume.</p>", + "locationName": "volumeId" + } + }, + "documentation": "<p>Describes information used to set up an EBS volume specified in a block device mapping.</p>" + }, + "EgressOnlyInternetGateway": { + "type": "structure", + "members": { + "Attachments": { + "shape": "InternetGatewayAttachmentList", + "documentation": "<p>Information about the attachment of the egress-only internet gateway.</p>", + "locationName": "attachmentSet" + }, + "EgressOnlyInternetGatewayId": { + "shape": "EgressOnlyInternetGatewayId", + "documentation": "<p>The ID of the egress-only internet gateway.</p>", + "locationName": "egressOnlyInternetGatewayId" + } + }, + "documentation": "<p>Describes an egress-only internet gateway.</p>" + }, + "EgressOnlyInternetGatewayId": { + "type": "string" + }, + "EgressOnlyInternetGatewayIdList": { + "type": "list", + "member": { + "shape": "EgressOnlyInternetGatewayId", + "locationName": "item" + } + }, + "EgressOnlyInternetGatewayList": { + "type": "list", + "member": { + "shape": "EgressOnlyInternetGateway", + "locationName": "item" + } + }, + "ElasticGpuAssociation": { + "type": "structure", + "members": { + "ElasticGpuId": { + "shape": "String", + "documentation": "<p>The ID of the Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuId" + }, + "ElasticGpuAssociationId": { + "shape": "String", + "documentation": "<p>The ID of the association.</p>", + "locationName": "elasticGpuAssociationId" + }, + "ElasticGpuAssociationState": { + "shape": "String", + "documentation": "<p>The state of the association between the instance and the Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuAssociationState" + }, + "ElasticGpuAssociationTime": { + "shape": "String", + "documentation": "<p>The time the Elastic Graphics accelerator was associated with the instance.</p>", + "locationName": "elasticGpuAssociationTime" + } + }, + "documentation": "<p>Describes the association between an instance and an Elastic Graphics accelerator.</p>" + }, + "ElasticGpuAssociationList": { + "type": "list", + "member": { + "shape": "ElasticGpuAssociation", + "locationName": "item" + } + }, + "ElasticGpuHealth": { + "type": "structure", + "members": { + "Status": { + "shape": "ElasticGpuStatus", + "documentation": "<p>The health status.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes the status of an Elastic Graphics accelerator.</p>" + }, + "ElasticGpuIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ElasticGpuSet": { + "type": "list", + "member": { + "shape": "ElasticGpus", + "locationName": "item" + } + }, + "ElasticGpuSpecification": { + "type": "structure", + "required": [ + "Type" + ], + "members": { + "Type": { + "shape": "String", + "documentation": "<p>The type of Elastic Graphics accelerator.</p>" + } + }, + "documentation": "<p>A specification for an Elastic Graphics accelerator.</p>" + }, + "ElasticGpuSpecificationList": { + "type": "list", + "member": { + "shape": "ElasticGpuSpecification", + "locationName": "ElasticGpuSpecification" + } + }, + "ElasticGpuSpecificationResponse": { + "type": "structure", + "members": { + "Type": { + "shape": "String", + "documentation": "<p>The elastic GPU type.</p>", + "locationName": "type" + } + }, + "documentation": "<p>Describes an elastic GPU.</p>" + }, + "ElasticGpuSpecificationResponseList": { + "type": "list", + "member": { + "shape": "ElasticGpuSpecificationResponse", + "locationName": "item" + } + }, + "ElasticGpuSpecifications": { + "type": "list", + "member": { + "shape": "ElasticGpuSpecification", + "locationName": "item" + } + }, + "ElasticGpuState": { + "type": "string", + "enum": [ + "ATTACHED" + ] + }, + "ElasticGpuStatus": { + "type": "string", + "enum": [ + "OK", + "IMPAIRED" + ] + }, + "ElasticGpus": { + "type": "structure", + "members": { + "ElasticGpuId": { + "shape": "String", + "documentation": "<p>The ID of the Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuId" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in the which the Elastic Graphics accelerator resides.</p>", + "locationName": "availabilityZone" + }, + "ElasticGpuType": { + "shape": "String", + "documentation": "<p>The type of Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuType" + }, + "ElasticGpuHealth": { + "shape": "ElasticGpuHealth", + "documentation": "<p>The status of the Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuHealth" + }, + "ElasticGpuState": { + "shape": "ElasticGpuState", + "documentation": "<p>The state of the Elastic Graphics accelerator.</p>", + "locationName": "elasticGpuState" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance to which the Elastic Graphics accelerator is attached.</p>", + "locationName": "instanceId" + } + }, + "documentation": "<p>Describes an Elastic Graphics accelerator.</p>" + }, + "ElasticInferenceAccelerator": { + "type": "structure", + "required": [ + "Type" + ], + "members": { + "Type": { + "shape": "String", + "documentation": "<p> The type of elastic inference accelerator. The possible values are <code>eia1.small</code>, <code>eia1.medium</code>, and <code>eia1.large</code>. </p>" + } + }, + "documentation": "<p> Describes an elastic inference accelerator. </p>" + }, + "ElasticInferenceAcceleratorAssociation": { + "type": "structure", + "members": { + "ElasticInferenceAcceleratorArn": { + "shape": "String", + "documentation": "<p> The Amazon Resource Name (ARN) of the elastic inference accelerator. </p>", + "locationName": "elasticInferenceAcceleratorArn" + }, + "ElasticInferenceAcceleratorAssociationId": { + "shape": "String", + "documentation": "<p> The ID of the association. </p>", + "locationName": "elasticInferenceAcceleratorAssociationId" + }, + "ElasticInferenceAcceleratorAssociationState": { + "shape": "String", + "documentation": "<p> The state of the elastic inference accelerator. </p>", + "locationName": "elasticInferenceAcceleratorAssociationState" + }, + "ElasticInferenceAcceleratorAssociationTime": { + "shape": "DateTime", + "documentation": "<p> The time at which the elastic inference accelerator is associated with an instance. </p>", + "locationName": "elasticInferenceAcceleratorAssociationTime" + } + }, + "documentation": "<p> Describes the association between an instance and an elastic inference accelerator. </p>" + }, + "ElasticInferenceAcceleratorAssociationList": { + "type": "list", + "member": { + "shape": "ElasticInferenceAcceleratorAssociation", + "locationName": "item" + } + }, + "ElasticInferenceAccelerators": { + "type": "list", + "member": { + "shape": "ElasticInferenceAccelerator", + "locationName": "item" + } + }, + "EnableEbsEncryptionByDefaultRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>. </p>" + } + } + }, + "EnableEbsEncryptionByDefaultResult": { + "type": "structure", + "members": { + "EbsEncryptionByDefault": { + "shape": "Boolean", + "documentation": "<p>The updated status of encryption by default.</p>", + "locationName": "ebsEncryptionByDefault" + } + } + }, + "EnableTransitGatewayRouteTablePropagationRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the propagation route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "EnableTransitGatewayRouteTablePropagationResult": { + "type": "structure", + "members": { + "Propagation": { + "shape": "TransitGatewayPropagation", + "documentation": "<p>Information about route propagation.</p>", + "locationName": "propagation" + } + } + }, + "EnableVgwRoutePropagationRequest": { + "type": "structure", + "required": [ + "GatewayId", + "RouteTableId" + ], + "members": { + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with. </p>" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to. </p>" + } + }, + "documentation": "<p>Contains the parameters for EnableVgwRoutePropagation.</p>" + }, + "EnableVolumeIORequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>", + "locationName": "volumeId" + } + }, + "documentation": "<p>Contains the parameters for EnableVolumeIO.</p>" + }, + "EnableVpcClassicLinkDnsSupportRequest": { + "type": "structure", + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + } + } + }, + "EnableVpcClassicLinkDnsSupportResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "EnableVpcClassicLinkRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "EnableVpcClassicLinkResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "EndDateType": { + "type": "string", + "enum": [ + "unlimited", + "limited" + ] + }, + "EndpointSet": { + "type": "list", + "member": { + "shape": "ClientVpnEndpoint", + "locationName": "item" + } + }, + "EventCode": { + "type": "string", + "enum": [ + "instance-reboot", + "system-reboot", + "system-maintenance", + "instance-retirement", + "instance-stop" + ] + }, + "EventInformation": { + "type": "structure", + "members": { + "EventDescription": { + "shape": "String", + "documentation": "<p>The description of the event.</p>", + "locationName": "eventDescription" + }, + "EventSubType": { + "shape": "String", + "documentation": "<p>The event.</p> <p>The following are the <code>error</code> events:</p> <ul> <li> <p> <code>iamFleetRoleInvalid</code> - The EC2 Fleet or Spot Fleet did not have the required permissions either to launch or terminate an instance.</p> </li> <li> <p> <code>spotFleetRequestConfigurationInvalid</code> - The configuration is not valid. For more information, see the description of the event.</p> </li> <li> <p> <code>spotInstanceCountLimitExceeded</code> - You've reached the limit on the number of Spot Instances that you can launch.</p> </li> </ul> <p>The following are the <code>fleetRequestChange</code> events:</p> <ul> <li> <p> <code>active</code> - The EC2 Fleet or Spot Fleet request has been validated and Amazon EC2 is attempting to maintain the target number of running Spot Instances.</p> </li> <li> <p> <code>cancelled</code> - The EC2 Fleet or Spot Fleet request is canceled and has no running Spot Instances. The EC2 Fleet or Spot Fleet will be deleted two days after its instances were terminated.</p> </li> <li> <p> <code>cancelled_running</code> - The EC2 Fleet or Spot Fleet request is canceled and does not launch additional Spot Instances. Existing Spot Instances continue to run until they are interrupted or terminated.</p> </li> <li> <p> <code>cancelled_terminating</code> - The EC2 Fleet or Spot Fleet request is canceled and its Spot Instances are terminating.</p> </li> <li> <p> <code>expired</code> - The EC2 Fleet or Spot Fleet request has expired. A subsequent event indicates that the instances were terminated, if the request was created with <code>TerminateInstancesWithExpiration</code> set.</p> </li> <li> <p> <code>modify_in_progress</code> - A request to modify the EC2 Fleet or Spot Fleet request was accepted and is in progress.</p> </li> <li> <p> <code>modify_successful</code> - The EC2 Fleet or Spot Fleet request was modified.</p> </li> <li> <p> <code>price_update</code> - The price for a launch configuration was adjusted because it was too high. This change is permanent.</p> </li> <li> <p> <code>submitted</code> - The EC2 Fleet or Spot Fleet request is being evaluated and Amazon EC2 is preparing to launch the target number of Spot Instances.</p> </li> </ul> <p>The following are the <code>instanceChange</code> events:</p> <ul> <li> <p> <code>launched</code> - A request was fulfilled and a new instance was launched.</p> </li> <li> <p> <code>terminated</code> - An instance was terminated by the user.</p> </li> </ul> <p>The following are the <code>Information</code> events:</p> <ul> <li> <p> <code>launchSpecTemporarilyBlacklisted</code> - The configuration is not valid and several attempts to launch instances have failed. For more information, see the description of the event.</p> </li> <li> <p> <code>launchSpecUnusable</code> - The price in a launch specification is not valid because it is below the Spot price or the Spot price is above the On-Demand price.</p> </li> <li> <p> <code>fleetProgressHalted</code> - The price in every launch specification is not valid. A launch specification might become valid if the Spot price changes.</p> </li> </ul>", + "locationName": "eventSubType" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance. This information is available only for <code>instanceChange</code> events.</p>", + "locationName": "instanceId" + } + }, + "documentation": "<p>Describes an EC2 Fleet or Spot Fleet event.</p>" + }, + "EventType": { + "type": "string", + "enum": [ + "instanceChange", + "fleetRequestChange", + "error" + ] + }, + "ExcessCapacityTerminationPolicy": { + "type": "string", + "enum": [ + "noTermination", + "default" + ] + }, + "ExecutableByStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ExecutableBy" + } + }, + "ExportClientVpnClientCertificateRevocationListRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ExportClientVpnClientCertificateRevocationListResult": { + "type": "structure", + "members": { + "CertificateRevocationList": { + "shape": "String", + "documentation": "<p>Information about the client certificate revocation list.</p>", + "locationName": "certificateRevocationList" + }, + "Status": { + "shape": "ClientCertificateRevocationListStatus", + "documentation": "<p>The current state of the client certificate revocation list.</p>", + "locationName": "status" + } + } + }, + "ExportClientVpnClientConfigurationRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ExportClientVpnClientConfigurationResult": { + "type": "structure", + "members": { + "ClientConfiguration": { + "shape": "String", + "documentation": "<p>The contents of the Client VPN endpoint configuration file.</p>", + "locationName": "clientConfiguration" + } + } + }, + "ExportEnvironment": { + "type": "string", + "enum": [ + "citrix", + "vmware", + "microsoft" + ] + }, + "ExportTask": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the resource being exported.</p>", + "locationName": "description" + }, + "ExportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the export task.</p>", + "locationName": "exportTaskId" + }, + "ExportToS3Task": { + "shape": "ExportToS3Task", + "documentation": "<p>Information about the export task.</p>", + "locationName": "exportToS3" + }, + "InstanceExportDetails": { + "shape": "InstanceExportDetails", + "documentation": "<p>Information about the instance to export.</p>", + "locationName": "instanceExport" + }, + "State": { + "shape": "ExportTaskState", + "documentation": "<p>The state of the export task.</p>", + "locationName": "state" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>The status message related to the export task.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes an instance export task.</p>" + }, + "ExportTaskIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ExportTaskId" + } + }, + "ExportTaskList": { + "type": "list", + "member": { + "shape": "ExportTask", + "locationName": "item" + } + }, + "ExportTaskState": { + "type": "string", + "enum": [ + "active", + "cancelling", + "cancelled", + "completed" + ] + }, + "ExportToS3Task": { + "type": "structure", + "members": { + "ContainerFormat": { + "shape": "ContainerFormat", + "documentation": "<p>The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is exported.</p>", + "locationName": "containerFormat" + }, + "DiskImageFormat": { + "shape": "DiskImageFormat", + "documentation": "<p>The format for the exported image.</p>", + "locationName": "diskImageFormat" + }, + "S3Bucket": { + "shape": "String", + "documentation": "<p>The S3 bucket for the destination image. The destination bucket must exist and grant WRITE and READ_ACP permissions to the AWS account <code>vm-import-export@amazon.com</code>.</p>", + "locationName": "s3Bucket" + }, + "S3Key": { + "shape": "String", + "documentation": "<p>The encryption key for your S3 bucket.</p>", + "locationName": "s3Key" + } + }, + "documentation": "<p>Describes the format and location for an instance export task.</p>" + }, + "ExportToS3TaskSpecification": { + "type": "structure", + "members": { + "ContainerFormat": { + "shape": "ContainerFormat", + "documentation": "<p>The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is exported.</p>", + "locationName": "containerFormat" + }, + "DiskImageFormat": { + "shape": "DiskImageFormat", + "documentation": "<p>The format for the exported image.</p>", + "locationName": "diskImageFormat" + }, + "S3Bucket": { + "shape": "String", + "documentation": "<p>The S3 bucket for the destination image. The destination bucket must exist and grant WRITE and READ_ACP permissions to the AWS account <code>vm-import-export@amazon.com</code>.</p>", + "locationName": "s3Bucket" + }, + "S3Prefix": { + "shape": "String", + "documentation": "<p>The image is written to a single object in the S3 bucket at the S3 key s3prefix + exportTaskId + '.' + diskImageFormat.</p>", + "locationName": "s3Prefix" + } + }, + "documentation": "<p>Describes an instance export task.</p>" + }, + "ExportTransitGatewayRoutesRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "S3Bucket" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>attachment.transit-gateway-attachment-id</code> - The id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p> </li> <li> <p> <code>route-search.exact-match</code> - The exact match of the specified filter.</p> </li> <li> <p> <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p> </li> <li> <p> <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p> </li> <li> <p> <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p> </li> <li> <p> <code>state</code> - The state of the attachment (<code>available</code> | <code>deleted</code> | <code>deleting</code> | <code>failed</code> | <code>modifying</code> | <code>pendingAcceptance</code> | <code>pending</code> | <code>rollingBack</code> | <code>rejected</code> | <code>rejecting</code>).</p> </li> <li> <p> <code>transit-gateway-route-destination-cidr-block</code> - The CIDR range.</p> </li> <li> <p> <code>type</code> - The type of route (<code>active</code> | <code>blackhole</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "S3Bucket": { + "shape": "String", + "documentation": "<p>The name of the S3 bucket.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ExportTransitGatewayRoutesResult": { + "type": "structure", + "members": { + "S3Location": { + "shape": "String", + "documentation": "<p>The URL of the exported file in Amazon S3. For example, s3://<i>bucket_name</i>/VPCTransitGateway/TransitGatewayRouteTables/<i>file_name</i>.</p>", + "locationName": "s3Location" + } + } + }, + "Filter": { + "type": "structure", + "members": { + "Name": { + "shape": "String", + "documentation": "<p>The name of the filter. Filter names are case-sensitive.</p>" + }, + "Values": { + "shape": "ValueStringList", + "documentation": "<p>The filter values. Filter values are case-sensitive.</p>", + "locationName": "Value" + } + }, + "documentation": "<p>A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:</p> <ul> <li> <p> <a>DescribeAvailabilityZones</a> </p> </li> <li> <p> <a>DescribeImages</a> </p> </li> <li> <p> <a>DescribeInstances</a> </p> </li> <li> <p> <a>DescribeKeyPairs</a> </p> </li> <li> <p> <a>DescribeSecurityGroups</a> </p> </li> <li> <p> <a>DescribeSnapshots</a> </p> </li> <li> <p> <a>DescribeSubnets</a> </p> </li> <li> <p> <a>DescribeTags</a> </p> </li> <li> <p> <a>DescribeVolumes</a> </p> </li> <li> <p> <a>DescribeVpcs</a> </p> </li> </ul>" + }, + "FilterList": { + "type": "list", + "member": { + "shape": "Filter", + "locationName": "Filter" + } + }, + "FleetActivityStatus": { + "type": "string", + "enum": [ + "error", + "pending-fulfillment", + "pending-termination", + "fulfilled" + ] + }, + "FleetData": { + "type": "structure", + "members": { + "ActivityStatus": { + "shape": "FleetActivityStatus", + "documentation": "<p>The progress of the EC2 Fleet. If there is an error, the status is <code>error</code>. After all requests are placed, the status is <code>pending_fulfillment</code>. If the size of the EC2 Fleet is equal to or greater than its target capacity, the status is <code>fulfilled</code>. If the size of the EC2 Fleet is decreased, the status is <code>pending_termination</code> while instances are terminating.</p>", + "locationName": "activityStatus" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The creation date and time of the EC2 Fleet.</p>", + "locationName": "createTime" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>", + "locationName": "fleetId" + }, + "FleetState": { + "shape": "FleetStateCode", + "documentation": "<p>The state of the EC2 Fleet.</p>", + "locationName": "fleetState" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>", + "locationName": "clientToken" + }, + "ExcessCapacityTerminationPolicy": { + "shape": "FleetExcessCapacityTerminationPolicy", + "documentation": "<p>Indicates whether running instances should be terminated if the target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.</p>", + "locationName": "excessCapacityTerminationPolicy" + }, + "FulfilledCapacity": { + "shape": "Double", + "documentation": "<p>The number of units fulfilled by this request compared to the set target capacity.</p>", + "locationName": "fulfilledCapacity" + }, + "FulfilledOnDemandCapacity": { + "shape": "Double", + "documentation": "<p>The number of units fulfilled by this request compared to the set target On-Demand capacity.</p>", + "locationName": "fulfilledOnDemandCapacity" + }, + "LaunchTemplateConfigs": { + "shape": "FleetLaunchTemplateConfigList", + "documentation": "<p>The launch template and overrides.</p>", + "locationName": "launchTemplateConfigs" + }, + "TargetCapacitySpecification": { + "shape": "TargetCapacitySpecification", + "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>", + "locationName": "targetCapacitySpecification" + }, + "TerminateInstancesWithExpiration": { + "shape": "Boolean", + "documentation": "<p>Indicates whether running instances should be terminated when the EC2 Fleet expires. </p>", + "locationName": "terminateInstancesWithExpiration" + }, + "Type": { + "shape": "FleetType", + "documentation": "<p>The type of request. Indicates whether the EC2 Fleet only <code>requests</code> the target capacity, or also attempts to <code>maintain</code> it. If you request a certain target capacity, EC2 Fleet only places the required requests; it does not attempt to replenish instances if capacity is diminished, and does not submit requests in alternative capacity pools if capacity is unavailable. To maintain a certain target capacity, EC2 Fleet places the required requests to meet this target capacity. It also automatically replenishes any interrupted Spot Instances. Default: <code>maintain</code>.</p>", + "locationName": "type" + }, + "ValidFrom": { + "shape": "DateTime", + "documentation": "<p>The start date and time of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). The default is to start fulfilling the request immediately. </p>", + "locationName": "validFrom" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date and time of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). At this point, no new instance requests are placed or able to fulfill the request. The default end date is 7 days from the current date. </p>", + "locationName": "validUntil" + }, + "ReplaceUnhealthyInstances": { + "shape": "Boolean", + "documentation": "<p>Indicates whether EC2 Fleet should replace unhealthy instances.</p>", + "locationName": "replaceUnhealthyInstances" + }, + "SpotOptions": { + "shape": "SpotOptions", + "documentation": "<p>The configuration of Spot Instances in an EC2 Fleet.</p>", + "locationName": "spotOptions" + }, + "OnDemandOptions": { + "shape": "OnDemandOptions", + "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>", + "locationName": "onDemandOptions" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for an EC2 Fleet resource.</p>", + "locationName": "tagSet" + }, + "Errors": { + "shape": "DescribeFleetsErrorSet", + "documentation": "<p>Information about the instances that could not be launched by the fleet. Valid only when <b>Type</b> is set to <code>instant</code>.</p>", + "locationName": "errorSet" + }, + "Instances": { + "shape": "DescribeFleetsInstancesSet", + "documentation": "<p>Information about the instances that were launched by the fleet. Valid only when <b>Type</b> is set to <code>instant</code>.</p>", + "locationName": "fleetInstanceSet" + } + }, + "documentation": "<p>Describes an EC2 Fleet.</p>" + }, + "FleetEventType": { + "type": "string", + "enum": [ + "instance-change", + "fleet-change", + "service-error" + ] + }, + "FleetExcessCapacityTerminationPolicy": { + "type": "string", + "enum": [ + "no-termination", + "termination" + ] + }, + "FleetIdSet": { + "type": "list", + "member": { + "shape": "FleetIdentifier" + } + }, + "FleetIdentifier": { + "type": "string" + }, + "FleetLaunchTemplateConfig": { + "type": "structure", + "members": { + "LaunchTemplateSpecification": { + "shape": "FleetLaunchTemplateSpecification", + "documentation": "<p>The launch template.</p>", + "locationName": "launchTemplateSpecification" + }, + "Overrides": { + "shape": "FleetLaunchTemplateOverridesList", + "documentation": "<p>Any parameters that you specify override the same parameters in the launch template.</p>", + "locationName": "overrides" + } + }, + "documentation": "<p>Describes a launch template and overrides.</p>" + }, + "FleetLaunchTemplateConfigList": { + "type": "list", + "member": { + "shape": "FleetLaunchTemplateConfig", + "locationName": "item" + } + }, + "FleetLaunchTemplateConfigListRequest": { + "type": "list", + "member": { + "shape": "FleetLaunchTemplateConfigRequest", + "locationName": "item" + }, + "max": 50 + }, + "FleetLaunchTemplateConfigRequest": { + "type": "structure", + "members": { + "LaunchTemplateSpecification": { + "shape": "FleetLaunchTemplateSpecificationRequest", + "documentation": "<p>The launch template to use. You must specify either the launch template ID or launch template name in the request. </p>" + }, + "Overrides": { + "shape": "FleetLaunchTemplateOverridesListRequest", + "documentation": "<p>Any parameters that you specify override the same parameters in the launch template.</p>" + } + }, + "documentation": "<p>Describes a launch template and overrides.</p>" + }, + "FleetLaunchTemplateOverrides": { + "type": "structure", + "members": { + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "MaxPrice": { + "shape": "String", + "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance.</p>", + "locationName": "maxPrice" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instances.</p>", + "locationName": "subnetId" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to launch the instances.</p>", + "locationName": "availabilityZone" + }, + "WeightedCapacity": { + "shape": "Double", + "documentation": "<p>The number of units provided by the specified instance type.</p>", + "locationName": "weightedCapacity" + }, + "Priority": { + "shape": "Double", + "documentation": "<p>The priority for the launch template override. If <b>AllocationStrategy</b> is set to <code>prioritized</code>, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. Valid values are whole numbers starting at <code>0</code>. The lower the number, the higher the priority. If no number is set, the override has the lowest priority.</p>", + "locationName": "priority" + }, + "Placement": { + "shape": "PlacementResponse", + "documentation": "<p>The location where the instance launched, if applicable.</p>", + "locationName": "placement" + } + }, + "documentation": "<p>Describes overrides for a launch template.</p>" + }, + "FleetLaunchTemplateOverridesList": { + "type": "list", + "member": { + "shape": "FleetLaunchTemplateOverrides", + "locationName": "item" + } + }, + "FleetLaunchTemplateOverridesListRequest": { + "type": "list", + "member": { + "shape": "FleetLaunchTemplateOverridesRequest", + "locationName": "item" + }, + "max": 50 + }, + "FleetLaunchTemplateOverridesRequest": { + "type": "structure", + "members": { + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>" + }, + "MaxPrice": { + "shape": "String", + "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instances.</p>" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to launch the instances.</p>" + }, + "WeightedCapacity": { + "shape": "Double", + "documentation": "<p>The number of units provided by the specified instance type.</p>" + }, + "Priority": { + "shape": "Double", + "documentation": "<p>The priority for the launch template override. If <b>AllocationStrategy</b> is set to <code>prioritized</code>, EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. Valid values are whole numbers starting at <code>0</code>. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority.</p>" + }, + "Placement": { + "shape": "Placement", + "documentation": "<p>The location where the instance launched, if applicable.</p>" + } + }, + "documentation": "<p>Describes overrides for a launch template.</p>" + }, + "FleetLaunchTemplateSpecification": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either a template ID or a template name.</p>", + "locationName": "launchTemplateId" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either a template name or a template ID.</p>", + "locationName": "launchTemplateName" + }, + "Version": { + "shape": "String", + "documentation": "<p>The version number of the launch template. You must specify a version number.</p>", + "locationName": "version" + } + }, + "documentation": "<p>Describes a launch template.</p>" + }, + "FleetLaunchTemplateSpecificationRequest": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template.</p>" + }, + "Version": { + "shape": "String", + "documentation": "<p>The version number of the launch template. Note: This is a required parameter and will be updated soon. </p>" + } + }, + "documentation": "<p>The launch template to use. You must specify either the launch template ID or launch template name in the request. </p>" + }, + "FleetOnDemandAllocationStrategy": { + "type": "string", + "enum": [ + "lowest-price", + "prioritized" + ] + }, + "FleetSet": { + "type": "list", + "member": { + "shape": "FleetData", + "locationName": "item" + } + }, + "FleetStateCode": { + "type": "string", + "enum": [ + "submitted", + "active", + "deleted", + "failed", + "deleted-running", + "deleted-terminating", + "modifying" + ] + }, + "FleetType": { + "type": "string", + "enum": [ + "request", + "maintain", + "instant" + ] + }, + "Float": { + "type": "float" + }, + "FlowLog": { + "type": "structure", + "members": { + "CreationTime": { + "shape": "DateTime", + "documentation": "<p>The date and time the flow log was created.</p>", + "locationName": "creationTime" + }, + "DeliverLogsErrorMessage": { + "shape": "String", + "documentation": "<p>Information about the error that occurred. <code>Rate limited</code> indicates that CloudWatch Logs throttling has been applied for one or more network interfaces, or that you've reached the limit on the number of log groups that you can create. <code>Access error</code> indicates that the IAM role associated with the flow log does not have sufficient permissions to publish to CloudWatch Logs. <code>Unknown error</code> indicates an internal error.</p>", + "locationName": "deliverLogsErrorMessage" + }, + "DeliverLogsPermissionArn": { + "shape": "String", + "documentation": "<p>The ARN of the IAM role that posts logs to CloudWatch Logs.</p>", + "locationName": "deliverLogsPermissionArn" + }, + "DeliverLogsStatus": { + "shape": "String", + "documentation": "<p>The status of the logs delivery (<code>SUCCESS</code> | <code>FAILED</code>).</p>", + "locationName": "deliverLogsStatus" + }, + "FlowLogId": { + "shape": "String", + "documentation": "<p>The flow log ID.</p>", + "locationName": "flowLogId" + }, + "FlowLogStatus": { + "shape": "String", + "documentation": "<p>The status of the flow log (<code>ACTIVE</code>).</p>", + "locationName": "flowLogStatus" + }, + "LogGroupName": { + "shape": "String", + "documentation": "<p>The name of the flow log group.</p>", + "locationName": "logGroupName" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource on which the flow log was created.</p>", + "locationName": "resourceId" + }, + "TrafficType": { + "shape": "TrafficType", + "documentation": "<p>The type of traffic captured for the flow log.</p>", + "locationName": "trafficType" + }, + "LogDestinationType": { + "shape": "LogDestinationType", + "documentation": "<p>Specifies the type of destination to which the flow log data is published. Flow log data can be published to CloudWatch Logs or Amazon S3.</p>", + "locationName": "logDestinationType" + }, + "LogDestination": { + "shape": "String", + "documentation": "<p>Specifies the destination to which the flow log data is published. Flow log data can be published to an CloudWatch Logs log group or an Amazon S3 bucket. If the flow log publishes to CloudWatch Logs, this element indicates the Amazon Resource Name (ARN) of the CloudWatch Logs log group to which the data is published. If the flow log publishes to Amazon S3, this element indicates the ARN of the Amazon S3 bucket to which the data is published.</p>", + "locationName": "logDestination" + } + }, + "documentation": "<p>Describes a flow log.</p>" + }, + "FlowLogSet": { + "type": "list", + "member": { + "shape": "FlowLog", + "locationName": "item" + } + }, + "FlowLogsResourceType": { + "type": "string", + "enum": [ + "VPC", + "Subnet", + "NetworkInterface" + ] + }, + "FpgaImage": { + "type": "structure", + "members": { + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The FPGA image identifier (AFI ID).</p>", + "locationName": "fpgaImageId" + }, + "FpgaImageGlobalId": { + "shape": "String", + "documentation": "<p>The global FPGA image identifier (AGFI ID).</p>", + "locationName": "fpgaImageGlobalId" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the AFI.</p>", + "locationName": "name" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the AFI.</p>", + "locationName": "description" + }, + "ShellVersion": { + "shape": "String", + "documentation": "<p>The version of the AWS Shell that was used to create the bitstream.</p>", + "locationName": "shellVersion" + }, + "PciId": { + "shape": "PciId", + "documentation": "<p>Information about the PCI bus.</p>", + "locationName": "pciId" + }, + "State": { + "shape": "FpgaImageState", + "documentation": "<p>Information about the state of the AFI.</p>", + "locationName": "state" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The date and time the AFI was created.</p>", + "locationName": "createTime" + }, + "UpdateTime": { + "shape": "DateTime", + "documentation": "<p>The time of the most recent update to the AFI.</p>", + "locationName": "updateTime" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the AFI owner.</p>", + "locationName": "ownerId" + }, + "OwnerAlias": { + "shape": "String", + "documentation": "<p>The alias of the AFI owner. Possible values include <code>self</code>, <code>amazon</code>, and <code>aws-marketplace</code>.</p>", + "locationName": "ownerAlias" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>The product codes for the AFI.</p>", + "locationName": "productCodes" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the AFI.</p>", + "locationName": "tags" + }, + "Public": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the AFI is public.</p>", + "locationName": "public" + }, + "DataRetentionSupport": { + "shape": "Boolean", + "documentation": "<p>Indicates whether data retention support is enabled for the AFI.</p>", + "locationName": "dataRetentionSupport" + } + }, + "documentation": "<p>Describes an Amazon FPGA image (AFI).</p>" + }, + "FpgaImageAttribute": { + "type": "structure", + "members": { + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the AFI.</p>", + "locationName": "fpgaImageId" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the AFI.</p>", + "locationName": "name" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the AFI.</p>", + "locationName": "description" + }, + "LoadPermissions": { + "shape": "LoadPermissionList", + "documentation": "<p>The load permissions.</p>", + "locationName": "loadPermissions" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>The product codes.</p>", + "locationName": "productCodes" + } + }, + "documentation": "<p>Describes an Amazon FPGA image (AFI) attribute.</p>" + }, + "FpgaImageAttributeName": { + "type": "string", + "enum": [ + "description", + "name", + "loadPermission", + "productCodes" + ] + }, + "FpgaImageIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "FpgaImageList": { + "type": "list", + "member": { + "shape": "FpgaImage", + "locationName": "item" + } + }, + "FpgaImageState": { + "type": "structure", + "members": { + "Code": { + "shape": "FpgaImageStateCode", + "documentation": "<p>The state. The following are the possible values:</p> <ul> <li> <p> <code>pending</code> - AFI bitstream generation is in progress.</p> </li> <li> <p> <code>available</code> - The AFI is available for use.</p> </li> <li> <p> <code>failed</code> - AFI bitstream generation failed.</p> </li> <li> <p> <code>unavailable</code> - The AFI is no longer available for use.</p> </li> </ul>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>If the state is <code>failed</code>, this is the error message.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the state of the bitstream generation process for an Amazon FPGA image (AFI).</p>" + }, + "FpgaImageStateCode": { + "type": "string", + "enum": [ + "pending", + "failed", + "available", + "unavailable" + ] + }, + "GatewayType": { + "type": "string", + "enum": [ + "ipsec.1" + ] + }, + "GetConsoleOutputRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Latest": { + "shape": "Boolean", + "documentation": "<p>When enabled, retrieves the latest console output for the instance.</p> <p>Default: disabled (<code>false</code>)</p>" + } + } + }, + "GetConsoleOutputResult": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Output": { + "shape": "String", + "documentation": "<p>The console output, base64-encoded. If you are using a command line tool, the tool decodes the output for you.</p>", + "locationName": "output" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The time at which the output was last updated.</p>", + "locationName": "timestamp" + } + } + }, + "GetConsoleScreenshotRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "WakeUp": { + "shape": "Boolean", + "documentation": "<p>When set to <code>true</code>, acts as keystroke input and wakes up an instance that's in standby or \"sleep\" mode.</p>" + } + } + }, + "GetConsoleScreenshotResult": { + "type": "structure", + "members": { + "ImageData": { + "shape": "String", + "documentation": "<p>The data that comprises the image.</p>", + "locationName": "imageData" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + } + } + }, + "GetEbsDefaultKmsKeyIdRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "GetEbsDefaultKmsKeyIdResult": { + "type": "structure", + "members": { + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the default CMK for encryption by default.</p>", + "locationName": "kmsKeyId" + } + } + }, + "GetEbsEncryptionByDefaultRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "GetEbsEncryptionByDefaultResult": { + "type": "structure", + "members": { + "EbsEncryptionByDefault": { + "shape": "Boolean", + "documentation": "<p>Indicates whether encryption by default is enabled.</p>", + "locationName": "ebsEncryptionByDefault" + } + } + }, + "GetHostReservationPurchasePreviewRequest": { + "type": "structure", + "required": [ + "HostIdSet", + "OfferingId" + ], + "members": { + "HostIdSet": { + "shape": "RequestHostIdSet", + "documentation": "<p>The IDs of the Dedicated Hosts with which the reservation is associated.</p>" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The offering ID of the reservation.</p>" + } + } + }, + "GetHostReservationPurchasePreviewResult": { + "type": "structure", + "members": { + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>totalUpfrontPrice</code> and <code>totalHourlyPrice</code> amounts are specified. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Purchase": { + "shape": "PurchaseSet", + "documentation": "<p>The purchase information of the Dedicated Host reservation and the Dedicated Hosts associated with it.</p>", + "locationName": "purchase" + }, + "TotalHourlyPrice": { + "shape": "String", + "documentation": "<p>The potential total hourly price of the reservation per hour.</p>", + "locationName": "totalHourlyPrice" + }, + "TotalUpfrontPrice": { + "shape": "String", + "documentation": "<p>The potential total upfront price. This is billed immediately.</p>", + "locationName": "totalUpfrontPrice" + } + } + }, + "GetLaunchTemplateDataRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + } + } + }, + "GetLaunchTemplateDataResult": { + "type": "structure", + "members": { + "LaunchTemplateData": { + "shape": "ResponseLaunchTemplateData", + "documentation": "<p>The instance data.</p>", + "locationName": "launchTemplateData" + } + } + }, + "GetPasswordDataRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the Windows instance.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "GetPasswordDataResult": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the Windows instance.</p>", + "locationName": "instanceId" + }, + "PasswordData": { + "shape": "String", + "documentation": "<p>The password of the instance. Returns an empty string if the password is not available.</p>", + "locationName": "passwordData" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The time the data was last updated.</p>", + "locationName": "timestamp" + } + } + }, + "GetReservedInstancesExchangeQuoteRequest": { + "type": "structure", + "required": [ + "ReservedInstanceIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ReservedInstanceIds": { + "shape": "ReservedInstanceIdSet", + "documentation": "<p>The IDs of the Convertible Reserved Instances to exchange.</p>", + "locationName": "ReservedInstanceId" + }, + "TargetConfigurations": { + "shape": "TargetConfigurationRequestSet", + "documentation": "<p>The configuration of the target Convertible Reserved Instance to exchange for your current Convertible Reserved Instances.</p>", + "locationName": "TargetConfiguration" + } + }, + "documentation": "<p>Contains the parameters for GetReservedInstanceExchangeQuote.</p>" + }, + "GetReservedInstancesExchangeQuoteResult": { + "type": "structure", + "members": { + "CurrencyCode": { + "shape": "String", + "documentation": "<p>The currency of the transaction.</p>", + "locationName": "currencyCode" + }, + "IsValidExchange": { + "shape": "Boolean", + "documentation": "<p>If <code>true</code>, the exchange is valid. If <code>false</code>, the exchange cannot be completed.</p>", + "locationName": "isValidExchange" + }, + "OutputReservedInstancesWillExpireAt": { + "shape": "DateTime", + "documentation": "<p>The new end date of the reservation term.</p>", + "locationName": "outputReservedInstancesWillExpireAt" + }, + "PaymentDue": { + "shape": "String", + "documentation": "<p>The total true upfront charge for the exchange.</p>", + "locationName": "paymentDue" + }, + "ReservedInstanceValueRollup": { + "shape": "ReservationValue", + "documentation": "<p>The cost associated with the Reserved Instance.</p>", + "locationName": "reservedInstanceValueRollup" + }, + "ReservedInstanceValueSet": { + "shape": "ReservedInstanceReservationValueSet", + "documentation": "<p>The configuration of your Convertible Reserved Instances.</p>", + "locationName": "reservedInstanceValueSet" + }, + "TargetConfigurationValueRollup": { + "shape": "ReservationValue", + "documentation": "<p>The cost associated with the Reserved Instance.</p>", + "locationName": "targetConfigurationValueRollup" + }, + "TargetConfigurationValueSet": { + "shape": "TargetReservationValueSet", + "documentation": "<p>The values of the target Convertible Reserved Instances.</p>", + "locationName": "targetConfigurationValueSet" + }, + "ValidationFailureReason": { + "shape": "String", + "documentation": "<p>Describes the reason why the exchange cannot be completed.</p>", + "locationName": "validationFailureReason" + } + }, + "documentation": "<p>Contains the output of GetReservedInstancesExchangeQuote.</p>" + }, + "GetTransitGatewayAttachmentPropagationsRequest": { + "type": "structure", + "required": [ + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>transit-gateway-route-table-id</code> - The ID of the transit gateway route table.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "GetTransitGatewayAttachmentPropagationsResult": { + "type": "structure", + "members": { + "TransitGatewayAttachmentPropagations": { + "shape": "TransitGatewayAttachmentPropagationList", + "documentation": "<p>Information about the propagation route tables.</p>", + "locationName": "transitGatewayAttachmentPropagations" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "GetTransitGatewayRouteTableAssociationsRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "GetTransitGatewayRouteTableAssociationsResult": { + "type": "structure", + "members": { + "Associations": { + "shape": "TransitGatewayRouteTableAssociationList", + "documentation": "<p>Information about the associations.</p>", + "locationName": "associations" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "GetTransitGatewayRouteTablePropagationsRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>resource-id</code> - The ID of the resource.</p> </li> <li> <p> <code>resource-type</code> - The resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>transit-gateway-attachment-id</code> - The ID of the attachment.</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned <code>nextToken</code> value.</p>" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token for the next page of results.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "GetTransitGatewayRouteTablePropagationsResult": { + "type": "structure", + "members": { + "TransitGatewayRouteTablePropagations": { + "shape": "TransitGatewayRouteTablePropagationList", + "documentation": "<p>Information about the route table propagations.</p>", + "locationName": "transitGatewayRouteTablePropagations" + }, + "NextToken": { + "shape": "String", + "documentation": "<p>The token to use to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>", + "locationName": "nextToken" + } + } + }, + "GroupIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "groupId" + } + }, + "GroupIdentifier": { + "type": "structure", + "members": { + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group.</p>", + "locationName": "groupName" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + } + }, + "documentation": "<p>Describes a security group.</p>" + }, + "GroupIdentifierList": { + "type": "list", + "member": { + "shape": "GroupIdentifier", + "locationName": "item" + } + }, + "GroupIdentifierSet": { + "type": "list", + "member": { + "shape": "SecurityGroupIdentifier", + "locationName": "item" + } + }, + "GroupIds": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "GroupNameStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "GroupName" + } + }, + "HibernationOptions": { + "type": "structure", + "members": { + "Configured": { + "shape": "Boolean", + "documentation": "<p>If this parameter is set to <code>true</code>, your instance is enabled for hibernation; otherwise, it is not enabled for hibernation.</p>", + "locationName": "configured" + } + }, + "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "HibernationOptionsRequest": { + "type": "structure", + "members": { + "Configured": { + "shape": "Boolean", + "documentation": "<p>If you set this parameter to <code>true</code>, your instance is enabled for hibernation.</p> <p>Default: <code>false</code> </p>" + } + }, + "documentation": "<p>Indicates whether your instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "HistoryRecord": { + "type": "structure", + "members": { + "EventInformation": { + "shape": "EventInformation", + "documentation": "<p>Information about the event.</p>", + "locationName": "eventInformation" + }, + "EventType": { + "shape": "EventType", + "documentation": "<p>The event type.</p> <ul> <li> <p> <code>error</code> - An error with the Spot Fleet request.</p> </li> <li> <p> <code>fleetRequestChange</code> - A change in the status or configuration of the Spot Fleet request.</p> </li> <li> <p> <code>instanceChange</code> - An instance was launched or terminated.</p> </li> <li> <p> <code>Information</code> - An informational event.</p> </li> </ul>", + "locationName": "eventType" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The date and time of the event, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "timestamp" + } + }, + "documentation": "<p>Describes an event in the history of the Spot Fleet request.</p>" + }, + "HistoryRecordEntry": { + "type": "structure", + "members": { + "EventInformation": { + "shape": "EventInformation", + "documentation": "<p>Information about the event.</p>", + "locationName": "eventInformation" + }, + "EventType": { + "shape": "FleetEventType", + "documentation": "<p>The event type.</p>", + "locationName": "eventType" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The date and time of the event, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "timestamp" + } + }, + "documentation": "<p>Describes an event in the history of an EC2 Fleet.</p>" + }, + "HistoryRecordSet": { + "type": "list", + "member": { + "shape": "HistoryRecordEntry", + "locationName": "item" + } + }, + "HistoryRecords": { + "type": "list", + "member": { + "shape": "HistoryRecord", + "locationName": "item" + } + }, + "Host": { + "type": "structure", + "members": { + "AutoPlacement": { + "shape": "AutoPlacement", + "documentation": "<p>Whether auto-placement is on or off.</p>", + "locationName": "autoPlacement" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the Dedicated Host.</p>", + "locationName": "availabilityZone" + }, + "AvailableCapacity": { + "shape": "AvailableCapacity", + "documentation": "<p>The number of new instances that can be launched onto the Dedicated Host.</p>", + "locationName": "availableCapacity" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "HostId": { + "shape": "String", + "documentation": "<p>The ID of the Dedicated Host.</p>", + "locationName": "hostId" + }, + "HostProperties": { + "shape": "HostProperties", + "documentation": "<p>The hardware specifications of the Dedicated Host.</p>", + "locationName": "hostProperties" + }, + "HostReservationId": { + "shape": "String", + "documentation": "<p>The reservation ID of the Dedicated Host. This returns a <code>null</code> response if the Dedicated Host doesn't have an associated reservation.</p>", + "locationName": "hostReservationId" + }, + "Instances": { + "shape": "HostInstanceList", + "documentation": "<p>The IDs and instance type that are currently running on the Dedicated Host.</p>", + "locationName": "instances" + }, + "State": { + "shape": "AllocationState", + "documentation": "<p>The Dedicated Host's state.</p>", + "locationName": "state" + }, + "AllocationTime": { + "shape": "DateTime", + "documentation": "<p>The time that the Dedicated Host was allocated.</p>", + "locationName": "allocationTime" + }, + "ReleaseTime": { + "shape": "DateTime", + "documentation": "<p>The time that the Dedicated Host was released.</p>", + "locationName": "releaseTime" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the Dedicated Host.</p>", + "locationName": "tagSet" + }, + "HostRecovery": { + "shape": "HostRecovery", + "documentation": "<p>Indicates whether host recovery is enabled or disabled for the Dedicated Host.</p>", + "locationName": "hostRecovery" + } + }, + "documentation": "<p>Describes the properties of the Dedicated Host.</p>" + }, + "HostInstance": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>the IDs of instances that are running on the Dedicated Host.</p>", + "locationName": "instanceId" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type size (for example, <code>m3.medium</code>) of the running instance.</p>", + "locationName": "instanceType" + } + }, + "documentation": "<p>Describes an instance running on a Dedicated Host.</p>" + }, + "HostInstanceList": { + "type": "list", + "member": { + "shape": "HostInstance", + "locationName": "item" + } + }, + "HostList": { + "type": "list", + "member": { + "shape": "Host", + "locationName": "item" + } + }, + "HostOffering": { + "type": "structure", + "members": { + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency of the offering.</p>", + "locationName": "currencyCode" + }, + "Duration": { + "shape": "Integer", + "documentation": "<p>The duration of the offering (in seconds).</p>", + "locationName": "duration" + }, + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly price of the offering.</p>", + "locationName": "hourlyPrice" + }, + "InstanceFamily": { + "shape": "String", + "documentation": "<p>The instance family of the offering.</p>", + "locationName": "instanceFamily" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The ID of the offering.</p>", + "locationName": "offeringId" + }, + "PaymentOption": { + "shape": "PaymentOption", + "documentation": "<p>The available payment option.</p>", + "locationName": "paymentOption" + }, + "UpfrontPrice": { + "shape": "String", + "documentation": "<p>The upfront price of the offering. Does not apply to No Upfront offerings.</p>", + "locationName": "upfrontPrice" + } + }, + "documentation": "<p>Details about the Dedicated Host Reservation offering.</p>" + }, + "HostOfferingSet": { + "type": "list", + "member": { + "shape": "HostOffering", + "locationName": "item" + } + }, + "HostProperties": { + "type": "structure", + "members": { + "Cores": { + "shape": "Integer", + "documentation": "<p>The number of cores on the Dedicated Host.</p>", + "locationName": "cores" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type size that the Dedicated Host supports (for example, <code>m3.medium</code>).</p>", + "locationName": "instanceType" + }, + "Sockets": { + "shape": "Integer", + "documentation": "<p>The number of sockets on the Dedicated Host.</p>", + "locationName": "sockets" + }, + "TotalVCpus": { + "shape": "Integer", + "documentation": "<p>The number of vCPUs on the Dedicated Host.</p>", + "locationName": "totalVCpus" + } + }, + "documentation": "<p>Describes properties of a Dedicated Host.</p>" + }, + "HostRecovery": { + "type": "string", + "enum": [ + "on", + "off" + ] + }, + "HostReservation": { + "type": "structure", + "members": { + "Count": { + "shape": "Integer", + "documentation": "<p>The number of Dedicated Hosts the reservation is associated with.</p>", + "locationName": "count" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>upfrontPrice</code> and <code>hourlyPrice</code> amounts are specified. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Duration": { + "shape": "Integer", + "documentation": "<p>The length of the reservation's term, specified in seconds. Can be <code>31536000 (1 year)</code> | <code>94608000 (3 years)</code>.</p>", + "locationName": "duration" + }, + "End": { + "shape": "DateTime", + "documentation": "<p>The date and time that the reservation ends.</p>", + "locationName": "end" + }, + "HostIdSet": { + "shape": "ResponseHostIdSet", + "documentation": "<p>The IDs of the Dedicated Hosts associated with the reservation.</p>", + "locationName": "hostIdSet" + }, + "HostReservationId": { + "shape": "String", + "documentation": "<p>The ID of the reservation that specifies the associated Dedicated Hosts.</p>", + "locationName": "hostReservationId" + }, + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly price of the reservation.</p>", + "locationName": "hourlyPrice" + }, + "InstanceFamily": { + "shape": "String", + "documentation": "<p>The instance family of the Dedicated Host Reservation. The instance family on the Dedicated Host must be the same in order for it to benefit from the reservation.</p>", + "locationName": "instanceFamily" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The ID of the reservation. This remains the same regardless of which Dedicated Hosts are associated with it.</p>", + "locationName": "offeringId" + }, + "PaymentOption": { + "shape": "PaymentOption", + "documentation": "<p>The payment option selected for this reservation.</p>", + "locationName": "paymentOption" + }, + "Start": { + "shape": "DateTime", + "documentation": "<p>The date and time that the reservation started.</p>", + "locationName": "start" + }, + "State": { + "shape": "ReservationState", + "documentation": "<p>The state of the reservation.</p>", + "locationName": "state" + }, + "UpfrontPrice": { + "shape": "String", + "documentation": "<p>The upfront price of the reservation.</p>", + "locationName": "upfrontPrice" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the Dedicated Host Reservation.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Details about the Dedicated Host Reservation and associated Dedicated Hosts.</p>" + }, + "HostReservationIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "HostReservationSet": { + "type": "list", + "member": { + "shape": "HostReservation", + "locationName": "item" + } + }, + "HostTenancy": { + "type": "string", + "enum": [ + "dedicated", + "host" + ] + }, + "HypervisorType": { + "type": "string", + "enum": [ + "ovm", + "xen" + ] + }, + "IamInstanceProfile": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the instance profile.</p>", + "locationName": "arn" + }, + "Id": { + "shape": "String", + "documentation": "<p>The ID of the instance profile.</p>", + "locationName": "id" + } + }, + "documentation": "<p>Describes an IAM instance profile.</p>" + }, + "IamInstanceProfileAssociation": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the association.</p>", + "locationName": "associationId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfile", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "State": { + "shape": "IamInstanceProfileAssociationState", + "documentation": "<p>The state of the association.</p>", + "locationName": "state" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The time the IAM instance profile was associated with the instance.</p>", + "locationName": "timestamp" + } + }, + "documentation": "<p>Describes an association between an IAM instance profile and an instance.</p>" + }, + "IamInstanceProfileAssociationSet": { + "type": "list", + "member": { + "shape": "IamInstanceProfileAssociation", + "locationName": "item" + } + }, + "IamInstanceProfileAssociationState": { + "type": "string", + "enum": [ + "associating", + "associated", + "disassociating", + "disassociated" + ] + }, + "IamInstanceProfileSpecification": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the instance profile.</p>", + "locationName": "arn" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the instance profile.</p>", + "locationName": "name" + } + }, + "documentation": "<p>Describes an IAM instance profile.</p>" + }, + "IcmpTypeCode": { + "type": "structure", + "members": { + "Code": { + "shape": "Integer", + "documentation": "<p>The ICMP code. A value of -1 means all codes for the specified ICMP type.</p>", + "locationName": "code" + }, + "Type": { + "shape": "Integer", + "documentation": "<p>The ICMP type. A value of -1 means all types.</p>", + "locationName": "type" + } + }, + "documentation": "<p>Describes the ICMP type and code.</p>" + }, + "IdFormat": { + "type": "structure", + "members": { + "Deadline": { + "shape": "DateTime", + "documentation": "<p>The date in UTC at which you are permanently switched over to using longer IDs. If a deadline is not yet available for this resource type, this field is not returned.</p>", + "locationName": "deadline" + }, + "Resource": { + "shape": "String", + "documentation": "<p>The type of resource.</p>", + "locationName": "resource" + }, + "UseLongIds": { + "shape": "Boolean", + "documentation": "<p>Indicates whether longer IDs (17-character IDs) are enabled for the resource.</p>", + "locationName": "useLongIds" + } + }, + "documentation": "<p>Describes the ID format for a resource.</p>" + }, + "IdFormatList": { + "type": "list", + "member": { + "shape": "IdFormat", + "locationName": "item" + } + }, + "Image": { + "type": "structure", + "members": { + "Architecture": { + "shape": "ArchitectureValues", + "documentation": "<p>The architecture of the image.</p>", + "locationName": "architecture" + }, + "CreationDate": { + "shape": "String", + "documentation": "<p>The date and time the image was created.</p>", + "locationName": "creationDate" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>", + "locationName": "imageId" + }, + "ImageLocation": { + "shape": "String", + "documentation": "<p>The location of the AMI.</p>", + "locationName": "imageLocation" + }, + "ImageType": { + "shape": "ImageTypeValues", + "documentation": "<p>The type of image.</p>", + "locationName": "imageType" + }, + "Public": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the image has public launch permissions. The value is <code>true</code> if this image has public launch permissions or <code>false</code> if it has only implicit and explicit launch permissions.</p>", + "locationName": "isPublic" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The kernel associated with the image, if any. Only applicable for machine images.</p>", + "locationName": "kernelId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the image owner.</p>", + "locationName": "imageOwnerId" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>This value is set for Windows AMIs; otherwise, it is blank.</p>", + "locationName": "platform" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>Any product codes associated with the AMI.</p>", + "locationName": "productCodes" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The RAM disk associated with the image, if any. Only applicable for machine images.</p>", + "locationName": "ramdiskId" + }, + "State": { + "shape": "ImageState", + "documentation": "<p>The current state of the AMI. If the state is <code>available</code>, the image is successfully registered and can be used to launch an instance.</p>", + "locationName": "imageState" + }, + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingList", + "documentation": "<p>Any block device mapping entries.</p>", + "locationName": "blockDeviceMapping" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the AMI that was provided during image creation.</p>", + "locationName": "description" + }, + "EnaSupport": { + "shape": "Boolean", + "documentation": "<p>Specifies whether enhanced networking with ENA is enabled.</p>", + "locationName": "enaSupport" + }, + "Hypervisor": { + "shape": "HypervisorType", + "documentation": "<p>The hypervisor type of the image.</p>", + "locationName": "hypervisor" + }, + "ImageOwnerAlias": { + "shape": "String", + "documentation": "<p>The AWS account alias (for example, <code>amazon</code>, <code>self</code>) or the AWS account ID of the AMI owner.</p>", + "locationName": "imageOwnerAlias" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the AMI that was provided during image creation.</p>", + "locationName": "name" + }, + "RootDeviceName": { + "shape": "String", + "documentation": "<p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>", + "locationName": "rootDeviceName" + }, + "RootDeviceType": { + "shape": "DeviceType", + "documentation": "<p>The type of root device used by the AMI. The AMI can use an EBS volume or an instance store volume.</p>", + "locationName": "rootDeviceType" + }, + "SriovNetSupport": { + "shape": "String", + "documentation": "<p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>", + "locationName": "sriovNetSupport" + }, + "StateReason": { + "shape": "StateReason", + "documentation": "<p>The reason for the state change.</p>", + "locationName": "stateReason" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the image.</p>", + "locationName": "tagSet" + }, + "VirtualizationType": { + "shape": "VirtualizationType", + "documentation": "<p>The type of virtualization of the AMI.</p>", + "locationName": "virtualizationType" + } + }, + "documentation": "<p>Describes an image.</p>" + }, + "ImageAttribute": { + "type": "structure", + "members": { + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingList", + "documentation": "<p>The block device mapping entries.</p>", + "locationName": "blockDeviceMapping" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>", + "locationName": "imageId" + }, + "LaunchPermissions": { + "shape": "LaunchPermissionList", + "documentation": "<p>The launch permissions.</p>", + "locationName": "launchPermission" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>The product codes.</p>", + "locationName": "productCodes" + }, + "Description": { + "shape": "AttributeValue", + "documentation": "<p>A description for the AMI.</p>", + "locationName": "description" + }, + "KernelId": { + "shape": "AttributeValue", + "documentation": "<p>The kernel ID.</p>", + "locationName": "kernel" + }, + "RamdiskId": { + "shape": "AttributeValue", + "documentation": "<p>The RAM disk ID.</p>", + "locationName": "ramdisk" + }, + "SriovNetSupport": { + "shape": "AttributeValue", + "documentation": "<p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>", + "locationName": "sriovNetSupport" + } + }, + "documentation": "<p>Describes an image attribute.</p>" + }, + "ImageAttributeName": { + "type": "string", + "enum": [ + "description", + "kernel", + "ramdisk", + "launchPermission", + "productCodes", + "blockDeviceMapping", + "sriovNetSupport" + ] + }, + "ImageDiskContainer": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>The description of the disk image.</p>" + }, + "DeviceName": { + "shape": "String", + "documentation": "<p>The block device mapping for the disk.</p>" + }, + "Format": { + "shape": "String", + "documentation": "<p>The format of the disk image being imported.</p> <p>Valid values: <code>VHD</code> | <code>VMDK</code> | <code>OVA</code> </p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the EBS snapshot to be used for importing the snapshot.</p>" + }, + "Url": { + "shape": "String", + "documentation": "<p>The URL to the Amazon S3-based disk image being imported. The URL can either be a https URL (https://..) or an Amazon S3 URL (s3://..)</p>" + }, + "UserBucket": { + "shape": "UserBucket", + "documentation": "<p>The S3 bucket for the disk image.</p>" + } + }, + "documentation": "<p>Describes the disk container object for an import image task.</p>" + }, + "ImageDiskContainerList": { + "type": "list", + "member": { + "shape": "ImageDiskContainer", + "locationName": "item" + } + }, + "ImageIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ImageId" + } + }, + "ImageList": { + "type": "list", + "member": { + "shape": "Image", + "locationName": "item" + } + }, + "ImageState": { + "type": "string", + "enum": [ + "pending", + "available", + "invalid", + "deregistered", + "transient", + "failed", + "error" + ] + }, + "ImageTypeValues": { + "type": "string", + "enum": [ + "machine", + "kernel", + "ramdisk" + ] + }, + "ImportClientVpnClientCertificateRevocationListRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "CertificateRevocationList" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint to which the client certificate revocation list applies.</p>" + }, + "CertificateRevocationList": { + "shape": "String", + "documentation": "<p>The client certificate revocation list file. For more information, see <a href=\"https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate\">Generate a Client Certificate Revocation List</a> in the <i>AWS Client VPN Administrator Guide</i>.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ImportClientVpnClientCertificateRevocationListResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ImportImageRequest": { + "type": "structure", + "members": { + "Architecture": { + "shape": "String", + "documentation": "<p>The architecture of the virtual machine.</p> <p>Valid values: <code>i386</code> | <code>x86_64</code> | <code>arm64</code> </p>" + }, + "ClientData": { + "shape": "ClientData", + "documentation": "<p>The client-specific data.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>The token to enable idempotency for VM import requests.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description string for the import image task.</p>" + }, + "DiskContainers": { + "shape": "ImageDiskContainerList", + "documentation": "<p>Information about the disk containers.</p>", + "locationName": "DiskContainer" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Specifies whether the destination AMI of the imported image should be encrypted. The default CMK for EBS is used unless you specify a non-default AWS Key Management Service (AWS KMS) CMK using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "Hypervisor": { + "shape": "String", + "documentation": "<p>The target hypervisor platform.</p> <p>Valid values: <code>xen</code> </p>" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted AMI. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the AMI is being copied to.</p>" + }, + "LicenseType": { + "shape": "String", + "documentation": "<p>The license type to be used for the Amazon Machine Image (AMI) after importing.</p> <p>By default, we detect the source-system operating system (OS) and apply the appropriate license. Specify <code>AWS</code> to replace the source-system license with an AWS license, if appropriate. Specify <code>BYOL</code> to retain the source-system license, if appropriate.</p> <p>To use <code>BYOL</code>, you must have existing licenses with rights to use these licenses in a third party cloud, such as AWS. For more information, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html#prerequisites-image\">Prerequisites</a> in the VM Import/Export User Guide.</p>" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The operating system of the virtual machine.</p> <p>Valid values: <code>Windows</code> | <code>Linux</code> </p>" + }, + "RoleName": { + "shape": "String", + "documentation": "<p>The name of the role to use when not using the default role, 'vmimport'.</p>" + } + } + }, + "ImportImageResult": { + "type": "structure", + "members": { + "Architecture": { + "shape": "String", + "documentation": "<p>The architecture of the virtual machine.</p>", + "locationName": "architecture" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the import task.</p>", + "locationName": "description" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the AMI is encypted.</p>", + "locationName": "encrypted" + }, + "Hypervisor": { + "shape": "String", + "documentation": "<p>The target hypervisor of the import task.</p>", + "locationName": "hypervisor" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the Amazon Machine Image (AMI) created by the import task.</p>", + "locationName": "imageId" + }, + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The task ID of the import image task.</p>", + "locationName": "importTaskId" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted AMI.</p>", + "locationName": "kmsKeyId" + }, + "LicenseType": { + "shape": "String", + "documentation": "<p>The license type of the virtual machine.</p>", + "locationName": "licenseType" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The operating system of the virtual machine.</p>", + "locationName": "platform" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The progress of the task.</p>", + "locationName": "progress" + }, + "SnapshotDetails": { + "shape": "SnapshotDetailList", + "documentation": "<p>Information about the snapshots.</p>", + "locationName": "snapshotDetailSet" + }, + "Status": { + "shape": "String", + "documentation": "<p>A brief status of the task.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A detailed status message of the import task.</p>", + "locationName": "statusMessage" + } + } + }, + "ImportImageTask": { + "type": "structure", + "members": { + "Architecture": { + "shape": "String", + "documentation": "<p>The architecture of the virtual machine.</p> <p>Valid values: <code>i386</code> | <code>x86_64</code> | <code>arm64</code> </p>", + "locationName": "architecture" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the import task.</p>", + "locationName": "description" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the image is encrypted.</p>", + "locationName": "encrypted" + }, + "Hypervisor": { + "shape": "String", + "documentation": "<p>The target hypervisor for the import task.</p> <p>Valid values: <code>xen</code> </p>", + "locationName": "hypervisor" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the Amazon Machine Image (AMI) of the imported virtual machine.</p>", + "locationName": "imageId" + }, + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the import image task.</p>", + "locationName": "importTaskId" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted image.</p>", + "locationName": "kmsKeyId" + }, + "LicenseType": { + "shape": "String", + "documentation": "<p>The license type of the virtual machine.</p>", + "locationName": "licenseType" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The description string for the import image task.</p>", + "locationName": "platform" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The percentage of progress of the import image task.</p>", + "locationName": "progress" + }, + "SnapshotDetails": { + "shape": "SnapshotDetailList", + "documentation": "<p>Information about the snapshots.</p>", + "locationName": "snapshotDetailSet" + }, + "Status": { + "shape": "String", + "documentation": "<p>A brief status for the import image task.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A descriptive status message for the import image task.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes an import image task.</p>" + }, + "ImportImageTaskList": { + "type": "list", + "member": { + "shape": "ImportImageTask", + "locationName": "item" + } + }, + "ImportInstanceLaunchSpecification": { + "type": "structure", + "members": { + "AdditionalInfo": { + "shape": "String", + "documentation": "<p>Reserved.</p>", + "locationName": "additionalInfo" + }, + "Architecture": { + "shape": "ArchitectureValues", + "documentation": "<p>The architecture of the instance.</p>", + "locationName": "architecture" + }, + "GroupIds": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>The security group IDs.</p>", + "locationName": "GroupId" + }, + "GroupNames": { + "shape": "SecurityGroupStringList", + "documentation": "<p>The security group names.</p>", + "locationName": "GroupName" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "ShutdownBehavior", + "documentation": "<p>Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p>", + "locationName": "instanceInitiatedShutdownBehavior" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type. For more information about the instance types that you can import, see <a href=\"https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html#vmimport-instance-types\">Instance Types</a> in the VM Import/Export User Guide.</p>", + "locationName": "instanceType" + }, + "Monitoring": { + "shape": "Boolean", + "documentation": "<p>Indicates whether monitoring is enabled.</p>", + "locationName": "monitoring" + }, + "Placement": { + "shape": "Placement", + "documentation": "<p>The placement information for the instance.</p>", + "locationName": "placement" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>[EC2-VPC] An available IP address from the IP address range of the subnet.</p>", + "locationName": "privateIpAddress" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the subnet in which to launch the instance.</p>", + "locationName": "subnetId" + }, + "UserData": { + "shape": "UserData", + "documentation": "<p>The Base64-encoded user data to make available to the instance.</p>", + "locationName": "userData" + } + }, + "documentation": "<p>Describes the launch specification for VM import.</p>" + }, + "ImportInstanceRequest": { + "type": "structure", + "required": [ + "Platform" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the instance being imported.</p>", + "locationName": "description" + }, + "DiskImages": { + "shape": "DiskImageList", + "documentation": "<p>The disk image.</p>", + "locationName": "diskImage" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "LaunchSpecification": { + "shape": "ImportInstanceLaunchSpecification", + "documentation": "<p>The launch specification.</p>", + "locationName": "launchSpecification" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>The instance operating system.</p>", + "locationName": "platform" + } + } + }, + "ImportInstanceResult": { + "type": "structure", + "members": { + "ConversionTask": { + "shape": "ConversionTask", + "documentation": "<p>Information about the conversion task.</p>", + "locationName": "conversionTask" + } + } + }, + "ImportInstanceTaskDetails": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the task.</p>", + "locationName": "description" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>The instance operating system.</p>", + "locationName": "platform" + }, + "Volumes": { + "shape": "ImportInstanceVolumeDetailSet", + "documentation": "<p>The volumes.</p>", + "locationName": "volumes" + } + }, + "documentation": "<p>Describes an import instance task.</p>" + }, + "ImportInstanceVolumeDetailItem": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone where the resulting instance will reside.</p>", + "locationName": "availabilityZone" + }, + "BytesConverted": { + "shape": "Long", + "documentation": "<p>The number of bytes converted so far.</p>", + "locationName": "bytesConverted" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the task.</p>", + "locationName": "description" + }, + "Image": { + "shape": "DiskImageDescription", + "documentation": "<p>The image.</p>", + "locationName": "image" + }, + "Status": { + "shape": "String", + "documentation": "<p>The status of the import of this particular disk image.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>The status information or errors related to the disk image.</p>", + "locationName": "statusMessage" + }, + "Volume": { + "shape": "DiskImageVolumeDescription", + "documentation": "<p>The volume.</p>", + "locationName": "volume" + } + }, + "documentation": "<p>Describes an import volume task.</p>" + }, + "ImportInstanceVolumeDetailSet": { + "type": "list", + "member": { + "shape": "ImportInstanceVolumeDetailItem", + "locationName": "item" + } + }, + "ImportKeyPairRequest": { + "type": "structure", + "required": [ + "KeyName", + "PublicKeyMaterial" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>A unique name for the key pair.</p>", + "locationName": "keyName" + }, + "PublicKeyMaterial": { + "shape": "Blob", + "documentation": "<p>The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.</p>", + "locationName": "publicKeyMaterial" + } + } + }, + "ImportKeyPairResult": { + "type": "structure", + "members": { + "KeyFingerprint": { + "shape": "String", + "documentation": "<p>The MD5 public key fingerprint as specified in section 4 of RFC 4716.</p>", + "locationName": "keyFingerprint" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The key pair name you provided.</p>", + "locationName": "keyName" + } + } + }, + "ImportSnapshotRequest": { + "type": "structure", + "members": { + "ClientData": { + "shape": "ClientData", + "documentation": "<p>The client-specific data.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Token to enable idempotency for VM import requests.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description string for the import snapshot task.</p>" + }, + "DiskContainer": { + "shape": "SnapshotDiskContainer", + "documentation": "<p>Information about the disk container.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Specifies whether the destination snapshot of the imported image should be encrypted. The default CMK for EBS is used unless you specify a non-default AWS Key Management Service (AWS KMS) CMK using <code>KmsKeyId</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html\">Amazon EBS Encryption</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>An identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted snapshot. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. If a <code>KmsKeyId</code> is specified, the <code>Encrypted</code> flag must also be set. </p> <p>The CMK identifier may be provided in any of the following formats: </p> <ul> <li> <p>Key ID</p> </li> <li> <p>Key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> <li> <p>ARN using key ID. The ID ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>key</code> namespace, and then the CMK ID. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>ARN using key alias. The alias ARN contains the <code>arn:aws:kms</code> namespace, followed by the Region of the CMK, the AWS account ID of the CMK owner, the <code>alias</code> namespace, and then the CMK alias. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>. </p> </li> </ul> <p>AWS parses <code>KmsKeyId</code> asynchronously, meaning that the action you call may appear to complete even though you provided an invalid identifier. This action will eventually report failure. </p> <p>The specified CMK must exist in the Region that the snapshot is being copied to.</p>" + }, + "RoleName": { + "shape": "String", + "documentation": "<p>The name of the role to use when not using the default role, 'vmimport'.</p>" + } + } + }, + "ImportSnapshotResult": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the import snapshot task.</p>", + "locationName": "description" + }, + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the import snapshot task.</p>", + "locationName": "importTaskId" + }, + "SnapshotTaskDetail": { + "shape": "SnapshotTaskDetail", + "documentation": "<p>Information about the import snapshot task.</p>", + "locationName": "snapshotTaskDetail" + } + } + }, + "ImportSnapshotTask": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the import snapshot task.</p>", + "locationName": "description" + }, + "ImportTaskId": { + "shape": "String", + "documentation": "<p>The ID of the import snapshot task.</p>", + "locationName": "importTaskId" + }, + "SnapshotTaskDetail": { + "shape": "SnapshotTaskDetail", + "documentation": "<p>Describes an import snapshot task.</p>", + "locationName": "snapshotTaskDetail" + } + }, + "documentation": "<p>Describes an import snapshot task.</p>" + }, + "ImportSnapshotTaskList": { + "type": "list", + "member": { + "shape": "ImportSnapshotTask", + "locationName": "item" + } + }, + "ImportTaskIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ImportTaskId" + } + }, + "ImportVolumeRequest": { + "type": "structure", + "required": [ + "AvailabilityZone", + "Image", + "Volume" + ], + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the resulting EBS volume.</p>", + "locationName": "availabilityZone" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the volume.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Image": { + "shape": "DiskImageDetail", + "documentation": "<p>The disk image.</p>", + "locationName": "image" + }, + "Volume": { + "shape": "VolumeDetail", + "documentation": "<p>The volume size.</p>", + "locationName": "volume" + } + } + }, + "ImportVolumeResult": { + "type": "structure", + "members": { + "ConversionTask": { + "shape": "ConversionTask", + "documentation": "<p>Information about the conversion task.</p>", + "locationName": "conversionTask" + } + } + }, + "ImportVolumeTaskDetails": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone where the resulting volume will reside.</p>", + "locationName": "availabilityZone" + }, + "BytesConverted": { + "shape": "Long", + "documentation": "<p>The number of bytes converted so far.</p>", + "locationName": "bytesConverted" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description you provided when starting the import volume task.</p>", + "locationName": "description" + }, + "Image": { + "shape": "DiskImageDescription", + "documentation": "<p>The image.</p>", + "locationName": "image" + }, + "Volume": { + "shape": "DiskImageVolumeDescription", + "documentation": "<p>The volume.</p>", + "locationName": "volume" + } + }, + "documentation": "<p>Describes an import volume task.</p>" + }, + "Instance": { + "type": "structure", + "members": { + "AmiLaunchIndex": { + "shape": "Integer", + "documentation": "<p>The AMI launch index, which can be used to find this instance in the launch group.</p>", + "locationName": "amiLaunchIndex" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI used to launch the instance.</p>", + "locationName": "imageId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The kernel associated with this instance, if applicable.</p>", + "locationName": "kernelId" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair, if this instance was launched with an associated key pair.</p>", + "locationName": "keyName" + }, + "LaunchTime": { + "shape": "DateTime", + "documentation": "<p>The time the instance was launched.</p>", + "locationName": "launchTime" + }, + "Monitoring": { + "shape": "Monitoring", + "documentation": "<p>The monitoring for the instance.</p>", + "locationName": "monitoring" + }, + "Placement": { + "shape": "Placement", + "documentation": "<p>The location where the instance launched, if applicable.</p>", + "locationName": "placement" + }, + "Platform": { + "shape": "PlatformValues", + "documentation": "<p>The value is <code>Windows</code> for Windows instances; otherwise blank.</p>", + "locationName": "platform" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>(IPv4 only) The private DNS hostname name assigned to the instance. This DNS hostname can only be used inside the Amazon EC2 network. This name is not available until the instance enters the <code>running</code> state. </p> <p>[EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames if you've enabled DNS resolution and DNS hostnames in your VPC. If you are not using the Amazon-provided DNS server in your VPC, your custom domain name servers must resolve the hostname as appropriate.</p>", + "locationName": "privateDnsName" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IPv4 address assigned to the instance.</p>", + "locationName": "privateIpAddress" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>The product codes attached to this instance, if applicable.</p>", + "locationName": "productCodes" + }, + "PublicDnsName": { + "shape": "String", + "documentation": "<p>(IPv4 only) The public DNS name assigned to the instance. This name is not available until the instance enters the <code>running</code> state. For EC2-VPC, this name is only available if you've enabled DNS hostnames for your VPC.</p>", + "locationName": "dnsName" + }, + "PublicIpAddress": { + "shape": "String", + "documentation": "<p>The public IPv4 address assigned to the instance, if applicable.</p>", + "locationName": "ipAddress" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The RAM disk associated with this instance, if applicable.</p>", + "locationName": "ramdiskId" + }, + "State": { + "shape": "InstanceState", + "documentation": "<p>The current state of the instance.</p>", + "locationName": "instanceState" + }, + "StateTransitionReason": { + "shape": "String", + "documentation": "<p>The reason for the most recent state transition. This might be an empty string.</p>", + "locationName": "reason" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the subnet in which the instance is running.</p>", + "locationName": "subnetId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the VPC in which the instance is running.</p>", + "locationName": "vpcId" + }, + "Architecture": { + "shape": "ArchitectureValues", + "documentation": "<p>The architecture of the image.</p>", + "locationName": "architecture" + }, + "BlockDeviceMappings": { + "shape": "InstanceBlockDeviceMappingList", + "documentation": "<p>Any block device mapping entries for the instance.</p>", + "locationName": "blockDeviceMapping" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>The idempotency token you provided when you launched the instance, if applicable.</p>", + "locationName": "clientToken" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>", + "locationName": "ebsOptimized" + }, + "EnaSupport": { + "shape": "Boolean", + "documentation": "<p>Specifies whether enhanced networking with ENA is enabled.</p>", + "locationName": "enaSupport" + }, + "Hypervisor": { + "shape": "HypervisorType", + "documentation": "<p>The hypervisor type of the instance.</p>", + "locationName": "hypervisor" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfile", + "documentation": "<p>The IAM instance profile associated with the instance, if applicable.</p>", + "locationName": "iamInstanceProfile" + }, + "InstanceLifecycle": { + "shape": "InstanceLifecycleType", + "documentation": "<p>Indicates whether this is a Spot Instance or a Scheduled Instance.</p>", + "locationName": "instanceLifecycle" + }, + "ElasticGpuAssociations": { + "shape": "ElasticGpuAssociationList", + "documentation": "<p>The Elastic GPU associated with the instance.</p>", + "locationName": "elasticGpuAssociationSet" + }, + "ElasticInferenceAcceleratorAssociations": { + "shape": "ElasticInferenceAcceleratorAssociationList", + "documentation": "<p> The elastic inference accelerator associated with the instance. </p>", + "locationName": "elasticInferenceAcceleratorAssociationSet" + }, + "NetworkInterfaces": { + "shape": "InstanceNetworkInterfaceList", + "documentation": "<p>[EC2-VPC] The network interfaces for the instance.</p>", + "locationName": "networkInterfaceSet" + }, + "RootDeviceName": { + "shape": "String", + "documentation": "<p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>", + "locationName": "rootDeviceName" + }, + "RootDeviceType": { + "shape": "DeviceType", + "documentation": "<p>The root device type used by the AMI. The AMI can use an EBS volume or an instance store volume.</p>", + "locationName": "rootDeviceType" + }, + "SecurityGroups": { + "shape": "GroupIdentifierList", + "documentation": "<p>The security groups for the instance.</p>", + "locationName": "groupSet" + }, + "SourceDestCheck": { + "shape": "Boolean", + "documentation": "<p>Specifies whether to enable an instance launched in a VPC to perform NAT. This controls whether source/destination checking is enabled on the instance. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. The value must be <code>false</code> for the instance to perform NAT. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html\">NAT Instances</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>", + "locationName": "sourceDestCheck" + }, + "SpotInstanceRequestId": { + "shape": "String", + "documentation": "<p>If the request is a Spot Instance request, the ID of the request.</p>", + "locationName": "spotInstanceRequestId" + }, + "SriovNetSupport": { + "shape": "String", + "documentation": "<p>Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>", + "locationName": "sriovNetSupport" + }, + "StateReason": { + "shape": "StateReason", + "documentation": "<p>The reason for the most recent state transition.</p>", + "locationName": "stateReason" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the instance.</p>", + "locationName": "tagSet" + }, + "VirtualizationType": { + "shape": "VirtualizationType", + "documentation": "<p>The virtualization type of the instance.</p>", + "locationName": "virtualizationType" + }, + "CpuOptions": { + "shape": "CpuOptions", + "documentation": "<p>The CPU options for the instance.</p>", + "locationName": "cpuOptions" + }, + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation.</p>", + "locationName": "capacityReservationId" + }, + "CapacityReservationSpecification": { + "shape": "CapacityReservationSpecificationResponse", + "documentation": "<p>Information about the Capacity Reservation targeting option.</p>", + "locationName": "capacityReservationSpecification" + }, + "HibernationOptions": { + "shape": "HibernationOptions", + "documentation": "<p>Indicates whether the instance is enabled for hibernation.</p>", + "locationName": "hibernationOptions" + }, + "Licenses": { + "shape": "LicenseList", + "documentation": "<p>The license configurations.</p>", + "locationName": "licenseSet" + } + }, + "documentation": "<p>Describes an instance.</p>" + }, + "InstanceAttribute": { + "type": "structure", + "members": { + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>The security groups associated with the instance.</p>", + "locationName": "groupSet" + }, + "BlockDeviceMappings": { + "shape": "InstanceBlockDeviceMappingList", + "documentation": "<p>The block device mapping of the instance.</p>", + "locationName": "blockDeviceMapping" + }, + "DisableApiTermination": { + "shape": "AttributeBooleanValue", + "documentation": "<p>If the value is <code>true</code>, you can't terminate the instance through the Amazon EC2 console, CLI, or API; otherwise, you can.</p>", + "locationName": "disableApiTermination" + }, + "EnaSupport": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether enhanced networking with ENA is enabled.</p>", + "locationName": "enaSupport" + }, + "EbsOptimized": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether the instance is optimized for Amazon EBS I/O.</p>", + "locationName": "ebsOptimized" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "AttributeValue", + "documentation": "<p>Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p>", + "locationName": "instanceInitiatedShutdownBehavior" + }, + "InstanceType": { + "shape": "AttributeValue", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KernelId": { + "shape": "AttributeValue", + "documentation": "<p>The kernel ID.</p>", + "locationName": "kernel" + }, + "ProductCodes": { + "shape": "ProductCodeList", + "documentation": "<p>A list of product codes.</p>", + "locationName": "productCodes" + }, + "RamdiskId": { + "shape": "AttributeValue", + "documentation": "<p>The RAM disk ID.</p>", + "locationName": "ramdisk" + }, + "RootDeviceName": { + "shape": "AttributeValue", + "documentation": "<p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>", + "locationName": "rootDeviceName" + }, + "SourceDestCheck": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether source/destination checking is enabled. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. This value must be <code>false</code> for a NAT instance to perform NAT.</p>", + "locationName": "sourceDestCheck" + }, + "SriovNetSupport": { + "shape": "AttributeValue", + "documentation": "<p>Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.</p>", + "locationName": "sriovNetSupport" + }, + "UserData": { + "shape": "AttributeValue", + "documentation": "<p>The user data.</p>", + "locationName": "userData" + } + }, + "documentation": "<p>Describes an instance attribute.</p>" + }, + "InstanceAttributeName": { + "type": "string", + "enum": [ + "instanceType", + "kernel", + "ramdisk", + "userData", + "disableApiTermination", + "instanceInitiatedShutdownBehavior", + "rootDeviceName", + "blockDeviceMapping", + "productCodes", + "sourceDestCheck", + "groupSet", + "ebsOptimized", + "sriovNetSupport", + "enaSupport" + ] + }, + "InstanceBlockDeviceMapping": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>", + "locationName": "deviceName" + }, + "Ebs": { + "shape": "EbsInstanceBlockDevice", + "documentation": "<p>Parameters used to automatically set up EBS volumes when the instance is launched.</p>", + "locationName": "ebs" + } + }, + "documentation": "<p>Describes a block device mapping.</p>" + }, + "InstanceBlockDeviceMappingList": { + "type": "list", + "member": { + "shape": "InstanceBlockDeviceMapping", + "locationName": "item" + } + }, + "InstanceBlockDeviceMappingSpecification": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>", + "locationName": "deviceName" + }, + "Ebs": { + "shape": "EbsInstanceBlockDeviceSpecification", + "documentation": "<p>Parameters used to automatically set up EBS volumes when the instance is launched.</p>", + "locationName": "ebs" + }, + "NoDevice": { + "shape": "String", + "documentation": "<p>suppress the specified device included in the block device mapping.</p>", + "locationName": "noDevice" + }, + "VirtualName": { + "shape": "String", + "documentation": "<p>The virtual device name.</p>", + "locationName": "virtualName" + } + }, + "documentation": "<p>Describes a block device mapping entry.</p>" + }, + "InstanceBlockDeviceMappingSpecificationList": { + "type": "list", + "member": { + "shape": "InstanceBlockDeviceMappingSpecification", + "locationName": "item" + } + }, + "InstanceCapacity": { + "type": "structure", + "members": { + "AvailableCapacity": { + "shape": "Integer", + "documentation": "<p>The number of instances that can still be launched onto the Dedicated Host.</p>", + "locationName": "availableCapacity" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type size supported by the Dedicated Host.</p>", + "locationName": "instanceType" + }, + "TotalCapacity": { + "shape": "Integer", + "documentation": "<p>The total number of instances that can be launched onto the Dedicated Host.</p>", + "locationName": "totalCapacity" + } + }, + "documentation": "<p>Information about the instance type that the Dedicated Host supports.</p>" + }, + "InstanceCount": { + "type": "structure", + "members": { + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of listed Reserved Instances in the state specified by the <code>state</code>.</p>", + "locationName": "instanceCount" + }, + "State": { + "shape": "ListingState", + "documentation": "<p>The states of the listed Reserved Instances.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a Reserved Instance listing state.</p>" + }, + "InstanceCountList": { + "type": "list", + "member": { + "shape": "InstanceCount", + "locationName": "item" + } + }, + "InstanceCreditSpecification": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "CpuCredits": { + "shape": "String", + "documentation": "<p>The credit option for CPU usage of the instance. Valid values are <code>standard</code> and <code>unlimited</code>.</p>", + "locationName": "cpuCredits" + } + }, + "documentation": "<p>Describes the credit option for CPU usage of a T2 or T3 instance. </p>" + }, + "InstanceCreditSpecificationList": { + "type": "list", + "member": { + "shape": "InstanceCreditSpecification", + "locationName": "item" + } + }, + "InstanceCreditSpecificationListRequest": { + "type": "list", + "member": { + "shape": "InstanceCreditSpecificationRequest", + "locationName": "item" + } + }, + "InstanceCreditSpecificationRequest": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>" + }, + "CpuCredits": { + "shape": "String", + "documentation": "<p>The credit option for CPU usage of the instance. Valid values are <code>standard</code> and <code>unlimited</code>.</p>" + } + }, + "documentation": "<p>Describes the credit option for CPU usage of a T2 or T3 instance.</p>" + }, + "InstanceEventId": { + "type": "string" + }, + "InstanceExportDetails": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the resource being exported.</p>", + "locationName": "instanceId" + }, + "TargetEnvironment": { + "shape": "ExportEnvironment", + "documentation": "<p>The target virtualization environment.</p>", + "locationName": "targetEnvironment" + } + }, + "documentation": "<p>Describes an instance to export.</p>" + }, + "InstanceHealthStatus": { + "type": "string", + "enum": [ + "healthy", + "unhealthy" + ] + }, + "InstanceId": { + "type": "string" + }, + "InstanceIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "InstanceIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "InstanceId" + } + }, + "InstanceIdsSet": { + "type": "list", + "member": { + "shape": "InstanceId", + "locationName": "item" + } + }, + "InstanceInterruptionBehavior": { + "type": "string", + "enum": [ + "hibernate", + "stop", + "terminate" + ] + }, + "InstanceIpv6Address": { + "type": "structure", + "members": { + "Ipv6Address": { + "shape": "String", + "documentation": "<p>The IPv6 address.</p>", + "locationName": "ipv6Address" + } + }, + "documentation": "<p>Describes an IPv6 address.</p>" + }, + "InstanceIpv6AddressList": { + "type": "list", + "member": { + "shape": "InstanceIpv6Address", + "locationName": "item" + } + }, + "InstanceIpv6AddressListRequest": { + "type": "list", + "member": { + "shape": "InstanceIpv6AddressRequest", + "locationName": "InstanceIpv6Address" + } + }, + "InstanceIpv6AddressRequest": { + "type": "structure", + "members": { + "Ipv6Address": { + "shape": "String", + "documentation": "<p>The IPv6 address.</p>" + } + }, + "documentation": "<p>Describes an IPv6 address.</p>" + }, + "InstanceLifecycle": { + "type": "string", + "enum": [ + "spot", + "on-demand" + ] + }, + "InstanceLifecycleType": { + "type": "string", + "enum": [ + "spot", + "scheduled" + ] + }, + "InstanceList": { + "type": "list", + "member": { + "shape": "Instance", + "locationName": "item" + } + }, + "InstanceMarketOptionsRequest": { + "type": "structure", + "members": { + "MarketType": { + "shape": "MarketType", + "documentation": "<p>The market type.</p>" + }, + "SpotOptions": { + "shape": "SpotMarketOptions", + "documentation": "<p>The options for Spot Instances.</p>" + } + }, + "documentation": "<p>Describes the market (purchasing) option for the instances.</p>" + }, + "InstanceMatchCriteria": { + "type": "string", + "enum": [ + "open", + "targeted" + ] + }, + "InstanceMonitoring": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Monitoring": { + "shape": "Monitoring", + "documentation": "<p>The monitoring for the instance.</p>", + "locationName": "monitoring" + } + }, + "documentation": "<p>Describes the monitoring of an instance.</p>" + }, + "InstanceMonitoringList": { + "type": "list", + "member": { + "shape": "InstanceMonitoring", + "locationName": "item" + } + }, + "InstanceNetworkInterface": { + "type": "structure", + "members": { + "Association": { + "shape": "InstanceNetworkInterfaceAssociation", + "documentation": "<p>The association information for an Elastic IPv4 associated with the network interface.</p>", + "locationName": "association" + }, + "Attachment": { + "shape": "InstanceNetworkInterfaceAttachment", + "documentation": "<p>The network interface attachment.</p>", + "locationName": "attachment" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description.</p>", + "locationName": "description" + }, + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>One or more security groups.</p>", + "locationName": "groupSet" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressList", + "documentation": "<p>One or more IPv6 addresses associated with the network interface.</p>", + "locationName": "ipv6AddressesSet" + }, + "MacAddress": { + "shape": "String", + "documentation": "<p>The MAC address.</p>", + "locationName": "macAddress" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that created the network interface.</p>", + "locationName": "ownerId" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private DNS name.</p>", + "locationName": "privateDnsName" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The IPv4 address of the network interface within the subnet.</p>", + "locationName": "privateIpAddress" + }, + "PrivateIpAddresses": { + "shape": "InstancePrivateIpAddressList", + "documentation": "<p>One or more private IPv4 addresses associated with the network interface.</p>", + "locationName": "privateIpAddressesSet" + }, + "SourceDestCheck": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to validate network traffic to or from this network interface.</p>", + "locationName": "sourceDestCheck" + }, + "Status": { + "shape": "NetworkInterfaceStatus", + "documentation": "<p>The status of the network interface.</p>", + "locationName": "status" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "InterfaceType": { + "shape": "String", + "documentation": "<p>Describes the type of network interface.</p> <p>Valid values: <code>interface</code> | <code>efa</code> </p>", + "locationName": "interfaceType" + } + }, + "documentation": "<p>Describes a network interface.</p>" + }, + "InstanceNetworkInterfaceAssociation": { + "type": "structure", + "members": { + "IpOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the owner of the Elastic IP address.</p>", + "locationName": "ipOwnerId" + }, + "PublicDnsName": { + "shape": "String", + "documentation": "<p>The public DNS name.</p>", + "locationName": "publicDnsName" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The public IP address or Elastic IP address bound to the network interface.</p>", + "locationName": "publicIp" + } + }, + "documentation": "<p>Describes association information for an Elastic IP address (IPv4).</p>" + }, + "InstanceNetworkInterfaceAttachment": { + "type": "structure", + "members": { + "AttachTime": { + "shape": "DateTime", + "documentation": "<p>The time stamp when the attachment initiated.</p>", + "locationName": "attachTime" + }, + "AttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the network interface attachment.</p>", + "locationName": "attachmentId" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is deleted when the instance is terminated.</p>", + "locationName": "deleteOnTermination" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The index of the device on the instance for the network interface attachment.</p>", + "locationName": "deviceIndex" + }, + "Status": { + "shape": "AttachmentStatus", + "documentation": "<p>The attachment state.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes a network interface attachment.</p>" + }, + "InstanceNetworkInterfaceList": { + "type": "list", + "member": { + "shape": "InstanceNetworkInterface", + "locationName": "item" + } + }, + "InstanceNetworkInterfaceSpecification": { + "type": "structure", + "members": { + "AssociatePublicIpAddress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is <code>true</code>.</p>", + "locationName": "associatePublicIpAddress" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>If set to <code>true</code>, the interface is deleted when the instance is terminated. You can specify <code>true</code> only if creating a new network interface when launching an instance.</p>", + "locationName": "deleteOnTermination" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the network interface. Applies only if creating a network interface when launching an instance.</p>", + "locationName": "description" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The position of the network interface in the attachment order. A primary network interface has a device index of 0.</p> <p>If you specify a network interface when launching an instance, you must specify the device index.</p>", + "locationName": "deviceIndex" + }, + "Groups": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.</p>", + "locationName": "SecurityGroupId" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.</p>", + "locationName": "ipv6AddressCount" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressList", + "documentation": "<p>One or more IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.</p>", + "locationName": "ipv6AddressesSet", + "queryName": "Ipv6Addresses" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching more than one instance in a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html\">RunInstances</a> request.</p>", + "locationName": "privateIpAddress" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressSpecificationList", + "documentation": "<p>One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html\">RunInstances</a> request.</p>", + "locationName": "privateIpAddressesSet", + "queryName": "PrivateIpAddresses" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html\">RunInstances</a> request.</p>", + "locationName": "secondaryPrivateIpAddressCount" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet associated with the network string. Applies only if creating a network interface when launching an instance.</p>", + "locationName": "subnetId" + }, + "InterfaceType": { + "shape": "String", + "documentation": "<p>The type of network interface. To create an Elastic Fabric Adapter (EFA), specify <code>efa</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html\">Elastic Fabric Adapter</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>If you are not creating an EFA, specify <code>interface</code> or omit this parameter.</p> <p>Valid values: <code>interface</code> | <code>efa</code> </p>" + } + }, + "documentation": "<p>Describes a network interface.</p>" + }, + "InstanceNetworkInterfaceSpecificationList": { + "type": "list", + "member": { + "shape": "InstanceNetworkInterfaceSpecification", + "locationName": "item" + } + }, + "InstancePrivateIpAddress": { + "type": "structure", + "members": { + "Association": { + "shape": "InstanceNetworkInterfaceAssociation", + "documentation": "<p>The association information for an Elastic IP address for the network interface.</p>", + "locationName": "association" + }, + "Primary": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this IPv4 address is the primary private IP address of the network interface.</p>", + "locationName": "primary" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private IPv4 DNS name.</p>", + "locationName": "privateDnsName" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IPv4 address of the network interface.</p>", + "locationName": "privateIpAddress" + } + }, + "documentation": "<p>Describes a private IPv4 address.</p>" + }, + "InstancePrivateIpAddressList": { + "type": "list", + "member": { + "shape": "InstancePrivateIpAddress", + "locationName": "item" + } + }, + "InstanceSpecification": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The instance to specify which volumes should be snapshotted.</p>" + }, + "ExcludeBootVolume": { + "shape": "Boolean", + "documentation": "<p>Excludes the root volume from being snapshotted.</p>" + } + }, + "documentation": "<p>The instance details to specify which volumes should be snapshotted.</p>" + }, + "InstanceState": { + "type": "structure", + "members": { + "Code": { + "shape": "Integer", + "documentation": "<p>The state of the instance as a 16-bit unsigned integer. </p> <p>The high byte is all of the bits between 2^8 and (2^16)-1, which equals decimal values between 256 and 65,535. These numerical values are used for internal purposes and should be ignored.</p> <p>The low byte is all of the bits between 2^0 and (2^8)-1, which equals decimal values between 0 and 255. </p> <p>The valid values for instance-state-code will all be in the range of the low byte and they are:</p> <ul> <li> <p> <code>0</code> : <code>pending</code> </p> </li> <li> <p> <code>16</code> : <code>running</code> </p> </li> <li> <p> <code>32</code> : <code>shutting-down</code> </p> </li> <li> <p> <code>48</code> : <code>terminated</code> </p> </li> <li> <p> <code>64</code> : <code>stopping</code> </p> </li> <li> <p> <code>80</code> : <code>stopped</code> </p> </li> </ul> <p>You can ignore the high byte value by zeroing out all of the bits above 2^8 or 256 in decimal.</p>", + "locationName": "code" + }, + "Name": { + "shape": "InstanceStateName", + "documentation": "<p>The current state of the instance.</p>", + "locationName": "name" + } + }, + "documentation": "<p>Describes the current state of an instance.</p>" + }, + "InstanceStateChange": { + "type": "structure", + "members": { + "CurrentState": { + "shape": "InstanceState", + "documentation": "<p>The current state of the instance.</p>", + "locationName": "currentState" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "PreviousState": { + "shape": "InstanceState", + "documentation": "<p>The previous state of the instance.</p>", + "locationName": "previousState" + } + }, + "documentation": "<p>Describes an instance state change.</p>" + }, + "InstanceStateChangeList": { + "type": "list", + "member": { + "shape": "InstanceStateChange", + "locationName": "item" + } + }, + "InstanceStateName": { + "type": "string", + "enum": [ + "pending", + "running", + "shutting-down", + "terminated", + "stopping", + "stopped" + ] + }, + "InstanceStatus": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the instance.</p>", + "locationName": "availabilityZone" + }, + "Events": { + "shape": "InstanceStatusEventList", + "documentation": "<p>Any scheduled events associated with the instance.</p>", + "locationName": "eventsSet" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceState": { + "shape": "InstanceState", + "documentation": "<p>The intended state of the instance. <a>DescribeInstanceStatus</a> requires that an instance be in the <code>running</code> state.</p>", + "locationName": "instanceState" + }, + "InstanceStatus": { + "shape": "InstanceStatusSummary", + "documentation": "<p>Reports impaired functionality that stems from issues internal to the instance, such as impaired reachability.</p>", + "locationName": "instanceStatus" + }, + "SystemStatus": { + "shape": "InstanceStatusSummary", + "documentation": "<p>Reports impaired functionality that stems from issues related to the systems that support an instance, such as hardware failures and network connectivity problems.</p>", + "locationName": "systemStatus" + } + }, + "documentation": "<p>Describes the status of an instance.</p>" + }, + "InstanceStatusDetails": { + "type": "structure", + "members": { + "ImpairedSince": { + "shape": "DateTime", + "documentation": "<p>The time when a status check failed. For an instance that was launched and impaired, this is the time when the instance was launched.</p>", + "locationName": "impairedSince" + }, + "Name": { + "shape": "StatusName", + "documentation": "<p>The type of instance status.</p>", + "locationName": "name" + }, + "Status": { + "shape": "StatusType", + "documentation": "<p>The status.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes the instance status.</p>" + }, + "InstanceStatusDetailsList": { + "type": "list", + "member": { + "shape": "InstanceStatusDetails", + "locationName": "item" + } + }, + "InstanceStatusEvent": { + "type": "structure", + "members": { + "InstanceEventId": { + "shape": "InstanceEventId", + "documentation": "<p>The ID of the event.</p>", + "locationName": "instanceEventId" + }, + "Code": { + "shape": "EventCode", + "documentation": "<p>The event code.</p>", + "locationName": "code" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the event.</p> <p>After a scheduled event is completed, it can still be described for up to a week. If the event has been completed, this description starts with the following text: [Completed].</p>", + "locationName": "description" + }, + "NotAfter": { + "shape": "DateTime", + "documentation": "<p>The latest scheduled end time for the event.</p>", + "locationName": "notAfter" + }, + "NotBefore": { + "shape": "DateTime", + "documentation": "<p>The earliest scheduled start time for the event.</p>", + "locationName": "notBefore" + }, + "NotBeforeDeadline": { + "shape": "DateTime", + "documentation": "<p>The deadline for starting the event.</p>", + "locationName": "notBeforeDeadline" + } + }, + "documentation": "<p>Describes a scheduled event for an instance.</p>" + }, + "InstanceStatusEventList": { + "type": "list", + "member": { + "shape": "InstanceStatusEvent", + "locationName": "item" + } + }, + "InstanceStatusList": { + "type": "list", + "member": { + "shape": "InstanceStatus", + "locationName": "item" + } + }, + "InstanceStatusSummary": { + "type": "structure", + "members": { + "Details": { + "shape": "InstanceStatusDetailsList", + "documentation": "<p>The system instance health or application instance health.</p>", + "locationName": "details" + }, + "Status": { + "shape": "SummaryStatus", + "documentation": "<p>The status.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes the status of an instance.</p>" + }, + "InstanceType": { + "type": "string", + "enum": [ + "t1.micro", + "t2.nano", + "t2.micro", + "t2.small", + "t2.medium", + "t2.large", + "t2.xlarge", + "t2.2xlarge", + "t3.nano", + "t3.micro", + "t3.small", + "t3.medium", + "t3.large", + "t3.xlarge", + "t3.2xlarge", + "t3a.nano", + "t3a.micro", + "t3a.small", + "t3a.medium", + "t3a.large", + "t3a.xlarge", + "t3a.2xlarge", + "m1.small", + "m1.medium", + "m1.large", + "m1.xlarge", + "m3.medium", + "m3.large", + "m3.xlarge", + "m3.2xlarge", + "m4.large", + "m4.xlarge", + "m4.2xlarge", + "m4.4xlarge", + "m4.10xlarge", + "m4.16xlarge", + "m2.xlarge", + "m2.2xlarge", + "m2.4xlarge", + "cr1.8xlarge", + "r3.large", + "r3.xlarge", + "r3.2xlarge", + "r3.4xlarge", + "r3.8xlarge", + "r4.large", + "r4.xlarge", + "r4.2xlarge", + "r4.4xlarge", + "r4.8xlarge", + "r4.16xlarge", + "r5.large", + "r5.xlarge", + "r5.2xlarge", + "r5.4xlarge", + "r5.12xlarge", + "r5.24xlarge", + "r5.metal", + "r5a.large", + "r5a.xlarge", + "r5a.2xlarge", + "r5a.4xlarge", + "r5a.12xlarge", + "r5a.24xlarge", + "r5d.large", + "r5d.xlarge", + "r5d.2xlarge", + "r5d.4xlarge", + "r5d.12xlarge", + "r5d.24xlarge", + "r5d.metal", + "r5ad.large", + "r5ad.xlarge", + "r5ad.2xlarge", + "r5ad.4xlarge", + "r5ad.8xlarge", + "r5ad.12xlarge", + "r5ad.16xlarge", + "r5ad.24xlarge", + "x1.16xlarge", + "x1.32xlarge", + "x1e.xlarge", + "x1e.2xlarge", + "x1e.4xlarge", + "x1e.8xlarge", + "x1e.16xlarge", + "x1e.32xlarge", + "i2.xlarge", + "i2.2xlarge", + "i2.4xlarge", + "i2.8xlarge", + "i3.large", + "i3.xlarge", + "i3.2xlarge", + "i3.4xlarge", + "i3.8xlarge", + "i3.16xlarge", + "i3.metal", + "i3en.large", + "i3en.xlarge", + "i3en.2xlarge", + "i3en.3xlarge", + "i3en.6xlarge", + "i3en.12xlarge", + "i3en.24xlarge", + "hi1.4xlarge", + "hs1.8xlarge", + "c1.medium", + "c1.xlarge", + "c3.large", + "c3.xlarge", + "c3.2xlarge", + "c3.4xlarge", + "c3.8xlarge", + "c4.large", + "c4.xlarge", + "c4.2xlarge", + "c4.4xlarge", + "c4.8xlarge", + "c5.large", + "c5.xlarge", + "c5.2xlarge", + "c5.4xlarge", + "c5.9xlarge", + "c5.12xlarge", + "c5.18xlarge", + "c5.24xlarge", + "c5d.large", + "c5d.xlarge", + "c5d.2xlarge", + "c5d.4xlarge", + "c5d.9xlarge", + "c5d.18xlarge", + "c5n.large", + "c5n.xlarge", + "c5n.2xlarge", + "c5n.4xlarge", + "c5n.9xlarge", + "c5n.18xlarge", + "cc1.4xlarge", + "cc2.8xlarge", + "g2.2xlarge", + "g2.8xlarge", + "g3.4xlarge", + "g3.8xlarge", + "g3.16xlarge", + "g3s.xlarge", + "cg1.4xlarge", + "p2.xlarge", + "p2.8xlarge", + "p2.16xlarge", + "p3.2xlarge", + "p3.8xlarge", + "p3.16xlarge", + "p3dn.24xlarge", + "d2.xlarge", + "d2.2xlarge", + "d2.4xlarge", + "d2.8xlarge", + "f1.2xlarge", + "f1.4xlarge", + "f1.16xlarge", + "m5.large", + "m5.xlarge", + "m5.2xlarge", + "m5.4xlarge", + "m5.12xlarge", + "m5.24xlarge", + "m5.metal", + "m5a.large", + "m5a.xlarge", + "m5a.2xlarge", + "m5a.4xlarge", + "m5a.12xlarge", + "m5a.24xlarge", + "m5d.large", + "m5d.xlarge", + "m5d.2xlarge", + "m5d.4xlarge", + "m5d.12xlarge", + "m5d.24xlarge", + "m5d.metal", + "m5ad.large", + "m5ad.xlarge", + "m5ad.2xlarge", + "m5ad.4xlarge", + "m5ad.8xlarge", + "m5ad.12xlarge", + "m5ad.16xlarge", + "m5ad.24xlarge", + "h1.2xlarge", + "h1.4xlarge", + "h1.8xlarge", + "h1.16xlarge", + "z1d.large", + "z1d.xlarge", + "z1d.2xlarge", + "z1d.3xlarge", + "z1d.6xlarge", + "z1d.12xlarge", + "z1d.metal", + "u-6tb1.metal", + "u-9tb1.metal", + "u-12tb1.metal", + "a1.medium", + "a1.large", + "a1.xlarge", + "a1.2xlarge", + "a1.4xlarge" + ] + }, + "InstanceTypeList": { + "type": "list", + "member": { + "shape": "InstanceType" + } + }, + "Integer": { + "type": "integer" + }, + "InterfacePermissionType": { + "type": "string", + "enum": [ + "INSTANCE-ATTACH", + "EIP-ASSOCIATE" + ] + }, + "InternetGateway": { + "type": "structure", + "members": { + "Attachments": { + "shape": "InternetGatewayAttachmentList", + "documentation": "<p>Any VPCs attached to the internet gateway.</p>", + "locationName": "attachmentSet" + }, + "InternetGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the internet gateway.</p>", + "locationName": "internetGatewayId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the internet gateway.</p>", + "locationName": "ownerId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the internet gateway.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes an internet gateway.</p>" + }, + "InternetGatewayAttachment": { + "type": "structure", + "members": { + "State": { + "shape": "AttachmentStatus", + "documentation": "<p>The current state of the attachment. For an internet gateway, the state is <code>available</code> when attached to a VPC; otherwise, this value is not returned.</p>", + "locationName": "state" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes the attachment of a VPC to an internet gateway or an egress-only internet gateway.</p>" + }, + "InternetGatewayAttachmentList": { + "type": "list", + "member": { + "shape": "InternetGatewayAttachment", + "locationName": "item" + } + }, + "InternetGatewayList": { + "type": "list", + "member": { + "shape": "InternetGateway", + "locationName": "item" + } + }, + "IpPermission": { + "type": "structure", + "members": { + "FromPort": { + "shape": "Integer", + "documentation": "<p>The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of <code>-1</code> indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.</p>", + "locationName": "fromPort" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>, <code>icmpv6</code>) or number (see <a href=\"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\">Protocol Numbers</a>).</p> <p>[VPC only] Use <code>-1</code> to specify all protocols. When authorizing security group rules, specifying <code>-1</code> or a protocol number other than <code>tcp</code>, <code>udp</code>, <code>icmp</code>, or <code>icmpv6</code> allows traffic on all ports, regardless of any port range you specify. For <code>tcp</code>, <code>udp</code>, and <code>icmp</code>, you must specify a port range. For <code>icmpv6</code>, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.</p>", + "locationName": "ipProtocol" + }, + "IpRanges": { + "shape": "IpRangeList", + "documentation": "<p>The IPv4 ranges.</p>", + "locationName": "ipRanges" + }, + "Ipv6Ranges": { + "shape": "Ipv6RangeList", + "documentation": "<p>[VPC only] The IPv6 ranges.</p>", + "locationName": "ipv6Ranges" + }, + "PrefixListIds": { + "shape": "PrefixListIdList", + "documentation": "<p>[VPC only] The prefix list IDs for an AWS service. With outbound rules, this is the AWS service to access through a VPC endpoint from instances associated with the security group.</p>", + "locationName": "prefixListIds" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of <code>-1</code> indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.</p>", + "locationName": "toPort" + }, + "UserIdGroupPairs": { + "shape": "UserIdGroupPairList", + "documentation": "<p>The security group and AWS account ID pairs.</p>", + "locationName": "groups" + } + }, + "documentation": "<p>Describes a set of permissions for a security group rule.</p>" + }, + "IpPermissionList": { + "type": "list", + "member": { + "shape": "IpPermission", + "locationName": "item" + } + }, + "IpRange": { + "type": "structure", + "members": { + "CidrIp": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.</p>", + "locationName": "cidrIp" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the security group rule that references this IPv4 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>", + "locationName": "description" + } + }, + "documentation": "<p>Describes an IPv4 range.</p>" + }, + "IpRangeList": { + "type": "list", + "member": { + "shape": "IpRange", + "locationName": "item" + } + }, + "IpRanges": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "Ipv6Address": { + "type": "string" + }, + "Ipv6AddressList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "Ipv6CidrBlock": { + "type": "structure", + "members": { + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block.</p>", + "locationName": "ipv6CidrBlock" + } + }, + "documentation": "<p>Describes an IPv6 CIDR block.</p>" + }, + "Ipv6CidrBlockSet": { + "type": "list", + "member": { + "shape": "Ipv6CidrBlock", + "locationName": "item" + } + }, + "Ipv6Range": { + "type": "structure", + "members": { + "CidrIpv6": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.</p>", + "locationName": "cidrIpv6" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the security group rule that references this IPv6 address range.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>", + "locationName": "description" + } + }, + "documentation": "<p>[EC2-VPC only] Describes an IPv6 range.</p>" + }, + "Ipv6RangeList": { + "type": "list", + "member": { + "shape": "Ipv6Range", + "locationName": "item" + } + }, + "Ipv6SupportValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "KeyNameStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "KeyName" + } + }, + "KeyPair": { + "type": "structure", + "members": { + "KeyFingerprint": { + "shape": "String", + "documentation": "<p>The SHA-1 digest of the DER encoded private key.</p>", + "locationName": "keyFingerprint" + }, + "KeyMaterial": { + "shape": "String", + "documentation": "<p>An unencrypted PEM encoded RSA private key.</p>", + "locationName": "keyMaterial" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + } + }, + "documentation": "<p>Describes a key pair.</p>" + }, + "KeyPairInfo": { + "type": "structure", + "members": { + "KeyFingerprint": { + "shape": "String", + "documentation": "<p>If you used <a>CreateKeyPair</a> to create the key pair, this is the SHA-1 digest of the DER encoded private key. If you used <a>ImportKeyPair</a> to provide AWS the public key, this is the MD5 public key fingerprint as specified in section 4 of RFC4716.</p>", + "locationName": "keyFingerprint" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + } + }, + "documentation": "<p>Describes a key pair.</p>" + }, + "KeyPairList": { + "type": "list", + "member": { + "shape": "KeyPairInfo", + "locationName": "item" + } + }, + "LaunchPermission": { + "type": "structure", + "members": { + "Group": { + "shape": "PermissionGroup", + "documentation": "<p>The name of the group.</p>", + "locationName": "group" + }, + "UserId": { + "shape": "String", + "documentation": "<p>The AWS account ID.</p>", + "locationName": "userId" + } + }, + "documentation": "<p>Describes a launch permission.</p>" + }, + "LaunchPermissionList": { + "type": "list", + "member": { + "shape": "LaunchPermission", + "locationName": "item" + } + }, + "LaunchPermissionModifications": { + "type": "structure", + "members": { + "Add": { + "shape": "LaunchPermissionList", + "documentation": "<p>The AWS account ID to add to the list of launch permissions for the AMI.</p>" + }, + "Remove": { + "shape": "LaunchPermissionList", + "documentation": "<p>The AWS account ID to remove from the list of launch permissions for the AMI.</p>" + } + }, + "documentation": "<p>Describes a launch permission modification.</p>" + }, + "LaunchSpecification": { + "type": "structure", + "members": { + "UserData": { + "shape": "String", + "documentation": "<p>The Base64-encoded user data for the instance.</p>", + "locationName": "userData" + }, + "SecurityGroups": { + "shape": "GroupIdentifierList", + "documentation": "<p>One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.</p>", + "locationName": "groupSet" + }, + "AddressingType": { + "shape": "String", + "documentation": "<p>Deprecated.</p>", + "locationName": "addressingType" + }, + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingList", + "documentation": "<p>One or more block device mapping entries.</p>", + "locationName": "blockDeviceMapping" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "ebsOptimized" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>", + "locationName": "imageId" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p>", + "locationName": "kernelId" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + }, + "NetworkInterfaces": { + "shape": "InstanceNetworkInterfaceSpecificationList", + "documentation": "<p>One or more network interfaces. If you specify a network interface, you must specify subnet IDs and security group IDs using the network interface.</p>", + "locationName": "networkInterfaceSet" + }, + "Placement": { + "shape": "SpotPlacement", + "documentation": "<p>The placement information for the instance.</p>", + "locationName": "placement" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk.</p>", + "locationName": "ramdiskId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instance.</p>", + "locationName": "subnetId" + }, + "Monitoring": { + "shape": "RunInstancesMonitoringEnabled", + "locationName": "monitoring" + } + }, + "documentation": "<p>Describes the launch specification for an instance.</p>" + }, + "LaunchSpecsList": { + "type": "list", + "member": { + "shape": "SpotFleetLaunchSpecification", + "locationName": "item" + } + }, + "LaunchTemplate": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>", + "locationName": "launchTemplateId" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template.</p>", + "locationName": "launchTemplateName" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The time launch template was created.</p>", + "locationName": "createTime" + }, + "CreatedBy": { + "shape": "String", + "documentation": "<p>The principal that created the launch template. </p>", + "locationName": "createdBy" + }, + "DefaultVersionNumber": { + "shape": "Long", + "documentation": "<p>The version number of the default version of the launch template.</p>", + "locationName": "defaultVersionNumber" + }, + "LatestVersionNumber": { + "shape": "Long", + "documentation": "<p>The version number of the latest version of the launch template.</p>", + "locationName": "latestVersionNumber" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the launch template.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a launch template.</p>" + }, + "LaunchTemplateAndOverridesResponse": { + "type": "structure", + "members": { + "LaunchTemplateSpecification": { + "shape": "FleetLaunchTemplateSpecification", + "documentation": "<p>The launch template.</p>", + "locationName": "launchTemplateSpecification" + }, + "Overrides": { + "shape": "FleetLaunchTemplateOverrides", + "documentation": "<p>Any parameters that you specify override the same parameters in the launch template.</p>", + "locationName": "overrides" + } + }, + "documentation": "<p>Describes a launch template and overrides.</p>" + }, + "LaunchTemplateBlockDeviceMapping": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name.</p>", + "locationName": "deviceName" + }, + "VirtualName": { + "shape": "String", + "documentation": "<p>The virtual device name (ephemeralN).</p>", + "locationName": "virtualName" + }, + "Ebs": { + "shape": "LaunchTemplateEbsBlockDevice", + "documentation": "<p>Information about the block device for an EBS volume.</p>", + "locationName": "ebs" + }, + "NoDevice": { + "shape": "String", + "documentation": "<p>Suppresses the specified device included in the block device mapping of the AMI.</p>", + "locationName": "noDevice" + } + }, + "documentation": "<p>Describes a block device mapping.</p>" + }, + "LaunchTemplateBlockDeviceMappingList": { + "type": "list", + "member": { + "shape": "LaunchTemplateBlockDeviceMapping", + "locationName": "item" + } + }, + "LaunchTemplateBlockDeviceMappingRequest": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name (for example, /dev/sdh or xvdh).</p>" + }, + "VirtualName": { + "shape": "String", + "documentation": "<p>The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.</p>" + }, + "Ebs": { + "shape": "LaunchTemplateEbsBlockDeviceRequest", + "documentation": "<p>Parameters used to automatically set up EBS volumes when the instance is launched.</p>" + }, + "NoDevice": { + "shape": "String", + "documentation": "<p>Suppresses the specified device included in the block device mapping of the AMI.</p>" + } + }, + "documentation": "<p>Describes a block device mapping.</p>" + }, + "LaunchTemplateBlockDeviceMappingRequestList": { + "type": "list", + "member": { + "shape": "LaunchTemplateBlockDeviceMappingRequest", + "locationName": "BlockDeviceMapping" + } + }, + "LaunchTemplateCapacityReservationSpecificationRequest": { + "type": "structure", + "members": { + "CapacityReservationPreference": { + "shape": "CapacityReservationPreference", + "documentation": "<p>Indicates the instance's Capacity Reservation preferences. Possible preferences include:</p> <ul> <li> <p> <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p> </li> <li> <p> <code>none</code> - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.</p> </li> </ul>" + }, + "CapacityReservationTarget": { + "shape": "CapacityReservationTarget", + "documentation": "<p>Information about the target Capacity Reservation.</p>" + } + }, + "documentation": "<p>Describes an instance's Capacity Reservation targeting option. You can specify only one option at a time. Use the <code>CapacityReservationPreference</code> parameter to configure the instance to run in On-Demand capacity or to run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone). Use the <code>CapacityReservationTarget</code> parameter to explicitly target a specific Capacity Reservation.</p>" + }, + "LaunchTemplateCapacityReservationSpecificationResponse": { + "type": "structure", + "members": { + "CapacityReservationPreference": { + "shape": "CapacityReservationPreference", + "documentation": "<p>Indicates the instance's Capacity Reservation preferences. Possible preferences include:</p> <ul> <li> <p> <code>open</code> - The instance can run in any <code>open</code> Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p> </li> <li> <p> <code>none</code> - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.</p> </li> </ul>", + "locationName": "capacityReservationPreference" + }, + "CapacityReservationTarget": { + "shape": "CapacityReservationTargetResponse", + "documentation": "<p>Information about the target Capacity Reservation.</p>", + "locationName": "capacityReservationTarget" + } + }, + "documentation": "<p>Information about the Capacity Reservation targeting option.</p>" + }, + "LaunchTemplateConfig": { + "type": "structure", + "members": { + "LaunchTemplateSpecification": { + "shape": "FleetLaunchTemplateSpecification", + "documentation": "<p>The launch template.</p>", + "locationName": "launchTemplateSpecification" + }, + "Overrides": { + "shape": "LaunchTemplateOverridesList", + "documentation": "<p>Any parameters that you specify override the same parameters in the launch template.</p>", + "locationName": "overrides" + } + }, + "documentation": "<p>Describes a launch template and overrides.</p>" + }, + "LaunchTemplateConfigList": { + "type": "list", + "member": { + "shape": "LaunchTemplateConfig", + "locationName": "item" + } + }, + "LaunchTemplateCpuOptions": { + "type": "structure", + "members": { + "CoreCount": { + "shape": "Integer", + "documentation": "<p>The number of CPU cores for the instance.</p>", + "locationName": "coreCount" + }, + "ThreadsPerCore": { + "shape": "Integer", + "documentation": "<p>The number of threads per CPU core.</p>", + "locationName": "threadsPerCore" + } + }, + "documentation": "<p>The CPU options for the instance.</p>" + }, + "LaunchTemplateCpuOptionsRequest": { + "type": "structure", + "members": { + "CoreCount": { + "shape": "Integer", + "documentation": "<p>The number of CPU cores for the instance.</p>" + }, + "ThreadsPerCore": { + "shape": "Integer", + "documentation": "<p>The number of threads per CPU core. To disable Intel Hyper-Threading Technology for the instance, specify a value of 1. Otherwise, specify the default value of 2.</p>" + } + }, + "documentation": "<p>The CPU options for the instance. Both the core count and threads per core must be specified in the request.</p>" + }, + "LaunchTemplateEbsBlockDevice": { + "type": "structure", + "members": { + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is encrypted.</p>", + "locationName": "encrypted" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination.</p>", + "locationName": "deleteOnTermination" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. </p>", + "locationName": "iops" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.</p>", + "locationName": "kmsKeyId" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>", + "locationName": "snapshotId" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiB.</p>", + "locationName": "volumeSize" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The volume type.</p>", + "locationName": "volumeType" + } + }, + "documentation": "<p>Describes a block device for an EBS volume.</p>" + }, + "LaunchTemplateEbsBlockDeviceRequest": { + "type": "structure", + "members": { + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.</p>" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination.</p>" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For io1, this represents the number of IOPS that are provisioned for the volume. For gp2, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2, st1, sc1, or standard volumes.</p>" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.</p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiB.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p>" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The volume type.</p>" + } + }, + "documentation": "<p>The parameters for a block device for an EBS volume.</p>" + }, + "LaunchTemplateElasticInferenceAccelerator": { + "type": "structure", + "required": [ + "Type" + ], + "members": { + "Type": { + "shape": "String", + "documentation": "<p> The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge. </p>" + } + }, + "documentation": "<p> Describes an elastic inference accelerator. </p>" + }, + "LaunchTemplateElasticInferenceAcceleratorList": { + "type": "list", + "member": { + "shape": "LaunchTemplateElasticInferenceAccelerator", + "locationName": "item" + } + }, + "LaunchTemplateElasticInferenceAcceleratorResponse": { + "type": "structure", + "members": { + "Type": { + "shape": "String", + "documentation": "<p> The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge. </p>", + "locationName": "type" + } + }, + "documentation": "<p> Describes an elastic inference accelerator. </p>" + }, + "LaunchTemplateElasticInferenceAcceleratorResponseList": { + "type": "list", + "member": { + "shape": "LaunchTemplateElasticInferenceAcceleratorResponse", + "locationName": "item" + } + }, + "LaunchTemplateErrorCode": { + "type": "string", + "enum": [ + "launchTemplateIdDoesNotExist", + "launchTemplateIdMalformed", + "launchTemplateNameDoesNotExist", + "launchTemplateNameMalformed", + "launchTemplateVersionDoesNotExist", + "unexpectedError" + ] + }, + "LaunchTemplateHibernationOptions": { + "type": "structure", + "members": { + "Configured": { + "shape": "Boolean", + "documentation": "<p>If this parameter is set to <code>true</code>, the instance is enabled for hibernation; otherwise, it is not enabled for hibernation.</p>", + "locationName": "configured" + } + }, + "documentation": "<p>Indicates whether an instance is configured for hibernation.</p>" + }, + "LaunchTemplateHibernationOptionsRequest": { + "type": "structure", + "members": { + "Configured": { + "shape": "Boolean", + "documentation": "<p>If you set this parameter to <code>true</code>, the instance is enabled for hibernation.</p> <p>Default: <code>false</code> </p>" + } + }, + "documentation": "<p>Indicates whether the instance is configured for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux.</p>" + }, + "LaunchTemplateIamInstanceProfileSpecification": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the instance profile.</p>", + "locationName": "arn" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the instance profile.</p>", + "locationName": "name" + } + }, + "documentation": "<p>Describes an IAM instance profile.</p>" + }, + "LaunchTemplateIamInstanceProfileSpecificationRequest": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the instance profile.</p>" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name of the instance profile.</p>" + } + }, + "documentation": "<p>An IAM instance profile.</p>" + }, + "LaunchTemplateInstanceMarketOptions": { + "type": "structure", + "members": { + "MarketType": { + "shape": "MarketType", + "documentation": "<p>The market type.</p>", + "locationName": "marketType" + }, + "SpotOptions": { + "shape": "LaunchTemplateSpotMarketOptions", + "documentation": "<p>The options for Spot Instances.</p>", + "locationName": "spotOptions" + } + }, + "documentation": "<p>The market (purchasing) option for the instances.</p>" + }, + "LaunchTemplateInstanceMarketOptionsRequest": { + "type": "structure", + "members": { + "MarketType": { + "shape": "MarketType", + "documentation": "<p>The market type.</p>" + }, + "SpotOptions": { + "shape": "LaunchTemplateSpotMarketOptionsRequest", + "documentation": "<p>The options for Spot Instances.</p>" + } + }, + "documentation": "<p>The market (purchasing) option for the instances.</p>" + }, + "LaunchTemplateInstanceNetworkInterfaceSpecification": { + "type": "structure", + "members": { + "AssociatePublicIpAddress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to associate a public IPv4 address with eth0 for a new network interface.</p>", + "locationName": "associatePublicIpAddress" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is deleted when the instance is terminated.</p>", + "locationName": "deleteOnTermination" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the network interface.</p>", + "locationName": "description" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The device index for the network interface attachment.</p>", + "locationName": "deviceIndex" + }, + "Groups": { + "shape": "GroupIdStringList", + "documentation": "<p>The IDs of one or more security groups.</p>", + "locationName": "groupSet" + }, + "InterfaceType": { + "shape": "String", + "documentation": "<p>The type of network interface.</p>", + "locationName": "interfaceType" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of IPv6 addresses for the network interface.</p>", + "locationName": "ipv6AddressCount" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressList", + "documentation": "<p>The IPv6 addresses for the network interface.</p>", + "locationName": "ipv6AddressesSet" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The primary private IPv4 address of the network interface.</p>", + "locationName": "privateIpAddress" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressSpecificationList", + "documentation": "<p>One or more private IPv4 addresses.</p>", + "locationName": "privateIpAddressesSet" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary private IPv4 addresses for the network interface.</p>", + "locationName": "secondaryPrivateIpAddressCount" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet for the network interface.</p>", + "locationName": "subnetId" + } + }, + "documentation": "<p>Describes a network interface.</p>" + }, + "LaunchTemplateInstanceNetworkInterfaceSpecificationList": { + "type": "list", + "member": { + "shape": "LaunchTemplateInstanceNetworkInterfaceSpecification", + "locationName": "item" + } + }, + "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest": { + "type": "structure", + "members": { + "AssociatePublicIpAddress": { + "shape": "Boolean", + "documentation": "<p>Associates a public IPv4 address with eth0 for a new network interface.</p>" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is deleted when the instance is terminated.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the network interface.</p>" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The device index for the network interface attachment.</p>" + }, + "Groups": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>The IDs of one or more security groups.</p>", + "locationName": "SecurityGroupId" + }, + "InterfaceType": { + "shape": "String", + "documentation": "<p>The type of network interface. To create an Elastic Fabric Adapter (EFA), specify <code>efa</code>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html\">Elastic Fabric Adapter</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>If you are not creating an EFA, specify <code>interface</code> or omit this parameter.</p> <p>Valid values: <code>interface</code> | <code>efa</code> </p>" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.</p>" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressListRequest", + "documentation": "<p>One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.</p>" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The primary private IPv4 address of the network interface.</p>" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressSpecificationList", + "documentation": "<p>One or more private IPv4 addresses.</p>" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary private IPv4 addresses to assign to a network interface.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet for the network interface.</p>" + } + }, + "documentation": "<p>The parameters for a network interface.</p>" + }, + "LaunchTemplateInstanceNetworkInterfaceSpecificationRequestList": { + "type": "list", + "member": { + "shape": "LaunchTemplateInstanceNetworkInterfaceSpecificationRequest", + "locationName": "InstanceNetworkInterfaceSpecification" + } + }, + "LaunchTemplateLicenseConfiguration": { + "type": "structure", + "members": { + "LicenseConfigurationArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the license configuration.</p>", + "locationName": "licenseConfigurationArn" + } + }, + "documentation": "<p>Describes a license configuration.</p>" + }, + "LaunchTemplateLicenseConfigurationRequest": { + "type": "structure", + "members": { + "LicenseConfigurationArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the license configuration.</p>" + } + }, + "documentation": "<p>Describes a license configuration.</p>" + }, + "LaunchTemplateLicenseList": { + "type": "list", + "member": { + "shape": "LaunchTemplateLicenseConfiguration", + "locationName": "item" + } + }, + "LaunchTemplateLicenseSpecificationListRequest": { + "type": "list", + "member": { + "shape": "LaunchTemplateLicenseConfigurationRequest", + "locationName": "item" + } + }, + "LaunchTemplateName": { + "type": "string", + "max": 128, + "min": 3, + "pattern": "[a-zA-Z0-9\\(\\)\\.\\-/_]+" + }, + "LaunchTemplateNameStringList": { + "type": "list", + "member": { + "shape": "LaunchTemplateName", + "locationName": "item" + } + }, + "LaunchTemplateOverrides": { + "type": "structure", + "members": { + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance.</p>", + "locationName": "spotPrice" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instances.</p>", + "locationName": "subnetId" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which to launch the instances.</p>", + "locationName": "availabilityZone" + }, + "WeightedCapacity": { + "shape": "Double", + "documentation": "<p>The number of units provided by the specified instance type.</p>", + "locationName": "weightedCapacity" + }, + "Priority": { + "shape": "Double", + "documentation": "<p>The priority for the launch template override. If <b>OnDemandAllocationStrategy</b> is set to <code>prioritized</code>, Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. The highest priority is launched first. Valid values are whole numbers starting at <code>0</code>. The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority.</p>", + "locationName": "priority" + } + }, + "documentation": "<p>Describes overrides for a launch template.</p>" + }, + "LaunchTemplateOverridesList": { + "type": "list", + "member": { + "shape": "LaunchTemplateOverrides", + "locationName": "item" + } + }, + "LaunchTemplatePlacement": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the instance.</p>", + "locationName": "availabilityZone" + }, + "Affinity": { + "shape": "String", + "documentation": "<p>The affinity setting for the instance on the Dedicated Host.</p>", + "locationName": "affinity" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group for the instance.</p>", + "locationName": "groupName" + }, + "HostId": { + "shape": "String", + "documentation": "<p>The ID of the Dedicated Host for the instance.</p>", + "locationName": "hostId" + }, + "Tenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of <code>dedicated</code> runs on single-tenant hardware. </p>", + "locationName": "tenancy" + }, + "SpreadDomain": { + "shape": "String", + "documentation": "<p>Reserved for future use.</p>", + "locationName": "spreadDomain" + } + }, + "documentation": "<p>Describes the placement of an instance.</p>" + }, + "LaunchTemplatePlacementRequest": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the instance.</p>" + }, + "Affinity": { + "shape": "String", + "documentation": "<p>The affinity setting for an instance on a Dedicated Host.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group for the instance.</p>" + }, + "HostId": { + "shape": "String", + "documentation": "<p>The ID of the Dedicated Host for the instance.</p>" + }, + "Tenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.</p>" + }, + "SpreadDomain": { + "shape": "String", + "documentation": "<p>Reserved for future use.</p>" + } + }, + "documentation": "<p>Describes the placement of an instance.</p>" + }, + "LaunchTemplateSet": { + "type": "list", + "member": { + "shape": "LaunchTemplate", + "locationName": "item" + } + }, + "LaunchTemplateSpecification": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>" + }, + "LaunchTemplateName": { + "shape": "String", + "documentation": "<p>The name of the launch template.</p>" + }, + "Version": { + "shape": "String", + "documentation": "<p>The version number of the launch template.</p> <p>Default: The default version for the launch template.</p>" + } + }, + "documentation": "<p>The launch template to use. You must specify either the launch template ID or launch template name in the request, but not both.</p>" + }, + "LaunchTemplateSpotMarketOptions": { + "type": "structure", + "members": { + "MaxPrice": { + "shape": "String", + "documentation": "<p>The maximum hourly price you're willing to pay for the Spot Instances.</p>", + "locationName": "maxPrice" + }, + "SpotInstanceType": { + "shape": "SpotInstanceType", + "documentation": "<p>The Spot Instance request type.</p>", + "locationName": "spotInstanceType" + }, + "BlockDurationMinutes": { + "shape": "Integer", + "documentation": "<p>The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).</p>", + "locationName": "blockDurationMinutes" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached.</p>", + "locationName": "validUntil" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted.</p>", + "locationName": "instanceInterruptionBehavior" + } + }, + "documentation": "<p>The options for Spot Instances.</p>" + }, + "LaunchTemplateSpotMarketOptionsRequest": { + "type": "structure", + "members": { + "MaxPrice": { + "shape": "String", + "documentation": "<p>The maximum hourly price you're willing to pay for the Spot Instances.</p>" + }, + "SpotInstanceType": { + "shape": "SpotInstanceType", + "documentation": "<p>The Spot Instance request type.</p>" + }, + "BlockDurationMinutes": { + "shape": "Integer", + "documentation": "<p>The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).</p>" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached. The default end date is 7 days from the current date.</p>" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>" + } + }, + "documentation": "<p>The options for Spot Instances.</p>" + }, + "LaunchTemplateTagSpecification": { + "type": "structure", + "members": { + "ResourceType": { + "shape": "ResourceType", + "documentation": "<p>The type of resource.</p>", + "locationName": "resourceType" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the resource.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>The tag specification for the launch template.</p>" + }, + "LaunchTemplateTagSpecificationList": { + "type": "list", + "member": { + "shape": "LaunchTemplateTagSpecification", + "locationName": "item" + } + }, + "LaunchTemplateTagSpecificationRequest": { + "type": "structure", + "members": { + "ResourceType": { + "shape": "ResourceType", + "documentation": "<p>The type of resource to tag. Currently, the resource types that support tagging on creation are <code>instance</code> and <code>volume</code>. To tag a resource after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags to apply to the resource.</p>", + "locationName": "Tag" + } + }, + "documentation": "<p>The tags specification for the launch template.</p>" + }, + "LaunchTemplateTagSpecificationRequestList": { + "type": "list", + "member": { + "shape": "LaunchTemplateTagSpecificationRequest", + "locationName": "LaunchTemplateTagSpecificationRequest" + } + }, + "LaunchTemplateVersion": { + "type": "structure", + "members": { + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template.</p>", + "locationName": "launchTemplateId" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template.</p>", + "locationName": "launchTemplateName" + }, + "VersionNumber": { + "shape": "Long", + "documentation": "<p>The version number.</p>", + "locationName": "versionNumber" + }, + "VersionDescription": { + "shape": "VersionDescription", + "documentation": "<p>The description for the version.</p>", + "locationName": "versionDescription" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The time the version was created.</p>", + "locationName": "createTime" + }, + "CreatedBy": { + "shape": "String", + "documentation": "<p>The principal that created the version.</p>", + "locationName": "createdBy" + }, + "DefaultVersion": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the version is the default version.</p>", + "locationName": "defaultVersion" + }, + "LaunchTemplateData": { + "shape": "ResponseLaunchTemplateData", + "documentation": "<p>Information about the launch template.</p>", + "locationName": "launchTemplateData" + } + }, + "documentation": "<p>Describes a launch template version.</p>" + }, + "LaunchTemplateVersionSet": { + "type": "list", + "member": { + "shape": "LaunchTemplateVersion", + "locationName": "item" + } + }, + "LaunchTemplatesMonitoring": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.</p>", + "locationName": "enabled" + } + }, + "documentation": "<p>Describes the monitoring for the instance.</p>" + }, + "LaunchTemplatesMonitoringRequest": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Specify <code>true</code> to enable detailed monitoring. Otherwise, basic monitoring is enabled.</p>" + } + }, + "documentation": "<p>Describes the monitoring for the instance.</p>" + }, + "LicenseConfiguration": { + "type": "structure", + "members": { + "LicenseConfigurationArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the license configuration.</p>", + "locationName": "licenseConfigurationArn" + } + }, + "documentation": "<p>Describes a license configuration.</p>" + }, + "LicenseConfigurationRequest": { + "type": "structure", + "members": { + "LicenseConfigurationArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the license configuration.</p>" + } + }, + "documentation": "<p>Describes a license configuration.</p>" + }, + "LicenseList": { + "type": "list", + "member": { + "shape": "LicenseConfiguration", + "locationName": "item" + } + }, + "LicenseSpecificationListRequest": { + "type": "list", + "member": { + "shape": "LicenseConfigurationRequest", + "locationName": "item" + } + }, + "ListingState": { + "type": "string", + "enum": [ + "available", + "sold", + "cancelled", + "pending" + ] + }, + "ListingStatus": { + "type": "string", + "enum": [ + "active", + "pending", + "cancelled", + "closed" + ] + }, + "LoadBalancersConfig": { + "type": "structure", + "members": { + "ClassicLoadBalancersConfig": { + "shape": "ClassicLoadBalancersConfig", + "documentation": "<p>The Classic Load Balancers.</p>", + "locationName": "classicLoadBalancersConfig" + }, + "TargetGroupsConfig": { + "shape": "TargetGroupsConfig", + "documentation": "<p>The target groups.</p>", + "locationName": "targetGroupsConfig" + } + }, + "documentation": "<p>Describes the Classic Load Balancers and target groups to attach to a Spot Fleet request.</p>" + }, + "LoadPermission": { + "type": "structure", + "members": { + "UserId": { + "shape": "String", + "documentation": "<p>The AWS account ID.</p>", + "locationName": "userId" + }, + "Group": { + "shape": "PermissionGroup", + "documentation": "<p>The name of the group.</p>", + "locationName": "group" + } + }, + "documentation": "<p>Describes a load permission.</p>" + }, + "LoadPermissionList": { + "type": "list", + "member": { + "shape": "LoadPermission", + "locationName": "item" + } + }, + "LoadPermissionListRequest": { + "type": "list", + "member": { + "shape": "LoadPermissionRequest", + "locationName": "item" + } + }, + "LoadPermissionModifications": { + "type": "structure", + "members": { + "Add": { + "shape": "LoadPermissionListRequest", + "documentation": "<p>The load permissions to add.</p>" + }, + "Remove": { + "shape": "LoadPermissionListRequest", + "documentation": "<p>The load permissions to remove.</p>" + } + }, + "documentation": "<p>Describes modifications to the load permissions of an Amazon FPGA image (AFI).</p>" + }, + "LoadPermissionRequest": { + "type": "structure", + "members": { + "Group": { + "shape": "PermissionGroup", + "documentation": "<p>The name of the group.</p>" + }, + "UserId": { + "shape": "String", + "documentation": "<p>The AWS account ID.</p>" + } + }, + "documentation": "<p>Describes a load permission.</p>" + }, + "LogDestinationType": { + "type": "string", + "enum": [ + "cloud-watch-logs", + "s3" + ] + }, + "Long": { + "type": "long" + }, + "MarketType": { + "type": "string", + "enum": [ + "spot" + ] + }, + "MaxResults": { + "type": "integer", + "max": 255, + "min": 5 + }, + "MillisecondDateTime": { + "type": "timestamp" + }, + "ModifyCapacityReservationRequest": { + "type": "structure", + "required": [ + "CapacityReservationId" + ], + "members": { + "CapacityReservationId": { + "shape": "String", + "documentation": "<p>The ID of the Capacity Reservation.</p>" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances for which to reserve capacity.</p>" + }, + "EndDate": { + "shape": "DateTime", + "documentation": "<p>The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to <code>expired</code> when it reaches its end date and time.</p> <p>The Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.</p> <p>You must provide an <code>EndDate</code> value if <code>EndDateType</code> is <code>limited</code>. Omit <code>EndDate</code> if <code>EndDateType</code> is <code>unlimited</code>.</p>" + }, + "EndDateType": { + "shape": "EndDateType", + "documentation": "<p>Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:</p> <ul> <li> <p> <code>unlimited</code> - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an <code>EndDate</code> value if <code>EndDateType</code> is <code>unlimited</code>.</p> </li> <li> <p> <code>limited</code> - The Capacity Reservation expires automatically at a specified date and time. You must provide an <code>EndDate</code> value if <code>EndDateType</code> is <code>limited</code>.</p> </li> </ul>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyCapacityReservationResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Information about the Capacity Reservation.</p>", + "locationName": "return" + } + } + }, + "ModifyClientVpnEndpointRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint to modify.</p>" + }, + "ServerCertificateArn": { + "shape": "String", + "documentation": "<p>The ARN of the server certificate to be used. The server certificate must be provisioned in AWS Certificate Manager (ACM).</p>" + }, + "ConnectionLogOptions": { + "shape": "ConnectionLogOptions", + "documentation": "<p>Information about the client connection logging options.</p> <p>If you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:</p> <ul> <li> <p>Client connection requests</p> </li> <li> <p>Client connection results (successful and unsuccessful)</p> </li> <li> <p>Reasons for unsuccessful client connection requests</p> </li> <li> <p>Client connection termination time</p> </li> </ul>" + }, + "DnsServers": { + "shape": "DnsServersOptionsModifyStructure", + "documentation": "<p>Information about the DNS servers to be used by Client VPN connections. A Client VPN endpoint can have up to two DNS servers.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A brief description of the Client VPN endpoint.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyClientVpnEndpointResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyEbsDefaultKmsKeyIdRequest": { + "type": "structure", + "required": [ + "KmsKeyId" + ], + "members": { + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use for Amazon EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used. If <code>KmsKeyId</code> is specified, the encrypted state must be <code>true</code>.</p> <p>You can specify the CMK using any of the following:</p> <ul> <li> <p>Key ID. For example, key/1234abcd-12ab-34cd-56ef-1234567890ab.</p> </li> <li> <p>Key alias. For example, alias/ExampleAlias.</p> </li> <li> <p>Key ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:key/<i>abcd1234-a123-456a-a12b-a123b4cd56ef</i>.</p> </li> <li> <p>Alias ARN. For example, arn:aws:kms:<i>us-east-1</i>:<i>012345678910</i>:alias/<i>ExampleAlias</i>.</p> </li> </ul> <p>AWS authenticates the CMK asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyEbsDefaultKmsKeyIdResult": { + "type": "structure", + "members": { + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the default CMK for encryption by default.</p>", + "locationName": "kmsKeyId" + } + } + }, + "ModifyFleetRequest": { + "type": "structure", + "required": [ + "FleetId", + "TargetCapacitySpecification" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ExcessCapacityTerminationPolicy": { + "shape": "FleetExcessCapacityTerminationPolicy", + "documentation": "<p>Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.</p>" + }, + "FleetId": { + "shape": "FleetIdentifier", + "documentation": "<p>The ID of the EC2 Fleet.</p>" + }, + "TargetCapacitySpecification": { + "shape": "TargetCapacitySpecificationRequest", + "documentation": "<p>The size of the EC2 Fleet.</p>" + } + } + }, + "ModifyFleetResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>", + "locationName": "return" + } + } + }, + "ModifyFpgaImageAttributeRequest": { + "type": "structure", + "required": [ + "FpgaImageId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the AFI.</p>" + }, + "Attribute": { + "shape": "FpgaImageAttributeName", + "documentation": "<p>The name of the attribute.</p>" + }, + "OperationType": { + "shape": "OperationType", + "documentation": "<p>The operation type.</p>" + }, + "UserIds": { + "shape": "UserIdStringList", + "documentation": "<p>The AWS account IDs. This parameter is valid only when modifying the <code>loadPermission</code> attribute.</p>", + "locationName": "UserId" + }, + "UserGroups": { + "shape": "UserGroupStringList", + "documentation": "<p>The user groups. This parameter is valid only when modifying the <code>loadPermission</code> attribute.</p>", + "locationName": "UserGroup" + }, + "ProductCodes": { + "shape": "ProductCodeStringList", + "documentation": "<p>The product codes. After you add a product code to an AFI, it can't be removed. This parameter is valid only when modifying the <code>productCodes</code> attribute.</p>", + "locationName": "ProductCode" + }, + "LoadPermission": { + "shape": "LoadPermissionModifications", + "documentation": "<p>The load permission for the AFI.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the AFI.</p>" + }, + "Name": { + "shape": "String", + "documentation": "<p>A name for the AFI.</p>" + } + } + }, + "ModifyFpgaImageAttributeResult": { + "type": "structure", + "members": { + "FpgaImageAttribute": { + "shape": "FpgaImageAttribute", + "documentation": "<p>Information about the attribute.</p>", + "locationName": "fpgaImageAttribute" + } + } + }, + "ModifyHostsRequest": { + "type": "structure", + "required": [ + "HostIds" + ], + "members": { + "AutoPlacement": { + "shape": "AutoPlacement", + "documentation": "<p>Specify whether to enable or disable auto-placement.</p>", + "locationName": "autoPlacement" + }, + "HostIds": { + "shape": "RequestHostIdList", + "documentation": "<p>The IDs of the Dedicated Hosts to modify.</p>", + "locationName": "hostId" + }, + "HostRecovery": { + "shape": "HostRecovery", + "documentation": "<p>Indicates whether to enable or disable host recovery for the Dedicated Host. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html\"> Host Recovery</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + } + } + }, + "ModifyHostsResult": { + "type": "structure", + "members": { + "Successful": { + "shape": "ResponseHostIdList", + "documentation": "<p>The IDs of the Dedicated Hosts that were successfully modified.</p>", + "locationName": "successful" + }, + "Unsuccessful": { + "shape": "UnsuccessfulItemList", + "documentation": "<p>The IDs of the Dedicated Hosts that could not be modified. Check whether the setting you requested can be used.</p>", + "locationName": "unsuccessful" + } + } + }, + "ModifyIdFormatRequest": { + "type": "structure", + "required": [ + "Resource", + "UseLongIds" + ], + "members": { + "Resource": { + "shape": "String", + "documentation": "<p>The type of resource: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>.</p> <p>Alternatively, use the <code>all-current</code> option to include all resource types that are currently within their opt-in period for longer IDs.</p>" + }, + "UseLongIds": { + "shape": "Boolean", + "documentation": "<p>Indicate whether the resource should use longer IDs (17-character IDs).</p>" + } + } + }, + "ModifyIdentityIdFormatRequest": { + "type": "structure", + "required": [ + "PrincipalArn", + "Resource", + "UseLongIds" + ], + "members": { + "PrincipalArn": { + "shape": "String", + "documentation": "<p>The ARN of the principal, which can be an IAM user, IAM role, or the root user. Specify <code>all</code> to modify the ID format for all IAM users, IAM roles, and the root user of the account.</p>", + "locationName": "principalArn" + }, + "Resource": { + "shape": "String", + "documentation": "<p>The type of resource: <code>bundle</code> | <code>conversion-task</code> | <code>customer-gateway</code> | <code>dhcp-options</code> | <code>elastic-ip-allocation</code> | <code>elastic-ip-association</code> | <code>export-task</code> | <code>flow-log</code> | <code>image</code> | <code>import-task</code> | <code>internet-gateway</code> | <code>network-acl</code> | <code>network-acl-association</code> | <code>network-interface</code> | <code>network-interface-attachment</code> | <code>prefix-list</code> | <code>route-table</code> | <code>route-table-association</code> | <code>security-group</code> | <code>subnet</code> | <code>subnet-cidr-block-association</code> | <code>vpc</code> | <code>vpc-cidr-block-association</code> | <code>vpc-endpoint</code> | <code>vpc-peering-connection</code> | <code>vpn-connection</code> | <code>vpn-gateway</code>.</p> <p>Alternatively, use the <code>all-current</code> option to include all resource types that are currently within their opt-in period for longer IDs.</p>", + "locationName": "resource" + }, + "UseLongIds": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the resource should use longer IDs (17-character IDs)</p>", + "locationName": "useLongIds" + } + } + }, + "ModifyImageAttributeRequest": { + "type": "structure", + "required": [ + "ImageId" + ], + "members": { + "Attribute": { + "shape": "String", + "documentation": "<p>The name of the attribute to modify. The valid values are <code>description</code>, <code>launchPermission</code>, and <code>productCodes</code>.</p>" + }, + "Description": { + "shape": "AttributeValue", + "documentation": "<p>A new description for the AMI.</p>" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>" + }, + "LaunchPermission": { + "shape": "LaunchPermissionModifications", + "documentation": "<p>A new launch permission for the AMI.</p>" + }, + "OperationType": { + "shape": "OperationType", + "documentation": "<p>The operation type. This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>" + }, + "ProductCodes": { + "shape": "ProductCodeStringList", + "documentation": "<p>The DevPay product codes. After you add a product code to an AMI, it can't be removed.</p>", + "locationName": "ProductCode" + }, + "UserGroups": { + "shape": "UserGroupStringList", + "documentation": "<p>The user groups. This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>", + "locationName": "UserGroup" + }, + "UserIds": { + "shape": "UserIdStringList", + "documentation": "<p>The AWS account IDs. This parameter can be used only when the <code>Attribute</code> parameter is <code>launchPermission</code>.</p>", + "locationName": "UserId" + }, + "Value": { + "shape": "String", + "documentation": "<p>The value of the attribute being modified. This parameter can be used only when the <code>Attribute</code> parameter is <code>description</code> or <code>productCodes</code>.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for ModifyImageAttribute.</p>" + }, + "ModifyInstanceAttributeRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "SourceDestCheck": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Specifies whether source/destination checking is enabled. A value of <code>true</code> means that checking is enabled, and <code>false</code> means that checking is disabled. This value must be <code>false</code> for a NAT instance to perform NAT.</p>" + }, + "Attribute": { + "shape": "InstanceAttributeName", + "documentation": "<p>The name of the attribute.</p>", + "locationName": "attribute" + }, + "BlockDeviceMappings": { + "shape": "InstanceBlockDeviceMappingSpecificationList", + "documentation": "<p>Modifies the <code>DeleteOnTermination</code> attribute for volumes that are currently attached. The volume must be owned by the caller. If no value is specified for <code>DeleteOnTermination</code>, the default is <code>true</code> and the volume is deleted when the instance is terminated.</p> <p>To add instance store volumes to an Amazon EBS-backed instance, you must add them when you launch the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html#Using_OverridingAMIBDM\">Updating the Block Device Mapping when Launching an Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>", + "locationName": "blockDeviceMapping" + }, + "DisableApiTermination": { + "shape": "AttributeBooleanValue", + "documentation": "<p>If the value is <code>true</code>, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. You cannot use this parameter for Spot Instances.</p>", + "locationName": "disableApiTermination" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EbsOptimized": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Specifies whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p>", + "locationName": "ebsOptimized" + }, + "EnaSupport": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Set to <code>true</code> to enable enhanced networking with ENA for the instance.</p> <p>This option is supported only for HVM instances. Specifying this option with a PV instance can make it unreachable.</p>", + "locationName": "enaSupport" + }, + "Groups": { + "shape": "GroupIdStringList", + "documentation": "<p>[EC2-VPC] Changes the security groups of the instance. You must specify at least one security group, even if it's just the default security group for the VPC. You must specify the security group ID, not the security group name.</p>", + "locationName": "GroupId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "AttributeValue", + "documentation": "<p>Specifies whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p>", + "locationName": "instanceInitiatedShutdownBehavior" + }, + "InstanceType": { + "shape": "AttributeValue", + "documentation": "<p>Changes the instance type to the specified value. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a>. If the instance type is not valid, the error returned is <code>InvalidInstanceAttributeValue</code>.</p>", + "locationName": "instanceType" + }, + "Kernel": { + "shape": "AttributeValue", + "documentation": "<p>Changes the instance's kernel to the specified value. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html\">PV-GRUB</a>.</p>", + "locationName": "kernel" + }, + "Ramdisk": { + "shape": "AttributeValue", + "documentation": "<p>Changes the instance's RAM disk to the specified value. We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html\">PV-GRUB</a>.</p>", + "locationName": "ramdisk" + }, + "SriovNetSupport": { + "shape": "AttributeValue", + "documentation": "<p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual Function interface for the instance.</p> <p>There is no way to disable enhanced networking with the Intel 82599 Virtual Function interface at this time.</p> <p>This option is supported only for HVM instances. Specifying this option with a PV instance can make it unreachable.</p>", + "locationName": "sriovNetSupport" + }, + "UserData": { + "shape": "BlobAttributeValue", + "documentation": "<p>Changes the instance's user data to the specified value. If you are using an AWS SDK or command line tool, base64-encoding is performed for you, and you can load the text from a file. Otherwise, you must provide base64-encoded text.</p>", + "locationName": "userData" + }, + "Value": { + "shape": "String", + "documentation": "<p>A new value for the attribute. Use only with the <code>kernel</code>, <code>ramdisk</code>, <code>userData</code>, <code>disableApiTermination</code>, or <code>instanceInitiatedShutdownBehavior</code> attribute.</p>", + "locationName": "value" + } + } + }, + "ModifyInstanceCapacityReservationAttributesRequest": { + "type": "structure", + "required": [ + "InstanceId", + "CapacityReservationSpecification" + ], + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance to be modified.</p>" + }, + "CapacityReservationSpecification": { + "shape": "CapacityReservationSpecification", + "documentation": "<p>Information about the Capacity Reservation targeting option.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyInstanceCapacityReservationAttributesResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyInstanceCreditSpecificationRequest": { + "type": "structure", + "required": [ + "InstanceCreditSpecifications" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>A unique, case-sensitive token that you provide to ensure idempotency of your modification request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>" + }, + "InstanceCreditSpecifications": { + "shape": "InstanceCreditSpecificationListRequest", + "documentation": "<p>Information about the credit option for CPU usage.</p>", + "locationName": "InstanceCreditSpecification" + } + } + }, + "ModifyInstanceCreditSpecificationResult": { + "type": "structure", + "members": { + "SuccessfulInstanceCreditSpecifications": { + "shape": "SuccessfulInstanceCreditSpecificationSet", + "documentation": "<p>Information about the instances whose credit option for CPU usage was successfully modified.</p>", + "locationName": "successfulInstanceCreditSpecificationSet" + }, + "UnsuccessfulInstanceCreditSpecifications": { + "shape": "UnsuccessfulInstanceCreditSpecificationSet", + "documentation": "<p>Information about the instances whose credit option for CPU usage was not modified.</p>", + "locationName": "unsuccessfulInstanceCreditSpecificationSet" + } + } + }, + "ModifyInstanceEventStartTimeRequest": { + "type": "structure", + "required": [ + "InstanceId", + "InstanceEventId", + "NotBefore" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance with the scheduled event.</p>" + }, + "InstanceEventId": { + "shape": "String", + "documentation": "<p>The ID of the event whose date and time you are modifying.</p>" + }, + "NotBefore": { + "shape": "DateTime", + "documentation": "<p>The new date and time when the event will take place.</p>" + } + } + }, + "ModifyInstanceEventStartTimeResult": { + "type": "structure", + "members": { + "Event": { + "shape": "InstanceStatusEvent", + "locationName": "event" + } + } + }, + "ModifyInstancePlacementRequest": { + "type": "structure", + "required": [ + "InstanceId" + ], + "members": { + "Affinity": { + "shape": "Affinity", + "documentation": "<p>The affinity setting for the instance.</p>", + "locationName": "affinity" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group in which to place the instance. For spread placement groups, the instance must have a tenancy of <code>default</code>. For cluster and partition placement groups, the instance must have a tenancy of <code>default</code> or <code>dedicated</code>.</p> <p>To remove an instance from a placement group, specify an empty string (\"\").</p>" + }, + "HostId": { + "shape": "String", + "documentation": "<p>The ID of the Dedicated Host with which to associate the instance.</p>", + "locationName": "hostId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance that you are modifying.</p>", + "locationName": "instanceId" + }, + "Tenancy": { + "shape": "HostTenancy", + "documentation": "<p>The tenancy for the instance.</p>", + "locationName": "tenancy" + }, + "PartitionNumber": { + "shape": "Integer", + "documentation": "<p>Reserved for future use.</p>" + } + } + }, + "ModifyInstancePlacementResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>", + "locationName": "return" + } + } + }, + "ModifyLaunchTemplateRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraint: Maximum 128 ASCII characters.</p>" + }, + "LaunchTemplateId": { + "shape": "String", + "documentation": "<p>The ID of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "LaunchTemplateName": { + "shape": "LaunchTemplateName", + "documentation": "<p>The name of the launch template. You must specify either the launch template ID or launch template name in the request.</p>" + }, + "DefaultVersion": { + "shape": "String", + "documentation": "<p>The version number of the launch template to set as the default version.</p>", + "locationName": "SetDefaultVersion" + } + } + }, + "ModifyLaunchTemplateResult": { + "type": "structure", + "members": { + "LaunchTemplate": { + "shape": "LaunchTemplate", + "documentation": "<p>Information about the launch template.</p>", + "locationName": "launchTemplate" + } + } + }, + "ModifyNetworkInterfaceAttributeRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "Attachment": { + "shape": "NetworkInterfaceAttachmentChanges", + "documentation": "<p>Information about the interface attachment. If modifying the 'delete on termination' attribute, you must specify the ID of the interface attachment.</p>", + "locationName": "attachment" + }, + "Description": { + "shape": "AttributeValue", + "documentation": "<p>A description for the network interface.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Groups": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>Changes the security groups for the network interface. The new set of groups you specify replaces the current set. You must specify at least one group, even if it's just the default security group in the VPC. You must specify the ID of the security group, not the name.</p>", + "locationName": "SecurityGroupId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "SourceDestCheck": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether source/destination checking is enabled. A value of <code>true</code> means checking is enabled, and <code>false</code> means checking is disabled. This value must be <code>false</code> for a NAT instance to perform NAT. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html\">NAT Instances</a> in the <i>Amazon Virtual Private Cloud User Guide</i>.</p>", + "locationName": "sourceDestCheck" + } + }, + "documentation": "<p>Contains the parameters for ModifyNetworkInterfaceAttribute.</p>" + }, + "ModifyReservedInstancesRequest": { + "type": "structure", + "required": [ + "ReservedInstancesIds", + "TargetConfigurations" + ], + "members": { + "ReservedInstancesIds": { + "shape": "ReservedInstancesIdStringList", + "documentation": "<p>The IDs of the Reserved Instances to modify.</p>", + "locationName": "ReservedInstancesId" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>A unique, case-sensitive token you provide to ensure idempotency of your modification request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "TargetConfigurations": { + "shape": "ReservedInstancesConfigurationList", + "documentation": "<p>The configuration settings for the Reserved Instances to modify.</p>", + "locationName": "ReservedInstancesConfigurationSetItemType" + } + }, + "documentation": "<p>Contains the parameters for ModifyReservedInstances.</p>" + }, + "ModifyReservedInstancesResult": { + "type": "structure", + "members": { + "ReservedInstancesModificationId": { + "shape": "String", + "documentation": "<p>The ID for the modification.</p>", + "locationName": "reservedInstancesModificationId" + } + }, + "documentation": "<p>Contains the output of ModifyReservedInstances.</p>" + }, + "ModifySnapshotAttributeRequest": { + "type": "structure", + "required": [ + "SnapshotId" + ], + "members": { + "Attribute": { + "shape": "SnapshotAttributeName", + "documentation": "<p>The snapshot attribute to modify. Only volume creation permissions can be modified.</p>" + }, + "CreateVolumePermission": { + "shape": "CreateVolumePermissionModifications", + "documentation": "<p>A JSON representation of the snapshot attribute modification.</p>" + }, + "GroupNames": { + "shape": "GroupNameStringList", + "documentation": "<p>The group to modify for the snapshot.</p>", + "locationName": "UserGroup" + }, + "OperationType": { + "shape": "OperationType", + "documentation": "<p>The type of operation to perform to the attribute.</p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>" + }, + "UserIds": { + "shape": "UserIdStringList", + "documentation": "<p>The account ID to modify for the snapshot.</p>", + "locationName": "UserId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for ModifySnapshotAttribute.</p>" + }, + "ModifySpotFleetRequestRequest": { + "type": "structure", + "required": [ + "SpotFleetRequestId" + ], + "members": { + "ExcessCapacityTerminationPolicy": { + "shape": "ExcessCapacityTerminationPolicy", + "documentation": "<p>Indicates whether running Spot Instances should be terminated if the target capacity of the Spot Fleet request is decreased below the current size of the Spot Fleet.</p>", + "locationName": "excessCapacityTerminationPolicy" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + }, + "TargetCapacity": { + "shape": "Integer", + "documentation": "<p>The size of the fleet.</p>", + "locationName": "targetCapacity" + } + }, + "documentation": "<p>Contains the parameters for ModifySpotFleetRequest.</p>" + }, + "ModifySpotFleetRequestResponse": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>", + "locationName": "return" + } + }, + "documentation": "<p>Contains the output of ModifySpotFleetRequest.</p>" + }, + "ModifySubnetAttributeRequest": { + "type": "structure", + "required": [ + "SubnetId" + ], + "members": { + "AssignIpv6AddressOnCreation": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Specify <code>true</code> to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. This includes a network interface that's created when launching an instance into the subnet (the instance therefore receives an IPv6 address). </p> <p>If you enable the IPv6 addressing feature for your subnet, your network interface or instance only receives an IPv6 address if it's created using version <code>2016-11-15</code> or later of the Amazon EC2 API.</p>" + }, + "MapPublicIpOnLaunch": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Specify <code>true</code> to indicate that ENIs attached to instances created in the specified subnet should be assigned a public IPv4 address.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + } + } + }, + "ModifyTrafficMirrorFilterNetworkServicesRequest": { + "type": "structure", + "required": [ + "TrafficMirrorFilterId" + ], + "members": { + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>" + }, + "AddNetworkServices": { + "shape": "TrafficMirrorNetworkServiceList", + "documentation": "<p>The network service, for example Amazon DNS, that you want to mirror.</p>", + "locationName": "AddNetworkService" + }, + "RemoveNetworkServices": { + "shape": "TrafficMirrorNetworkServiceList", + "documentation": "<p>The network service, for example Amazon DNS, that you no longer want to mirror.</p>", + "locationName": "RemoveNetworkService" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyTrafficMirrorFilterNetworkServicesResult": { + "type": "structure", + "members": { + "TrafficMirrorFilter": { + "shape": "TrafficMirrorFilter", + "documentation": "<p>The Traffic Mirror filter that the network service is associated with.</p>", + "locationName": "trafficMirrorFilter" + } + } + }, + "ModifyTrafficMirrorFilterRuleRequest": { + "type": "structure", + "required": [ + "TrafficMirrorFilterRuleId" + ], + "members": { + "TrafficMirrorFilterRuleId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror rule.</p>" + }, + "TrafficDirection": { + "shape": "TrafficDirection", + "documentation": "<p>The type of traffic (<code>ingress</code> | <code>egress</code>) to assign to the rule.</p>" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.</p>" + }, + "RuleAction": { + "shape": "TrafficMirrorRuleAction", + "documentation": "<p>The action to assign to the rule.</p>" + }, + "DestinationPortRange": { + "shape": "TrafficMirrorPortRangeRequest", + "documentation": "<p>The destination ports that are associated with the Traffic Mirror rule.</p>" + }, + "SourcePortRange": { + "shape": "TrafficMirrorPortRangeRequest", + "documentation": "<p>The port range to assign to the Traffic Mirror rule.</p>" + }, + "Protocol": { + "shape": "Integer", + "documentation": "<p>The protocol, for example TCP, to assign to the Traffic Mirror rule.</p>" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The destination CIDR block to assign to the Traffic Mirror rule.</p>" + }, + "SourceCidrBlock": { + "shape": "String", + "documentation": "<p>The source CIDR block to assign to the Traffic Mirror rule.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description to assign to the Traffic Mirror rule.</p>" + }, + "RemoveFields": { + "shape": "TrafficMirrorFilterRuleFieldList", + "documentation": "<p>The properties that you want to remove from the Traffic Mirror filter rule.</p> <p>When you remove a property from a Traffic Mirror filter rule, the property is set to the default.</p>", + "locationName": "RemoveField" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyTrafficMirrorFilterRuleResult": { + "type": "structure", + "members": { + "TrafficMirrorFilterRule": { + "shape": "TrafficMirrorFilterRule", + "documentation": "<p>Modifies a Traffic Mirror rule.</p>", + "locationName": "trafficMirrorFilterRule" + } + } + }, + "ModifyTrafficMirrorSessionRequest": { + "type": "structure", + "required": [ + "TrafficMirrorSessionId" + ], + "members": { + "TrafficMirrorSessionId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror session.</p>" + }, + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.</p>" + }, + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>" + }, + "PacketLength": { + "shape": "Integer", + "documentation": "<p>The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.</p>" + }, + "SessionNumber": { + "shape": "Integer", + "documentation": "<p>The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.</p> <p>Valid values are 1-32766.</p>" + }, + "VirtualNetworkId": { + "shape": "Integer", + "documentation": "<p>The virtual network ID of the Traffic Mirror session.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description to assign to the Traffic Mirror session.</p>" + }, + "RemoveFields": { + "shape": "TrafficMirrorSessionFieldList", + "documentation": "<p>The properties that you want to remove from the Traffic Mirror session.</p> <p>When you remove a property from a Traffic Mirror session, the property is set to the default.</p>", + "locationName": "RemoveField" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyTrafficMirrorSessionResult": { + "type": "structure", + "members": { + "TrafficMirrorSession": { + "shape": "TrafficMirrorSession", + "documentation": "<p>Information about the Traffic Mirror session.</p>", + "locationName": "trafficMirrorSession" + } + } + }, + "ModifyTransitGatewayVpcAttachmentRequest": { + "type": "structure", + "required": [ + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "AddSubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.</p>" + }, + "RemoveSubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more subnets to remove.</p>" + }, + "Options": { + "shape": "ModifyTransitGatewayVpcAttachmentRequestOptions", + "documentation": "<p>The new VPC attachment options.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyTransitGatewayVpcAttachmentRequestOptions": { + "type": "structure", + "members": { + "DnsSupport": { + "shape": "DnsSupportValue", + "documentation": "<p>Enable or disable DNS support. The default is <code>enable</code>.</p>" + }, + "Ipv6Support": { + "shape": "Ipv6SupportValue", + "documentation": "<p>Enable or disable IPv6 support. The default is <code>enable</code>.</p>" + } + }, + "documentation": "<p>Describes the options for a VPC attachment.</p>" + }, + "ModifyTransitGatewayVpcAttachmentResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachment": { + "shape": "TransitGatewayVpcAttachment", + "documentation": "<p>Information about the modified attachment.</p>", + "locationName": "transitGatewayVpcAttachment" + } + } + }, + "ModifyVolumeAttributeRequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "AutoEnableIO": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether the volume should be auto-enabled for I/O operations.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for ModifyVolumeAttribute.</p>" + }, + "ModifyVolumeRequest": { + "type": "structure", + "required": [ + "VolumeId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>" + }, + "Size": { + "shape": "Integer", + "documentation": "<p>The target size of the volume, in GiB. The target volume size must be greater than or equal to than the existing size of the volume. For information about available EBS volume sizes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a>.</p> <p>Default: If no size is specified, the existing size is retained.</p>" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The target EBS volume type of the volume.</p> <p>Default: If no type is specified, the existing type is retained.</p>" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The target IOPS rate of the volume.</p> <p>This is only valid for Provisioned IOPS SSD (<code>io1</code>) volumes. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html#EBSVolumeTypes_piops\">Provisioned IOPS SSD (io1) Volumes</a>.</p> <p>Default: If no IOPS value is specified, the existing value is retained.</p>" + } + } + }, + "ModifyVolumeResult": { + "type": "structure", + "members": { + "VolumeModification": { + "shape": "VolumeModification", + "documentation": "<p>Information about the volume modification.</p>", + "locationName": "volumeModification" + } + } + }, + "ModifyVpcAttributeRequest": { + "type": "structure", + "required": [ + "VpcId" + ], + "members": { + "EnableDnsHostnames": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.</p> <p>You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.</p>" + }, + "EnableDnsSupport": { + "shape": "AttributeBooleanValue", + "documentation": "<p>Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled.</p> <p>You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.</p>" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + } + }, + "ModifyVpcEndpointConnectionNotificationRequest": { + "type": "structure", + "required": [ + "ConnectionNotificationId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ConnectionNotificationId": { + "shape": "String", + "documentation": "<p>The ID of the notification.</p>" + }, + "ConnectionNotificationArn": { + "shape": "String", + "documentation": "<p>The ARN for the SNS topic for the notification.</p>" + }, + "ConnectionEvents": { + "shape": "ValueStringList", + "documentation": "<p>One or more events for the endpoint. Valid values are <code>Accept</code>, <code>Connect</code>, <code>Delete</code>, and <code>Reject</code>.</p>" + } + } + }, + "ModifyVpcEndpointConnectionNotificationResult": { + "type": "structure", + "members": { + "ReturnValue": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyVpcEndpointRequest": { + "type": "structure", + "required": [ + "VpcEndpointId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "VpcEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint.</p>" + }, + "ResetPolicy": { + "shape": "Boolean", + "documentation": "<p>(Gateway endpoint) Specify <code>true</code> to reset the policy document to the default policy. The default policy allows full access to the service.</p>" + }, + "PolicyDocument": { + "shape": "String", + "documentation": "<p>A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.</p>" + }, + "AddRouteTableIds": { + "shape": "ValueStringList", + "documentation": "<p>(Gateway endpoint) One or more route tables IDs to associate with the endpoint.</p>", + "locationName": "AddRouteTableId" + }, + "RemoveRouteTableIds": { + "shape": "ValueStringList", + "documentation": "<p>(Gateway endpoint) One or more route table IDs to disassociate from the endpoint.</p>", + "locationName": "RemoveRouteTableId" + }, + "AddSubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more subnet IDs in which to serve the endpoint.</p>", + "locationName": "AddSubnetId" + }, + "RemoveSubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more subnets IDs in which to remove the endpoint.</p>", + "locationName": "RemoveSubnetId" + }, + "AddSecurityGroupIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more security group IDs to associate with the network interface.</p>", + "locationName": "AddSecurityGroupId" + }, + "RemoveSecurityGroupIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more security group IDs to disassociate from the network interface.</p>", + "locationName": "RemoveSecurityGroupId" + }, + "PrivateDnsEnabled": { + "shape": "Boolean", + "documentation": "<p>(Interface endpoint) Indicate whether a private hosted zone is associated with the VPC.</p>" + } + }, + "documentation": "<p>Contains the parameters for ModifyVpcEndpoint.</p>" + }, + "ModifyVpcEndpointResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyVpcEndpointServiceConfigurationRequest": { + "type": "structure", + "required": [ + "ServiceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service.</p>" + }, + "AcceptanceRequired": { + "shape": "Boolean", + "documentation": "<p>Indicate whether requests to create an endpoint to your service must be accepted.</p>" + }, + "AddNetworkLoadBalancerArns": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARNs) of Network Load Balancers to add to your service configuration.</p>", + "locationName": "AddNetworkLoadBalancerArn" + }, + "RemoveNetworkLoadBalancerArns": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARNs) of Network Load Balancers to remove from your service configuration.</p>", + "locationName": "RemoveNetworkLoadBalancerArn" + } + } + }, + "ModifyVpcEndpointServiceConfigurationResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyVpcEndpointServicePermissionsRequest": { + "type": "structure", + "required": [ + "ServiceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service.</p>" + }, + "AddAllowedPrincipals": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARN) of one or more principals. Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*).</p>" + }, + "RemoveAllowedPrincipals": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARN) of one or more principals. Permissions are revoked for principals in this list.</p>" + } + } + }, + "ModifyVpcEndpointServicePermissionsResult": { + "type": "structure", + "members": { + "ReturnValue": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyVpcPeeringConnectionOptionsRequest": { + "type": "structure", + "required": [ + "VpcPeeringConnectionId" + ], + "members": { + "AccepterPeeringConnectionOptions": { + "shape": "PeeringConnectionOptionsRequest", + "documentation": "<p>The VPC peering connection options for the accepter VPC.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "RequesterPeeringConnectionOptions": { + "shape": "PeeringConnectionOptionsRequest", + "documentation": "<p>The VPC peering connection options for the requester VPC.</p>" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection.</p>" + } + } + }, + "ModifyVpcPeeringConnectionOptionsResult": { + "type": "structure", + "members": { + "AccepterPeeringConnectionOptions": { + "shape": "PeeringConnectionOptions", + "documentation": "<p>Information about the VPC peering connection options for the accepter VPC.</p>", + "locationName": "accepterPeeringConnectionOptions" + }, + "RequesterPeeringConnectionOptions": { + "shape": "PeeringConnectionOptions", + "documentation": "<p>Information about the VPC peering connection options for the requester VPC.</p>", + "locationName": "requesterPeeringConnectionOptions" + } + } + }, + "ModifyVpcTenancyRequest": { + "type": "structure", + "required": [ + "VpcId", + "InstanceTenancy" + ], + "members": { + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>" + }, + "InstanceTenancy": { + "shape": "VpcTenancy", + "documentation": "<p>The instance tenancy attribute for the VPC. </p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyVpcTenancyResult": { + "type": "structure", + "members": { + "ReturnValue": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>", + "locationName": "return" + } + } + }, + "ModifyVpnConnectionRequest": { + "type": "structure", + "required": [ + "VpnConnectionId" + ], + "members": { + "VpnConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPN connection.</p>" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway at the AWS side of the VPN connection.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ModifyVpnConnectionResult": { + "type": "structure", + "members": { + "VpnConnection": { + "shape": "VpnConnection", + "locationName": "vpnConnection" + } + } + }, + "MonitorInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "InstanceId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "MonitorInstancesResult": { + "type": "structure", + "members": { + "InstanceMonitorings": { + "shape": "InstanceMonitoringList", + "documentation": "<p>The monitoring information.</p>", + "locationName": "instancesSet" + } + } + }, + "Monitoring": { + "type": "structure", + "members": { + "State": { + "shape": "MonitoringState", + "documentation": "<p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes the monitoring of an instance.</p>" + }, + "MonitoringState": { + "type": "string", + "enum": [ + "disabled", + "disabling", + "enabled", + "pending" + ] + }, + "MoveAddressToVpcRequest": { + "type": "structure", + "required": [ + "PublicIp" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + } + } + }, + "MoveAddressToVpcResult": { + "type": "structure", + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>The allocation ID for the Elastic IP address.</p>", + "locationName": "allocationId" + }, + "Status": { + "shape": "Status", + "documentation": "<p>The status of the move of the IP address.</p>", + "locationName": "status" + } + } + }, + "MoveStatus": { + "type": "string", + "enum": [ + "movingToVpc", + "restoringToClassic" + ] + }, + "MovingAddressStatus": { + "type": "structure", + "members": { + "MoveStatus": { + "shape": "MoveStatus", + "documentation": "<p>The status of the Elastic IP address that's being moved to the EC2-VPC platform, or restored to the EC2-Classic platform.</p>", + "locationName": "moveStatus" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + } + }, + "documentation": "<p>Describes the status of a moving Elastic IP address.</p>" + }, + "MovingAddressStatusSet": { + "type": "list", + "member": { + "shape": "MovingAddressStatus", + "locationName": "item" + } + }, + "NatGateway": { + "type": "structure", + "members": { + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The date and time the NAT gateway was created.</p>", + "locationName": "createTime" + }, + "DeleteTime": { + "shape": "DateTime", + "documentation": "<p>The date and time the NAT gateway was deleted, if applicable.</p>", + "locationName": "deleteTime" + }, + "FailureCode": { + "shape": "String", + "documentation": "<p>If the NAT gateway could not be created, specifies the error code for the failure. (<code>InsufficientFreeAddressesInSubnet</code> | <code>Gateway.NotAttached</code> | <code>InvalidAllocationID.NotFound</code> | <code>Resource.AlreadyAssociated</code> | <code>InternalError</code> | <code>InvalidSubnetID.NotFound</code>)</p>", + "locationName": "failureCode" + }, + "FailureMessage": { + "shape": "String", + "documentation": "<p>If the NAT gateway could not be created, specifies the error message for the failure, that corresponds to the error code.</p> <ul> <li> <p>For InsufficientFreeAddressesInSubnet: \"Subnet has insufficient free addresses to create this NAT gateway\"</p> </li> <li> <p>For Gateway.NotAttached: \"Network vpc-xxxxxxxx has no Internet gateway attached\"</p> </li> <li> <p>For InvalidAllocationID.NotFound: \"Elastic IP address eipalloc-xxxxxxxx could not be associated with this NAT gateway\"</p> </li> <li> <p>For Resource.AlreadyAssociated: \"Elastic IP address eipalloc-xxxxxxxx is already associated\"</p> </li> <li> <p>For InternalError: \"Network interface eni-xxxxxxxx, created and used internally by this NAT gateway is in an invalid state. Please try again.\"</p> </li> <li> <p>For InvalidSubnetID.NotFound: \"The specified subnet subnet-xxxxxxxx does not exist or could not be found.\"</p> </li> </ul>", + "locationName": "failureMessage" + }, + "NatGatewayAddresses": { + "shape": "NatGatewayAddressList", + "documentation": "<p>Information about the IP addresses and network interface associated with the NAT gateway.</p>", + "locationName": "natGatewayAddressSet" + }, + "NatGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the NAT gateway.</p>", + "locationName": "natGatewayId" + }, + "ProvisionedBandwidth": { + "shape": "ProvisionedBandwidth", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "provisionedBandwidth" + }, + "State": { + "shape": "NatGatewayState", + "documentation": "<p>The state of the NAT gateway.</p> <ul> <li> <p> <code>pending</code>: The NAT gateway is being created and is not ready to process traffic.</p> </li> <li> <p> <code>failed</code>: The NAT gateway could not be created. Check the <code>failureCode</code> and <code>failureMessage</code> fields for the reason.</p> </li> <li> <p> <code>available</code>: The NAT gateway is able to process traffic. This status remains until you delete the NAT gateway, and does not indicate the health of the NAT gateway.</p> </li> <li> <p> <code>deleting</code>: The NAT gateway is in the process of being terminated and may still be processing traffic.</p> </li> <li> <p> <code>deleted</code>: The NAT gateway has been terminated and is no longer processing traffic.</p> </li> </ul>", + "locationName": "state" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which the NAT gateway is located.</p>", + "locationName": "subnetId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC in which the NAT gateway is located.</p>", + "locationName": "vpcId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the NAT gateway.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a NAT gateway.</p>" + }, + "NatGatewayAddress": { + "type": "structure", + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>The allocation ID of the Elastic IP address that's associated with the NAT gateway.</p>", + "locationName": "allocationId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface associated with the NAT gateway.</p>", + "locationName": "networkInterfaceId" + }, + "PrivateIp": { + "shape": "String", + "documentation": "<p>The private IP address associated with the Elastic IP address.</p>", + "locationName": "privateIp" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address associated with the NAT gateway.</p>", + "locationName": "publicIp" + } + }, + "documentation": "<p>Describes the IP addresses and network interface associated with a NAT gateway.</p>" + }, + "NatGatewayAddressList": { + "type": "list", + "member": { + "shape": "NatGatewayAddress", + "locationName": "item" + } + }, + "NatGatewayList": { + "type": "list", + "member": { + "shape": "NatGateway", + "locationName": "item" + } + }, + "NatGatewayState": { + "type": "string", + "enum": [ + "pending", + "failed", + "available", + "deleting", + "deleted" + ] + }, + "NetworkAcl": { + "type": "structure", + "members": { + "Associations": { + "shape": "NetworkAclAssociationList", + "documentation": "<p>Any associations between the network ACL and one or more subnets</p>", + "locationName": "associationSet" + }, + "Entries": { + "shape": "NetworkAclEntryList", + "documentation": "<p>One or more entries (rules) in the network ACL.</p>", + "locationName": "entrySet" + }, + "IsDefault": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is the default network ACL for the VPC.</p>", + "locationName": "default" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the network ACL.</p>", + "locationName": "networkAclId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the network ACL.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC for the network ACL.</p>", + "locationName": "vpcId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the network ACL.</p>", + "locationName": "ownerId" + } + }, + "documentation": "<p>Describes a network ACL.</p>" + }, + "NetworkAclAssociation": { + "type": "structure", + "members": { + "NetworkAclAssociationId": { + "shape": "String", + "documentation": "<p>The ID of the association between a network ACL and a subnet.</p>", + "locationName": "networkAclAssociationId" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the network ACL.</p>", + "locationName": "networkAclId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + } + }, + "documentation": "<p>Describes an association between a network ACL and a subnet.</p>" + }, + "NetworkAclAssociationList": { + "type": "list", + "member": { + "shape": "NetworkAclAssociation", + "locationName": "item" + } + }, + "NetworkAclEntry": { + "type": "structure", + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 network range to allow or deny, in CIDR notation.</p>", + "locationName": "cidrBlock" + }, + "Egress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).</p>", + "locationName": "egress" + }, + "IcmpTypeCode": { + "shape": "IcmpTypeCode", + "documentation": "<p>ICMP protocol: The ICMP type and code.</p>", + "locationName": "icmpTypeCode" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 network range to allow or deny, in CIDR notation.</p>", + "locationName": "ipv6CidrBlock" + }, + "PortRange": { + "shape": "PortRange", + "documentation": "<p>TCP or UDP protocols: The range of ports the rule applies to.</p>", + "locationName": "portRange" + }, + "Protocol": { + "shape": "String", + "documentation": "<p>The protocol number. A value of \"-1\" means all protocols.</p>", + "locationName": "protocol" + }, + "RuleAction": { + "shape": "RuleAction", + "documentation": "<p>Indicates whether to allow or deny the traffic that matches the rule.</p>", + "locationName": "ruleAction" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The rule number for the entry. ACL entries are processed in ascending order by rule number.</p>", + "locationName": "ruleNumber" + } + }, + "documentation": "<p>Describes an entry in a network ACL.</p>" + }, + "NetworkAclEntryList": { + "type": "list", + "member": { + "shape": "NetworkAclEntry", + "locationName": "item" + } + }, + "NetworkAclList": { + "type": "list", + "member": { + "shape": "NetworkAcl", + "locationName": "item" + } + }, + "NetworkInterface": { + "type": "structure", + "members": { + "Association": { + "shape": "NetworkInterfaceAssociation", + "documentation": "<p>The association information for an Elastic IP address (IPv4) associated with the network interface.</p>", + "locationName": "association" + }, + "Attachment": { + "shape": "NetworkInterfaceAttachment", + "documentation": "<p>The network interface attachment.</p>", + "locationName": "attachment" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p>", + "locationName": "availabilityZone" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description.</p>", + "locationName": "description" + }, + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>Any security groups for the network interface.</p>", + "locationName": "groupSet" + }, + "InterfaceType": { + "shape": "NetworkInterfaceType", + "documentation": "<p>The type of network interface.</p>", + "locationName": "interfaceType" + }, + "Ipv6Addresses": { + "shape": "NetworkInterfaceIpv6AddressesList", + "documentation": "<p>The IPv6 addresses associated with the network interface.</p>", + "locationName": "ipv6AddressesSet" + }, + "MacAddress": { + "shape": "String", + "documentation": "<p>The MAC address.</p>", + "locationName": "macAddress" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the network interface.</p>", + "locationName": "ownerId" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private DNS name.</p>", + "locationName": "privateDnsName" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The IPv4 address of the network interface within the subnet.</p>", + "locationName": "privateIpAddress" + }, + "PrivateIpAddresses": { + "shape": "NetworkInterfacePrivateIpAddressList", + "documentation": "<p>The private IPv4 addresses associated with the network interface.</p>", + "locationName": "privateIpAddressesSet" + }, + "RequesterId": { + "shape": "String", + "documentation": "<p>The ID of the entity that launched the instance on your behalf (for example, AWS Management Console or Auto Scaling).</p>", + "locationName": "requesterId" + }, + "RequesterManaged": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is being managed by AWS.</p>", + "locationName": "requesterManaged" + }, + "SourceDestCheck": { + "shape": "Boolean", + "documentation": "<p>Indicates whether traffic to or from the instance is validated.</p>", + "locationName": "sourceDestCheck" + }, + "Status": { + "shape": "NetworkInterfaceStatus", + "documentation": "<p>The status of the network interface.</p>", + "locationName": "status" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + }, + "TagSet": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the network interface.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes a network interface.</p>" + }, + "NetworkInterfaceAssociation": { + "type": "structure", + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>The allocation ID.</p>", + "locationName": "allocationId" + }, + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID.</p>", + "locationName": "associationId" + }, + "IpOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the Elastic IP address owner.</p>", + "locationName": "ipOwnerId" + }, + "PublicDnsName": { + "shape": "String", + "documentation": "<p>The public DNS name.</p>", + "locationName": "publicDnsName" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The address of the Elastic IP address bound to the network interface.</p>", + "locationName": "publicIp" + } + }, + "documentation": "<p>Describes association information for an Elastic IP address (IPv4 only).</p>" + }, + "NetworkInterfaceAttachment": { + "type": "structure", + "members": { + "AttachTime": { + "shape": "DateTime", + "documentation": "<p>The timestamp indicating when the attachment initiated.</p>", + "locationName": "attachTime" + }, + "AttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the network interface attachment.</p>", + "locationName": "attachmentId" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is deleted when the instance is terminated.</p>", + "locationName": "deleteOnTermination" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The device index of the network interface attachment on the instance.</p>", + "locationName": "deviceIndex" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "InstanceOwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the instance.</p>", + "locationName": "instanceOwnerId" + }, + "Status": { + "shape": "AttachmentStatus", + "documentation": "<p>The attachment state.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes a network interface attachment.</p>" + }, + "NetworkInterfaceAttachmentChanges": { + "type": "structure", + "members": { + "AttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the network interface attachment.</p>", + "locationName": "attachmentId" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the network interface is deleted when the instance is terminated.</p>", + "locationName": "deleteOnTermination" + } + }, + "documentation": "<p>Describes an attachment change.</p>" + }, + "NetworkInterfaceAttribute": { + "type": "string", + "enum": [ + "description", + "groupSet", + "sourceDestCheck", + "attachment" + ] + }, + "NetworkInterfaceCreationType": { + "type": "string", + "enum": [ + "efa" + ] + }, + "NetworkInterfaceIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "NetworkInterfaceIpv6Address": { + "type": "structure", + "members": { + "Ipv6Address": { + "shape": "String", + "documentation": "<p>The IPv6 address.</p>", + "locationName": "ipv6Address" + } + }, + "documentation": "<p>Describes an IPv6 address associated with a network interface.</p>" + }, + "NetworkInterfaceIpv6AddressesList": { + "type": "list", + "member": { + "shape": "NetworkInterfaceIpv6Address", + "locationName": "item" + } + }, + "NetworkInterfaceList": { + "type": "list", + "member": { + "shape": "NetworkInterface", + "locationName": "item" + } + }, + "NetworkInterfacePermission": { + "type": "structure", + "members": { + "NetworkInterfacePermissionId": { + "shape": "String", + "documentation": "<p>The ID of the network interface permission.</p>", + "locationName": "networkInterfacePermissionId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "AwsAccountId": { + "shape": "String", + "documentation": "<p>The AWS account ID.</p>", + "locationName": "awsAccountId" + }, + "AwsService": { + "shape": "String", + "documentation": "<p>The AWS service.</p>", + "locationName": "awsService" + }, + "Permission": { + "shape": "InterfacePermissionType", + "documentation": "<p>The type of permission.</p>", + "locationName": "permission" + }, + "PermissionState": { + "shape": "NetworkInterfacePermissionState", + "documentation": "<p>Information about the state of the permission.</p>", + "locationName": "permissionState" + } + }, + "documentation": "<p>Describes a permission for a network interface.</p>" + }, + "NetworkInterfacePermissionIdList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "NetworkInterfacePermissionList": { + "type": "list", + "member": { + "shape": "NetworkInterfacePermission", + "locationName": "item" + } + }, + "NetworkInterfacePermissionState": { + "type": "structure", + "members": { + "State": { + "shape": "NetworkInterfacePermissionStateCode", + "documentation": "<p>The state of the permission.</p>", + "locationName": "state" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A status message, if applicable.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes the state of a network interface permission.</p>" + }, + "NetworkInterfacePermissionStateCode": { + "type": "string", + "enum": [ + "pending", + "granted", + "revoking", + "revoked" + ] + }, + "NetworkInterfacePrivateIpAddress": { + "type": "structure", + "members": { + "Association": { + "shape": "NetworkInterfaceAssociation", + "documentation": "<p>The association information for an Elastic IP address (IPv4) associated with the network interface.</p>", + "locationName": "association" + }, + "Primary": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this IPv4 address is the primary private IPv4 address of the network interface.</p>", + "locationName": "primary" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private DNS name.</p>", + "locationName": "privateDnsName" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IPv4 address.</p>", + "locationName": "privateIpAddress" + } + }, + "documentation": "<p>Describes the private IPv4 address of a network interface.</p>" + }, + "NetworkInterfacePrivateIpAddressList": { + "type": "list", + "member": { + "shape": "NetworkInterfacePrivateIpAddress", + "locationName": "item" + } + }, + "NetworkInterfaceStatus": { + "type": "string", + "enum": [ + "available", + "associated", + "attaching", + "in-use", + "detaching" + ] + }, + "NetworkInterfaceType": { + "type": "string", + "enum": [ + "interface", + "natGateway", + "efa" + ] + }, + "NewDhcpConfiguration": { + "type": "structure", + "members": { + "Key": { + "shape": "String", + "locationName": "key" + }, + "Values": { + "shape": "ValueStringList", + "locationName": "Value" + } + } + }, + "NewDhcpConfigurationList": { + "type": "list", + "member": { + "shape": "NewDhcpConfiguration", + "locationName": "item" + } + }, + "NextToken": { + "type": "string", + "max": 1024, + "min": 1 + }, + "OccurrenceDayRequestSet": { + "type": "list", + "member": { + "shape": "Integer", + "locationName": "OccurenceDay" + } + }, + "OccurrenceDaySet": { + "type": "list", + "member": { + "shape": "Integer", + "locationName": "item" + } + }, + "OfferingClassType": { + "type": "string", + "enum": [ + "standard", + "convertible" + ] + }, + "OfferingTypeValues": { + "type": "string", + "enum": [ + "Heavy Utilization", + "Medium Utilization", + "Light Utilization", + "No Upfront", + "Partial Upfront", + "All Upfront" + ] + }, + "OnDemandAllocationStrategy": { + "type": "string", + "enum": [ + "lowestPrice", + "prioritized" + ] + }, + "OnDemandOptions": { + "type": "structure", + "members": { + "AllocationStrategy": { + "shape": "FleetOnDemandAllocationStrategy", + "documentation": "<p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify <code>lowest-price</code>, EC2 Fleet uses price to determine the order, launching the lowest price first. If you specify <code>prioritized</code>, EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first. If you do not specify a value, EC2 Fleet defaults to <code>lowest-price</code>.</p>", + "locationName": "allocationStrategy" + }, + "SingleInstanceType": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.</p>", + "locationName": "singleInstanceType" + }, + "SingleAvailabilityZone": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.</p>", + "locationName": "singleAvailabilityZone" + }, + "MinTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>", + "locationName": "minTargetCapacity" + } + }, + "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>" + }, + "OnDemandOptionsRequest": { + "type": "structure", + "members": { + "AllocationStrategy": { + "shape": "FleetOnDemandAllocationStrategy", + "documentation": "<p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify <code>lowest-price</code>, EC2 Fleet uses price to determine the order, launching the lowest price first. If you specify <code>prioritized</code>, EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first. If you do not specify a value, EC2 Fleet defaults to <code>lowest-price</code>.</p>" + }, + "SingleInstanceType": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.</p>" + }, + "SingleAvailabilityZone": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.</p>" + }, + "MinTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The minimum target capacity for On-Demand Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>" + } + }, + "documentation": "<p>The allocation strategy of On-Demand Instances in an EC2 Fleet.</p>" + }, + "OperationType": { + "type": "string", + "enum": [ + "add", + "remove" + ] + }, + "OwnerStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "Owner" + } + }, + "PaymentOption": { + "type": "string", + "enum": [ + "AllUpfront", + "PartialUpfront", + "NoUpfront" + ] + }, + "PciId": { + "type": "structure", + "members": { + "DeviceId": { + "shape": "String", + "documentation": "<p>The ID of the device.</p>" + }, + "VendorId": { + "shape": "String", + "documentation": "<p>The ID of the vendor.</p>" + }, + "SubsystemId": { + "shape": "String", + "documentation": "<p>The ID of the subsystem.</p>" + }, + "SubsystemVendorId": { + "shape": "String", + "documentation": "<p>The ID of the vendor for the subsystem.</p>" + } + }, + "documentation": "<p>Describes the data that identifies an Amazon FPGA image (AFI) on the PCI bus.</p>" + }, + "PeeringConnectionOptions": { + "type": "structure", + "members": { + "AllowDnsResolutionFromRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>If true, the public DNS hostnames of instances in the specified VPC resolve to private IP addresses when queried from instances in the peer VPC.</p>", + "locationName": "allowDnsResolutionFromRemoteVpc" + }, + "AllowEgressFromLocalClassicLinkToRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC using ClassicLink to instances in a peer VPC.</p>", + "locationName": "allowEgressFromLocalClassicLinkToRemoteVpc" + }, + "AllowEgressFromLocalVpcToRemoteClassicLink": { + "shape": "Boolean", + "documentation": "<p>If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC using ClassicLink.</p>", + "locationName": "allowEgressFromLocalVpcToRemoteClassicLink" + } + }, + "documentation": "<p>Describes the VPC peering connection options.</p>" + }, + "PeeringConnectionOptionsRequest": { + "type": "structure", + "members": { + "AllowDnsResolutionFromRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>If true, enables a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.</p>" + }, + "AllowEgressFromLocalClassicLinkToRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC using ClassicLink to instances in a peer VPC.</p>" + }, + "AllowEgressFromLocalVpcToRemoteClassicLink": { + "shape": "Boolean", + "documentation": "<p>If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC using ClassicLink.</p>" + } + }, + "documentation": "<p>The VPC peering connection options.</p>" + }, + "PermissionGroup": { + "type": "string", + "enum": [ + "all" + ] + }, + "Placement": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the instance.</p> <p>If not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.</p>", + "locationName": "availabilityZone" + }, + "Affinity": { + "shape": "String", + "documentation": "<p>The affinity setting for the instance on the Dedicated Host. This parameter is not supported for the <a>ImportInstance</a> command.</p>", + "locationName": "affinity" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group the instance is in.</p>", + "locationName": "groupName" + }, + "PartitionNumber": { + "shape": "Integer", + "documentation": "<p>The number of the partition the instance is in. Valid only if the placement group strategy is set to <code>partition</code>.</p>", + "locationName": "partitionNumber" + }, + "HostId": { + "shape": "String", + "documentation": "<p>The ID of the Dedicated Host on which the instance resides. This parameter is not supported for the <a>ImportInstance</a> command.</p>", + "locationName": "hostId" + }, + "Tenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code> tenancy is not supported for the <a>ImportInstance</a> command.</p>", + "locationName": "tenancy" + }, + "SpreadDomain": { + "shape": "String", + "documentation": "<p>Reserved for future use.</p>", + "locationName": "spreadDomain" + } + }, + "documentation": "<p>Describes the placement of an instance.</p>" + }, + "PlacementGroup": { + "type": "structure", + "members": { + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group.</p>", + "locationName": "groupName" + }, + "State": { + "shape": "PlacementGroupState", + "documentation": "<p>The state of the placement group.</p>", + "locationName": "state" + }, + "Strategy": { + "shape": "PlacementStrategy", + "documentation": "<p>The placement strategy.</p>", + "locationName": "strategy" + }, + "PartitionCount": { + "shape": "Integer", + "documentation": "<p>The number of partitions. Valid only if <b>strategy</b> is set to <code>partition</code>.</p>", + "locationName": "partitionCount" + } + }, + "documentation": "<p>Describes a placement group.</p>" + }, + "PlacementGroupList": { + "type": "list", + "member": { + "shape": "PlacementGroup", + "locationName": "item" + } + }, + "PlacementGroupState": { + "type": "string", + "enum": [ + "pending", + "available", + "deleting", + "deleted" + ] + }, + "PlacementGroupStringList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "PlacementResponse": { + "type": "structure", + "members": { + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group the instance is in.</p>", + "locationName": "groupName" + } + }, + "documentation": "<p>Describes the placement of an instance.</p>" + }, + "PlacementStrategy": { + "type": "string", + "enum": [ + "cluster", + "spread", + "partition" + ] + }, + "PlatformValues": { + "type": "string", + "enum": [ + "Windows" + ] + }, + "PoolMaxResults": { + "type": "integer", + "max": 10, + "min": 1 + }, + "PortRange": { + "type": "structure", + "members": { + "From": { + "shape": "Integer", + "documentation": "<p>The first port in the range.</p>", + "locationName": "from" + }, + "To": { + "shape": "Integer", + "documentation": "<p>The last port in the range.</p>", + "locationName": "to" + } + }, + "documentation": "<p>Describes a range of ports.</p>" + }, + "PrefixList": { + "type": "structure", + "members": { + "Cidrs": { + "shape": "ValueStringList", + "documentation": "<p>The IP address range of the AWS service.</p>", + "locationName": "cidrSet" + }, + "PrefixListId": { + "shape": "String", + "documentation": "<p>The ID of the prefix.</p>", + "locationName": "prefixListId" + }, + "PrefixListName": { + "shape": "String", + "documentation": "<p>The name of the prefix.</p>", + "locationName": "prefixListName" + } + }, + "documentation": "<p>Describes prefixes for AWS services.</p>" + }, + "PrefixListId": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the security group rule that references this prefix list ID.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>", + "locationName": "description" + }, + "PrefixListId": { + "shape": "String", + "documentation": "<p>The ID of the prefix.</p>", + "locationName": "prefixListId" + } + }, + "documentation": "<p>Describes a prefix list ID.</p>" + }, + "PrefixListIdList": { + "type": "list", + "member": { + "shape": "PrefixListId", + "locationName": "item" + } + }, + "PrefixListIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "PrefixListSet": { + "type": "list", + "member": { + "shape": "PrefixList", + "locationName": "item" + } + }, + "PriceSchedule": { + "type": "structure", + "members": { + "Active": { + "shape": "Boolean", + "documentation": "<p>The current price schedule, as determined by the term remaining for the Reserved Instance in the listing.</p> <p>A specific price schedule is always in effect, but only one price schedule can be active at any time. Take, for example, a Reserved Instance listing that has five months remaining in its term. When you specify price schedules for five months and two months, this means that schedule 1, covering the first three months of the remaining term, will be active during months 5, 4, and 3. Then schedule 2, covering the last two months of the term, will be active for months 2 and 1.</p>", + "locationName": "active" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency for transacting the Reserved Instance resale. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Price": { + "shape": "Double", + "documentation": "<p>The fixed price for the term.</p>", + "locationName": "price" + }, + "Term": { + "shape": "Long", + "documentation": "<p>The number of months remaining in the reservation. For example, 2 is the second to the last month before the capacity reservation expires.</p>", + "locationName": "term" + } + }, + "documentation": "<p>Describes the price for a Reserved Instance.</p>" + }, + "PriceScheduleList": { + "type": "list", + "member": { + "shape": "PriceSchedule", + "locationName": "item" + } + }, + "PriceScheduleSpecification": { + "type": "structure", + "members": { + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency for transacting the Reserved Instance resale. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Price": { + "shape": "Double", + "documentation": "<p>The fixed price for the term.</p>", + "locationName": "price" + }, + "Term": { + "shape": "Long", + "documentation": "<p>The number of months remaining in the reservation. For example, 2 is the second to the last month before the capacity reservation expires.</p>", + "locationName": "term" + } + }, + "documentation": "<p>Describes the price for a Reserved Instance.</p>" + }, + "PriceScheduleSpecificationList": { + "type": "list", + "member": { + "shape": "PriceScheduleSpecification", + "locationName": "item" + } + }, + "PricingDetail": { + "type": "structure", + "members": { + "Count": { + "shape": "Integer", + "documentation": "<p>The number of reservations available for the price.</p>", + "locationName": "count" + }, + "Price": { + "shape": "Double", + "documentation": "<p>The price per instance.</p>", + "locationName": "price" + } + }, + "documentation": "<p>Describes a Reserved Instance offering.</p>" + }, + "PricingDetailsList": { + "type": "list", + "member": { + "shape": "PricingDetail", + "locationName": "item" + } + }, + "PrincipalIdFormat": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>PrincipalIdFormatARN description</p>", + "locationName": "arn" + }, + "Statuses": { + "shape": "IdFormatList", + "documentation": "<p>PrincipalIdFormatStatuses description</p>", + "locationName": "statusSet" + } + }, + "documentation": "<p>PrincipalIdFormat description</p>" + }, + "PrincipalIdFormatList": { + "type": "list", + "member": { + "shape": "PrincipalIdFormat", + "locationName": "item" + } + }, + "PrincipalType": { + "type": "string", + "enum": [ + "All", + "Service", + "OrganizationUnit", + "Account", + "User", + "Role" + ] + }, + "PrivateIpAddressConfigSet": { + "type": "list", + "member": { + "shape": "ScheduledInstancesPrivateIpAddressConfig", + "locationName": "PrivateIpAddressConfigSet" + } + }, + "PrivateIpAddressSpecification": { + "type": "structure", + "members": { + "Primary": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.</p>", + "locationName": "primary" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The private IPv4 addresses.</p>", + "locationName": "privateIpAddress" + } + }, + "documentation": "<p>Describes a secondary private IPv4 address for a network interface.</p>" + }, + "PrivateIpAddressSpecificationList": { + "type": "list", + "member": { + "shape": "PrivateIpAddressSpecification", + "locationName": "item" + } + }, + "PrivateIpAddressStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "PrivateIpAddress" + } + }, + "ProductCode": { + "type": "structure", + "members": { + "ProductCodeId": { + "shape": "String", + "documentation": "<p>The product code.</p>", + "locationName": "productCode" + }, + "ProductCodeType": { + "shape": "ProductCodeValues", + "documentation": "<p>The type of product code.</p>", + "locationName": "type" + } + }, + "documentation": "<p>Describes a product code.</p>" + }, + "ProductCodeList": { + "type": "list", + "member": { + "shape": "ProductCode", + "locationName": "item" + } + }, + "ProductCodeStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ProductCode" + } + }, + "ProductCodeValues": { + "type": "string", + "enum": [ + "devpay", + "marketplace" + ] + }, + "ProductDescriptionList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "PropagatingVgw": { + "type": "structure", + "members": { + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>", + "locationName": "gatewayId" + } + }, + "documentation": "<p>Describes a virtual private gateway propagating route.</p>" + }, + "PropagatingVgwList": { + "type": "list", + "member": { + "shape": "PropagatingVgw", + "locationName": "item" + } + }, + "ProvisionByoipCidrRequest": { + "type": "structure", + "required": [ + "Cidr" + ], + "members": { + "Cidr": { + "shape": "String", + "documentation": "<p>The public IPv4 address range, in CIDR notation. The most specific prefix that you can specify is /24. The address range cannot overlap with another address range that you've brought to this or another Region.</p>" + }, + "CidrAuthorizationContext": { + "shape": "CidrAuthorizationContext", + "documentation": "<p>A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for the address range and the address pool.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ProvisionByoipCidrResult": { + "type": "structure", + "members": { + "ByoipCidr": { + "shape": "ByoipCidr", + "documentation": "<p>Information about the address pool.</p>", + "locationName": "byoipCidr" + } + } + }, + "ProvisionedBandwidth": { + "type": "structure", + "members": { + "ProvisionTime": { + "shape": "DateTime", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "provisionTime" + }, + "Provisioned": { + "shape": "String", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "provisioned" + }, + "RequestTime": { + "shape": "DateTime", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "requestTime" + }, + "Requested": { + "shape": "String", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "requested" + }, + "Status": { + "shape": "String", + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Reserved. If you need to sustain traffic greater than the <a href=\"https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html\">documented limits</a>, contact us through the <a href=\"https://console.aws.amazon.com/support/home?\">Support Center</a>.</p>" + }, + "PublicIpStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "PublicIp" + } + }, + "PublicIpv4Pool": { + "type": "structure", + "members": { + "PoolId": { + "shape": "String", + "documentation": "<p>The ID of the IPv4 address pool.</p>", + "locationName": "poolId" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the address pool.</p>", + "locationName": "description" + }, + "PoolAddressRanges": { + "shape": "PublicIpv4PoolRangeSet", + "documentation": "<p>The address ranges.</p>", + "locationName": "poolAddressRangeSet" + }, + "TotalAddressCount": { + "shape": "Integer", + "documentation": "<p>The total number of addresses.</p>", + "locationName": "totalAddressCount" + }, + "TotalAvailableAddressCount": { + "shape": "Integer", + "documentation": "<p>The total number of available addresses.</p>", + "locationName": "totalAvailableAddressCount" + } + }, + "documentation": "<p>Describes an address pool.</p>" + }, + "PublicIpv4PoolRange": { + "type": "structure", + "members": { + "FirstAddress": { + "shape": "String", + "documentation": "<p>The first IP address in the range.</p>", + "locationName": "firstAddress" + }, + "LastAddress": { + "shape": "String", + "documentation": "<p>The last IP address in the range.</p>", + "locationName": "lastAddress" + }, + "AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of addresses in the range.</p>", + "locationName": "addressCount" + }, + "AvailableAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of available addresses in the range.</p>", + "locationName": "availableAddressCount" + } + }, + "documentation": "<p>Describes an address range of an IPv4 address pool.</p>" + }, + "PublicIpv4PoolRangeSet": { + "type": "list", + "member": { + "shape": "PublicIpv4PoolRange", + "locationName": "item" + } + }, + "PublicIpv4PoolSet": { + "type": "list", + "member": { + "shape": "PublicIpv4Pool", + "locationName": "item" + } + }, + "Purchase": { + "type": "structure", + "members": { + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>UpfrontPrice</code> and <code>HourlyPrice</code> amounts are specified. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Duration": { + "shape": "Integer", + "documentation": "<p>The duration of the reservation's term in seconds.</p>", + "locationName": "duration" + }, + "HostIdSet": { + "shape": "ResponseHostIdSet", + "documentation": "<p>The IDs of the Dedicated Hosts associated with the reservation.</p>", + "locationName": "hostIdSet" + }, + "HostReservationId": { + "shape": "String", + "documentation": "<p>The ID of the reservation.</p>", + "locationName": "hostReservationId" + }, + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly price of the reservation per hour.</p>", + "locationName": "hourlyPrice" + }, + "InstanceFamily": { + "shape": "String", + "documentation": "<p>The instance family on the Dedicated Host that the reservation can be associated with.</p>", + "locationName": "instanceFamily" + }, + "PaymentOption": { + "shape": "PaymentOption", + "documentation": "<p>The payment option for the reservation.</p>", + "locationName": "paymentOption" + }, + "UpfrontPrice": { + "shape": "String", + "documentation": "<p>The upfront price of the reservation.</p>", + "locationName": "upfrontPrice" + } + }, + "documentation": "<p>Describes the result of the purchase.</p>" + }, + "PurchaseHostReservationRequest": { + "type": "structure", + "required": [ + "HostIdSet", + "OfferingId" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>totalUpfrontPrice</code>, <code>LimitPrice</code>, and <code>totalHourlyPrice</code> amounts are specified. At this time, the only supported currency is <code>USD</code>.</p>" + }, + "HostIdSet": { + "shape": "RequestHostIdSet", + "documentation": "<p>The IDs of the Dedicated Hosts with which the reservation will be associated.</p>" + }, + "LimitPrice": { + "shape": "String", + "documentation": "<p>The specified limit is checked against the total upfront cost of the reservation (calculated as the offering's upfront cost multiplied by the host count). If the total upfront cost is greater than the specified price limit, the request fails. This is used to ensure that the purchase does not exceed the expected upfront cost of the purchase. At this time, the only supported currency is <code>USD</code>. For example, to indicate a limit price of USD 100, specify 100.00.</p>" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The ID of the offering.</p>" + } + } + }, + "PurchaseHostReservationResult": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>totalUpfrontPrice</code> and <code>totalHourlyPrice</code> amounts are specified. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "Purchase": { + "shape": "PurchaseSet", + "documentation": "<p>Describes the details of the purchase.</p>", + "locationName": "purchase" + }, + "TotalHourlyPrice": { + "shape": "String", + "documentation": "<p>The total hourly price of the reservation calculated per hour.</p>", + "locationName": "totalHourlyPrice" + }, + "TotalUpfrontPrice": { + "shape": "String", + "documentation": "<p>The total amount charged to your account when you purchase the reservation.</p>", + "locationName": "totalUpfrontPrice" + } + } + }, + "PurchaseRequest": { + "type": "structure", + "required": [ + "InstanceCount", + "PurchaseToken" + ], + "members": { + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances.</p>" + }, + "PurchaseToken": { + "shape": "String", + "documentation": "<p>The purchase token.</p>" + } + }, + "documentation": "<p>Describes a request to purchase Scheduled Instances.</p>" + }, + "PurchaseRequestSet": { + "type": "list", + "member": { + "shape": "PurchaseRequest", + "locationName": "PurchaseRequest" + }, + "min": 1 + }, + "PurchaseReservedInstancesOfferingRequest": { + "type": "structure", + "required": [ + "InstanceCount", + "ReservedInstancesOfferingId" + ], + "members": { + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of Reserved Instances to purchase.</p>" + }, + "ReservedInstancesOfferingId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance offering to purchase.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "LimitPrice": { + "shape": "ReservedInstanceLimitPrice", + "documentation": "<p>Specified for Reserved Instance Marketplace offerings to limit the total order and ensure that the Reserved Instances are not purchased at unexpected prices.</p>", + "locationName": "limitPrice" + } + }, + "documentation": "<p>Contains the parameters for PurchaseReservedInstancesOffering.</p>" + }, + "PurchaseReservedInstancesOfferingResult": { + "type": "structure", + "members": { + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The IDs of the purchased Reserved Instances.</p>", + "locationName": "reservedInstancesId" + } + }, + "documentation": "<p>Contains the output of PurchaseReservedInstancesOffering.</p>" + }, + "PurchaseScheduledInstancesRequest": { + "type": "structure", + "required": [ + "PurchaseRequests" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that ensures the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "idempotencyToken": true + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "PurchaseRequests": { + "shape": "PurchaseRequestSet", + "documentation": "<p>The purchase requests.</p>", + "locationName": "PurchaseRequest" + } + }, + "documentation": "<p>Contains the parameters for PurchaseScheduledInstances.</p>" + }, + "PurchaseScheduledInstancesResult": { + "type": "structure", + "members": { + "ScheduledInstanceSet": { + "shape": "PurchasedScheduledInstanceSet", + "documentation": "<p>Information about the Scheduled Instances.</p>", + "locationName": "scheduledInstanceSet" + } + }, + "documentation": "<p>Contains the output of PurchaseScheduledInstances.</p>" + }, + "PurchaseSet": { + "type": "list", + "member": { + "shape": "Purchase", + "locationName": "item" + } + }, + "PurchasedScheduledInstanceSet": { + "type": "list", + "member": { + "shape": "ScheduledInstance", + "locationName": "item" + } + }, + "RIProductDescription": { + "type": "string", + "enum": [ + "Linux/UNIX", + "Linux/UNIX (Amazon VPC)", + "Windows", + "Windows (Amazon VPC)" + ] + }, + "ReasonCodesList": { + "type": "list", + "member": { + "shape": "ReportInstanceReasonCodes", + "locationName": "item" + } + }, + "RebootInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The instance IDs.</p>", + "locationName": "InstanceId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "RecurringCharge": { + "type": "structure", + "members": { + "Amount": { + "shape": "Double", + "documentation": "<p>The amount of the recurring charge.</p>", + "locationName": "amount" + }, + "Frequency": { + "shape": "RecurringChargeFrequency", + "documentation": "<p>The frequency of the recurring charge.</p>", + "locationName": "frequency" + } + }, + "documentation": "<p>Describes a recurring charge.</p>" + }, + "RecurringChargeFrequency": { + "type": "string", + "enum": [ + "Hourly" + ] + }, + "RecurringChargesList": { + "type": "list", + "member": { + "shape": "RecurringCharge", + "locationName": "item" + } + }, + "Region": { + "type": "structure", + "members": { + "Endpoint": { + "shape": "String", + "documentation": "<p>The Region service endpoint.</p>", + "locationName": "regionEndpoint" + }, + "RegionName": { + "shape": "String", + "documentation": "<p>The name of the Region.</p>", + "locationName": "regionName" + } + }, + "documentation": "<p>Describes a Region.</p>" + }, + "RegionList": { + "type": "list", + "member": { + "shape": "Region", + "locationName": "item" + } + }, + "RegionNameStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "RegionName" + } + }, + "RegisterImageRequest": { + "type": "structure", + "required": [ + "Name" + ], + "members": { + "ImageLocation": { + "shape": "String", + "documentation": "<p>The full path to your AMI manifest in Amazon S3 storage. The specified bucket must have the <code>aws-exec-read</code> canned access control list (ACL) to ensure that it can be accessed by Amazon EC2. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl\">Canned ACLs</a> in the <i>Amazon S3 Service Developer Guide</i>.</p>" + }, + "Architecture": { + "shape": "ArchitectureValues", + "documentation": "<p>The architecture of the AMI.</p> <p>Default: For Amazon EBS-backed AMIs, <code>i386</code>. For instance store-backed AMIs, the architecture specified in the manifest file.</p>", + "locationName": "architecture" + }, + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingRequestList", + "documentation": "<p>The block device mapping entries.</p>", + "locationName": "BlockDeviceMapping" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description for your AMI.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EnaSupport": { + "shape": "Boolean", + "documentation": "<p>Set to <code>true</code> to enable enhanced networking with ENA for the AMI and any instances that you launch from the AMI.</p> <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>", + "locationName": "enaSupport" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p>", + "locationName": "kernelId" + }, + "Name": { + "shape": "String", + "documentation": "<p>A name for your AMI.</p> <p>Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)</p>", + "locationName": "name" + }, + "BillingProducts": { + "shape": "BillingProductList", + "documentation": "<p>The billing product codes. Your account must be authorized to specify billing product codes. Otherwise, you can use the AWS Marketplace to bill for the use of an AMI.</p>", + "locationName": "BillingProduct" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk.</p>", + "locationName": "ramdiskId" + }, + "RootDeviceName": { + "shape": "String", + "documentation": "<p>The device name of the root device volume (for example, <code>/dev/sda1</code>).</p>", + "locationName": "rootDeviceName" + }, + "SriovNetSupport": { + "shape": "String", + "documentation": "<p>Set to <code>simple</code> to enable enhanced networking with the Intel 82599 Virtual Function interface for the AMI and any instances that you launch from the AMI.</p> <p>There is no way to disable <code>sriovNetSupport</code> at this time.</p> <p>This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make instances launched from the AMI unreachable.</p>", + "locationName": "sriovNetSupport" + }, + "VirtualizationType": { + "shape": "String", + "documentation": "<p>The type of virtualization (<code>hvm</code> | <code>paravirtual</code>).</p> <p>Default: <code>paravirtual</code> </p>", + "locationName": "virtualizationType" + } + }, + "documentation": "<p>Contains the parameters for RegisterImage.</p>" + }, + "RegisterImageResult": { + "type": "structure", + "members": { + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the newly registered AMI.</p>", + "locationName": "imageId" + } + }, + "documentation": "<p>Contains the output of RegisterImage.</p>" + }, + "RejectTransitGatewayVpcAttachmentRequest": { + "type": "structure", + "required": [ + "TransitGatewayAttachmentId" + ], + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "RejectTransitGatewayVpcAttachmentResult": { + "type": "structure", + "members": { + "TransitGatewayVpcAttachment": { + "shape": "TransitGatewayVpcAttachment", + "documentation": "<p>Information about the attachment.</p>", + "locationName": "transitGatewayVpcAttachment" + } + } + }, + "RejectVpcEndpointConnectionsRequest": { + "type": "structure", + "required": [ + "ServiceId", + "VpcEndpointIds" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service.</p>" + }, + "VpcEndpointIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of one or more VPC endpoints.</p>", + "locationName": "VpcEndpointId" + } + } + }, + "RejectVpcEndpointConnectionsResult": { + "type": "structure", + "members": { + "Unsuccessful": { + "shape": "UnsuccessfulItemSet", + "documentation": "<p>Information about the endpoints that were not rejected, if applicable.</p>", + "locationName": "unsuccessful" + } + } + }, + "RejectVpcPeeringConnectionRequest": { + "type": "structure", + "required": [ + "VpcPeeringConnectionId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + } + }, + "RejectVpcPeeringConnectionResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>", + "locationName": "return" + } + } + }, + "ReleaseAddressRequest": { + "type": "structure", + "members": { + "AllocationId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The allocation ID. Required for EC2-VPC.</p>" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>[EC2-Classic] The Elastic IP address. Required for EC2-Classic.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "ReleaseHostsRequest": { + "type": "structure", + "required": [ + "HostIds" + ], + "members": { + "HostIds": { + "shape": "RequestHostIdList", + "documentation": "<p>The IDs of the Dedicated Hosts to release.</p>", + "locationName": "hostId" + } + } + }, + "ReleaseHostsResult": { + "type": "structure", + "members": { + "Successful": { + "shape": "ResponseHostIdList", + "documentation": "<p>The IDs of the Dedicated Hosts that were successfully released.</p>", + "locationName": "successful" + }, + "Unsuccessful": { + "shape": "UnsuccessfulItemList", + "documentation": "<p>The IDs of the Dedicated Hosts that could not be released, including an error message.</p>", + "locationName": "unsuccessful" + } + } + }, + "ReplaceIamInstanceProfileAssociationRequest": { + "type": "structure", + "required": [ + "IamInstanceProfile", + "AssociationId" + ], + "members": { + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>" + }, + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the existing IAM instance profile association.</p>" + } + } + }, + "ReplaceIamInstanceProfileAssociationResult": { + "type": "structure", + "members": { + "IamInstanceProfileAssociation": { + "shape": "IamInstanceProfileAssociation", + "documentation": "<p>Information about the IAM instance profile association.</p>", + "locationName": "iamInstanceProfileAssociation" + } + } + }, + "ReplaceNetworkAclAssociationRequest": { + "type": "structure", + "required": [ + "AssociationId", + "NetworkAclId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the current association between the original network ACL and the subnet.</p>", + "locationName": "associationId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the new network ACL to associate with the subnet.</p>", + "locationName": "networkAclId" + } + } + }, + "ReplaceNetworkAclAssociationResult": { + "type": "structure", + "members": { + "NewAssociationId": { + "shape": "String", + "documentation": "<p>The ID of the new association.</p>", + "locationName": "newAssociationId" + } + } + }, + "ReplaceNetworkAclEntryRequest": { + "type": "structure", + "required": [ + "Egress", + "NetworkAclId", + "Protocol", + "RuleAction", + "RuleNumber" + ], + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 network range to allow or deny, in CIDR notation (for example <code>172.16.0.0/24</code>).</p>", + "locationName": "cidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Egress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to replace the egress rule.</p> <p>Default: If no value is specified, we replace the ingress rule.</p>", + "locationName": "egress" + }, + "IcmpTypeCode": { + "shape": "IcmpTypeCode", + "documentation": "<p>ICMP protocol: The ICMP or ICMPv6 type and code. Required if specifying protocol 1 (ICMP) or protocol 58 (ICMPv6) with an IPv6 CIDR block.</p>", + "locationName": "Icmp" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 network range to allow or deny, in CIDR notation (for example <code>2001:bd8:1234:1a00::/64</code>).</p>", + "locationName": "ipv6CidrBlock" + }, + "NetworkAclId": { + "shape": "String", + "documentation": "<p>The ID of the ACL.</p>", + "locationName": "networkAclId" + }, + "PortRange": { + "shape": "PortRange", + "documentation": "<p>TCP or UDP protocols: The range of ports the rule applies to. Required if specifying protocol 6 (TCP) or 17 (UDP).</p>", + "locationName": "portRange" + }, + "Protocol": { + "shape": "String", + "documentation": "<p>The protocol number. A value of \"-1\" means all protocols. If you specify \"-1\" or a protocol number other than \"6\" (TCP), \"17\" (UDP), or \"1\" (ICMP), traffic on all ports is allowed, regardless of any ports or ICMP types or codes that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and codes allowed, regardless of any that you specify. If you specify protocol \"58\" (ICMPv6) and specify an IPv6 CIDR block, you must specify an ICMP type and code.</p>", + "locationName": "protocol" + }, + "RuleAction": { + "shape": "RuleAction", + "documentation": "<p>Indicates whether to allow or deny the traffic that matches the rule.</p>", + "locationName": "ruleAction" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The rule number of the entry to replace.</p>", + "locationName": "ruleNumber" + } + } + }, + "ReplaceRouteRequest": { + "type": "structure", + "required": [ + "RouteTableId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR address block used for the destination match. The value that you provide must match the CIDR of an existing route in the table.</p>", + "locationName": "destinationCidrBlock" + }, + "DestinationIpv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR address block used for the destination match. The value that you provide must match the CIDR of an existing route in the table.</p>", + "locationName": "destinationIpv6CidrBlock" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EgressOnlyInternetGatewayId": { + "shape": "String", + "documentation": "<p>[IPv6 traffic only] The ID of an egress-only internet gateway.</p>", + "locationName": "egressOnlyInternetGatewayId" + }, + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of an internet gateway or virtual private gateway.</p>", + "locationName": "gatewayId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of a NAT instance in your VPC.</p>", + "locationName": "instanceId" + }, + "NatGatewayId": { + "shape": "String", + "documentation": "<p>[IPv4 traffic only] The ID of a NAT gateway.</p>", + "locationName": "natGatewayId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of a transit gateway.</p>" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of a network interface.</p>", + "locationName": "networkInterfaceId" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of a VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + } + }, + "ReplaceRouteTableAssociationRequest": { + "type": "structure", + "required": [ + "AssociationId", + "RouteTableId" + ], + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID.</p>", + "locationName": "associationId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the new route table to associate with the subnet.</p>", + "locationName": "routeTableId" + } + } + }, + "ReplaceRouteTableAssociationResult": { + "type": "structure", + "members": { + "NewAssociationId": { + "shape": "String", + "documentation": "<p>The ID of the new association.</p>", + "locationName": "newAssociationId" + } + } + }, + "ReplaceTransitGatewayRouteRequest": { + "type": "structure", + "required": [ + "DestinationCidrBlock", + "TransitGatewayRouteTableId" + ], + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR range used for the destination match. Routing decisions are based on the most specific match.</p>" + }, + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>" + }, + "Blackhole": { + "shape": "Boolean", + "documentation": "<p>Indicates whether traffic matching this route is to be dropped.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ReplaceTransitGatewayRouteResult": { + "type": "structure", + "members": { + "Route": { + "shape": "TransitGatewayRoute", + "documentation": "<p>Information about the modified route.</p>", + "locationName": "route" + } + } + }, + "ReportInstanceReasonCodes": { + "type": "string", + "enum": [ + "instance-stuck-in-state", + "unresponsive", + "not-accepting-credentials", + "password-not-available", + "performance-network", + "performance-instance-store", + "performance-ebs-volume", + "performance-other", + "other" + ] + }, + "ReportInstanceStatusRequest": { + "type": "structure", + "required": [ + "Instances", + "ReasonCodes", + "Status" + ], + "members": { + "Description": { + "shape": "String", + "documentation": "<p>Descriptive text about the health state of your instance.</p>", + "locationName": "description" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EndTime": { + "shape": "DateTime", + "documentation": "<p>The time at which the reported instance health state ended.</p>", + "locationName": "endTime" + }, + "Instances": { + "shape": "InstanceIdStringList", + "documentation": "<p>The instances.</p>", + "locationName": "instanceId" + }, + "ReasonCodes": { + "shape": "ReasonCodesList", + "documentation": "<p>The reason codes that describe the health state of your instance.</p> <ul> <li> <p> <code>instance-stuck-in-state</code>: My instance is stuck in a state.</p> </li> <li> <p> <code>unresponsive</code>: My instance is unresponsive.</p> </li> <li> <p> <code>not-accepting-credentials</code>: My instance is not accepting my credentials.</p> </li> <li> <p> <code>password-not-available</code>: A password is not available for my instance.</p> </li> <li> <p> <code>performance-network</code>: My instance is experiencing performance problems that I believe are network related.</p> </li> <li> <p> <code>performance-instance-store</code>: My instance is experiencing performance problems that I believe are related to the instance stores.</p> </li> <li> <p> <code>performance-ebs-volume</code>: My instance is experiencing performance problems that I believe are related to an EBS volume.</p> </li> <li> <p> <code>performance-other</code>: My instance is experiencing performance problems.</p> </li> <li> <p> <code>other</code>: [explain using the description parameter]</p> </li> </ul>", + "locationName": "reasonCode" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The time at which the reported instance health state began.</p>", + "locationName": "startTime" + }, + "Status": { + "shape": "ReportStatusType", + "documentation": "<p>The status of all instances listed.</p>", + "locationName": "status" + } + } + }, + "ReportStatusType": { + "type": "string", + "enum": [ + "ok", + "impaired" + ] + }, + "RequestHostIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "RequestHostIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "RequestLaunchTemplateData": { + "type": "structure", + "members": { + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\">User Provided Kernels</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.</p>" + }, + "IamInstanceProfile": { + "shape": "LaunchTemplateIamInstanceProfileSpecificationRequest", + "documentation": "<p>The IAM instance profile.</p>" + }, + "BlockDeviceMappings": { + "shape": "LaunchTemplateBlockDeviceMappingRequestList", + "documentation": "<p>The block device mapping.</p> <important> <p>Supplying both a snapshot ID and an encryption value as arguments for block-device mapping results in an error. This is because only blank volumes can be encrypted on start, and these are not created from a snapshot. If a snapshot is the basis for the volume, it contains data by definition and its encryption status cannot be changed using this action.</p> </important>", + "locationName": "BlockDeviceMapping" + }, + "NetworkInterfaces": { + "shape": "LaunchTemplateInstanceNetworkInterfaceSpecificationRequestList", + "documentation": "<p>One or more network interfaces. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.</p>", + "locationName": "NetworkInterface" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair. You can create a key pair using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html\">CreateKeyPair</a> or <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html\">ImportKeyPair</a>.</p> <important> <p>If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.</p> </important>" + }, + "Monitoring": { + "shape": "LaunchTemplatesMonitoringRequest", + "documentation": "<p>The monitoring for the instance.</p>" + }, + "Placement": { + "shape": "LaunchTemplatePlacementRequest", + "documentation": "<p>The placement for the instance.</p>" + }, + "RamDiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\">User Provided Kernels</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>" + }, + "DisableApiTermination": { + "shape": "Boolean", + "documentation": "<p>If you set this parameter to <code>true</code>, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html\">ModifyInstanceAttribute</a>. Alternatively, if you set <code>InstanceInitiatedShutdownBehavior</code> to <code>terminate</code>, you can terminate the instance by running the shutdown command from the instance.</p>" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "ShutdownBehavior", + "documentation": "<p>Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p> <p>Default: <code>stop</code> </p>" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The Base64-encoded user data to make available to the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html\">Running Commands on Your Linux Instance at Launch</a> (Linux) and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data\">Adding User Data</a> (Windows).</p>" + }, + "TagSpecifications": { + "shape": "LaunchTemplateTagSpecificationRequestList", + "documentation": "<p>The tags to apply to the resources during launch. You can only tag instances and volumes on launch. The specified tags are applied to all instances or volumes that are created during launch. To tag a resource after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>", + "locationName": "TagSpecification" + }, + "ElasticGpuSpecifications": { + "shape": "ElasticGpuSpecificationList", + "documentation": "<p>An elastic GPU to associate with the instance.</p>", + "locationName": "ElasticGpuSpecification" + }, + "ElasticInferenceAccelerators": { + "shape": "LaunchTemplateElasticInferenceAcceleratorList", + "documentation": "<p> The elastic inference accelerator for the instance. </p>", + "locationName": "ElasticInferenceAccelerator" + }, + "SecurityGroupIds": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>One or more security group IDs. You can create a security group using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html\">CreateSecurityGroup</a>. You cannot specify both a security group ID and security name in the same request.</p>", + "locationName": "SecurityGroupId" + }, + "SecurityGroups": { + "shape": "SecurityGroupStringList", + "documentation": "<p>[EC2-Classic, default VPC] One or more security group names. For a nondefault VPC, you must use security group IDs instead. You cannot specify both a security group ID and security name in the same request.</p>", + "locationName": "SecurityGroup" + }, + "InstanceMarketOptions": { + "shape": "LaunchTemplateInstanceMarketOptionsRequest", + "documentation": "<p>The market (purchasing) option for the instances.</p>" + }, + "CreditSpecification": { + "shape": "CreditSpecificationRequest", + "documentation": "<p>The credit option for CPU usage of the instance. Valid for T2 or T3 instances only.</p>" + }, + "CpuOptions": { + "shape": "LaunchTemplateCpuOptionsRequest", + "documentation": "<p>The CPU options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html\">Optimizing CPU Options</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CapacityReservationSpecification": { + "shape": "LaunchTemplateCapacityReservationSpecificationRequest", + "documentation": "<p>The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to <code>open</code>, which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p>" + }, + "LicenseSpecifications": { + "shape": "LaunchTemplateLicenseSpecificationListRequest", + "documentation": "<p>The license configurations.</p>", + "locationName": "LicenseSpecification" + }, + "HibernationOptions": { + "shape": "LaunchTemplateHibernationOptionsRequest", + "documentation": "<p>Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites\">hibernation prerequisites</a>. Hibernation is currently supported only for Amazon Linux. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + } + }, + "documentation": "<p>The information to include in the launch template.</p>" + }, + "RequestSpotFleetRequest": { + "type": "structure", + "required": [ + "SpotFleetRequestConfig" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "SpotFleetRequestConfig": { + "shape": "SpotFleetRequestConfigData", + "documentation": "<p>The configuration for the Spot Fleet request.</p>", + "locationName": "spotFleetRequestConfig" + } + }, + "documentation": "<p>Contains the parameters for RequestSpotFleet.</p>" + }, + "RequestSpotFleetResponse": { + "type": "structure", + "members": { + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + } + }, + "documentation": "<p>Contains the output of RequestSpotFleet.</p>" + }, + "RequestSpotInstancesRequest": { + "type": "structure", + "members": { + "AvailabilityZoneGroup": { + "shape": "String", + "documentation": "<p>The user-specified name for a logical grouping of requests.</p> <p>When you specify an Availability Zone group in a Spot Instance request, all Spot Instances in the request are launched in the same Availability Zone. Instance proximity is maintained with this parameter, but the choice of Availability Zone is not. The group applies only to requests for Spot Instances of the same instance type. Any additional Spot Instance requests that are specified with the same Availability Zone group name are launched in that same Availability Zone, as long as at least one instance from the group is still active.</p> <p>If there is no active instance running in the Availability Zone group that you specify for a new Spot Instance request (all instances are terminated, the request is expired, or the maximum price you specified falls below current Spot price), then Amazon EC2 launches the instance in any Availability Zone where the constraint can be met. Consequently, the subsequent set of Spot Instances could be placed in a different zone from the original request, even if you specified the same Availability Zone group.</p> <p>Default: Instances are launched in any available Availability Zone.</p>", + "locationName": "availabilityZoneGroup" + }, + "BlockDurationMinutes": { + "shape": "Integer", + "documentation": "<p>The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).</p> <p>The duration period starts as soon as your Spot Instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.</p> <p>You can't specify an Availability Zone group or a launch group if you specify a duration.</p>", + "locationName": "blockDurationMinutes" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html\">How to Ensure Idempotency</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>", + "locationName": "clientToken" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The maximum number of Spot Instances to launch.</p> <p>Default: 1</p>", + "locationName": "instanceCount" + }, + "LaunchGroup": { + "shape": "String", + "documentation": "<p>The instance launch group. Launch groups are Spot Instances that launch together and terminate together.</p> <p>Default: Instances are launched and terminated individually</p>", + "locationName": "launchGroup" + }, + "LaunchSpecification": { + "shape": "RequestSpotLaunchSpecification", + "documentation": "<p>The launch specification.</p>" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per hour that you are willing to pay for a Spot Instance. The default is the On-Demand price.</p>", + "locationName": "spotPrice" + }, + "Type": { + "shape": "SpotInstanceType", + "documentation": "<p>The Spot Instance request type.</p> <p>Default: <code>one-time</code> </p>", + "locationName": "type" + }, + "ValidFrom": { + "shape": "DateTime", + "documentation": "<p>The start date of the request. If this is a one-time request, the request becomes active at this date and time and remains active until all instances launch, the request expires, or the request is canceled. If the request is persistent, the request becomes active at this date and time and remains active until it expires or is canceled.</p>", + "locationName": "validFrom" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date of the request. If this is a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date is reached. The default end date is 7 days from the current date.</p>", + "locationName": "validUntil" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>" + } + }, + "documentation": "<p>Contains the parameters for RequestSpotInstances.</p>" + }, + "RequestSpotInstancesResult": { + "type": "structure", + "members": { + "SpotInstanceRequests": { + "shape": "SpotInstanceRequestList", + "documentation": "<p>One or more Spot Instance requests.</p>", + "locationName": "spotInstanceRequestSet" + } + }, + "documentation": "<p>Contains the output of RequestSpotInstances.</p>" + }, + "RequestSpotLaunchSpecification": { + "type": "structure", + "members": { + "SecurityGroupIds": { + "shape": "ValueStringList", + "documentation": "<p>One or more security group IDs.</p>", + "locationName": "SecurityGroupId" + }, + "SecurityGroups": { + "shape": "ValueStringList", + "documentation": "<p>One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.</p>", + "locationName": "SecurityGroup" + }, + "AddressingType": { + "shape": "String", + "documentation": "<p>Deprecated.</p>", + "locationName": "addressingType" + }, + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingList", + "documentation": "<p>One or more block device mapping entries. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.</p>", + "locationName": "blockDeviceMapping" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "ebsOptimized" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>", + "locationName": "imageId" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p>", + "locationName": "kernelId" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + }, + "Monitoring": { + "shape": "RunInstancesMonitoringEnabled", + "documentation": "<p>Indicates whether basic or detailed monitoring is enabled for the instance.</p> <p>Default: Disabled</p>", + "locationName": "monitoring" + }, + "NetworkInterfaces": { + "shape": "InstanceNetworkInterfaceSpecificationList", + "documentation": "<p>One or more network interfaces. If you specify a network interface, you must specify subnet IDs and security group IDs using the network interface.</p>", + "locationName": "NetworkInterface" + }, + "Placement": { + "shape": "SpotPlacement", + "documentation": "<p>The placement information for the instance.</p>", + "locationName": "placement" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk.</p>", + "locationName": "ramdiskId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instance.</p>", + "locationName": "subnetId" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The Base64-encoded user data for the instance. User data is limited to 16 KB.</p>", + "locationName": "userData" + } + }, + "documentation": "<p>Describes the launch specification for an instance.</p>" + }, + "Reservation": { + "type": "structure", + "members": { + "Groups": { + "shape": "GroupIdentifierList", + "documentation": "<p>[EC2-Classic only] The security groups.</p>", + "locationName": "groupSet" + }, + "Instances": { + "shape": "InstanceList", + "documentation": "<p>The instances.</p>", + "locationName": "instancesSet" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the reservation.</p>", + "locationName": "ownerId" + }, + "RequesterId": { + "shape": "String", + "documentation": "<p>The ID of the requester that launched the instances on your behalf (for example, AWS Management Console or Auto Scaling).</p>", + "locationName": "requesterId" + }, + "ReservationId": { + "shape": "String", + "documentation": "<p>The ID of the reservation.</p>", + "locationName": "reservationId" + } + }, + "documentation": "<p>Describes a reservation.</p>" + }, + "ReservationList": { + "type": "list", + "member": { + "shape": "Reservation", + "locationName": "item" + } + }, + "ReservationState": { + "type": "string", + "enum": [ + "payment-pending", + "payment-failed", + "active", + "retired" + ] + }, + "ReservationValue": { + "type": "structure", + "members": { + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly rate of the reservation.</p>", + "locationName": "hourlyPrice" + }, + "RemainingTotalValue": { + "shape": "String", + "documentation": "<p>The balance of the total value (the sum of remainingUpfrontValue + hourlyPrice * number of hours remaining).</p>", + "locationName": "remainingTotalValue" + }, + "RemainingUpfrontValue": { + "shape": "String", + "documentation": "<p>The remaining upfront cost of the reservation.</p>", + "locationName": "remainingUpfrontValue" + } + }, + "documentation": "<p>The cost associated with the Reserved Instance.</p>" + }, + "ReservedInstanceIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ReservedInstanceId" + } + }, + "ReservedInstanceLimitPrice": { + "type": "structure", + "members": { + "Amount": { + "shape": "Double", + "documentation": "<p>Used for Reserved Instance Marketplace offerings. Specifies the limit price on the total order (instanceCount * price).</p>", + "locationName": "amount" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency in which the <code>limitPrice</code> amount is specified. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + } + }, + "documentation": "<p>Describes the limit price of a Reserved Instance offering.</p>" + }, + "ReservedInstanceReservationValue": { + "type": "structure", + "members": { + "ReservationValue": { + "shape": "ReservationValue", + "documentation": "<p>The total value of the Convertible Reserved Instance that you are exchanging.</p>", + "locationName": "reservationValue" + }, + "ReservedInstanceId": { + "shape": "String", + "documentation": "<p>The ID of the Convertible Reserved Instance that you are exchanging.</p>", + "locationName": "reservedInstanceId" + } + }, + "documentation": "<p>The total value of the Convertible Reserved Instance.</p>" + }, + "ReservedInstanceReservationValueSet": { + "type": "list", + "member": { + "shape": "ReservedInstanceReservationValue", + "locationName": "item" + } + }, + "ReservedInstanceState": { + "type": "string", + "enum": [ + "payment-pending", + "active", + "payment-failed", + "retired" + ] + }, + "ReservedInstances": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which the Reserved Instance can be used.</p>", + "locationName": "availabilityZone" + }, + "Duration": { + "shape": "Long", + "documentation": "<p>The duration of the Reserved Instance, in seconds.</p>", + "locationName": "duration" + }, + "End": { + "shape": "DateTime", + "documentation": "<p>The time when the Reserved Instance expires.</p>", + "locationName": "end" + }, + "FixedPrice": { + "shape": "Float", + "documentation": "<p>The purchase price of the Reserved Instance.</p>", + "locationName": "fixedPrice" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of reservations purchased.</p>", + "locationName": "instanceCount" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type on which the Reserved Instance can be used.</p>", + "locationName": "instanceType" + }, + "ProductDescription": { + "shape": "RIProductDescription", + "documentation": "<p>The Reserved Instance product platform description.</p>", + "locationName": "productDescription" + }, + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance.</p>", + "locationName": "reservedInstancesId" + }, + "Start": { + "shape": "DateTime", + "documentation": "<p>The date and time the Reserved Instance started.</p>", + "locationName": "start" + }, + "State": { + "shape": "ReservedInstanceState", + "documentation": "<p>The state of the Reserved Instance purchase.</p>", + "locationName": "state" + }, + "UsagePrice": { + "shape": "Float", + "documentation": "<p>The usage price of the Reserved Instance, per hour.</p>", + "locationName": "usagePrice" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency of the Reserved Instance. It's specified using ISO 4217 standard currency codes. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "InstanceTenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance.</p>", + "locationName": "instanceTenancy" + }, + "OfferingClass": { + "shape": "OfferingClassType", + "documentation": "<p>The offering class of the Reserved Instance.</p>", + "locationName": "offeringClass" + }, + "OfferingType": { + "shape": "OfferingTypeValues", + "documentation": "<p>The Reserved Instance offering type.</p>", + "locationName": "offeringType" + }, + "RecurringCharges": { + "shape": "RecurringChargesList", + "documentation": "<p>The recurring charge tag assigned to the resource.</p>", + "locationName": "recurringCharges" + }, + "Scope": { + "shape": "scope", + "documentation": "<p>The scope of the Reserved Instance.</p>", + "locationName": "scope" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the resource.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a Reserved Instance.</p>" + }, + "ReservedInstancesConfiguration": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the modified Reserved Instances.</p>", + "locationName": "availabilityZone" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of modified Reserved Instances.</p> <note> <p>This is a required field for a request.</p> </note>", + "locationName": "instanceCount" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type for the modified Reserved Instances.</p>", + "locationName": "instanceType" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The network platform of the modified Reserved Instances, which is either EC2-Classic or EC2-VPC.</p>", + "locationName": "platform" + }, + "Scope": { + "shape": "scope", + "documentation": "<p>Whether the Reserved Instance is applied to instances in a Region or instances in a specific Availability Zone.</p>", + "locationName": "scope" + } + }, + "documentation": "<p>Describes the configuration settings for the modified Reserved Instances.</p>" + }, + "ReservedInstancesConfigurationList": { + "type": "list", + "member": { + "shape": "ReservedInstancesConfiguration", + "locationName": "item" + } + }, + "ReservedInstancesId": { + "type": "structure", + "members": { + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance.</p>", + "locationName": "reservedInstancesId" + } + }, + "documentation": "<p>Describes the ID of a Reserved Instance.</p>" + }, + "ReservedInstancesIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ReservedInstancesId" + } + }, + "ReservedInstancesList": { + "type": "list", + "member": { + "shape": "ReservedInstances", + "locationName": "item" + } + }, + "ReservedInstancesListing": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "CreateDate": { + "shape": "DateTime", + "documentation": "<p>The time the listing was created.</p>", + "locationName": "createDate" + }, + "InstanceCounts": { + "shape": "InstanceCountList", + "documentation": "<p>The number of instances in this state.</p>", + "locationName": "instanceCounts" + }, + "PriceSchedules": { + "shape": "PriceScheduleList", + "documentation": "<p>The price of the Reserved Instance listing.</p>", + "locationName": "priceSchedules" + }, + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance.</p>", + "locationName": "reservedInstancesId" + }, + "ReservedInstancesListingId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance listing.</p>", + "locationName": "reservedInstancesListingId" + }, + "Status": { + "shape": "ListingStatus", + "documentation": "<p>The status of the Reserved Instance listing.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>The reason for the current status of the Reserved Instance listing. The response can be blank.</p>", + "locationName": "statusMessage" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the resource.</p>", + "locationName": "tagSet" + }, + "UpdateDate": { + "shape": "DateTime", + "documentation": "<p>The last modified timestamp of the listing.</p>", + "locationName": "updateDate" + } + }, + "documentation": "<p>Describes a Reserved Instance listing.</p>" + }, + "ReservedInstancesListingList": { + "type": "list", + "member": { + "shape": "ReservedInstancesListing", + "locationName": "item" + } + }, + "ReservedInstancesModification": { + "type": "structure", + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "CreateDate": { + "shape": "DateTime", + "documentation": "<p>The time when the modification request was created.</p>", + "locationName": "createDate" + }, + "EffectiveDate": { + "shape": "DateTime", + "documentation": "<p>The time for the modification to become effective.</p>", + "locationName": "effectiveDate" + }, + "ModificationResults": { + "shape": "ReservedInstancesModificationResultList", + "documentation": "<p>Contains target configurations along with their corresponding new Reserved Instance IDs.</p>", + "locationName": "modificationResultSet" + }, + "ReservedInstancesIds": { + "shape": "ReservedIntancesIds", + "documentation": "<p>The IDs of one or more Reserved Instances.</p>", + "locationName": "reservedInstancesSet" + }, + "ReservedInstancesModificationId": { + "shape": "String", + "documentation": "<p>A unique ID for the Reserved Instance modification.</p>", + "locationName": "reservedInstancesModificationId" + }, + "Status": { + "shape": "String", + "documentation": "<p>The status of the Reserved Instances modification request.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>The reason for the status.</p>", + "locationName": "statusMessage" + }, + "UpdateDate": { + "shape": "DateTime", + "documentation": "<p>The time when the modification request was last updated.</p>", + "locationName": "updateDate" + } + }, + "documentation": "<p>Describes a Reserved Instance modification.</p>" + }, + "ReservedInstancesModificationIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ReservedInstancesModificationId" + } + }, + "ReservedInstancesModificationList": { + "type": "list", + "member": { + "shape": "ReservedInstancesModification", + "locationName": "item" + } + }, + "ReservedInstancesModificationResult": { + "type": "structure", + "members": { + "ReservedInstancesId": { + "shape": "String", + "documentation": "<p>The ID for the Reserved Instances that were created as part of the modification request. This field is only available when the modification is fulfilled.</p>", + "locationName": "reservedInstancesId" + }, + "TargetConfiguration": { + "shape": "ReservedInstancesConfiguration", + "documentation": "<p>The target Reserved Instances configurations supplied as part of the modification request.</p>", + "locationName": "targetConfiguration" + } + }, + "documentation": "<p>Describes the modification request/s.</p>" + }, + "ReservedInstancesModificationResultList": { + "type": "list", + "member": { + "shape": "ReservedInstancesModificationResult", + "locationName": "item" + } + }, + "ReservedInstancesOffering": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which the Reserved Instance can be used.</p>", + "locationName": "availabilityZone" + }, + "Duration": { + "shape": "Long", + "documentation": "<p>The duration of the Reserved Instance, in seconds.</p>", + "locationName": "duration" + }, + "FixedPrice": { + "shape": "Float", + "documentation": "<p>The purchase price of the Reserved Instance.</p>", + "locationName": "fixedPrice" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type on which the Reserved Instance can be used.</p>", + "locationName": "instanceType" + }, + "ProductDescription": { + "shape": "RIProductDescription", + "documentation": "<p>The Reserved Instance product platform description.</p>", + "locationName": "productDescription" + }, + "ReservedInstancesOfferingId": { + "shape": "String", + "documentation": "<p>The ID of the Reserved Instance offering. This is the offering ID used in <a>GetReservedInstancesExchangeQuote</a> to confirm that an exchange can be made.</p>", + "locationName": "reservedInstancesOfferingId" + }, + "UsagePrice": { + "shape": "Float", + "documentation": "<p>The usage price of the Reserved Instance, per hour.</p>", + "locationName": "usagePrice" + }, + "CurrencyCode": { + "shape": "CurrencyCodeValues", + "documentation": "<p>The currency of the Reserved Instance offering you are purchasing. It's specified using ISO 4217 standard currency codes. At this time, the only supported currency is <code>USD</code>.</p>", + "locationName": "currencyCode" + }, + "InstanceTenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance.</p>", + "locationName": "instanceTenancy" + }, + "Marketplace": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the offering is available through the Reserved Instance Marketplace (resale) or AWS. If it's a Reserved Instance Marketplace offering, this is <code>true</code>.</p>", + "locationName": "marketplace" + }, + "OfferingClass": { + "shape": "OfferingClassType", + "documentation": "<p>If <code>convertible</code> it can be exchanged for Reserved Instances of the same or higher monetary value, with different configurations. If <code>standard</code>, it is not possible to perform an exchange.</p>", + "locationName": "offeringClass" + }, + "OfferingType": { + "shape": "OfferingTypeValues", + "documentation": "<p>The Reserved Instance offering type.</p>", + "locationName": "offeringType" + }, + "PricingDetails": { + "shape": "PricingDetailsList", + "documentation": "<p>The pricing details of the Reserved Instance offering.</p>", + "locationName": "pricingDetailsSet" + }, + "RecurringCharges": { + "shape": "RecurringChargesList", + "documentation": "<p>The recurring charge tag assigned to the resource.</p>", + "locationName": "recurringCharges" + }, + "Scope": { + "shape": "scope", + "documentation": "<p>Whether the Reserved Instance is applied to instances in a Region or an Availability Zone.</p>", + "locationName": "scope" + } + }, + "documentation": "<p>Describes a Reserved Instance offering.</p>" + }, + "ReservedInstancesOfferingIdStringList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "ReservedInstancesOfferingList": { + "type": "list", + "member": { + "shape": "ReservedInstancesOffering", + "locationName": "item" + } + }, + "ReservedIntancesIds": { + "type": "list", + "member": { + "shape": "ReservedInstancesId", + "locationName": "item" + } + }, + "ResetEbsDefaultKmsKeyIdRequest": { + "type": "structure", + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "ResetEbsDefaultKmsKeyIdResult": { + "type": "structure", + "members": { + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the default CMK for EBS encryption by default.</p>", + "locationName": "kmsKeyId" + } + } + }, + "ResetFpgaImageAttributeName": { + "type": "string", + "enum": [ + "loadPermission" + ] + }, + "ResetFpgaImageAttributeRequest": { + "type": "structure", + "required": [ + "FpgaImageId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "FpgaImageId": { + "shape": "String", + "documentation": "<p>The ID of the AFI.</p>" + }, + "Attribute": { + "shape": "ResetFpgaImageAttributeName", + "documentation": "<p>The attribute.</p>" + } + } + }, + "ResetFpgaImageAttributeResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Is <code>true</code> if the request succeeds, and an error otherwise.</p>", + "locationName": "return" + } + } + }, + "ResetImageAttributeName": { + "type": "string", + "enum": [ + "launchPermission" + ] + }, + "ResetImageAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "ImageId" + ], + "members": { + "Attribute": { + "shape": "ResetImageAttributeName", + "documentation": "<p>The attribute to reset (currently you can only reset the launch permission attribute).</p>" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for ResetImageAttribute.</p>" + }, + "ResetInstanceAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "InstanceId" + ], + "members": { + "Attribute": { + "shape": "InstanceAttributeName", + "documentation": "<p>The attribute to reset.</p> <important> <p>You can only reset the following attributes: <code>kernel</code> | <code>ramdisk</code> | <code>sourceDestCheck</code>. To change an instance attribute, use <a>ModifyInstanceAttribute</a>.</p> </important>", + "locationName": "attribute" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + } + } + }, + "ResetNetworkInterfaceAttributeRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "SourceDestCheck": { + "shape": "String", + "documentation": "<p>The source/destination checking attribute. Resets the value to <code>true</code>.</p>", + "locationName": "sourceDestCheck" + } + }, + "documentation": "<p>Contains the parameters for ResetNetworkInterfaceAttribute.</p>" + }, + "ResetSnapshotAttributeRequest": { + "type": "structure", + "required": [ + "Attribute", + "SnapshotId" + ], + "members": { + "Attribute": { + "shape": "SnapshotAttributeName", + "documentation": "<p>The attribute to reset. Currently, only the attribute for permission to create volumes can be reset.</p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + }, + "documentation": "<p>Contains the parameters for ResetSnapshotAttribute.</p>" + }, + "ResourceIdList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "ResourceList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ResourceType": { + "type": "string", + "enum": [ + "client-vpn-endpoint", + "customer-gateway", + "dedicated-host", + "dhcp-options", + "elastic-ip", + "fleet", + "fpga-image", + "host-reservation", + "image", + "instance", + "internet-gateway", + "launch-template", + "natgateway", + "network-acl", + "network-interface", + "reserved-instances", + "route-table", + "security-group", + "snapshot", + "spot-instances-request", + "subnet", + "traffic-mirror-filter", + "traffic-mirror-session", + "traffic-mirror-target", + "transit-gateway", + "transit-gateway-attachment", + "transit-gateway-route-table", + "volume", + "vpc", + "vpc-peering-connection", + "vpn-connection", + "vpn-gateway" + ] + }, + "ResponseError": { + "type": "structure", + "members": { + "Code": { + "shape": "LaunchTemplateErrorCode", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The error message, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the error that's returned when you cannot delete a launch template version.</p>" + }, + "ResponseHostIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ResponseHostIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "ResponseLaunchTemplateData": { + "type": "structure", + "members": { + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel, if applicable.</p>", + "locationName": "kernelId" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for Amazon EBS I/O. </p>", + "locationName": "ebsOptimized" + }, + "IamInstanceProfile": { + "shape": "LaunchTemplateIamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "BlockDeviceMappings": { + "shape": "LaunchTemplateBlockDeviceMappingList", + "documentation": "<p>The block device mappings.</p>", + "locationName": "blockDeviceMappingSet" + }, + "NetworkInterfaces": { + "shape": "LaunchTemplateInstanceNetworkInterfaceSpecificationList", + "documentation": "<p>The network interfaces.</p>", + "locationName": "networkInterfaceSet" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI that was used to launch the instance.</p>", + "locationName": "imageId" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + }, + "Monitoring": { + "shape": "LaunchTemplatesMonitoring", + "documentation": "<p>The monitoring for the instance.</p>", + "locationName": "monitoring" + }, + "Placement": { + "shape": "LaunchTemplatePlacement", + "documentation": "<p>The placement of the instance.</p>", + "locationName": "placement" + }, + "RamDiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk, if applicable.</p>", + "locationName": "ramDiskId" + }, + "DisableApiTermination": { + "shape": "Boolean", + "documentation": "<p>If set to <code>true</code>, indicates that the instance cannot be terminated using the Amazon EC2 console, command line tool, or API.</p>", + "locationName": "disableApiTermination" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "ShutdownBehavior", + "documentation": "<p>Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p>", + "locationName": "instanceInitiatedShutdownBehavior" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The user data for the instance. </p>", + "locationName": "userData" + }, + "TagSpecifications": { + "shape": "LaunchTemplateTagSpecificationList", + "documentation": "<p>The tags.</p>", + "locationName": "tagSpecificationSet" + }, + "ElasticGpuSpecifications": { + "shape": "ElasticGpuSpecificationResponseList", + "documentation": "<p>The elastic GPU specification.</p>", + "locationName": "elasticGpuSpecificationSet" + }, + "ElasticInferenceAccelerators": { + "shape": "LaunchTemplateElasticInferenceAcceleratorResponseList", + "documentation": "<p> The elastic inference accelerator for the instance. </p>", + "locationName": "elasticInferenceAcceleratorSet" + }, + "SecurityGroupIds": { + "shape": "ValueStringList", + "documentation": "<p>The security group IDs.</p>", + "locationName": "securityGroupIdSet" + }, + "SecurityGroups": { + "shape": "ValueStringList", + "documentation": "<p>The security group names.</p>", + "locationName": "securityGroupSet" + }, + "InstanceMarketOptions": { + "shape": "LaunchTemplateInstanceMarketOptions", + "documentation": "<p>The market (purchasing) option for the instances.</p>", + "locationName": "instanceMarketOptions" + }, + "CreditSpecification": { + "shape": "CreditSpecification", + "documentation": "<p>The credit option for CPU usage of the instance.</p>", + "locationName": "creditSpecification" + }, + "CpuOptions": { + "shape": "LaunchTemplateCpuOptions", + "documentation": "<p>The CPU options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html\">Optimizing CPU Options</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>", + "locationName": "cpuOptions" + }, + "CapacityReservationSpecification": { + "shape": "LaunchTemplateCapacityReservationSpecificationResponse", + "documentation": "<p>Information about the Capacity Reservation targeting option.</p>", + "locationName": "capacityReservationSpecification" + }, + "LicenseSpecifications": { + "shape": "LaunchTemplateLicenseList", + "documentation": "<p>The license configurations.</p>", + "locationName": "licenseSet" + }, + "HibernationOptions": { + "shape": "LaunchTemplateHibernationOptions", + "documentation": "<p>Indicates whether an instance is configured for hibernation. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>", + "locationName": "hibernationOptions" + } + }, + "documentation": "<p>The information for a launch template. </p>" + }, + "RestorableByStringList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "RestoreAddressToClassicRequest": { + "type": "structure", + "required": [ + "PublicIp" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + } + } + }, + "RestoreAddressToClassicResult": { + "type": "structure", + "members": { + "PublicIp": { + "shape": "String", + "documentation": "<p>The Elastic IP address.</p>", + "locationName": "publicIp" + }, + "Status": { + "shape": "Status", + "documentation": "<p>The move status for the IP address.</p>", + "locationName": "status" + } + } + }, + "RevokeClientVpnIngressRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId", + "TargetNetworkCidr" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint with which the authorization rule is associated.</p>" + }, + "TargetNetworkCidr": { + "shape": "String", + "documentation": "<p>The IPv4 address range, in CIDR notation, of the network for which access is being removed.</p>" + }, + "AccessGroupId": { + "shape": "String", + "documentation": "<p>The ID of the Active Directory group for which to revoke access. </p>" + }, + "RevokeAllGroups": { + "shape": "Boolean", + "documentation": "<p>Indicates whether access should be revoked for all clients.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "RevokeClientVpnIngressResult": { + "type": "structure", + "members": { + "Status": { + "shape": "ClientVpnAuthorizationRuleStatus", + "documentation": "<p>The current state of the authorization rule.</p>", + "locationName": "status" + } + } + }, + "RevokeSecurityGroupEgressRequest": { + "type": "structure", + "required": [ + "GroupId" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.</p>", + "locationName": "ipPermissions" + }, + "CidrIp": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the CIDR.</p>", + "locationName": "cidrIp" + }, + "FromPort": { + "shape": "Integer", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the port.</p>", + "locationName": "fromPort" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the protocol name or number.</p>", + "locationName": "ipProtocol" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>Not supported. Use a set of IP permissions to specify the port.</p>", + "locationName": "toPort" + }, + "SourceSecurityGroupName": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify a destination security group.</p>", + "locationName": "sourceSecurityGroupName" + }, + "SourceSecurityGroupOwnerId": { + "shape": "String", + "documentation": "<p>Not supported. Use a set of IP permissions to specify a destination security group.</p>", + "locationName": "sourceSecurityGroupOwnerId" + } + } + }, + "RevokeSecurityGroupIngressRequest": { + "type": "structure", + "members": { + "CidrIp": { + "shape": "String", + "documentation": "<p>The CIDR IP address range. You can't specify this parameter when specifying a source security group.</p>" + }, + "FromPort": { + "shape": "Integer", + "documentation": "<p>The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use <code>-1</code> to specify all ICMP types.</p>" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The sets of IP permissions. You can't specify a source security group and a CIDR IP address range in the same set of permissions.</p>" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>The IP protocol name (<code>tcp</code>, <code>udp</code>, <code>icmp</code>) or number (see <a href=\"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\">Protocol Numbers</a>). Use <code>-1</code> to specify all.</p>" + }, + "SourceSecurityGroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. For EC2-VPC, the source security group must be in the same VPC. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.</p>" + }, + "SourceSecurityGroupOwnerId": { + "shape": "String", + "documentation": "<p>[EC2-Classic] The AWS account ID of the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.</p>" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The end of port range for the TCP and UDP protocols, or an ICMP code number. For the ICMP code number, use <code>-1</code> to specify all ICMP codes for the ICMP type.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "Route": { + "type": "structure", + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR block used for the destination match.</p>", + "locationName": "destinationCidrBlock" + }, + "DestinationIpv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block used for the destination match.</p>", + "locationName": "destinationIpv6CidrBlock" + }, + "DestinationPrefixListId": { + "shape": "String", + "documentation": "<p>The prefix of the AWS service.</p>", + "locationName": "destinationPrefixListId" + }, + "EgressOnlyInternetGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the egress-only internet gateway.</p>", + "locationName": "egressOnlyInternetGatewayId" + }, + "GatewayId": { + "shape": "String", + "documentation": "<p>The ID of a gateway attached to your VPC.</p>", + "locationName": "gatewayId" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of a NAT instance in your VPC.</p>", + "locationName": "instanceId" + }, + "InstanceOwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the instance.</p>", + "locationName": "instanceOwnerId" + }, + "NatGatewayId": { + "shape": "String", + "documentation": "<p>The ID of a NAT gateway.</p>", + "locationName": "natGatewayId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of a transit gateway.</p>", + "locationName": "transitGatewayId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "Origin": { + "shape": "RouteOrigin", + "documentation": "<p>Describes how the route was created.</p> <ul> <li> <p> <code>CreateRouteTable</code> - The route was automatically created when the route table was created.</p> </li> <li> <p> <code>CreateRoute</code> - The route was manually added to the route table.</p> </li> <li> <p> <code>EnableVgwRoutePropagation</code> - The route was propagated by route propagation.</p> </li> </ul>", + "locationName": "origin" + }, + "State": { + "shape": "RouteState", + "documentation": "<p>The state of the route. The <code>blackhole</code> state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, or the specified NAT instance has been terminated).</p>", + "locationName": "state" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of a VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + }, + "documentation": "<p>Describes a route in a route table.</p>" + }, + "RouteList": { + "type": "list", + "member": { + "shape": "Route", + "locationName": "item" + } + }, + "RouteOrigin": { + "type": "string", + "enum": [ + "CreateRouteTable", + "CreateRoute", + "EnableVgwRoutePropagation" + ] + }, + "RouteState": { + "type": "string", + "enum": [ + "active", + "blackhole" + ] + }, + "RouteTable": { + "type": "structure", + "members": { + "Associations": { + "shape": "RouteTableAssociationList", + "documentation": "<p>The associations between the route table and one or more subnets.</p>", + "locationName": "associationSet" + }, + "PropagatingVgws": { + "shape": "PropagatingVgwList", + "documentation": "<p>Any virtual private gateway (VGW) propagating routes.</p>", + "locationName": "propagatingVgwSet" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + }, + "Routes": { + "shape": "RouteList", + "documentation": "<p>The routes in the route table.</p>", + "locationName": "routeSet" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the route table.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the route table.</p>", + "locationName": "ownerId" + } + }, + "documentation": "<p>Describes a route table.</p>" + }, + "RouteTableAssociation": { + "type": "structure", + "members": { + "Main": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is the main route table.</p>", + "locationName": "main" + }, + "RouteTableAssociationId": { + "shape": "String", + "documentation": "<p>The ID of the association between a route table and a subnet.</p>", + "locationName": "routeTableAssociationId" + }, + "RouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table.</p>", + "locationName": "routeTableId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet. A subnet ID is not returned for an implicit association.</p>", + "locationName": "subnetId" + } + }, + "documentation": "<p>Describes an association between a route table and a subnet.</p>" + }, + "RouteTableAssociationList": { + "type": "list", + "member": { + "shape": "RouteTableAssociation", + "locationName": "item" + } + }, + "RouteTableList": { + "type": "list", + "member": { + "shape": "RouteTable", + "locationName": "item" + } + }, + "RuleAction": { + "type": "string", + "enum": [ + "allow", + "deny" + ] + }, + "RunInstancesMonitoringEnabled": { + "type": "structure", + "required": [ + "Enabled" + ], + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.</p>", + "locationName": "enabled" + } + }, + "documentation": "<p>Describes the monitoring of an instance.</p>" + }, + "RunInstancesRequest": { + "type": "structure", + "required": [ + "MaxCount", + "MinCount" + ], + "members": { + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingRequestList", + "documentation": "<p>The block device mapping entries.</p>", + "locationName": "BlockDeviceMapping" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.</p>" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html\">Instance Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Default: <code>m1.small</code> </p>" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>[EC2-VPC] The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.</p> <p>You cannot specify this option and the network interfaces option in the same request.</p>" + }, + "Ipv6Addresses": { + "shape": "InstanceIpv6AddressList", + "documentation": "<p>[EC2-VPC] The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.</p> <p>You cannot specify this option and the network interfaces option in the same request.</p>", + "locationName": "Ipv6Address" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\"> PV-GRUB</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair. You can create a key pair using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html\">CreateKeyPair</a> or <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html\">ImportKeyPair</a>.</p> <important> <p>If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.</p> </important>" + }, + "MaxCount": { + "shape": "Integer", + "documentation": "<p>The maximum number of instances to launch. If you specify more instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches the largest possible number of instances above <code>MinCount</code>.</p> <p>Constraints: Between 1 and the maximum number you're allowed for the specified instance type. For more information about the default limits, and how to request an increase, see <a href=\"http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2\">How many instances can I run in Amazon EC2</a> in the Amazon EC2 FAQ.</p>" + }, + "MinCount": { + "shape": "Integer", + "documentation": "<p>The minimum number of instances to launch. If you specify a minimum that is more instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches no instances.</p> <p>Constraints: Between 1 and the maximum number you're allowed for the specified instance type. For more information about the default limits, and how to request an increase, see <a href=\"http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2\">How many instances can I run in Amazon EC2</a> in the Amazon EC2 General FAQ.</p>" + }, + "Monitoring": { + "shape": "RunInstancesMonitoringEnabled", + "documentation": "<p>Specifies whether detailed monitoring is enabled for the instance.</p>" + }, + "Placement": { + "shape": "Placement", + "documentation": "<p>The placement for the instance.</p>" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.</p> <important> <p>We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html\"> PV-GRUB</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> </important>" + }, + "SecurityGroupIds": { + "shape": "SecurityGroupIdStringList", + "documentation": "<p>The IDs of the security groups. You can create a security group using <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html\">CreateSecurityGroup</a>.</p> <p>If you specify a network interface, you must specify any security groups as part of the network interface.</p>", + "locationName": "SecurityGroupId" + }, + "SecurityGroups": { + "shape": "SecurityGroupStringList", + "documentation": "<p>[EC2-Classic, default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.</p> <p>If you specify a network interface, you must specify any security groups as part of the network interface.</p> <p>Default: Amazon EC2 uses the default security group.</p>", + "locationName": "SecurityGroup" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The ID of the subnet to launch the instance into.</p> <p>If you specify a network interface, you must specify any subnets as part of the network interface.</p>" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The user data to make available to the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html\">Running Commands on Your Linux Instance at Launch</a> (Linux) and <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data\">Adding User Data</a> (Windows). If you are using a command line tool, base64-encoding is performed for you, and you can load the text from a file. Otherwise, you must provide base64-encoded text. User data is limited to 16 KB.</p>" + }, + "AdditionalInfo": { + "shape": "String", + "documentation": "<p>Reserved.</p>", + "locationName": "additionalInfo" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p> <p>Constraints: Maximum 64 ASCII characters</p>", + "locationName": "clientToken" + }, + "DisableApiTermination": { + "shape": "Boolean", + "documentation": "<p>If you set this parameter to <code>true</code>, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html\">ModifyInstanceAttribute</a>. Alternatively, if you set <code>InstanceInitiatedShutdownBehavior</code> to <code>terminate</code>, you can terminate the instance by running the shutdown command from the instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "disableApiTermination" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "ebsOptimized" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "InstanceInitiatedShutdownBehavior": { + "shape": "ShutdownBehavior", + "documentation": "<p>Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).</p> <p>Default: <code>stop</code> </p>", + "locationName": "instanceInitiatedShutdownBehavior" + }, + "NetworkInterfaces": { + "shape": "InstanceNetworkInterfaceSpecificationList", + "documentation": "<p>The network interfaces to associate with the instance. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.</p>", + "locationName": "networkInterface" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>[EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.</p> <p>Only one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.</p> <p>You cannot specify this option and the network interfaces option in the same request.</p>", + "locationName": "privateIpAddress" + }, + "ElasticGpuSpecification": { + "shape": "ElasticGpuSpecifications", + "documentation": "<p>An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource that you can attach to your Windows instance to accelerate the graphics performance of your applications. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html\"> Amazon EC2 Elastic GPUs</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "ElasticInferenceAccelerators": { + "shape": "ElasticInferenceAccelerators", + "documentation": "<p>An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.</p>", + "locationName": "ElasticInferenceAccelerator" + }, + "TagSpecifications": { + "shape": "TagSpecificationList", + "documentation": "<p>The tags to apply to the resources during launch. You can only tag instances and volumes on launch. The specified tags are applied to all instances or volumes that are created during launch. To tag a resource after it has been created, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html\">CreateTags</a>.</p>", + "locationName": "TagSpecification" + }, + "LaunchTemplate": { + "shape": "LaunchTemplateSpecification", + "documentation": "<p>The launch template to use to launch the instances. Any parameters that you specify in <a>RunInstances</a> override the same parameters in the launch template. You can specify either the name or ID of a launch template, but not both.</p>" + }, + "InstanceMarketOptions": { + "shape": "InstanceMarketOptionsRequest", + "documentation": "<p>The market (purchasing) option for the instances.</p> <p>For <a>RunInstances</a>, persistent Spot Instance requests are only supported when <b>InstanceInterruptionBehavior</b> is set to either <code>hibernate</code> or <code>stop</code>.</p>" + }, + "CreditSpecification": { + "shape": "CreditSpecificationRequest", + "documentation": "<p>The credit option for CPU usage of the T2 or T3 instance. Valid values are <code>standard</code> and <code>unlimited</code>. To change this attribute after launch, use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html\"> ModifyInstanceCreditSpecification</a>. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html\">Burstable Performance Instances</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Default: <code>standard</code> (T2 instances) or <code>unlimited</code> (T3 instances)</p>" + }, + "CpuOptions": { + "shape": "CpuOptionsRequest", + "documentation": "<p>The CPU options for the instance. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html\">Optimizing CPU Options</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "CapacityReservationSpecification": { + "shape": "CapacityReservationSpecification", + "documentation": "<p>Information about the Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to <code>open</code>, which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).</p>" + }, + "HibernationOptions": { + "shape": "HibernationOptionsRequest", + "documentation": "<p>Indicates whether an instance is enabled for hibernation. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p>" + }, + "LicenseSpecifications": { + "shape": "LicenseSpecificationListRequest", + "documentation": "<p>The license configurations.</p>", + "locationName": "LicenseSpecification" + } + } + }, + "RunScheduledInstancesRequest": { + "type": "structure", + "required": [ + "LaunchSpecification", + "ScheduledInstanceId" + ], + "members": { + "ClientToken": { + "shape": "String", + "documentation": "<p>Unique, case-sensitive identifier that ensures the idempotency of the request. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "idempotencyToken": true + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances.</p> <p>Default: 1</p>" + }, + "LaunchSpecification": { + "shape": "ScheduledInstancesLaunchSpecification", + "documentation": "<p>The launch specification. You must match the instance type, Availability Zone, network, and platform of the schedule that you purchased.</p>" + }, + "ScheduledInstanceId": { + "shape": "String", + "documentation": "<p>The Scheduled Instance ID.</p>" + } + }, + "documentation": "<p>Contains the parameters for RunScheduledInstances.</p>" + }, + "RunScheduledInstancesResult": { + "type": "structure", + "members": { + "InstanceIdSet": { + "shape": "InstanceIdSet", + "documentation": "<p>The IDs of the newly launched instances.</p>", + "locationName": "instanceIdSet" + } + }, + "documentation": "<p>Contains the output of RunScheduledInstances.</p>" + }, + "S3Storage": { + "type": "structure", + "members": { + "AWSAccessKeyId": { + "shape": "String", + "documentation": "<p>The access key ID of the owner of the bucket. Before you specify a value for your access key ID, review and follow the guidance in <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html\">Best Practices for Managing AWS Access Keys</a>.</p>" + }, + "Bucket": { + "shape": "String", + "documentation": "<p>The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.</p>", + "locationName": "bucket" + }, + "Prefix": { + "shape": "String", + "documentation": "<p>The beginning of the file name of the AMI.</p>", + "locationName": "prefix" + }, + "UploadPolicy": { + "shape": "Blob", + "documentation": "<p>An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.</p>", + "locationName": "uploadPolicy" + }, + "UploadPolicySignature": { + "shape": "String", + "documentation": "<p>The signature of the JSON document.</p>", + "locationName": "uploadPolicySignature" + } + }, + "documentation": "<p>Describes the storage parameters for S3 and S3 buckets for an instance store-backed AMI.</p>" + }, + "ScheduledInstance": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p>", + "locationName": "availabilityZone" + }, + "CreateDate": { + "shape": "DateTime", + "documentation": "<p>The date when the Scheduled Instance was purchased.</p>", + "locationName": "createDate" + }, + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly price for a single instance.</p>", + "locationName": "hourlyPrice" + }, + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances.</p>", + "locationName": "instanceCount" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "NetworkPlatform": { + "shape": "String", + "documentation": "<p>The network platform (<code>EC2-Classic</code> or <code>EC2-VPC</code>).</p>", + "locationName": "networkPlatform" + }, + "NextSlotStartTime": { + "shape": "DateTime", + "documentation": "<p>The time for the next schedule to start.</p>", + "locationName": "nextSlotStartTime" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>", + "locationName": "platform" + }, + "PreviousSlotEndTime": { + "shape": "DateTime", + "documentation": "<p>The time that the previous schedule ended or will end.</p>", + "locationName": "previousSlotEndTime" + }, + "Recurrence": { + "shape": "ScheduledInstanceRecurrence", + "documentation": "<p>The schedule recurrence.</p>", + "locationName": "recurrence" + }, + "ScheduledInstanceId": { + "shape": "String", + "documentation": "<p>The Scheduled Instance ID.</p>", + "locationName": "scheduledInstanceId" + }, + "SlotDurationInHours": { + "shape": "Integer", + "documentation": "<p>The number of hours in the schedule.</p>", + "locationName": "slotDurationInHours" + }, + "TermEndDate": { + "shape": "DateTime", + "documentation": "<p>The end date for the Scheduled Instance.</p>", + "locationName": "termEndDate" + }, + "TermStartDate": { + "shape": "DateTime", + "documentation": "<p>The start date for the Scheduled Instance.</p>", + "locationName": "termStartDate" + }, + "TotalScheduledInstanceHours": { + "shape": "Integer", + "documentation": "<p>The total number of hours for a single instance for the entire term.</p>", + "locationName": "totalScheduledInstanceHours" + } + }, + "documentation": "<p>Describes a Scheduled Instance.</p>" + }, + "ScheduledInstanceAvailability": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p>", + "locationName": "availabilityZone" + }, + "AvailableInstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of available instances.</p>", + "locationName": "availableInstanceCount" + }, + "FirstSlotStartTime": { + "shape": "DateTime", + "documentation": "<p>The time period for the first schedule to start.</p>", + "locationName": "firstSlotStartTime" + }, + "HourlyPrice": { + "shape": "String", + "documentation": "<p>The hourly price for a single instance.</p>", + "locationName": "hourlyPrice" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type. You can specify one of the C3, C4, M4, or R3 instance types.</p>", + "locationName": "instanceType" + }, + "MaxTermDurationInDays": { + "shape": "Integer", + "documentation": "<p>The maximum term. The only possible value is 365 days.</p>", + "locationName": "maxTermDurationInDays" + }, + "MinTermDurationInDays": { + "shape": "Integer", + "documentation": "<p>The minimum term. The only possible value is 365 days.</p>", + "locationName": "minTermDurationInDays" + }, + "NetworkPlatform": { + "shape": "String", + "documentation": "<p>The network platform (<code>EC2-Classic</code> or <code>EC2-VPC</code>).</p>", + "locationName": "networkPlatform" + }, + "Platform": { + "shape": "String", + "documentation": "<p>The platform (<code>Linux/UNIX</code> or <code>Windows</code>).</p>", + "locationName": "platform" + }, + "PurchaseToken": { + "shape": "String", + "documentation": "<p>The purchase token. This token expires in two hours.</p>", + "locationName": "purchaseToken" + }, + "Recurrence": { + "shape": "ScheduledInstanceRecurrence", + "documentation": "<p>The schedule recurrence.</p>", + "locationName": "recurrence" + }, + "SlotDurationInHours": { + "shape": "Integer", + "documentation": "<p>The number of hours in the schedule.</p>", + "locationName": "slotDurationInHours" + }, + "TotalScheduledInstanceHours": { + "shape": "Integer", + "documentation": "<p>The total number of hours for a single instance for the entire term.</p>", + "locationName": "totalScheduledInstanceHours" + } + }, + "documentation": "<p>Describes a schedule that is available for your Scheduled Instances.</p>" + }, + "ScheduledInstanceAvailabilitySet": { + "type": "list", + "member": { + "shape": "ScheduledInstanceAvailability", + "locationName": "item" + } + }, + "ScheduledInstanceIdRequestSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ScheduledInstanceId" + } + }, + "ScheduledInstanceRecurrence": { + "type": "structure", + "members": { + "Frequency": { + "shape": "String", + "documentation": "<p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>", + "locationName": "frequency" + }, + "Interval": { + "shape": "Integer", + "documentation": "<p>The interval quantity. The interval unit depends on the value of <code>frequency</code>. For example, every 2 weeks or every 2 months.</p>", + "locationName": "interval" + }, + "OccurrenceDaySet": { + "shape": "OccurrenceDaySet", + "documentation": "<p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday).</p>", + "locationName": "occurrenceDaySet" + }, + "OccurrenceRelativeToEnd": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the occurrence is relative to the end of the specified week or month.</p>", + "locationName": "occurrenceRelativeToEnd" + }, + "OccurrenceUnit": { + "shape": "String", + "documentation": "<p>The unit for <code>occurrenceDaySet</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>).</p>", + "locationName": "occurrenceUnit" + } + }, + "documentation": "<p>Describes the recurring schedule for a Scheduled Instance.</p>" + }, + "ScheduledInstanceRecurrenceRequest": { + "type": "structure", + "members": { + "Frequency": { + "shape": "String", + "documentation": "<p>The frequency (<code>Daily</code>, <code>Weekly</code>, or <code>Monthly</code>).</p>" + }, + "Interval": { + "shape": "Integer", + "documentation": "<p>The interval quantity. The interval unit depends on the value of <code>Frequency</code>. For example, every 2 weeks or every 2 months.</p>" + }, + "OccurrenceDays": { + "shape": "OccurrenceDayRequestSet", + "documentation": "<p>The days. For a monthly schedule, this is one or more days of the month (1-31). For a weekly schedule, this is one or more days of the week (1-7, where 1 is Sunday). You can't specify this value with a daily schedule. If the occurrence is relative to the end of the month, you can specify only a single day.</p>", + "locationName": "OccurrenceDay" + }, + "OccurrenceRelativeToEnd": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the occurrence is relative to the end of the specified week or month. You can't specify this value with a daily schedule.</p>" + }, + "OccurrenceUnit": { + "shape": "String", + "documentation": "<p>The unit for <code>OccurrenceDays</code> (<code>DayOfWeek</code> or <code>DayOfMonth</code>). This value is required for a monthly schedule. You can't specify <code>DayOfWeek</code> with a weekly schedule. You can't specify this value with a daily schedule.</p>" + } + }, + "documentation": "<p>Describes the recurring schedule for a Scheduled Instance.</p>" + }, + "ScheduledInstanceSet": { + "type": "list", + "member": { + "shape": "ScheduledInstance", + "locationName": "item" + } + }, + "ScheduledInstancesBlockDeviceMapping": { + "type": "structure", + "members": { + "DeviceName": { + "shape": "String", + "documentation": "<p>The device name (for example, <code>/dev/sdh</code> or <code>xvdh</code>).</p>" + }, + "Ebs": { + "shape": "ScheduledInstancesEbs", + "documentation": "<p>Parameters used to set up EBS volumes automatically when the instance is launched.</p>" + }, + "NoDevice": { + "shape": "String", + "documentation": "<p>Suppresses the specified device included in the block device mapping of the AMI.</p>" + }, + "VirtualName": { + "shape": "String", + "documentation": "<p>The virtual device name (<code>ephemeral</code>N). Instance store volumes are numbered starting from 0. An instance type with two available instance store volumes can specify mappings for <code>ephemeral0</code> and <code>ephemeral1</code>. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.</p> <p>Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.</p>" + } + }, + "documentation": "<p>Describes a block device mapping for a Scheduled Instance.</p>" + }, + "ScheduledInstancesBlockDeviceMappingSet": { + "type": "list", + "member": { + "shape": "ScheduledInstancesBlockDeviceMapping", + "locationName": "BlockDeviceMapping" + } + }, + "ScheduledInstancesEbs": { + "type": "structure", + "members": { + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the volume is deleted on instance termination.</p>" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the volume is encrypted. You can attached encrypted volumes only to instances that support them.</p>" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For io1 volumes, this represents the number of IOPS that are provisioned for the volume. For <code>gp2</code> volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about <code>gp2</code> baseline performance, I/O credits, and bursting, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Constraint: Range is 100-20000 IOPS for <code>io1</code> volumes and 100-10000 IOPS for <code>gp2</code> volumes.</p> <p>Condition: This parameter is required for requests to create <code>io1</code>volumes; it is not used in requests to create <code>gp2</code>, <code>st1</code>, <code>sc1</code>, or <code>standard</code> volumes.</p>" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot.</p>" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiB.</p> <p>Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.</p>" + }, + "VolumeType": { + "shape": "String", + "documentation": "<p>The volume type. <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, Throughput Optimized HDD for <code>st1</code>, Cold HDD for <code>sc1</code>, or <code>standard</code> for Magnetic.</p> <p>Default: <code>standard</code> </p>" + } + }, + "documentation": "<p>Describes an EBS volume for a Scheduled Instance.</p>" + }, + "ScheduledInstancesIamInstanceProfile": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN).</p>" + }, + "Name": { + "shape": "String", + "documentation": "<p>The name.</p>" + } + }, + "documentation": "<p>Describes an IAM instance profile for a Scheduled Instance.</p>" + }, + "ScheduledInstancesIpv6Address": { + "type": "structure", + "members": { + "Ipv6Address": { + "shape": "Ipv6Address", + "documentation": "<p>The IPv6 address.</p>" + } + }, + "documentation": "<p>Describes an IPv6 address.</p>" + }, + "ScheduledInstancesIpv6AddressList": { + "type": "list", + "member": { + "shape": "ScheduledInstancesIpv6Address", + "locationName": "Ipv6Address" + } + }, + "ScheduledInstancesLaunchSpecification": { + "type": "structure", + "required": [ + "ImageId" + ], + "members": { + "BlockDeviceMappings": { + "shape": "ScheduledInstancesBlockDeviceMappingSet", + "documentation": "<p>The block device mapping entries.</p>", + "locationName": "BlockDeviceMapping" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.</p> <p>Default: <code>false</code> </p>" + }, + "IamInstanceProfile": { + "shape": "ScheduledInstancesIamInstanceProfile", + "documentation": "<p>The IAM instance profile.</p>" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the Amazon Machine Image (AMI).</p>" + }, + "InstanceType": { + "shape": "String", + "documentation": "<p>The instance type.</p>" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p>" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>" + }, + "Monitoring": { + "shape": "ScheduledInstancesMonitoring", + "documentation": "<p>Enable or disable monitoring for the instances.</p>" + }, + "NetworkInterfaces": { + "shape": "ScheduledInstancesNetworkInterfaceSet", + "documentation": "<p>The network interfaces.</p>", + "locationName": "NetworkInterface" + }, + "Placement": { + "shape": "ScheduledInstancesPlacement", + "documentation": "<p>The placement information.</p>" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk.</p>" + }, + "SecurityGroupIds": { + "shape": "ScheduledInstancesSecurityGroupIdSet", + "documentation": "<p>The IDs of the security groups.</p>", + "locationName": "SecurityGroupId" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instances.</p>" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The base64-encoded MIME user data.</p>" + } + }, + "documentation": "<p>Describes the launch specification for a Scheduled Instance.</p> <p>If you are launching the Scheduled Instance in EC2-VPC, you must specify the ID of the subnet. You can specify the subnet using either <code>SubnetId</code> or <code>NetworkInterface</code>.</p>" + }, + "ScheduledInstancesMonitoring": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether monitoring is enabled.</p>" + } + }, + "documentation": "<p>Describes whether monitoring is enabled for a Scheduled Instance.</p>" + }, + "ScheduledInstancesNetworkInterface": { + "type": "structure", + "members": { + "AssociatePublicIpAddress": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to assign a public IPv4 address to instances launched in a VPC. The public IPv4 address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is <code>true</code>.</p>" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether to delete the interface when the instance is terminated.</p>" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description.</p>" + }, + "DeviceIndex": { + "shape": "Integer", + "documentation": "<p>The index of the device for the network interface attachment.</p>" + }, + "Groups": { + "shape": "ScheduledInstancesSecurityGroupIdSet", + "documentation": "<p>The IDs of the security groups.</p>", + "locationName": "Group" + }, + "Ipv6AddressCount": { + "shape": "Integer", + "documentation": "<p>The number of IPv6 addresses to assign to the network interface. The IPv6 addresses are automatically selected from the subnet range.</p>" + }, + "Ipv6Addresses": { + "shape": "ScheduledInstancesIpv6AddressList", + "documentation": "<p>The specific IPv6 addresses from the subnet range.</p>", + "locationName": "Ipv6Address" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The IPv4 address of the network interface within the subnet.</p>" + }, + "PrivateIpAddressConfigs": { + "shape": "PrivateIpAddressConfigSet", + "documentation": "<p>The private IPv4 addresses.</p>", + "locationName": "PrivateIpAddressConfig" + }, + "SecondaryPrivateIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of secondary private IPv4 addresses.</p>" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>" + } + }, + "documentation": "<p>Describes a network interface for a Scheduled Instance.</p>" + }, + "ScheduledInstancesNetworkInterfaceSet": { + "type": "list", + "member": { + "shape": "ScheduledInstancesNetworkInterface", + "locationName": "NetworkInterface" + } + }, + "ScheduledInstancesPlacement": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group.</p>" + } + }, + "documentation": "<p>Describes the placement for a Scheduled Instance.</p>" + }, + "ScheduledInstancesPrivateIpAddressConfig": { + "type": "structure", + "members": { + "Primary": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is a primary IPv4 address. Otherwise, this is a secondary IPv4 address.</p>" + }, + "PrivateIpAddress": { + "shape": "String", + "documentation": "<p>The IPv4 address.</p>" + } + }, + "documentation": "<p>Describes a private IPv4 address for a Scheduled Instance.</p>" + }, + "ScheduledInstancesSecurityGroupIdSet": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SecurityGroupId" + } + }, + "SearchTransitGatewayRoutesRequest": { + "type": "structure", + "required": [ + "TransitGatewayRouteTableId", + "Filters" + ], + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>" + }, + "Filters": { + "shape": "FilterList", + "documentation": "<p>One or more filters. The possible values are:</p> <ul> <li> <p> <code>attachment.transit-gateway-attachment-id</code>- The id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-id</code> - The resource id of the transit gateway attachment.</p> </li> <li> <p> <code>attachment.resource-type</code> - The attachment resource type (<code>vpc</code> | <code>vpn</code>).</p> </li> <li> <p> <code>route-search.exact-match</code> - The exact match of the specified filter.</p> </li> <li> <p> <code>route-search.longest-prefix-match</code> - The longest prefix that matches the route.</p> </li> <li> <p> <code>route-search.subnet-of-match</code> - The routes with a subnet that match the specified CIDR filter.</p> </li> <li> <p> <code>route-search.supernet-of-match</code> - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.</p> </li> <li> <p> <code>state</code> - The state of the route (<code>active</code> | <code>blackhole</code>).</p> </li> <li> <p> <code>type</code> - The type of roue (<code>propagated</code> | <code>static</code>).</p> </li> </ul>", + "locationName": "Filter" + }, + "MaxResults": { + "shape": "TransitGatewayMaxResults", + "documentation": "<p>The maximum number of routes to return.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "SearchTransitGatewayRoutesResult": { + "type": "structure", + "members": { + "Routes": { + "shape": "TransitGatewayRouteList", + "documentation": "<p>Information about the routes.</p>", + "locationName": "routeSet" + }, + "AdditionalRoutesAvailable": { + "shape": "Boolean", + "documentation": "<p>Indicates whether there are additional routes available.</p>", + "locationName": "additionalRoutesAvailable" + } + } + }, + "SecurityGroup": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the security group.</p>", + "locationName": "groupDescription" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group.</p>", + "locationName": "groupName" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The inbound rules associated with the security group.</p>", + "locationName": "ipPermissions" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the security group.</p>", + "locationName": "ownerId" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "IpPermissionsEgress": { + "shape": "IpPermissionList", + "documentation": "<p>[VPC only] The outbound rules associated with the security group.</p>", + "locationName": "ipPermissionsEgress" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the security group.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>[VPC only] The ID of the VPC for the security group.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes a security group</p>" + }, + "SecurityGroupIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SecurityGroupId" + } + }, + "SecurityGroupIdentifier": { + "type": "structure", + "members": { + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group.</p>", + "locationName": "groupName" + } + }, + "documentation": "<p>Describes a security group.</p>" + }, + "SecurityGroupList": { + "type": "list", + "member": { + "shape": "SecurityGroup", + "locationName": "item" + } + }, + "SecurityGroupReference": { + "type": "structure", + "members": { + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of your security group.</p>", + "locationName": "groupId" + }, + "ReferencingVpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC with the referencing security group.</p>", + "locationName": "referencingVpcId" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + }, + "documentation": "<p>Describes a VPC with a security group that references your security group.</p>" + }, + "SecurityGroupReferences": { + "type": "list", + "member": { + "shape": "SecurityGroupReference", + "locationName": "item" + } + }, + "SecurityGroupStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SecurityGroup" + } + }, + "ServiceConfiguration": { + "type": "structure", + "members": { + "ServiceType": { + "shape": "ServiceTypeDetailSet", + "documentation": "<p>The type of service.</p>", + "locationName": "serviceType" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service.</p>", + "locationName": "serviceId" + }, + "ServiceName": { + "shape": "String", + "documentation": "<p>The name of the service.</p>", + "locationName": "serviceName" + }, + "ServiceState": { + "shape": "ServiceState", + "documentation": "<p>The service state.</p>", + "locationName": "serviceState" + }, + "AvailabilityZones": { + "shape": "ValueStringList", + "documentation": "<p>In the Availability Zones in which the service is available.</p>", + "locationName": "availabilityZoneSet" + }, + "AcceptanceRequired": { + "shape": "Boolean", + "documentation": "<p>Indicates whether requests from other AWS accounts to create an endpoint to the service must first be accepted.</p>", + "locationName": "acceptanceRequired" + }, + "ManagesVpcEndpoints": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the service manages it's VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>", + "locationName": "managesVpcEndpoints" + }, + "NetworkLoadBalancerArns": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARNs) of the Network Load Balancers for the service.</p>", + "locationName": "networkLoadBalancerArnSet" + }, + "BaseEndpointDnsNames": { + "shape": "ValueStringList", + "documentation": "<p>The DNS names for the service.</p>", + "locationName": "baseEndpointDnsNameSet" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private DNS name for the service.</p>", + "locationName": "privateDnsName" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the service.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a service configuration for a VPC endpoint service.</p>" + }, + "ServiceConfigurationSet": { + "type": "list", + "member": { + "shape": "ServiceConfiguration", + "locationName": "item" + } + }, + "ServiceDetail": { + "type": "structure", + "members": { + "ServiceName": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the service.</p>", + "locationName": "serviceName" + }, + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the endpoint service.</p>", + "locationName": "serviceId" + }, + "ServiceType": { + "shape": "ServiceTypeDetailSet", + "documentation": "<p>The type of service.</p>", + "locationName": "serviceType" + }, + "AvailabilityZones": { + "shape": "ValueStringList", + "documentation": "<p>The Availability Zones in which the service is available.</p>", + "locationName": "availabilityZoneSet" + }, + "Owner": { + "shape": "String", + "documentation": "<p>The AWS account ID of the service owner.</p>", + "locationName": "owner" + }, + "BaseEndpointDnsNames": { + "shape": "ValueStringList", + "documentation": "<p>The DNS names for the service.</p>", + "locationName": "baseEndpointDnsNameSet" + }, + "PrivateDnsName": { + "shape": "String", + "documentation": "<p>The private DNS name for the service.</p>", + "locationName": "privateDnsName" + }, + "VpcEndpointPolicySupported": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the service supports endpoint policies.</p>", + "locationName": "vpcEndpointPolicySupported" + }, + "AcceptanceRequired": { + "shape": "Boolean", + "documentation": "<p>Indicates whether VPC endpoint connection requests to the service must be accepted by the service owner.</p>", + "locationName": "acceptanceRequired" + }, + "ManagesVpcEndpoints": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the service manages it's VPC endpoints. Management of the service VPC endpoints using the VPC endpoint API is restricted.</p>", + "locationName": "managesVpcEndpoints" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the service.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a VPC endpoint service.</p>" + }, + "ServiceDetailSet": { + "type": "list", + "member": { + "shape": "ServiceDetail", + "locationName": "item" + } + }, + "ServiceState": { + "type": "string", + "enum": [ + "Pending", + "Available", + "Deleting", + "Deleted", + "Failed" + ] + }, + "ServiceType": { + "type": "string", + "enum": [ + "Interface", + "Gateway" + ] + }, + "ServiceTypeDetail": { + "type": "structure", + "members": { + "ServiceType": { + "shape": "ServiceType", + "documentation": "<p>The type of service.</p>", + "locationName": "serviceType" + } + }, + "documentation": "<p>Describes the type of service for a VPC endpoint.</p>" + }, + "ServiceTypeDetailSet": { + "type": "list", + "member": { + "shape": "ServiceTypeDetail", + "locationName": "item" + } + }, + "ShutdownBehavior": { + "type": "string", + "enum": [ + "stop", + "terminate" + ] + }, + "SlotDateTimeRangeRequest": { + "type": "structure", + "required": [ + "EarliestTime", + "LatestTime" + ], + "members": { + "EarliestTime": { + "shape": "DateTime", + "documentation": "<p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>" + }, + "LatestTime": { + "shape": "DateTime", + "documentation": "<p>The latest date and time, in UTC, for the Scheduled Instance to start. This value must be later than or equal to the earliest date and at most three months in the future.</p>" + } + }, + "documentation": "<p>Describes the time period for a Scheduled Instance to start its first schedule. The time period must span less than one day.</p>" + }, + "SlotStartTimeRangeRequest": { + "type": "structure", + "members": { + "EarliestTime": { + "shape": "DateTime", + "documentation": "<p>The earliest date and time, in UTC, for the Scheduled Instance to start.</p>" + }, + "LatestTime": { + "shape": "DateTime", + "documentation": "<p>The latest date and time, in UTC, for the Scheduled Instance to start.</p>" + } + }, + "documentation": "<p>Describes the time period for a Scheduled Instance to start its first schedule.</p>" + }, + "Snapshot": { + "type": "structure", + "members": { + "DataEncryptionKeyId": { + "shape": "String", + "documentation": "<p>The data encryption key identifier for the snapshot. This value is a unique identifier that corresponds to the data encryption key that was used to encrypt the original volume or snapshot copy. Because data encryption keys are inherited by volumes created from snapshots, and vice versa, if snapshots share the same data encryption key identifier, then they belong to the same volume/snapshot lineage. This parameter is only returned by <a>DescribeSnapshots</a>.</p>", + "locationName": "dataEncryptionKeyId" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description for the snapshot.</p>", + "locationName": "description" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the snapshot is encrypted.</p>", + "locationName": "encrypted" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the parent volume.</p>", + "locationName": "kmsKeyId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the EBS snapshot owner.</p>", + "locationName": "ownerId" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The progress of the snapshot, as a percentage.</p>", + "locationName": "progress" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The ID of the snapshot. Each snapshot receives a unique identifier when it is created.</p>", + "locationName": "snapshotId" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The time stamp when the snapshot was initiated.</p>", + "locationName": "startTime" + }, + "State": { + "shape": "SnapshotState", + "documentation": "<p>The snapshot state.</p>", + "locationName": "status" + }, + "StateMessage": { + "shape": "String", + "documentation": "<p>Encrypted Amazon EBS snapshots are copied asynchronously. If a snapshot copy operation fails (for example, if the proper AWS Key Management Service (AWS KMS) permissions are not obtained) this field displays error state details to help you diagnose why the error occurred. This parameter is only returned by <a>DescribeSnapshots</a>.</p>", + "locationName": "statusMessage" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume that was used to create the snapshot. Snapshots created by the <a>CopySnapshot</a> action have an arbitrary volume ID that should not be used for any purpose.</p>", + "locationName": "volumeId" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiB.</p>", + "locationName": "volumeSize" + }, + "OwnerAlias": { + "shape": "String", + "documentation": "<p> Value from an Amazon-maintained list (<code>amazon</code> | <code>self</code> | <code>all</code> | <code>aws-marketplace</code> | <code>microsoft</code>) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console. </p>", + "locationName": "ownerAlias" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the snapshot.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a snapshot.</p>" + }, + "SnapshotAttributeName": { + "type": "string", + "enum": [ + "productCodes", + "createVolumePermission" + ] + }, + "SnapshotDetail": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the snapshot.</p>", + "locationName": "description" + }, + "DeviceName": { + "shape": "String", + "documentation": "<p>The block device mapping for the snapshot.</p>", + "locationName": "deviceName" + }, + "DiskImageSize": { + "shape": "Double", + "documentation": "<p>The size of the disk in the snapshot, in GiB.</p>", + "locationName": "diskImageSize" + }, + "Format": { + "shape": "String", + "documentation": "<p>The format of the disk image from which the snapshot is created.</p>", + "locationName": "format" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The percentage of progress for the task.</p>", + "locationName": "progress" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The snapshot ID of the disk being imported.</p>", + "locationName": "snapshotId" + }, + "Status": { + "shape": "String", + "documentation": "<p>A brief status of the snapshot creation.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A detailed status message for the snapshot creation.</p>", + "locationName": "statusMessage" + }, + "Url": { + "shape": "String", + "documentation": "<p>The URL used to access the disk image.</p>", + "locationName": "url" + }, + "UserBucket": { + "shape": "UserBucketDetails", + "documentation": "<p>The S3 bucket for the disk image.</p>", + "locationName": "userBucket" + } + }, + "documentation": "<p>Describes the snapshot created from the imported disk.</p>" + }, + "SnapshotDetailList": { + "type": "list", + "member": { + "shape": "SnapshotDetail", + "locationName": "item" + } + }, + "SnapshotDiskContainer": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>The description of the disk image being imported.</p>" + }, + "Format": { + "shape": "String", + "documentation": "<p>The format of the disk image being imported.</p> <p>Valid values: <code>VHD</code> | <code>VMDK</code> </p>" + }, + "Url": { + "shape": "String", + "documentation": "<p>The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon S3 URL (s3://..).</p>" + }, + "UserBucket": { + "shape": "UserBucket", + "documentation": "<p>The S3 bucket for the disk image.</p>" + } + }, + "documentation": "<p>The disk container object for the import snapshot request.</p>" + }, + "SnapshotIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SnapshotId" + } + }, + "SnapshotInfo": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>Description specified by the CreateSnapshotRequest that has been applied to all snapshots.</p>", + "locationName": "description" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Tags associated with this snapshot.</p>", + "locationName": "tagSet" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the snapshot is encrypted.</p>", + "locationName": "encrypted" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>Source volume from which this snapshot was created.</p>", + "locationName": "volumeId" + }, + "State": { + "shape": "SnapshotState", + "documentation": "<p>Current state of the snapshot.</p>", + "locationName": "state" + }, + "VolumeSize": { + "shape": "Integer", + "documentation": "<p>Size of the volume from which this snapshot was created.</p>", + "locationName": "volumeSize" + }, + "StartTime": { + "shape": "MillisecondDateTime", + "documentation": "<p>Time this snapshot was started. This is the same for all snapshots initiated by the same request.</p>", + "locationName": "startTime" + }, + "Progress": { + "shape": "String", + "documentation": "<p>Progress this snapshot has made towards completing.</p>", + "locationName": "progress" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>Account id used when creating this snapshot.</p>", + "locationName": "ownerId" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>Snapshot id that can be used to describe this snapshot.</p>", + "locationName": "snapshotId" + } + }, + "documentation": "<p>Information about a snapshot.</p>" + }, + "SnapshotList": { + "type": "list", + "member": { + "shape": "Snapshot", + "locationName": "item" + } + }, + "SnapshotSet": { + "type": "list", + "member": { + "shape": "SnapshotInfo", + "locationName": "item" + } + }, + "SnapshotState": { + "type": "string", + "enum": [ + "pending", + "completed", + "error" + ] + }, + "SnapshotTaskDetail": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>The description of the snapshot.</p>", + "locationName": "description" + }, + "DiskImageSize": { + "shape": "Double", + "documentation": "<p>The size of the disk in the snapshot, in GiB.</p>", + "locationName": "diskImageSize" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the snapshot is encrypted.</p>", + "locationName": "encrypted" + }, + "Format": { + "shape": "String", + "documentation": "<p>The format of the disk image from which the snapshot is created.</p>", + "locationName": "format" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The identifier for the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to create the encrypted snapshot.</p>", + "locationName": "kmsKeyId" + }, + "Progress": { + "shape": "String", + "documentation": "<p>The percentage of completion for the import snapshot task.</p>", + "locationName": "progress" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The snapshot ID of the disk being imported.</p>", + "locationName": "snapshotId" + }, + "Status": { + "shape": "String", + "documentation": "<p>A brief status for the import snapshot task.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A detailed status message for the import snapshot task.</p>", + "locationName": "statusMessage" + }, + "Url": { + "shape": "String", + "documentation": "<p>The URL of the disk image from which the snapshot is created.</p>", + "locationName": "url" + }, + "UserBucket": { + "shape": "UserBucketDetails", + "documentation": "<p>The S3 bucket for the disk image.</p>", + "locationName": "userBucket" + } + }, + "documentation": "<p>Details about the import snapshot task.</p>" + }, + "SpotAllocationStrategy": { + "type": "string", + "enum": [ + "lowest-price", + "diversified" + ] + }, + "SpotDatafeedSubscription": { + "type": "structure", + "members": { + "Bucket": { + "shape": "String", + "documentation": "<p>The Amazon S3 bucket where the Spot Instance data feed is located.</p>", + "locationName": "bucket" + }, + "Fault": { + "shape": "SpotInstanceStateFault", + "documentation": "<p>The fault codes for the Spot Instance request, if any.</p>", + "locationName": "fault" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the account.</p>", + "locationName": "ownerId" + }, + "Prefix": { + "shape": "String", + "documentation": "<p>The prefix that is prepended to data feed files.</p>", + "locationName": "prefix" + }, + "State": { + "shape": "DatafeedSubscriptionState", + "documentation": "<p>The state of the Spot Instance data feed subscription.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes the data feed for a Spot Instance.</p>" + }, + "SpotFleetLaunchSpecification": { + "type": "structure", + "members": { + "SecurityGroups": { + "shape": "GroupIdentifierList", + "documentation": "<p>One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.</p>", + "locationName": "groupSet" + }, + "AddressingType": { + "shape": "String", + "documentation": "<p>Deprecated.</p>", + "locationName": "addressingType" + }, + "BlockDeviceMappings": { + "shape": "BlockDeviceMappingList", + "documentation": "<p>One or more block devices that are mapped to the Spot instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.</p>", + "locationName": "blockDeviceMapping" + }, + "EbsOptimized": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "ebsOptimized" + }, + "IamInstanceProfile": { + "shape": "IamInstanceProfileSpecification", + "documentation": "<p>The IAM instance profile.</p>", + "locationName": "iamInstanceProfile" + }, + "ImageId": { + "shape": "String", + "documentation": "<p>The ID of the AMI.</p>", + "locationName": "imageId" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "KernelId": { + "shape": "String", + "documentation": "<p>The ID of the kernel.</p>", + "locationName": "kernelId" + }, + "KeyName": { + "shape": "String", + "documentation": "<p>The name of the key pair.</p>", + "locationName": "keyName" + }, + "Monitoring": { + "shape": "SpotFleetMonitoring", + "documentation": "<p>Enable or disable monitoring for the instances.</p>", + "locationName": "monitoring" + }, + "NetworkInterfaces": { + "shape": "InstanceNetworkInterfaceSpecificationList", + "documentation": "<p>One or more network interfaces. If you specify a network interface, you must specify subnet IDs and security group IDs using the network interface.</p>", + "locationName": "networkInterfaceSet" + }, + "Placement": { + "shape": "SpotPlacement", + "documentation": "<p>The placement information.</p>", + "locationName": "placement" + }, + "RamdiskId": { + "shape": "String", + "documentation": "<p>The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.</p>", + "locationName": "ramdiskId" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance. If this value is not specified, the default is the Spot price specified for the fleet. To determine the Spot price per unit hour, divide the Spot price by the value of <code>WeightedCapacity</code>.</p>", + "locationName": "spotPrice" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-a61dafcf, subnet-65ea5f08\".</p>", + "locationName": "subnetId" + }, + "UserData": { + "shape": "String", + "documentation": "<p>The Base64-encoded user data that instances use when starting up.</p>", + "locationName": "userData" + }, + "WeightedCapacity": { + "shape": "Double", + "documentation": "<p>The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.</p> <p>If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.</p>", + "locationName": "weightedCapacity" + }, + "TagSpecifications": { + "shape": "SpotFleetTagSpecificationList", + "documentation": "<p>The tags to apply during creation.</p>", + "locationName": "tagSpecificationSet" + } + }, + "documentation": "<p>Describes the launch specification for one or more Spot Instances. If you include On-Demand capacity in your fleet request, you can't use <code>SpotFleetLaunchSpecification</code>; you must use <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateConfig.html\">LaunchTemplateConfig</a>.</p>" + }, + "SpotFleetMonitoring": { + "type": "structure", + "members": { + "Enabled": { + "shape": "Boolean", + "documentation": "<p>Enables monitoring for the instance.</p> <p>Default: <code>false</code> </p>", + "locationName": "enabled" + } + }, + "documentation": "<p>Describes whether monitoring is enabled.</p>" + }, + "SpotFleetRequestConfig": { + "type": "structure", + "members": { + "ActivityStatus": { + "shape": "ActivityStatus", + "documentation": "<p>The progress of the Spot Fleet request. If there is an error, the status is <code>error</code>. After all requests are placed, the status is <code>pending_fulfillment</code>. If the size of the fleet is equal to or greater than its target capacity, the status is <code>fulfilled</code>. If the size of the fleet is decreased, the status is <code>pending_termination</code> while Spot Instances are terminating.</p>", + "locationName": "activityStatus" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The creation date and time of the request.</p>", + "locationName": "createTime" + }, + "SpotFleetRequestConfig": { + "shape": "SpotFleetRequestConfigData", + "documentation": "<p>The configuration of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestConfig" + }, + "SpotFleetRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestId" + }, + "SpotFleetRequestState": { + "shape": "BatchState", + "documentation": "<p>The state of the Spot Fleet request.</p>", + "locationName": "spotFleetRequestState" + } + }, + "documentation": "<p>Describes a Spot Fleet request.</p>" + }, + "SpotFleetRequestConfigData": { + "type": "structure", + "required": [ + "IamFleetRole", + "TargetCapacity" + ], + "members": { + "AllocationStrategy": { + "shape": "AllocationStrategy", + "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowestPrice</code>.</p>", + "locationName": "allocationStrategy" + }, + "OnDemandAllocationStrategy": { + "shape": "OnDemandAllocationStrategy", + "documentation": "<p>The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify <code>lowestPrice</code>, Spot Fleet uses price to determine the order, launching the lowest price first. If you specify <code>prioritized</code>, Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to <code>lowestPrice</code>.</p>", + "locationName": "onDemandAllocationStrategy" + }, + "ClientToken": { + "shape": "String", + "documentation": "<p>A unique, case-sensitive identifier that you provide to ensure the idempotency of your listings. This helps to avoid duplicate listings. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html\">Ensuring Idempotency</a>.</p>", + "locationName": "clientToken" + }, + "ExcessCapacityTerminationPolicy": { + "shape": "ExcessCapacityTerminationPolicy", + "documentation": "<p>Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.</p>", + "locationName": "excessCapacityTerminationPolicy" + }, + "FulfilledCapacity": { + "shape": "Double", + "documentation": "<p>The number of units fulfilled by this request compared to the set target capacity. You cannot set this value.</p>", + "locationName": "fulfilledCapacity" + }, + "OnDemandFulfilledCapacity": { + "shape": "Double", + "documentation": "<p>The number of On-Demand units fulfilled by this request compared to the set target On-Demand capacity.</p>", + "locationName": "onDemandFulfilledCapacity" + }, + "IamFleetRole": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites\">Spot Fleet Prerequisites</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>. Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using <a>CancelSpotFleetRequests</a> or when the Spot Fleet request expires, if you set <code>TerminateInstancesWithExpiration</code>.</p>", + "locationName": "iamFleetRole" + }, + "LaunchSpecifications": { + "shape": "LaunchSpecsList", + "documentation": "<p>The launch specifications for the Spot Fleet request. If you specify <code>LaunchSpecifications</code>, you can't specify <code>LaunchTemplateConfigs</code>. If you include On-Demand capacity in your request, you must use <code>LaunchTemplateConfigs</code>.</p>", + "locationName": "launchSpecifications" + }, + "LaunchTemplateConfigs": { + "shape": "LaunchTemplateConfigList", + "documentation": "<p>The launch template and overrides. If you specify <code>LaunchTemplateConfigs</code>, you can't specify <code>LaunchSpecifications</code>. If you include On-Demand capacity in your request, you must use <code>LaunchTemplateConfigs</code>.</p>", + "locationName": "launchTemplateConfigs" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per unit hour that you are willing to pay for a Spot Instance. The default is the On-Demand price.</p>", + "locationName": "spotPrice" + }, + "TargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>", + "locationName": "targetCapacity" + }, + "OnDemandTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>", + "locationName": "onDemandTargetCapacity" + }, + "TerminateInstancesWithExpiration": { + "shape": "Boolean", + "documentation": "<p>Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.</p>", + "locationName": "terminateInstancesWithExpiration" + }, + "Type": { + "shape": "FleetType", + "documentation": "<p>The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is <code>request</code>, the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is <code>maintain</code>, the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: <code>maintain</code>. <code>instant</code> is listed but is not used by Spot Fleet.</p>", + "locationName": "type" + }, + "ValidFrom": { + "shape": "DateTime", + "documentation": "<p>The start date and time of the request, in UTC format (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). By default, Amazon EC2 starts fulfilling the request immediately.</p>", + "locationName": "validFrom" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date and time of the request, in UTC format (<i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.</p>", + "locationName": "validUntil" + }, + "ReplaceUnhealthyInstances": { + "shape": "Boolean", + "documentation": "<p>Indicates whether Spot Fleet should replace unhealthy instances.</p>", + "locationName": "replaceUnhealthyInstances" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>", + "locationName": "instanceInterruptionBehavior" + }, + "LoadBalancersConfig": { + "shape": "LoadBalancersConfig", + "documentation": "<p>One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.</p> <p>With Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.</p>", + "locationName": "loadBalancersConfig" + }, + "InstancePoolsToUseCount": { + "shape": "Integer", + "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot <b>AllocationStrategy</b> is set to <code>lowest-price</code>. Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>", + "locationName": "instancePoolsToUseCount" + } + }, + "documentation": "<p>Describes the configuration of a Spot Fleet request.</p>" + }, + "SpotFleetRequestConfigSet": { + "type": "list", + "member": { + "shape": "SpotFleetRequestConfig", + "locationName": "item" + } + }, + "SpotFleetTagSpecification": { + "type": "structure", + "members": { + "ResourceType": { + "shape": "ResourceType", + "documentation": "<p>The type of resource. Currently, the only resource type that is supported is <code>instance</code>.</p>", + "locationName": "resourceType" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags.</p>", + "locationName": "tag" + } + }, + "documentation": "<p>The tags for a Spot Fleet resource.</p>" + }, + "SpotFleetTagSpecificationList": { + "type": "list", + "member": { + "shape": "SpotFleetTagSpecification", + "locationName": "item" + } + }, + "SpotInstanceInterruptionBehavior": { + "type": "string", + "enum": [ + "hibernate", + "stop", + "terminate" + ] + }, + "SpotInstanceRequest": { + "type": "structure", + "members": { + "ActualBlockHourlyPrice": { + "shape": "String", + "documentation": "<p>If you specified a duration and your Spot Instance request was fulfilled, this is the fixed hourly price in effect for the Spot Instance while it runs.</p>", + "locationName": "actualBlockHourlyPrice" + }, + "AvailabilityZoneGroup": { + "shape": "String", + "documentation": "<p>The Availability Zone group. If you specify the same Availability Zone group for all Spot Instance requests, all Spot Instances are launched in the same Availability Zone.</p>", + "locationName": "availabilityZoneGroup" + }, + "BlockDurationMinutes": { + "shape": "Integer", + "documentation": "<p>The duration for the Spot Instance, in minutes.</p>", + "locationName": "blockDurationMinutes" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The date and time when the Spot Instance request was created, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "createTime" + }, + "Fault": { + "shape": "SpotInstanceStateFault", + "documentation": "<p>The fault codes for the Spot Instance request, if any.</p>", + "locationName": "fault" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The instance ID, if an instance has been launched to fulfill the Spot Instance request.</p>", + "locationName": "instanceId" + }, + "LaunchGroup": { + "shape": "String", + "documentation": "<p>The instance launch group. Launch groups are Spot Instances that launch together and terminate together.</p>", + "locationName": "launchGroup" + }, + "LaunchSpecification": { + "shape": "LaunchSpecification", + "documentation": "<p>Additional information for launching instances.</p>", + "locationName": "launchSpecification" + }, + "LaunchedAvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone in which the request is launched.</p>", + "locationName": "launchedAvailabilityZone" + }, + "ProductDescription": { + "shape": "RIProductDescription", + "documentation": "<p>The product description associated with the Spot Instance.</p>", + "locationName": "productDescription" + }, + "SpotInstanceRequestId": { + "shape": "String", + "documentation": "<p>The ID of the Spot Instance request.</p>", + "locationName": "spotInstanceRequestId" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per hour that you are willing to pay for a Spot Instance.</p>", + "locationName": "spotPrice" + }, + "State": { + "shape": "SpotInstanceState", + "documentation": "<p>The state of the Spot Instance request. Spot status information helps track your Spot Instance requests. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html\">Spot Status</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>", + "locationName": "state" + }, + "Status": { + "shape": "SpotInstanceStatus", + "documentation": "<p>The status code and status message describing the Spot Instance request.</p>", + "locationName": "status" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the resource.</p>", + "locationName": "tagSet" + }, + "Type": { + "shape": "SpotInstanceType", + "documentation": "<p>The Spot Instance request type.</p>", + "locationName": "type" + }, + "ValidFrom": { + "shape": "DateTime", + "documentation": "<p>The start date of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). The request becomes active at this date and time.</p>", + "locationName": "validFrom" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date of the request, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z). If this is a one-time request, it remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date is reached. The default end date is 7 days from the current date.</p>", + "locationName": "validUntil" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted.</p>", + "locationName": "instanceInterruptionBehavior" + } + }, + "documentation": "<p>Describes a Spot Instance request.</p>" + }, + "SpotInstanceRequestIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SpotInstanceRequestId" + } + }, + "SpotInstanceRequestList": { + "type": "list", + "member": { + "shape": "SpotInstanceRequest", + "locationName": "item" + } + }, + "SpotInstanceState": { + "type": "string", + "enum": [ + "open", + "active", + "closed", + "cancelled", + "failed" + ] + }, + "SpotInstanceStateFault": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The reason code for the Spot Instance state change.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The message for the Spot Instance state change.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes a Spot Instance state change.</p>" + }, + "SpotInstanceStatus": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The status code. For a list of status codes, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-bid-status.html#spot-instance-bid-status-understand\">Spot Status Codes</a> in the <i>Amazon EC2 User Guide for Linux Instances</i>.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The description for the status code.</p>", + "locationName": "message" + }, + "UpdateTime": { + "shape": "DateTime", + "documentation": "<p>The date and time of the most recent status update, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "updateTime" + } + }, + "documentation": "<p>Describes the status of a Spot Instance request.</p>" + }, + "SpotInstanceType": { + "type": "string", + "enum": [ + "one-time", + "persistent" + ] + }, + "SpotMarketOptions": { + "type": "structure", + "members": { + "MaxPrice": { + "shape": "String", + "documentation": "<p>The maximum hourly price you're willing to pay for the Spot Instances. The default is the On-Demand price.</p>" + }, + "SpotInstanceType": { + "shape": "SpotInstanceType", + "documentation": "<p>The Spot Instance request type. For <a>RunInstances</a>, persistent Spot Instance requests are only supported when <b>InstanceInterruptionBehavior</b> is set to either <code>hibernate</code> or <code>stop</code>.</p>" + }, + "BlockDurationMinutes": { + "shape": "Integer", + "documentation": "<p>The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).</p>" + }, + "ValidUntil": { + "shape": "DateTime", + "documentation": "<p>The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached. The default end date is 7 days from the current date.</p>" + }, + "InstanceInterruptionBehavior": { + "shape": "InstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>" + } + }, + "documentation": "<p>The options for Spot Instances.</p>" + }, + "SpotOptions": { + "type": "structure", + "members": { + "AllocationStrategy": { + "shape": "SpotAllocationStrategy", + "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowest-price</code>.</p>", + "locationName": "allocationStrategy" + }, + "InstanceInterruptionBehavior": { + "shape": "SpotInstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>", + "locationName": "instanceInterruptionBehavior" + }, + "InstancePoolsToUseCount": { + "shape": "Integer", + "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when <b>AllocationStrategy</b> is set to <code>lowestPrice</code>. EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>", + "locationName": "instancePoolsToUseCount" + }, + "SingleInstanceType": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.</p>", + "locationName": "singleInstanceType" + }, + "SingleAvailabilityZone": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone.</p>", + "locationName": "singleAvailabilityZone" + }, + "MinTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The minimum target capacity for Spot Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>", + "locationName": "minTargetCapacity" + } + }, + "documentation": "<p>Describes the configuration of Spot Instances in an EC2 Fleet.</p>" + }, + "SpotOptionsRequest": { + "type": "structure", + "members": { + "AllocationStrategy": { + "shape": "SpotAllocationStrategy", + "documentation": "<p>Indicates how to allocate the target capacity across the Spot pools specified by the Spot Fleet request. The default is <code>lowestPrice</code>.</p>" + }, + "InstanceInterruptionBehavior": { + "shape": "SpotInstanceInterruptionBehavior", + "documentation": "<p>The behavior when a Spot Instance is interrupted. The default is <code>terminate</code>.</p>" + }, + "InstancePoolsToUseCount": { + "shape": "Integer", + "documentation": "<p>The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot <b>AllocationStrategy</b> is set to <code>lowest-price</code>. EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.</p>" + }, + "SingleInstanceType": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.</p>" + }, + "SingleAvailabilityZone": { + "shape": "Boolean", + "documentation": "<p>Indicates that the fleet launches all Spot Instances into a single Availability Zone.</p>" + }, + "MinTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The minimum target capacity for Spot Instances in the fleet. If the minimum target capacity is not reached, the fleet launches no instances.</p>" + } + }, + "documentation": "<p>Describes the configuration of Spot Instances in an EC2 Fleet request.</p>" + }, + "SpotPlacement": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p> <p>[Spot Fleet only] To specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".</p>", + "locationName": "availabilityZone" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the placement group.</p>", + "locationName": "groupName" + }, + "Tenancy": { + "shape": "Tenancy", + "documentation": "<p>The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of <code>dedicated</code> runs on single-tenant hardware. The <code>host</code> tenancy is not supported for Spot Instances.</p>", + "locationName": "tenancy" + } + }, + "documentation": "<p>Describes Spot Instance placement.</p>" + }, + "SpotPrice": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone.</p>", + "locationName": "availabilityZone" + }, + "InstanceType": { + "shape": "InstanceType", + "documentation": "<p>The instance type.</p>", + "locationName": "instanceType" + }, + "ProductDescription": { + "shape": "RIProductDescription", + "documentation": "<p>A general description of the AMI.</p>", + "locationName": "productDescription" + }, + "SpotPrice": { + "shape": "String", + "documentation": "<p>The maximum price per hour that you are willing to pay for a Spot Instance.</p>", + "locationName": "spotPrice" + }, + "Timestamp": { + "shape": "DateTime", + "documentation": "<p>The date and time the request was created, in UTC format (for example, <i>YYYY</i>-<i>MM</i>-<i>DD</i>T<i>HH</i>:<i>MM</i>:<i>SS</i>Z).</p>", + "locationName": "timestamp" + } + }, + "documentation": "<p>Describes the maximum price per hour that you are willing to pay for a Spot Instance.</p>" + }, + "SpotPriceHistoryList": { + "type": "list", + "member": { + "shape": "SpotPrice", + "locationName": "item" + } + }, + "StaleIpPermission": { + "type": "structure", + "members": { + "FromPort": { + "shape": "Integer", + "documentation": "<p>The start of the port range for the TCP and UDP protocols, or an ICMP type number. A value of <code>-1</code> indicates all ICMP types. </p>", + "locationName": "fromPort" + }, + "IpProtocol": { + "shape": "String", + "documentation": "<p>The IP protocol name (for <code>tcp</code>, <code>udp</code>, and <code>icmp</code>) or number (see <a href=\"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml\">Protocol Numbers)</a>.</p>", + "locationName": "ipProtocol" + }, + "IpRanges": { + "shape": "IpRanges", + "documentation": "<p>The IP ranges. Not applicable for stale security group rules.</p>", + "locationName": "ipRanges" + }, + "PrefixListIds": { + "shape": "PrefixListIdSet", + "documentation": "<p>The prefix list IDs for an AWS service. Not applicable for stale security group rules.</p>", + "locationName": "prefixListIds" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The end of the port range for the TCP and UDP protocols, or an ICMP type number. A value of <code>-1</code> indicates all ICMP types. </p>", + "locationName": "toPort" + }, + "UserIdGroupPairs": { + "shape": "UserIdGroupPairSet", + "documentation": "<p>The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.</p>", + "locationName": "groups" + } + }, + "documentation": "<p>Describes a stale rule in a security group.</p>" + }, + "StaleIpPermissionSet": { + "type": "list", + "member": { + "shape": "StaleIpPermission", + "locationName": "item" + } + }, + "StaleSecurityGroup": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>The description of the security group.</p>", + "locationName": "description" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group.</p>", + "locationName": "groupName" + }, + "StaleIpPermissions": { + "shape": "StaleIpPermissionSet", + "documentation": "<p>Information about the stale inbound rules in the security group.</p>", + "locationName": "staleIpPermissions" + }, + "StaleIpPermissionsEgress": { + "shape": "StaleIpPermissionSet", + "documentation": "<p>Information about the stale outbound rules in the security group.</p>", + "locationName": "staleIpPermissionsEgress" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC for the security group.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes a stale security group (a security group that contains stale rules).</p>" + }, + "StaleSecurityGroupSet": { + "type": "list", + "member": { + "shape": "StaleSecurityGroup", + "locationName": "item" + } + }, + "StartInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "InstanceId" + }, + "AdditionalInfo": { + "shape": "String", + "documentation": "<p>Reserved.</p>", + "locationName": "additionalInfo" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "StartInstancesResult": { + "type": "structure", + "members": { + "StartingInstances": { + "shape": "InstanceStateChangeList", + "documentation": "<p>Information about the started instances.</p>", + "locationName": "instancesSet" + } + } + }, + "State": { + "type": "string", + "enum": [ + "PendingAcceptance", + "Pending", + "Available", + "Deleting", + "Deleted", + "Rejected", + "Failed", + "Expired" + ] + }, + "StateReason": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The reason code for the state change.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The message for the state change.</p> <ul> <li> <p> <code>Server.InsufficientInstanceCapacity</code>: There was insufficient capacity available to satisfy the launch request.</p> </li> <li> <p> <code>Server.InternalError</code>: An internal error caused the instance to terminate during launch.</p> </li> <li> <p> <code>Server.ScheduledStop</code>: The instance was stopped due to a scheduled retirement.</p> </li> <li> <p> <code>Server.SpotInstanceShutdown</code>: The instance was stopped because the number of Spot requests with a maximum price equal to or higher than the Spot price exceeded available capacity or because of an increase in the Spot price.</p> </li> <li> <p> <code>Server.SpotInstanceTermination</code>: The instance was terminated because the number of Spot requests with a maximum price equal to or higher than the Spot price exceeded available capacity or because of an increase in the Spot price.</p> </li> <li> <p> <code>Client.InstanceInitiatedShutdown</code>: The instance was shut down using the <code>shutdown -h</code> command from the instance.</p> </li> <li> <p> <code>Client.InstanceTerminated</code>: The instance was terminated or rebooted during AMI creation.</p> </li> <li> <p> <code>Client.InternalError</code>: A client error caused the instance to terminate during launch.</p> </li> <li> <p> <code>Client.InvalidSnapshot.NotFound</code>: The specified snapshot was not found.</p> </li> <li> <p> <code>Client.UserInitiatedHibernate</code>: Hibernation was initiated on the instance.</p> </li> <li> <p> <code>Client.UserInitiatedShutdown</code>: The instance was shut down using the Amazon EC2 API.</p> </li> <li> <p> <code>Client.VolumeLimitExceeded</code>: The limit on the number of EBS volumes or total storage was exceeded. Decrease usage or request an increase in your account limits.</p> </li> </ul>", + "locationName": "message" + } + }, + "documentation": "<p>Describes a state change.</p>" + }, + "Status": { + "type": "string", + "enum": [ + "MoveInProgress", + "InVpc", + "InClassic" + ] + }, + "StatusName": { + "type": "string", + "enum": [ + "reachability" + ] + }, + "StatusType": { + "type": "string", + "enum": [ + "passed", + "failed", + "insufficient-data", + "initializing" + ] + }, + "StopInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "InstanceId" + }, + "Hibernate": { + "shape": "Boolean", + "documentation": "<p>Hibernates the instance if the instance was enabled for hibernation at launch. If the instance cannot hibernate successfully, a normal shutdown occurs. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html\">Hibernate Your Instance</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p> Default: <code>false</code> </p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + }, + "Force": { + "shape": "Boolean", + "documentation": "<p>Forces the instances to stop. The instances do not have an opportunity to flush file system caches or file system metadata. If you use this option, you must perform file system check and repair procedures. This option is not recommended for Windows instances.</p> <p>Default: <code>false</code> </p>", + "locationName": "force" + } + } + }, + "StopInstancesResult": { + "type": "structure", + "members": { + "StoppingInstances": { + "shape": "InstanceStateChangeList", + "documentation": "<p>Information about the stopped instances.</p>", + "locationName": "instancesSet" + } + } + }, + "Storage": { + "type": "structure", + "members": { + "S3": { + "shape": "S3Storage", + "documentation": "<p>An Amazon S3 storage location.</p>" + } + }, + "documentation": "<p>Describes the storage location for an instance store-backed AMI.</p>" + }, + "StorageLocation": { + "type": "structure", + "members": { + "Bucket": { + "shape": "String", + "documentation": "<p>The name of the S3 bucket.</p>" + }, + "Key": { + "shape": "String", + "documentation": "<p>The key.</p>" + } + }, + "documentation": "<p>Describes a storage location in Amazon S3.</p>" + }, + "String": { + "type": "string" + }, + "Subnet": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the subnet.</p>", + "locationName": "availabilityZone" + }, + "AvailabilityZoneId": { + "shape": "String", + "documentation": "<p>The AZ ID of the subnet.</p>", + "locationName": "availabilityZoneId" + }, + "AvailableIpAddressCount": { + "shape": "Integer", + "documentation": "<p>The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.</p>", + "locationName": "availableIpAddressCount" + }, + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR block assigned to the subnet.</p>", + "locationName": "cidrBlock" + }, + "DefaultForAz": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is the default subnet for the Availability Zone.</p>", + "locationName": "defaultForAz" + }, + "MapPublicIpOnLaunch": { + "shape": "Boolean", + "documentation": "<p>Indicates whether instances launched in this subnet receive a public IPv4 address.</p>", + "locationName": "mapPublicIpOnLaunch" + }, + "State": { + "shape": "SubnetState", + "documentation": "<p>The current state of the subnet.</p>", + "locationName": "state" + }, + "SubnetId": { + "shape": "String", + "documentation": "<p>The ID of the subnet.</p>", + "locationName": "subnetId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC the subnet is in.</p>", + "locationName": "vpcId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the subnet.</p>", + "locationName": "ownerId" + }, + "AssignIpv6AddressOnCreation": { + "shape": "Boolean", + "documentation": "<p>Indicates whether a network interface created in this subnet (including a network interface created by <a>RunInstances</a>) receives an IPv6 address.</p>", + "locationName": "assignIpv6AddressOnCreation" + }, + "Ipv6CidrBlockAssociationSet": { + "shape": "SubnetIpv6CidrBlockAssociationSet", + "documentation": "<p>Information about the IPv6 CIDR blocks associated with the subnet.</p>", + "locationName": "ipv6CidrBlockAssociationSet" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the subnet.</p>", + "locationName": "tagSet" + }, + "SubnetArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the subnet.</p>", + "locationName": "subnetArn" + } + }, + "documentation": "<p>Describes a subnet.</p>" + }, + "SubnetCidrBlockState": { + "type": "structure", + "members": { + "State": { + "shape": "SubnetCidrBlockStateCode", + "documentation": "<p>The state of a CIDR block.</p>", + "locationName": "state" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A message about the status of the CIDR block, if applicable.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes the state of a CIDR block.</p>" + }, + "SubnetCidrBlockStateCode": { + "type": "string", + "enum": [ + "associating", + "associated", + "disassociating", + "disassociated", + "failing", + "failed" + ] + }, + "SubnetIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "SubnetId" + } + }, + "SubnetIpv6CidrBlockAssociation": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID for the CIDR block.</p>", + "locationName": "associationId" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block.</p>", + "locationName": "ipv6CidrBlock" + }, + "Ipv6CidrBlockState": { + "shape": "SubnetCidrBlockState", + "documentation": "<p>Information about the state of the CIDR block.</p>", + "locationName": "ipv6CidrBlockState" + } + }, + "documentation": "<p>Describes an IPv6 CIDR block associated with a subnet.</p>" + }, + "SubnetIpv6CidrBlockAssociationSet": { + "type": "list", + "member": { + "shape": "SubnetIpv6CidrBlockAssociation", + "locationName": "item" + } + }, + "SubnetList": { + "type": "list", + "member": { + "shape": "Subnet", + "locationName": "item" + } + }, + "SubnetState": { + "type": "string", + "enum": [ + "pending", + "available" + ] + }, + "SuccessfulInstanceCreditSpecificationItem": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + } + }, + "documentation": "<p>Describes the T2 or T3 instance whose credit option for CPU usage was successfully modified.</p>" + }, + "SuccessfulInstanceCreditSpecificationSet": { + "type": "list", + "member": { + "shape": "SuccessfulInstanceCreditSpecificationItem", + "locationName": "item" + } + }, + "SummaryStatus": { + "type": "string", + "enum": [ + "ok", + "impaired", + "insufficient-data", + "not-applicable", + "initializing" + ] + }, + "Tag": { + "type": "structure", + "members": { + "Key": { + "shape": "String", + "documentation": "<p>The key of the tag.</p> <p>Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with <code>aws:</code>.</p>", + "locationName": "key" + }, + "Value": { + "shape": "String", + "documentation": "<p>The value of the tag.</p> <p>Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.</p>", + "locationName": "value" + } + }, + "documentation": "<p>Describes a tag.</p>" + }, + "TagDescription": { + "type": "structure", + "members": { + "Key": { + "shape": "String", + "documentation": "<p>The tag key.</p>", + "locationName": "key" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "ResourceType": { + "shape": "ResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + }, + "Value": { + "shape": "String", + "documentation": "<p>The tag value.</p>", + "locationName": "value" + } + }, + "documentation": "<p>Describes a tag.</p>" + }, + "TagDescriptionList": { + "type": "list", + "member": { + "shape": "TagDescription", + "locationName": "item" + } + }, + "TagList": { + "type": "list", + "member": { + "shape": "Tag", + "locationName": "item" + } + }, + "TagSpecification": { + "type": "structure", + "members": { + "ResourceType": { + "shape": "ResourceType", + "documentation": "<p>The type of resource to tag. Currently, the resource types that support tagging on creation are <code>fleet</code>, <code>dedicated-host</code>, <code>instance</code>, <code>snapshot</code>, and <code>volume</code>. To tag a resource after it has been created, see <a>CreateTags</a>.</p>", + "locationName": "resourceType" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags to apply to the resource.</p>", + "locationName": "Tag" + } + }, + "documentation": "<p>The tags to apply to a resource when the resource is being created.</p>" + }, + "TagSpecificationList": { + "type": "list", + "member": { + "shape": "TagSpecification", + "locationName": "item" + } + }, + "TargetCapacitySpecification": { + "type": "structure", + "members": { + "TotalTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of units to request, filled using <code>DefaultTargetCapacityType</code>.</p>", + "locationName": "totalTargetCapacity" + }, + "OnDemandTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of On-Demand units to request.</p>", + "locationName": "onDemandTargetCapacity" + }, + "SpotTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The maximum number of Spot units to launch.</p>", + "locationName": "spotTargetCapacity" + }, + "DefaultTargetCapacityType": { + "shape": "DefaultTargetCapacityType", + "documentation": "<p>The default <code>TotalTargetCapacity</code>, which is either <code>Spot</code> or <code>On-Demand</code>.</p>", + "locationName": "defaultTargetCapacityType" + } + }, + "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>" + }, + "TargetCapacitySpecificationRequest": { + "type": "structure", + "required": [ + "TotalTargetCapacity" + ], + "members": { + "TotalTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of units to request, filled using <code>DefaultTargetCapacityType</code>.</p>" + }, + "OnDemandTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of On-Demand units to request.</p>" + }, + "SpotTargetCapacity": { + "shape": "Integer", + "documentation": "<p>The number of Spot units to request.</p>" + }, + "DefaultTargetCapacityType": { + "shape": "DefaultTargetCapacityType", + "documentation": "<p>The default <code>TotalTargetCapacity</code>, which is either <code>Spot</code> or <code>On-Demand</code>.</p>" + } + }, + "documentation": "<p>The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is <code>maintain</code>, you can specify a target capacity of 0 and add capacity later.</p>" + }, + "TargetConfiguration": { + "type": "structure", + "members": { + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances the Convertible Reserved Instance offering can be applied to. This parameter is reserved and cannot be specified in a request</p>", + "locationName": "instanceCount" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The ID of the Convertible Reserved Instance offering.</p>", + "locationName": "offeringId" + } + }, + "documentation": "<p>Information about the Convertible Reserved Instance offering.</p>" + }, + "TargetConfigurationRequest": { + "type": "structure", + "required": [ + "OfferingId" + ], + "members": { + "InstanceCount": { + "shape": "Integer", + "documentation": "<p>The number of instances the Covertible Reserved Instance offering can be applied to. This parameter is reserved and cannot be specified in a request</p>" + }, + "OfferingId": { + "shape": "String", + "documentation": "<p>The Convertible Reserved Instance offering ID.</p>" + } + }, + "documentation": "<p>Details about the target configuration.</p>" + }, + "TargetConfigurationRequestSet": { + "type": "list", + "member": { + "shape": "TargetConfigurationRequest", + "locationName": "TargetConfigurationRequest" + } + }, + "TargetGroup": { + "type": "structure", + "members": { + "Arn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the target group.</p>", + "locationName": "arn" + } + }, + "documentation": "<p>Describes a load balancer target group.</p>" + }, + "TargetGroups": { + "type": "list", + "member": { + "shape": "TargetGroup", + "locationName": "item" + }, + "max": 5, + "min": 1 + }, + "TargetGroupsConfig": { + "type": "structure", + "members": { + "TargetGroups": { + "shape": "TargetGroups", + "documentation": "<p>One or more target groups.</p>", + "locationName": "targetGroups" + } + }, + "documentation": "<p>Describes the target groups to attach to a Spot Fleet. Spot Fleet registers the running Spot Instances with these target groups.</p>" + }, + "TargetNetwork": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The ID of the association.</p>", + "locationName": "associationId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC in which the target network (subnet) is located.</p>", + "locationName": "vpcId" + }, + "TargetNetworkId": { + "shape": "String", + "documentation": "<p>The ID of the subnet specified as the target network.</p>", + "locationName": "targetNetworkId" + }, + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint with which the target network is associated.</p>", + "locationName": "clientVpnEndpointId" + }, + "Status": { + "shape": "AssociationStatus", + "documentation": "<p>The current state of the target network association.</p>", + "locationName": "status" + }, + "SecurityGroups": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the security groups applied to the target network association.</p>", + "locationName": "securityGroups" + } + }, + "documentation": "<p>Describes a target network associated with a Client VPN endpoint.</p>" + }, + "TargetNetworkSet": { + "type": "list", + "member": { + "shape": "TargetNetwork", + "locationName": "item" + } + }, + "TargetReservationValue": { + "type": "structure", + "members": { + "ReservationValue": { + "shape": "ReservationValue", + "documentation": "<p>The total value of the Convertible Reserved Instances that make up the exchange. This is the sum of the list value, remaining upfront price, and additional upfront cost of the exchange.</p>", + "locationName": "reservationValue" + }, + "TargetConfiguration": { + "shape": "TargetConfiguration", + "documentation": "<p>The configuration of the Convertible Reserved Instances that make up the exchange.</p>", + "locationName": "targetConfiguration" + } + }, + "documentation": "<p>The total value of the new Convertible Reserved Instances.</p>" + }, + "TargetReservationValueSet": { + "type": "list", + "member": { + "shape": "TargetReservationValue", + "locationName": "item" + } + }, + "TelemetryStatus": { + "type": "string", + "enum": [ + "UP", + "DOWN" + ] + }, + "Tenancy": { + "type": "string", + "enum": [ + "default", + "dedicated", + "host" + ] + }, + "TerminateClientVpnConnectionsRequest": { + "type": "structure", + "required": [ + "ClientVpnEndpointId" + ], + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint to which the client is connected.</p>" + }, + "ConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the client connection to be terminated.</p>" + }, + "Username": { + "shape": "String", + "documentation": "<p>The name of the user who initiated the connection. Use this option to terminate all active connections for the specified user. This option can only be used if the user has established up to five connections.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "TerminateClientVpnConnectionsResult": { + "type": "structure", + "members": { + "ClientVpnEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the Client VPN endpoint.</p>", + "locationName": "clientVpnEndpointId" + }, + "Username": { + "shape": "String", + "documentation": "<p>The user who established the terminated client connections.</p>", + "locationName": "username" + }, + "ConnectionStatuses": { + "shape": "TerminateConnectionStatusSet", + "documentation": "<p>The current state of the client connections.</p>", + "locationName": "connectionStatuses" + } + } + }, + "TerminateConnectionStatus": { + "type": "structure", + "members": { + "ConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the client connection.</p>", + "locationName": "connectionId" + }, + "PreviousStatus": { + "shape": "ClientVpnConnectionStatus", + "documentation": "<p>The state of the client connection.</p>", + "locationName": "previousStatus" + }, + "CurrentStatus": { + "shape": "ClientVpnConnectionStatus", + "documentation": "<p>A message about the status of the client connection, if applicable.</p>", + "locationName": "currentStatus" + } + }, + "documentation": "<p>Information about a terminated Client VPN endpoint client connection.</p>" + }, + "TerminateConnectionStatusSet": { + "type": "list", + "member": { + "shape": "TerminateConnectionStatus", + "locationName": "item" + } + }, + "TerminateInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The IDs of the instances.</p> <p>Constraints: Up to 1000 instance IDs. We recommend breaking up this request into smaller batches.</p>", + "locationName": "InstanceId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "TerminateInstancesResult": { + "type": "structure", + "members": { + "TerminatingInstances": { + "shape": "InstanceStateChangeList", + "documentation": "<p>Information about the terminated instances.</p>", + "locationName": "instancesSet" + } + } + }, + "TrafficDirection": { + "type": "string", + "enum": [ + "ingress", + "egress" + ] + }, + "TrafficMirrorFilter": { + "type": "structure", + "members": { + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>", + "locationName": "trafficMirrorFilterId" + }, + "IngressFilterRules": { + "shape": "TrafficMirrorFilterRuleList", + "documentation": "<p>Information about the ingress rules that are associated with the Traffic Mirror filter.</p>", + "locationName": "ingressFilterRuleSet" + }, + "EgressFilterRules": { + "shape": "TrafficMirrorFilterRuleList", + "documentation": "<p>Information about the egress rules that are associated with the Traffic Mirror filter.</p>", + "locationName": "egressFilterRuleSet" + }, + "NetworkServices": { + "shape": "TrafficMirrorNetworkServiceList", + "documentation": "<p>The network service traffic that is associated with the Traffic Mirror filter.</p>", + "locationName": "networkServiceSet" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror filter.</p>", + "locationName": "description" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags assigned to the Traffic Mirror filter.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes the Traffic Mirror filter.</p>" + }, + "TrafficMirrorFilterRule": { + "type": "structure", + "members": { + "TrafficMirrorFilterRuleId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror rule.</p>", + "locationName": "trafficMirrorFilterRuleId" + }, + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter that the rule is associated with.</p>", + "locationName": "trafficMirrorFilterId" + }, + "TrafficDirection": { + "shape": "TrafficDirection", + "documentation": "<p>The traffic direction assigned to the Traffic Mirror rule.</p>", + "locationName": "trafficDirection" + }, + "RuleNumber": { + "shape": "Integer", + "documentation": "<p>The rule number of the Traffic Mirror rule.</p>", + "locationName": "ruleNumber" + }, + "RuleAction": { + "shape": "TrafficMirrorRuleAction", + "documentation": "<p>The action assigned to the Traffic Mirror rule.</p>", + "locationName": "ruleAction" + }, + "Protocol": { + "shape": "Integer", + "documentation": "<p>The protocol assigned to the Traffic Mirror rule.</p>", + "locationName": "protocol" + }, + "DestinationPortRange": { + "shape": "TrafficMirrorPortRange", + "documentation": "<p>The destination port range assigned to the Traffic Mirror rule.</p>", + "locationName": "destinationPortRange" + }, + "SourcePortRange": { + "shape": "TrafficMirrorPortRange", + "documentation": "<p>The source port range assigned to the Traffic Mirror rule.</p>", + "locationName": "sourcePortRange" + }, + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The destination CIDR block assigned to the Traffic Mirror rule.</p>", + "locationName": "destinationCidrBlock" + }, + "SourceCidrBlock": { + "shape": "String", + "documentation": "<p>The source CIDR block assigned to the Traffic Mirror rule.</p>", + "locationName": "sourceCidrBlock" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror rule.</p>", + "locationName": "description" + } + }, + "documentation": "<p>Describes the Traffic Mirror rule.</p>" + }, + "TrafficMirrorFilterRuleField": { + "type": "string", + "enum": [ + "destination-port-range", + "source-port-range", + "protocol", + "description" + ] + }, + "TrafficMirrorFilterRuleFieldList": { + "type": "list", + "member": { + "shape": "TrafficMirrorFilterRuleField" + } + }, + "TrafficMirrorFilterRuleList": { + "type": "list", + "member": { + "shape": "TrafficMirrorFilterRule", + "locationName": "item" + } + }, + "TrafficMirrorFilterSet": { + "type": "list", + "member": { + "shape": "TrafficMirrorFilter", + "locationName": "item" + } + }, + "TrafficMirrorNetworkService": { + "type": "string", + "enum": [ + "amazon-dns" + ] + }, + "TrafficMirrorNetworkServiceList": { + "type": "list", + "member": { + "shape": "TrafficMirrorNetworkService", + "locationName": "item" + } + }, + "TrafficMirrorPortRange": { + "type": "structure", + "members": { + "FromPort": { + "shape": "Integer", + "documentation": "<p>The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.</p>", + "locationName": "fromPort" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.</p>", + "locationName": "toPort" + } + }, + "documentation": "<p>Describes the Traffic Mirror port range.</p>" + }, + "TrafficMirrorPortRangeRequest": { + "type": "structure", + "members": { + "FromPort": { + "shape": "Integer", + "documentation": "<p>The first port in the Traffic Mirror port range. This applies to the TCP and UDP protocols.</p>" + }, + "ToPort": { + "shape": "Integer", + "documentation": "<p>The last port in the Traffic Mirror port range. This applies to the TCP and UDP protocols.</p>" + } + }, + "documentation": "<p>Information about the Traffic Mirror filter rule port range.</p>" + }, + "TrafficMirrorRuleAction": { + "type": "string", + "enum": [ + "accept", + "reject" + ] + }, + "TrafficMirrorSession": { + "type": "structure", + "members": { + "TrafficMirrorSessionId": { + "shape": "String", + "documentation": "<p>The ID for the Traffic Mirror session.</p>", + "locationName": "trafficMirrorSessionId" + }, + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror target.</p>", + "locationName": "trafficMirrorTargetId" + }, + "TrafficMirrorFilterId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror filter.</p>", + "locationName": "trafficMirrorFilterId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror session's network interface.</p>", + "locationName": "networkInterfaceId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the account that owns the Traffic Mirror session.</p>", + "locationName": "ownerId" + }, + "PacketLength": { + "shape": "Integer", + "documentation": "<p>The number of bytes in each packet to mirror. These are the bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet</p>", + "locationName": "packetLength" + }, + "SessionNumber": { + "shape": "Integer", + "documentation": "<p>The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.</p> <p>Valid values are 1-32766.</p>", + "locationName": "sessionNumber" + }, + "VirtualNetworkId": { + "shape": "Integer", + "documentation": "<p>The virtual network ID associated with the Traffic Mirror session.</p>", + "locationName": "virtualNetworkId" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the Traffic Mirror session.</p>", + "locationName": "description" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags assigned to the Traffic Mirror session.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a Traffic Mirror session.</p>" + }, + "TrafficMirrorSessionField": { + "type": "string", + "enum": [ + "packet-length", + "description", + "virtual-network-id" + ] + }, + "TrafficMirrorSessionFieldList": { + "type": "list", + "member": { + "shape": "TrafficMirrorSessionField" + } + }, + "TrafficMirrorSessionSet": { + "type": "list", + "member": { + "shape": "TrafficMirrorSession", + "locationName": "item" + } + }, + "TrafficMirrorTarget": { + "type": "structure", + "members": { + "TrafficMirrorTargetId": { + "shape": "String", + "documentation": "<p>The ID of the Traffic Mirror target.</p>", + "locationName": "trafficMirrorTargetId" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The network interface ID that is attached to the target.</p>", + "locationName": "networkInterfaceId" + }, + "NetworkLoadBalancerArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the Network Load Balancer.</p>", + "locationName": "networkLoadBalancerArn" + }, + "Type": { + "shape": "TrafficMirrorTargetType", + "documentation": "<p>The type of Traffic Mirror target.</p>", + "locationName": "type" + }, + "Description": { + "shape": "String", + "documentation": "<p>Information about the Traffic Mirror target.</p>", + "locationName": "description" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the account that owns the Traffic Mirror target.</p>", + "locationName": "ownerId" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags assigned to the Traffic Mirror target.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a Traffic Mirror target.</p>" + }, + "TrafficMirrorTargetSet": { + "type": "list", + "member": { + "shape": "TrafficMirrorTarget", + "locationName": "item" + } + }, + "TrafficMirrorTargetType": { + "type": "string", + "enum": [ + "network-interface", + "network-load-balancer" + ] + }, + "TrafficMirroringMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "TrafficType": { + "type": "string", + "enum": [ + "ACCEPT", + "REJECT", + "ALL" + ] + }, + "TransitGateway": { + "type": "structure", + "members": { + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>", + "locationName": "transitGatewayId" + }, + "TransitGatewayArn": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the transit gateway.</p>", + "locationName": "transitGatewayArn" + }, + "State": { + "shape": "TransitGatewayState", + "documentation": "<p>The state of the transit gateway.</p>", + "locationName": "state" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account ID that owns the transit gateway.</p>", + "locationName": "ownerId" + }, + "Description": { + "shape": "String", + "documentation": "<p>The description of the transit gateway.</p>", + "locationName": "description" + }, + "CreationTime": { + "shape": "DateTime", + "documentation": "<p>The creation time.</p>", + "locationName": "creationTime" + }, + "Options": { + "shape": "TransitGatewayOptions", + "documentation": "<p>The transit gateway options.</p>", + "locationName": "options" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the transit gateway.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a transit gateway.</p>" + }, + "TransitGatewayAssociation": { + "type": "structure", + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>", + "locationName": "transitGatewayRouteTableId" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + }, + "State": { + "shape": "TransitGatewayAssociationState", + "documentation": "<p>The state of the association.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes an association between a resource attachment and a transit gateway route table.</p>" + }, + "TransitGatewayAssociationState": { + "type": "string", + "enum": [ + "associating", + "associated", + "disassociating", + "disassociated" + ] + }, + "TransitGatewayAttachment": { + "type": "structure", + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>", + "locationName": "transitGatewayId" + }, + "TransitGatewayOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the transit gateway.</p>", + "locationName": "transitGatewayOwnerId" + }, + "ResourceOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the resource.</p>", + "locationName": "resourceOwnerId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "State": { + "shape": "TransitGatewayAttachmentState", + "documentation": "<p>The attachment state.</p>", + "locationName": "state" + }, + "Association": { + "shape": "TransitGatewayAttachmentAssociation", + "documentation": "<p>The association.</p>", + "locationName": "association" + }, + "CreationTime": { + "shape": "DateTime", + "documentation": "<p>The creation time.</p>", + "locationName": "creationTime" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the attachment.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes an attachment between a resource and a transit gateway.</p>" + }, + "TransitGatewayAttachmentAssociation": { + "type": "structure", + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the route table for the transit gateway.</p>", + "locationName": "transitGatewayRouteTableId" + }, + "State": { + "shape": "TransitGatewayAssociationState", + "documentation": "<p>The state of the association.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes an association.</p>" + }, + "TransitGatewayAttachmentIdStringList": { + "type": "list", + "member": { + "shape": "String" + } + }, + "TransitGatewayAttachmentList": { + "type": "list", + "member": { + "shape": "TransitGatewayAttachment", + "locationName": "item" + } + }, + "TransitGatewayAttachmentPropagation": { + "type": "structure", + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the propagation route table.</p>", + "locationName": "transitGatewayRouteTableId" + }, + "State": { + "shape": "TransitGatewayPropagationState", + "documentation": "<p>The state of the propagation route table.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a propagation route table.</p>" + }, + "TransitGatewayAttachmentPropagationList": { + "type": "list", + "member": { + "shape": "TransitGatewayAttachmentPropagation", + "locationName": "item" + } + }, + "TransitGatewayAttachmentResourceType": { + "type": "string", + "enum": [ + "vpc", + "vpn", + "direct-connect-gateway" + ] + }, + "TransitGatewayAttachmentState": { + "type": "string", + "enum": [ + "pendingAcceptance", + "rollingBack", + "pending", + "available", + "modifying", + "deleting", + "deleted", + "failed", + "rejected", + "rejecting", + "failing" + ] + }, + "TransitGatewayIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "TransitGatewayList": { + "type": "list", + "member": { + "shape": "TransitGateway", + "locationName": "item" + } + }, + "TransitGatewayMaxResults": { + "type": "integer", + "max": 1000, + "min": 5 + }, + "TransitGatewayOptions": { + "type": "structure", + "members": { + "AmazonSideAsn": { + "shape": "Long", + "documentation": "<p>A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.</p>", + "locationName": "amazonSideAsn" + }, + "AutoAcceptSharedAttachments": { + "shape": "AutoAcceptSharedAttachmentsValue", + "documentation": "<p>Indicates whether attachment requests are automatically accepted.</p>", + "locationName": "autoAcceptSharedAttachments" + }, + "DefaultRouteTableAssociation": { + "shape": "DefaultRouteTableAssociationValue", + "documentation": "<p>Indicates whether resource attachments are automatically associated with the default association route table.</p>", + "locationName": "defaultRouteTableAssociation" + }, + "AssociationDefaultRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the default association route table.</p>", + "locationName": "associationDefaultRouteTableId" + }, + "DefaultRouteTablePropagation": { + "shape": "DefaultRouteTablePropagationValue", + "documentation": "<p>Indicates whether resource attachments automatically propagate routes to the default propagation route table.</p>", + "locationName": "defaultRouteTablePropagation" + }, + "PropagationDefaultRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the default propagation route table.</p>", + "locationName": "propagationDefaultRouteTableId" + }, + "VpnEcmpSupport": { + "shape": "VpnEcmpSupportValue", + "documentation": "<p>Indicates whether Equal Cost Multipath Protocol support is enabled.</p>", + "locationName": "vpnEcmpSupport" + }, + "DnsSupport": { + "shape": "DnsSupportValue", + "documentation": "<p>Indicates whether DNS support is enabled.</p>", + "locationName": "dnsSupport" + } + }, + "documentation": "<p>Describes the options for a transit gateway.</p>" + }, + "TransitGatewayPropagation": { + "type": "structure", + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + }, + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>", + "locationName": "transitGatewayRouteTableId" + }, + "State": { + "shape": "TransitGatewayPropagationState", + "documentation": "<p>The state.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes route propagation.</p>" + }, + "TransitGatewayPropagationState": { + "type": "string", + "enum": [ + "enabling", + "enabled", + "disabling", + "disabled" + ] + }, + "TransitGatewayRequestOptions": { + "type": "structure", + "members": { + "AmazonSideAsn": { + "shape": "Long", + "documentation": "<p>A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.</p>" + }, + "AutoAcceptSharedAttachments": { + "shape": "AutoAcceptSharedAttachmentsValue", + "documentation": "<p>Enable or disable automatic acceptance of attachment requests. The default is <code>disable</code>.</p>" + }, + "DefaultRouteTableAssociation": { + "shape": "DefaultRouteTableAssociationValue", + "documentation": "<p>Enable or disable automatic association with the default association route table. The default is <code>enable</code>.</p>" + }, + "DefaultRouteTablePropagation": { + "shape": "DefaultRouteTablePropagationValue", + "documentation": "<p>Enable or disable automatic propagation of routes to the default propagation route table. The default is <code>enable</code>.</p>" + }, + "VpnEcmpSupport": { + "shape": "VpnEcmpSupportValue", + "documentation": "<p>Enable or disable Equal Cost Multipath Protocol support.</p>" + }, + "DnsSupport": { + "shape": "DnsSupportValue", + "documentation": "<p>Enable or disable DNS support.</p>" + } + }, + "documentation": "<p>Describes the options for a transit gateway.</p>" + }, + "TransitGatewayRoute": { + "type": "structure", + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR block used for destination matches.</p>", + "locationName": "destinationCidrBlock" + }, + "TransitGatewayAttachments": { + "shape": "TransitGatewayRouteAttachmentList", + "documentation": "<p>The attachments.</p>", + "locationName": "transitGatewayAttachments" + }, + "Type": { + "shape": "TransitGatewayRouteType", + "documentation": "<p>The route type.</p>", + "locationName": "type" + }, + "State": { + "shape": "TransitGatewayRouteState", + "documentation": "<p>The state of the route.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a route for a transit gateway route table.</p>" + }, + "TransitGatewayRouteAttachment": { + "type": "structure", + "members": { + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + } + }, + "documentation": "<p>Describes a route attachment.</p>" + }, + "TransitGatewayRouteAttachmentList": { + "type": "list", + "member": { + "shape": "TransitGatewayRouteAttachment", + "locationName": "item" + } + }, + "TransitGatewayRouteList": { + "type": "list", + "member": { + "shape": "TransitGatewayRoute", + "locationName": "item" + } + }, + "TransitGatewayRouteState": { + "type": "string", + "enum": [ + "pending", + "active", + "blackhole", + "deleting", + "deleted" + ] + }, + "TransitGatewayRouteTable": { + "type": "structure", + "members": { + "TransitGatewayRouteTableId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway route table.</p>", + "locationName": "transitGatewayRouteTableId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>", + "locationName": "transitGatewayId" + }, + "State": { + "shape": "TransitGatewayRouteTableState", + "documentation": "<p>The state of the transit gateway route table.</p>", + "locationName": "state" + }, + "DefaultAssociationRouteTable": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is the default association route table for the transit gateway.</p>", + "locationName": "defaultAssociationRouteTable" + }, + "DefaultPropagationRouteTable": { + "shape": "Boolean", + "documentation": "<p>Indicates whether this is the default propagation route table for the transit gateway.</p>", + "locationName": "defaultPropagationRouteTable" + }, + "CreationTime": { + "shape": "DateTime", + "documentation": "<p>The creation time.</p>", + "locationName": "creationTime" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the route table.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a transit gateway route table.</p>" + }, + "TransitGatewayRouteTableAssociation": { + "type": "structure", + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The resource type.</p>", + "locationName": "resourceType" + }, + "State": { + "shape": "TransitGatewayAssociationState", + "documentation": "<p>The state of the association.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes an association between a route table and a resource attachment.</p>" + }, + "TransitGatewayRouteTableAssociationList": { + "type": "list", + "member": { + "shape": "TransitGatewayRouteTableAssociation", + "locationName": "item" + } + }, + "TransitGatewayRouteTableIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "TransitGatewayRouteTableList": { + "type": "list", + "member": { + "shape": "TransitGatewayRouteTable", + "locationName": "item" + } + }, + "TransitGatewayRouteTablePropagation": { + "type": "structure", + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + }, + "ResourceType": { + "shape": "TransitGatewayAttachmentResourceType", + "documentation": "<p>The type of resource.</p>", + "locationName": "resourceType" + }, + "State": { + "shape": "TransitGatewayPropagationState", + "documentation": "<p>The state of the resource.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a route table propagation.</p>" + }, + "TransitGatewayRouteTablePropagationList": { + "type": "list", + "member": { + "shape": "TransitGatewayRouteTablePropagation", + "locationName": "item" + } + }, + "TransitGatewayRouteTableState": { + "type": "string", + "enum": [ + "pending", + "available", + "deleting", + "deleted" + ] + }, + "TransitGatewayRouteType": { + "type": "string", + "enum": [ + "static", + "propagated" + ] + }, + "TransitGatewayState": { + "type": "string", + "enum": [ + "pending", + "available", + "modifying", + "deleting", + "deleted" + ] + }, + "TransitGatewayVpcAttachment": { + "type": "structure", + "members": { + "TransitGatewayAttachmentId": { + "shape": "String", + "documentation": "<p>The ID of the attachment.</p>", + "locationName": "transitGatewayAttachmentId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway.</p>", + "locationName": "transitGatewayId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "VpcOwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the VPC.</p>", + "locationName": "vpcOwnerId" + }, + "State": { + "shape": "TransitGatewayAttachmentState", + "documentation": "<p>The state of the VPC attachment.</p>", + "locationName": "state" + }, + "SubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>The IDs of the subnets.</p>", + "locationName": "subnetIds" + }, + "CreationTime": { + "shape": "DateTime", + "documentation": "<p>The creation time.</p>", + "locationName": "creationTime" + }, + "Options": { + "shape": "TransitGatewayVpcAttachmentOptions", + "documentation": "<p>The VPC attachment options.</p>", + "locationName": "options" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>The tags for the VPC attachment.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a VPC attachment.</p>" + }, + "TransitGatewayVpcAttachmentList": { + "type": "list", + "member": { + "shape": "TransitGatewayVpcAttachment", + "locationName": "item" + } + }, + "TransitGatewayVpcAttachmentOptions": { + "type": "structure", + "members": { + "DnsSupport": { + "shape": "DnsSupportValue", + "documentation": "<p>Indicates whether DNS support is enabled.</p>", + "locationName": "dnsSupport" + }, + "Ipv6Support": { + "shape": "Ipv6SupportValue", + "documentation": "<p>Indicates whether IPv6 support is enabled.</p>", + "locationName": "ipv6Support" + } + }, + "documentation": "<p>Describes the VPC attachment options.</p>" + }, + "TransportProtocol": { + "type": "string", + "enum": [ + "tcp", + "udp" + ] + }, + "TunnelOptionsList": { + "type": "list", + "member": { + "shape": "VpnTunnelOptionsSpecification", + "locationName": "item" + } + }, + "UnassignIpv6AddressesRequest": { + "type": "structure", + "required": [ + "Ipv6Addresses", + "NetworkInterfaceId" + ], + "members": { + "Ipv6Addresses": { + "shape": "Ipv6AddressList", + "documentation": "<p>The IPv6 addresses to unassign from the network interface.</p>", + "locationName": "ipv6Addresses" + }, + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + } + } + }, + "UnassignIpv6AddressesResult": { + "type": "structure", + "members": { + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "UnassignedIpv6Addresses": { + "shape": "Ipv6AddressList", + "documentation": "<p>The IPv6 addresses that have been unassigned from the network interface.</p>", + "locationName": "unassignedIpv6Addresses" + } + } + }, + "UnassignPrivateIpAddressesRequest": { + "type": "structure", + "required": [ + "NetworkInterfaceId", + "PrivateIpAddresses" + ], + "members": { + "NetworkInterfaceId": { + "shape": "String", + "documentation": "<p>The ID of the network interface.</p>", + "locationName": "networkInterfaceId" + }, + "PrivateIpAddresses": { + "shape": "PrivateIpAddressStringList", + "documentation": "<p>The secondary private IP addresses to unassign from the network interface. You can specify this option multiple times to unassign more than one IP address.</p>", + "locationName": "privateIpAddress" + } + }, + "documentation": "<p>Contains the parameters for UnassignPrivateIpAddresses.</p>" + }, + "UnmonitorInstancesRequest": { + "type": "structure", + "required": [ + "InstanceIds" + ], + "members": { + "InstanceIds": { + "shape": "InstanceIdStringList", + "documentation": "<p>The IDs of the instances.</p>", + "locationName": "InstanceId" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>", + "locationName": "dryRun" + } + } + }, + "UnmonitorInstancesResult": { + "type": "structure", + "members": { + "InstanceMonitorings": { + "shape": "InstanceMonitoringList", + "documentation": "<p>The monitoring information.</p>", + "locationName": "instancesSet" + } + } + }, + "UnsuccessfulInstanceCreditSpecificationErrorCode": { + "type": "string", + "enum": [ + "InvalidInstanceID.Malformed", + "InvalidInstanceID.NotFound", + "IncorrectInstanceState", + "InstanceCreditSpecification.NotSupported" + ] + }, + "UnsuccessfulInstanceCreditSpecificationItem": { + "type": "structure", + "members": { + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "Error": { + "shape": "UnsuccessfulInstanceCreditSpecificationItemError", + "documentation": "<p>The applicable error for the T2 or T3 instance whose credit option for CPU usage was not modified.</p>", + "locationName": "error" + } + }, + "documentation": "<p>Describes the T2 or T3 instance whose credit option for CPU usage was not modified.</p>" + }, + "UnsuccessfulInstanceCreditSpecificationItemError": { + "type": "structure", + "members": { + "Code": { + "shape": "UnsuccessfulInstanceCreditSpecificationErrorCode", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The applicable error message.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Information about the error for the T2 or T3 instance whose credit option for CPU usage was not modified.</p>" + }, + "UnsuccessfulInstanceCreditSpecificationSet": { + "type": "list", + "member": { + "shape": "UnsuccessfulInstanceCreditSpecificationItem", + "locationName": "item" + } + }, + "UnsuccessfulItem": { + "type": "structure", + "members": { + "Error": { + "shape": "UnsuccessfulItemError", + "documentation": "<p>Information about the error.</p>", + "locationName": "error" + }, + "ResourceId": { + "shape": "String", + "documentation": "<p>The ID of the resource.</p>", + "locationName": "resourceId" + } + }, + "documentation": "<p>Information about items that were not successfully processed in a batch call.</p>" + }, + "UnsuccessfulItemError": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The error code.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>The error message accompanying the error code.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Information about the error that occurred. For more information about errors, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html\">Error Codes</a>.</p>" + }, + "UnsuccessfulItemList": { + "type": "list", + "member": { + "shape": "UnsuccessfulItem", + "locationName": "item" + } + }, + "UnsuccessfulItemSet": { + "type": "list", + "member": { + "shape": "UnsuccessfulItem", + "locationName": "item" + } + }, + "UpdateSecurityGroupRuleDescriptionsEgressRequest": { + "type": "structure", + "required": [ + "IpPermissions" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>[Default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The IP permissions for the security group rule.</p>" + } + } + }, + "UpdateSecurityGroupRuleDescriptionsEgressResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>", + "locationName": "return" + } + } + }, + "UpdateSecurityGroupRuleDescriptionsIngressRequest": { + "type": "structure", + "required": [ + "IpPermissions" + ], + "members": { + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.</p>" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.</p>" + }, + "IpPermissions": { + "shape": "IpPermissionList", + "documentation": "<p>The IP permissions for the security group rule. </p>" + } + } + }, + "UpdateSecurityGroupRuleDescriptionsIngressResult": { + "type": "structure", + "members": { + "Return": { + "shape": "Boolean", + "documentation": "<p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>", + "locationName": "return" + } + } + }, + "UserBucket": { + "type": "structure", + "members": { + "S3Bucket": { + "shape": "String", + "documentation": "<p>The name of the S3 bucket where the disk image is located.</p>" + }, + "S3Key": { + "shape": "String", + "documentation": "<p>The file name of the disk image.</p>" + } + }, + "documentation": "<p>Describes the S3 bucket for the disk image.</p>" + }, + "UserBucketDetails": { + "type": "structure", + "members": { + "S3Bucket": { + "shape": "String", + "documentation": "<p>The S3 bucket from which the disk image was created.</p>", + "locationName": "s3Bucket" + }, + "S3Key": { + "shape": "String", + "documentation": "<p>The file name of the disk image.</p>", + "locationName": "s3Key" + } + }, + "documentation": "<p>Describes the S3 bucket for the disk image.</p>" + }, + "UserData": { + "type": "structure", + "members": { + "Data": { + "shape": "String", + "documentation": "<p>The user data. If you are using an AWS SDK or command line tool, Base64-encoding is performed for you, and you can load the text from a file. Otherwise, you must provide Base64-encoded text.</p>", + "locationName": "data" + } + }, + "documentation": "<p>Describes the user data for an instance.</p>" + }, + "UserGroupStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "UserGroup" + } + }, + "UserIdGroupPair": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description for the security group rule that references this user ID group pair.</p> <p>Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*</p>", + "locationName": "description" + }, + "GroupId": { + "shape": "String", + "documentation": "<p>The ID of the security group.</p>", + "locationName": "groupId" + }, + "GroupName": { + "shape": "String", + "documentation": "<p>The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID. </p> <p>For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.</p>", + "locationName": "groupName" + }, + "PeeringStatus": { + "shape": "String", + "documentation": "<p>The status of a VPC peering connection, if applicable.</p>", + "locationName": "peeringStatus" + }, + "UserId": { + "shape": "String", + "documentation": "<p>The ID of an AWS account.</p> <p>For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.</p> <p>[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.</p>", + "locationName": "userId" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC for the referenced security group, if applicable.</p>", + "locationName": "vpcId" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection, if applicable.</p>", + "locationName": "vpcPeeringConnectionId" + } + }, + "documentation": "<p>Describes a security group and AWS account ID pair.</p>" + }, + "UserIdGroupPairList": { + "type": "list", + "member": { + "shape": "UserIdGroupPair", + "locationName": "item" + } + }, + "UserIdGroupPairSet": { + "type": "list", + "member": { + "shape": "UserIdGroupPair", + "locationName": "item" + } + }, + "UserIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "UserId" + } + }, + "ValueStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "VersionDescription": { + "type": "string", + "max": 255 + }, + "VersionStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "item" + } + }, + "VgwTelemetry": { + "type": "structure", + "members": { + "AcceptedRouteCount": { + "shape": "Integer", + "documentation": "<p>The number of accepted routes.</p>", + "locationName": "acceptedRouteCount" + }, + "LastStatusChange": { + "shape": "DateTime", + "documentation": "<p>The date and time of the last change in status.</p>", + "locationName": "lastStatusChange" + }, + "OutsideIpAddress": { + "shape": "String", + "documentation": "<p>The Internet-routable IP address of the virtual private gateway's outside interface.</p>", + "locationName": "outsideIpAddress" + }, + "Status": { + "shape": "TelemetryStatus", + "documentation": "<p>The status of the VPN tunnel.</p>", + "locationName": "status" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>If an error occurs, a description of the error.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes telemetry for a VPN tunnel.</p>" + }, + "VgwTelemetryList": { + "type": "list", + "member": { + "shape": "VgwTelemetry", + "locationName": "item" + } + }, + "VirtualizationType": { + "type": "string", + "enum": [ + "hvm", + "paravirtual" + ] + }, + "Volume": { + "type": "structure", + "members": { + "Attachments": { + "shape": "VolumeAttachmentList", + "documentation": "<p>Information about the volume attachments.</p>", + "locationName": "attachmentSet" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone for the volume.</p>", + "locationName": "availabilityZone" + }, + "CreateTime": { + "shape": "DateTime", + "documentation": "<p>The time stamp when volume creation was initiated.</p>", + "locationName": "createTime" + }, + "Encrypted": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the volume is encrypted.</p>", + "locationName": "encrypted" + }, + "KmsKeyId": { + "shape": "String", + "documentation": "<p>The Amazon Resource Name (ARN) of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume.</p>", + "locationName": "kmsKeyId" + }, + "Size": { + "shape": "Integer", + "documentation": "<p>The size of the volume, in GiBs.</p>", + "locationName": "size" + }, + "SnapshotId": { + "shape": "String", + "documentation": "<p>The snapshot from which the volume was created, if applicable.</p>", + "locationName": "snapshotId" + }, + "State": { + "shape": "VolumeState", + "documentation": "<p>The volume state.</p>", + "locationName": "status" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>", + "locationName": "volumeId" + }, + "Iops": { + "shape": "Integer", + "documentation": "<p>The number of I/O operations per second (IOPS) that the volume supports. For Provisioned IOPS SSD volumes, this represents the number of IOPS that are provisioned for the volume. For General Purpose SSD volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html\">Amazon EBS Volume Types</a> in the <i>Amazon Elastic Compute Cloud User Guide</i>.</p> <p>Constraints: Range is 100-16,000 IOPS for <code>gp2</code> volumes and 100 to 64,000IOPS for <code>io1</code> volumes, in most Regions. The maximum IOPS for <code>io1</code> of 64,000 is guaranteed only on <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances\">Nitro-based instances</a>. Other instance families guarantee performance up to 32,000 IOPS.</p> <p>Condition: This parameter is required for requests to create <code>io1</code> volumes; it is not used in requests to create <code>gp2</code>, <code>st1</code>, <code>sc1</code>, or <code>standard</code> volumes.</p>", + "locationName": "iops" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the volume.</p>", + "locationName": "tagSet" + }, + "VolumeType": { + "shape": "VolumeType", + "documentation": "<p>The volume type. This can be <code>gp2</code> for General Purpose SSD, <code>io1</code> for Provisioned IOPS SSD, <code>st1</code> for Throughput Optimized HDD, <code>sc1</code> for Cold HDD, or <code>standard</code> for Magnetic volumes.</p>", + "locationName": "volumeType" + } + }, + "documentation": "<p>Describes a volume.</p>" + }, + "VolumeAttachment": { + "type": "structure", + "members": { + "AttachTime": { + "shape": "DateTime", + "documentation": "<p>The time stamp when the attachment initiated.</p>", + "locationName": "attachTime" + }, + "Device": { + "shape": "String", + "documentation": "<p>The device name.</p>", + "locationName": "device" + }, + "InstanceId": { + "shape": "String", + "documentation": "<p>The ID of the instance.</p>", + "locationName": "instanceId" + }, + "State": { + "shape": "VolumeAttachmentState", + "documentation": "<p>The attachment state of the volume.</p>", + "locationName": "status" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>", + "locationName": "volumeId" + }, + "DeleteOnTermination": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the EBS volume is deleted on instance termination.</p>", + "locationName": "deleteOnTermination" + } + }, + "documentation": "<p>Describes volume attachment details.</p>" + }, + "VolumeAttachmentList": { + "type": "list", + "member": { + "shape": "VolumeAttachment", + "locationName": "item" + } + }, + "VolumeAttachmentState": { + "type": "string", + "enum": [ + "attaching", + "attached", + "detaching", + "detached", + "busy" + ] + }, + "VolumeAttributeName": { + "type": "string", + "enum": [ + "autoEnableIO", + "productCodes" + ] + }, + "VolumeDetail": { + "type": "structure", + "required": [ + "Size" + ], + "members": { + "Size": { + "shape": "Long", + "documentation": "<p>The size of the volume, in GiB.</p>", + "locationName": "size" + } + }, + "documentation": "<p>Describes an EBS volume.</p>" + }, + "VolumeIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "VolumeId" + } + }, + "VolumeList": { + "type": "list", + "member": { + "shape": "Volume", + "locationName": "item" + } + }, + "VolumeModification": { + "type": "structure", + "members": { + "VolumeId": { + "shape": "String", + "documentation": "<p>The ID of the volume.</p>", + "locationName": "volumeId" + }, + "ModificationState": { + "shape": "VolumeModificationState", + "documentation": "<p>The current modification state. The modification state is null for unmodified volumes.</p>", + "locationName": "modificationState" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A status message about the modification progress or failure.</p>", + "locationName": "statusMessage" + }, + "TargetSize": { + "shape": "Integer", + "documentation": "<p>The target size of the volume, in GiB.</p>", + "locationName": "targetSize" + }, + "TargetIops": { + "shape": "Integer", + "documentation": "<p>The target IOPS rate of the volume.</p>", + "locationName": "targetIops" + }, + "TargetVolumeType": { + "shape": "VolumeType", + "documentation": "<p>The target EBS volume type of the volume.</p>", + "locationName": "targetVolumeType" + }, + "OriginalSize": { + "shape": "Integer", + "documentation": "<p>The original size of the volume.</p>", + "locationName": "originalSize" + }, + "OriginalIops": { + "shape": "Integer", + "documentation": "<p>The original IOPS rate of the volume.</p>", + "locationName": "originalIops" + }, + "OriginalVolumeType": { + "shape": "VolumeType", + "documentation": "<p>The original EBS volume type of the volume.</p>", + "locationName": "originalVolumeType" + }, + "Progress": { + "shape": "Long", + "documentation": "<p>The modification progress, from 0 to 100 percent complete.</p>", + "locationName": "progress" + }, + "StartTime": { + "shape": "DateTime", + "documentation": "<p>The modification start time.</p>", + "locationName": "startTime" + }, + "EndTime": { + "shape": "DateTime", + "documentation": "<p>The modification completion or failure time.</p>", + "locationName": "endTime" + } + }, + "documentation": "<p>Describes the modification status of an EBS volume.</p> <p>If the volume has never been modified, some element values will be null.</p>" + }, + "VolumeModificationList": { + "type": "list", + "member": { + "shape": "VolumeModification", + "locationName": "item" + } + }, + "VolumeModificationState": { + "type": "string", + "enum": [ + "modifying", + "optimizing", + "completed", + "failed" + ] + }, + "VolumeState": { + "type": "string", + "enum": [ + "creating", + "available", + "in-use", + "deleting", + "deleted", + "error" + ] + }, + "VolumeStatusAction": { + "type": "structure", + "members": { + "Code": { + "shape": "String", + "documentation": "<p>The code identifying the operation, for example, <code>enable-volume-io</code>.</p>", + "locationName": "code" + }, + "Description": { + "shape": "String", + "documentation": "<p>A description of the operation.</p>", + "locationName": "description" + }, + "EventId": { + "shape": "String", + "documentation": "<p>The ID of the event associated with this operation.</p>", + "locationName": "eventId" + }, + "EventType": { + "shape": "String", + "documentation": "<p>The event type associated with this operation.</p>", + "locationName": "eventType" + } + }, + "documentation": "<p>Describes a volume status operation code.</p>" + }, + "VolumeStatusActionsList": { + "type": "list", + "member": { + "shape": "VolumeStatusAction", + "locationName": "item" + } + }, + "VolumeStatusDetails": { + "type": "structure", + "members": { + "Name": { + "shape": "VolumeStatusName", + "documentation": "<p>The name of the volume status.</p>", + "locationName": "name" + }, + "Status": { + "shape": "String", + "documentation": "<p>The intended status of the volume status.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes a volume status.</p>" + }, + "VolumeStatusDetailsList": { + "type": "list", + "member": { + "shape": "VolumeStatusDetails", + "locationName": "item" + } + }, + "VolumeStatusEvent": { + "type": "structure", + "members": { + "Description": { + "shape": "String", + "documentation": "<p>A description of the event.</p>", + "locationName": "description" + }, + "EventId": { + "shape": "String", + "documentation": "<p>The ID of this event.</p>", + "locationName": "eventId" + }, + "EventType": { + "shape": "String", + "documentation": "<p>The type of this event.</p>", + "locationName": "eventType" + }, + "NotAfter": { + "shape": "DateTime", + "documentation": "<p>The latest end time of the event.</p>", + "locationName": "notAfter" + }, + "NotBefore": { + "shape": "DateTime", + "documentation": "<p>The earliest start time of the event.</p>", + "locationName": "notBefore" + } + }, + "documentation": "<p>Describes a volume status event.</p>" + }, + "VolumeStatusEventsList": { + "type": "list", + "member": { + "shape": "VolumeStatusEvent", + "locationName": "item" + } + }, + "VolumeStatusInfo": { + "type": "structure", + "members": { + "Details": { + "shape": "VolumeStatusDetailsList", + "documentation": "<p>The details of the volume status.</p>", + "locationName": "details" + }, + "Status": { + "shape": "VolumeStatusInfoStatus", + "documentation": "<p>The status of the volume.</p>", + "locationName": "status" + } + }, + "documentation": "<p>Describes the status of a volume.</p>" + }, + "VolumeStatusInfoStatus": { + "type": "string", + "enum": [ + "ok", + "impaired", + "insufficient-data" + ] + }, + "VolumeStatusItem": { + "type": "structure", + "members": { + "Actions": { + "shape": "VolumeStatusActionsList", + "documentation": "<p>The details of the operation.</p>", + "locationName": "actionsSet" + }, + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone of the volume.</p>", + "locationName": "availabilityZone" + }, + "Events": { + "shape": "VolumeStatusEventsList", + "documentation": "<p>A list of events associated with the volume.</p>", + "locationName": "eventsSet" + }, + "VolumeId": { + "shape": "String", + "documentation": "<p>The volume ID.</p>", + "locationName": "volumeId" + }, + "VolumeStatus": { + "shape": "VolumeStatusInfo", + "documentation": "<p>The volume status.</p>", + "locationName": "volumeStatus" + } + }, + "documentation": "<p>Describes the volume status.</p>" + }, + "VolumeStatusList": { + "type": "list", + "member": { + "shape": "VolumeStatusItem", + "locationName": "item" + } + }, + "VolumeStatusName": { + "type": "string", + "enum": [ + "io-enabled", + "io-performance" + ] + }, + "VolumeType": { + "type": "string", + "enum": [ + "standard", + "io1", + "gp2", + "sc1", + "st1" + ] + }, + "Vpc": { + "type": "structure", + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The primary IPv4 CIDR block for the VPC.</p>", + "locationName": "cidrBlock" + }, + "DhcpOptionsId": { + "shape": "String", + "documentation": "<p>The ID of the set of DHCP options you've associated with the VPC (or <code>default</code> if the default options are associated with the VPC).</p>", + "locationName": "dhcpOptionsId" + }, + "State": { + "shape": "VpcState", + "documentation": "<p>The current state of the VPC.</p>", + "locationName": "state" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the VPC.</p>", + "locationName": "ownerId" + }, + "InstanceTenancy": { + "shape": "Tenancy", + "documentation": "<p>The allowed tenancy of instances launched into the VPC.</p>", + "locationName": "instanceTenancy" + }, + "Ipv6CidrBlockAssociationSet": { + "shape": "VpcIpv6CidrBlockAssociationSet", + "documentation": "<p>Information about the IPv6 CIDR blocks associated with the VPC.</p>", + "locationName": "ipv6CidrBlockAssociationSet" + }, + "CidrBlockAssociationSet": { + "shape": "VpcCidrBlockAssociationSet", + "documentation": "<p>Information about the IPv4 CIDR blocks associated with the VPC.</p>", + "locationName": "cidrBlockAssociationSet" + }, + "IsDefault": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the VPC is the default VPC.</p>", + "locationName": "isDefault" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the VPC.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a VPC.</p>" + }, + "VpcAttachment": { + "type": "structure", + "members": { + "State": { + "shape": "AttachmentStatus", + "documentation": "<p>The current state of the attachment.</p>", + "locationName": "state" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes an attachment between a virtual private gateway and a VPC.</p>" + }, + "VpcAttachmentList": { + "type": "list", + "member": { + "shape": "VpcAttachment", + "locationName": "item" + } + }, + "VpcAttributeName": { + "type": "string", + "enum": [ + "enableDnsSupport", + "enableDnsHostnames" + ] + }, + "VpcCidrBlockAssociation": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID for the IPv4 CIDR block.</p>", + "locationName": "associationId" + }, + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR block.</p>", + "locationName": "cidrBlock" + }, + "CidrBlockState": { + "shape": "VpcCidrBlockState", + "documentation": "<p>Information about the state of the CIDR block.</p>", + "locationName": "cidrBlockState" + } + }, + "documentation": "<p>Describes an IPv4 CIDR block associated with a VPC.</p>" + }, + "VpcCidrBlockAssociationSet": { + "type": "list", + "member": { + "shape": "VpcCidrBlockAssociation", + "locationName": "item" + } + }, + "VpcCidrBlockState": { + "type": "structure", + "members": { + "State": { + "shape": "VpcCidrBlockStateCode", + "documentation": "<p>The state of the CIDR block.</p>", + "locationName": "state" + }, + "StatusMessage": { + "shape": "String", + "documentation": "<p>A message about the status of the CIDR block, if applicable.</p>", + "locationName": "statusMessage" + } + }, + "documentation": "<p>Describes the state of a CIDR block.</p>" + }, + "VpcCidrBlockStateCode": { + "type": "string", + "enum": [ + "associating", + "associated", + "disassociating", + "disassociated", + "failing", + "failed" + ] + }, + "VpcClassicLink": { + "type": "structure", + "members": { + "ClassicLinkEnabled": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the VPC is enabled for ClassicLink.</p>", + "locationName": "classicLinkEnabled" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the VPC.</p>", + "locationName": "tagSet" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + } + }, + "documentation": "<p>Describes whether a VPC is enabled for ClassicLink.</p>" + }, + "VpcClassicLinkIdList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "VpcId" + } + }, + "VpcClassicLinkList": { + "type": "list", + "member": { + "shape": "VpcClassicLink", + "locationName": "item" + } + }, + "VpcEndpoint": { + "type": "structure", + "members": { + "VpcEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the VPC endpoint.</p>", + "locationName": "vpcEndpointId" + }, + "VpcEndpointType": { + "shape": "VpcEndpointType", + "documentation": "<p>The type of endpoint.</p>", + "locationName": "vpcEndpointType" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC to which the endpoint is associated.</p>", + "locationName": "vpcId" + }, + "ServiceName": { + "shape": "String", + "documentation": "<p>The name of the service to which the endpoint is associated.</p>", + "locationName": "serviceName" + }, + "State": { + "shape": "State", + "documentation": "<p>The state of the VPC endpoint.</p>", + "locationName": "state" + }, + "PolicyDocument": { + "shape": "String", + "documentation": "<p>The policy document associated with the endpoint, if applicable.</p>", + "locationName": "policyDocument" + }, + "RouteTableIds": { + "shape": "ValueStringList", + "documentation": "<p>(Gateway endpoint) One or more route tables associated with the endpoint.</p>", + "locationName": "routeTableIdSet" + }, + "SubnetIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more subnets in which the endpoint is located.</p>", + "locationName": "subnetIdSet" + }, + "Groups": { + "shape": "GroupIdentifierSet", + "documentation": "<p>(Interface endpoint) Information about the security groups associated with the network interface.</p>", + "locationName": "groupSet" + }, + "PrivateDnsEnabled": { + "shape": "Boolean", + "documentation": "<p>(Interface endpoint) Indicates whether the VPC is associated with a private hosted zone.</p>", + "locationName": "privateDnsEnabled" + }, + "RequesterManaged": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the VPC endpoint is being managed by its service.</p>", + "locationName": "requesterManaged" + }, + "NetworkInterfaceIds": { + "shape": "ValueStringList", + "documentation": "<p>(Interface endpoint) One or more network interfaces for the endpoint.</p>", + "locationName": "networkInterfaceIdSet" + }, + "DnsEntries": { + "shape": "DnsEntrySet", + "documentation": "<p>(Interface endpoint) The DNS entries for the endpoint.</p>", + "locationName": "dnsEntrySet" + }, + "CreationTimestamp": { + "shape": "MillisecondDateTime", + "documentation": "<p>The date and time the VPC endpoint was created.</p>", + "locationName": "creationTimestamp" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the VPC endpoint.</p>", + "locationName": "tagSet" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The ID of the AWS account that owns the VPC endpoint.</p>", + "locationName": "ownerId" + } + }, + "documentation": "<p>Describes a VPC endpoint.</p>" + }, + "VpcEndpointConnection": { + "type": "structure", + "members": { + "ServiceId": { + "shape": "String", + "documentation": "<p>The ID of the service to which the endpoint is connected.</p>", + "locationName": "serviceId" + }, + "VpcEndpointId": { + "shape": "String", + "documentation": "<p>The ID of the VPC endpoint.</p>", + "locationName": "vpcEndpointId" + }, + "VpcEndpointOwner": { + "shape": "String", + "documentation": "<p>The AWS account ID of the owner of the VPC endpoint.</p>", + "locationName": "vpcEndpointOwner" + }, + "VpcEndpointState": { + "shape": "State", + "documentation": "<p>The state of the VPC endpoint.</p>", + "locationName": "vpcEndpointState" + }, + "CreationTimestamp": { + "shape": "MillisecondDateTime", + "documentation": "<p>The date and time the VPC endpoint was created.</p>", + "locationName": "creationTimestamp" + }, + "DnsEntries": { + "shape": "DnsEntrySet", + "documentation": "<p>The DNS entries for the VPC endpoint.</p>", + "locationName": "dnsEntrySet" + }, + "NetworkLoadBalancerArns": { + "shape": "ValueStringList", + "documentation": "<p>The Amazon Resource Names (ARNs) of the network load balancers for the service.</p>", + "locationName": "networkLoadBalancerArnSet" + } + }, + "documentation": "<p>Describes a VPC endpoint connection to a service.</p>" + }, + "VpcEndpointConnectionSet": { + "type": "list", + "member": { + "shape": "VpcEndpointConnection", + "locationName": "item" + } + }, + "VpcEndpointSet": { + "type": "list", + "member": { + "shape": "VpcEndpoint", + "locationName": "item" + } + }, + "VpcEndpointType": { + "type": "string", + "enum": [ + "Interface", + "Gateway" + ] + }, + "VpcIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "VpcId" + } + }, + "VpcIpv6CidrBlockAssociation": { + "type": "structure", + "members": { + "AssociationId": { + "shape": "String", + "documentation": "<p>The association ID for the IPv6 CIDR block.</p>", + "locationName": "associationId" + }, + "Ipv6CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv6 CIDR block.</p>", + "locationName": "ipv6CidrBlock" + }, + "Ipv6CidrBlockState": { + "shape": "VpcCidrBlockState", + "documentation": "<p>Information about the state of the CIDR block.</p>", + "locationName": "ipv6CidrBlockState" + } + }, + "documentation": "<p>Describes an IPv6 CIDR block associated with a VPC.</p>" + }, + "VpcIpv6CidrBlockAssociationSet": { + "type": "list", + "member": { + "shape": "VpcIpv6CidrBlockAssociation", + "locationName": "item" + } + }, + "VpcList": { + "type": "list", + "member": { + "shape": "Vpc", + "locationName": "item" + } + }, + "VpcPeeringConnection": { + "type": "structure", + "members": { + "AccepterVpcInfo": { + "shape": "VpcPeeringConnectionVpcInfo", + "documentation": "<p>Information about the accepter VPC. CIDR block information is only returned when describing an active VPC peering connection.</p>", + "locationName": "accepterVpcInfo" + }, + "ExpirationTime": { + "shape": "DateTime", + "documentation": "<p>The time that an unaccepted VPC peering connection will expire.</p>", + "locationName": "expirationTime" + }, + "RequesterVpcInfo": { + "shape": "VpcPeeringConnectionVpcInfo", + "documentation": "<p>Information about the requester VPC. CIDR block information is only returned when describing an active VPC peering connection.</p>", + "locationName": "requesterVpcInfo" + }, + "Status": { + "shape": "VpcPeeringConnectionStateReason", + "documentation": "<p>The status of the VPC peering connection.</p>", + "locationName": "status" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the resource.</p>", + "locationName": "tagSet" + }, + "VpcPeeringConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPC peering connection.</p>", + "locationName": "vpcPeeringConnectionId" + } + }, + "documentation": "<p>Describes a VPC peering connection.</p>" + }, + "VpcPeeringConnectionList": { + "type": "list", + "member": { + "shape": "VpcPeeringConnection", + "locationName": "item" + } + }, + "VpcPeeringConnectionOptionsDescription": { + "type": "structure", + "members": { + "AllowDnsResolutionFromRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.</p>", + "locationName": "allowDnsResolutionFromRemoteVpc" + }, + "AllowEgressFromLocalClassicLinkToRemoteVpc": { + "shape": "Boolean", + "documentation": "<p>Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.</p>", + "locationName": "allowEgressFromLocalClassicLinkToRemoteVpc" + }, + "AllowEgressFromLocalVpcToRemoteClassicLink": { + "shape": "Boolean", + "documentation": "<p>Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.</p>", + "locationName": "allowEgressFromLocalVpcToRemoteClassicLink" + } + }, + "documentation": "<p>Describes the VPC peering connection options.</p>" + }, + "VpcPeeringConnectionStateReason": { + "type": "structure", + "members": { + "Code": { + "shape": "VpcPeeringConnectionStateReasonCode", + "documentation": "<p>The status of the VPC peering connection.</p>", + "locationName": "code" + }, + "Message": { + "shape": "String", + "documentation": "<p>A message that provides more information about the status, if applicable.</p>", + "locationName": "message" + } + }, + "documentation": "<p>Describes the status of a VPC peering connection.</p>" + }, + "VpcPeeringConnectionStateReasonCode": { + "type": "string", + "enum": [ + "initiating-request", + "pending-acceptance", + "active", + "deleted", + "rejected", + "failed", + "expired", + "provisioning", + "deleting" + ] + }, + "VpcPeeringConnectionVpcInfo": { + "type": "structure", + "members": { + "CidrBlock": { + "shape": "String", + "documentation": "<p>The IPv4 CIDR block for the VPC.</p>", + "locationName": "cidrBlock" + }, + "Ipv6CidrBlockSet": { + "shape": "Ipv6CidrBlockSet", + "documentation": "<p>The IPv6 CIDR block for the VPC.</p>", + "locationName": "ipv6CidrBlockSet" + }, + "CidrBlockSet": { + "shape": "CidrBlockSet", + "documentation": "<p>Information about the IPv4 CIDR blocks for the VPC.</p>", + "locationName": "cidrBlockSet" + }, + "OwnerId": { + "shape": "String", + "documentation": "<p>The AWS account ID of the VPC owner.</p>", + "locationName": "ownerId" + }, + "PeeringOptions": { + "shape": "VpcPeeringConnectionOptionsDescription", + "documentation": "<p>Information about the VPC peering connection options for the accepter or requester VPC.</p>", + "locationName": "peeringOptions" + }, + "VpcId": { + "shape": "String", + "documentation": "<p>The ID of the VPC.</p>", + "locationName": "vpcId" + }, + "Region": { + "shape": "String", + "documentation": "<p>The Region in which the VPC is located.</p>", + "locationName": "region" + } + }, + "documentation": "<p>Describes a VPC in a VPC peering connection.</p>" + }, + "VpcState": { + "type": "string", + "enum": [ + "pending", + "available" + ] + }, + "VpcTenancy": { + "type": "string", + "enum": [ + "default" + ] + }, + "VpnConnection": { + "type": "structure", + "members": { + "CustomerGatewayConfiguration": { + "shape": "String", + "documentation": "<p>The configuration information for the VPN connection's customer gateway (in the native XML format). This element is always present in the <a>CreateVpnConnection</a> response; however, it's present in the <a>DescribeVpnConnections</a> response only if the VPN connection is in the <code>pending</code> or <code>available</code> state.</p>", + "locationName": "customerGatewayConfiguration" + }, + "CustomerGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the customer gateway at your end of the VPN connection.</p>", + "locationName": "customerGatewayId" + }, + "Category": { + "shape": "String", + "documentation": "<p>The category of the VPN connection. A value of <code>VPN</code> indicates an AWS VPN connection. A value of <code>VPN-Classic</code> indicates an AWS Classic VPN connection.</p>", + "locationName": "category" + }, + "State": { + "shape": "VpnState", + "documentation": "<p>The current state of the VPN connection.</p>", + "locationName": "state" + }, + "Type": { + "shape": "GatewayType", + "documentation": "<p>The type of VPN connection.</p>", + "locationName": "type" + }, + "VpnConnectionId": { + "shape": "String", + "documentation": "<p>The ID of the VPN connection.</p>", + "locationName": "vpnConnectionId" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway at the AWS side of the VPN connection.</p>", + "locationName": "vpnGatewayId" + }, + "TransitGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the transit gateway associated with the VPN connection.</p>", + "locationName": "transitGatewayId" + }, + "Options": { + "shape": "VpnConnectionOptions", + "documentation": "<p>The VPN connection options.</p>", + "locationName": "options" + }, + "Routes": { + "shape": "VpnStaticRouteList", + "documentation": "<p>The static routes associated with the VPN connection.</p>", + "locationName": "routes" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the VPN connection.</p>", + "locationName": "tagSet" + }, + "VgwTelemetry": { + "shape": "VgwTelemetryList", + "documentation": "<p>Information about the VPN tunnel.</p>", + "locationName": "vgwTelemetry" + } + }, + "documentation": "<p>Describes a VPN connection.</p>" + }, + "VpnConnectionIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "VpnConnectionId" + } + }, + "VpnConnectionList": { + "type": "list", + "member": { + "shape": "VpnConnection", + "locationName": "item" + } + }, + "VpnConnectionOptions": { + "type": "structure", + "members": { + "StaticRoutesOnly": { + "shape": "Boolean", + "documentation": "<p>Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.</p>", + "locationName": "staticRoutesOnly" + } + }, + "documentation": "<p>Describes VPN connection options.</p>" + }, + "VpnConnectionOptionsSpecification": { + "type": "structure", + "members": { + "StaticRoutesOnly": { + "shape": "Boolean", + "documentation": "<p>Indicate whether the VPN connection uses static routes only. If you are creating a VPN connection for a device that does not support BGP, you must specify <code>true</code>. Use <a>CreateVpnConnectionRoute</a> to create a static route.</p> <p>Default: <code>false</code> </p>", + "locationName": "staticRoutesOnly" + }, + "TunnelOptions": { + "shape": "TunnelOptionsList", + "documentation": "<p>The tunnel options for the VPN connection.</p>" + } + }, + "documentation": "<p>Describes VPN connection options.</p>" + }, + "VpnEcmpSupportValue": { + "type": "string", + "enum": [ + "enable", + "disable" + ] + }, + "VpnGateway": { + "type": "structure", + "members": { + "AvailabilityZone": { + "shape": "String", + "documentation": "<p>The Availability Zone where the virtual private gateway was created, if applicable. This field may be empty or not returned.</p>", + "locationName": "availabilityZone" + }, + "State": { + "shape": "VpnState", + "documentation": "<p>The current state of the virtual private gateway.</p>", + "locationName": "state" + }, + "Type": { + "shape": "GatewayType", + "documentation": "<p>The type of VPN connection the virtual private gateway supports.</p>", + "locationName": "type" + }, + "VpcAttachments": { + "shape": "VpcAttachmentList", + "documentation": "<p>Any VPCs attached to the virtual private gateway.</p>", + "locationName": "attachments" + }, + "VpnGatewayId": { + "shape": "String", + "documentation": "<p>The ID of the virtual private gateway.</p>", + "locationName": "vpnGatewayId" + }, + "AmazonSideAsn": { + "shape": "Long", + "documentation": "<p>The private Autonomous System Number (ASN) for the Amazon side of a BGP session.</p>", + "locationName": "amazonSideAsn" + }, + "Tags": { + "shape": "TagList", + "documentation": "<p>Any tags assigned to the virtual private gateway.</p>", + "locationName": "tagSet" + } + }, + "documentation": "<p>Describes a virtual private gateway.</p>" + }, + "VpnGatewayIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "VpnGatewayId" + } + }, + "VpnGatewayList": { + "type": "list", + "member": { + "shape": "VpnGateway", + "locationName": "item" + } + }, + "VpnProtocol": { + "type": "string", + "enum": [ + "openvpn" + ] + }, + "VpnState": { + "type": "string", + "enum": [ + "pending", + "available", + "deleting", + "deleted" + ] + }, + "VpnStaticRoute": { + "type": "structure", + "members": { + "DestinationCidrBlock": { + "shape": "String", + "documentation": "<p>The CIDR block associated with the local subnet of the customer data center.</p>", + "locationName": "destinationCidrBlock" + }, + "Source": { + "shape": "VpnStaticRouteSource", + "documentation": "<p>Indicates how the routes were provided.</p>", + "locationName": "source" + }, + "State": { + "shape": "VpnState", + "documentation": "<p>The current state of the static route.</p>", + "locationName": "state" + } + }, + "documentation": "<p>Describes a static route for a VPN connection.</p>" + }, + "VpnStaticRouteList": { + "type": "list", + "member": { + "shape": "VpnStaticRoute", + "locationName": "item" + } + }, + "VpnStaticRouteSource": { + "type": "string", + "enum": [ + "Static" + ] + }, + "VpnTunnelOptionsSpecification": { + "type": "structure", + "members": { + "TunnelInsideCidr": { + "shape": "String", + "documentation": "<p>The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. </p> <p>Constraints: A size /30 CIDR block from the <code>169.254.0.0/16</code> range. The following CIDR blocks are reserved and cannot be used:</p> <ul> <li> <p> <code>169.254.0.0/30</code> </p> </li> <li> <p> <code>169.254.1.0/30</code> </p> </li> <li> <p> <code>169.254.2.0/30</code> </p> </li> <li> <p> <code>169.254.3.0/30</code> </p> </li> <li> <p> <code>169.254.4.0/30</code> </p> </li> <li> <p> <code>169.254.5.0/30</code> </p> </li> <li> <p> <code>169.254.169.252/30</code> </p> </li> </ul>" + }, + "PreSharedKey": { + "shape": "String", + "documentation": "<p>The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.</p> <p>Constraints: Allowed characters are alphanumeric characters and ._. Must be between 8 and 64 characters in length and cannot start with zero (0).</p>" + } + }, + "documentation": "<p>The tunnel options for a VPN connection.</p>" + }, + "WithdrawByoipCidrRequest": { + "type": "structure", + "required": [ + "Cidr" + ], + "members": { + "Cidr": { + "shape": "String", + "documentation": "<p>The public IPv4 address range, in CIDR notation.</p>" + }, + "DryRun": { + "shape": "Boolean", + "documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>" + } + } + }, + "WithdrawByoipCidrResult": { + "type": "structure", + "members": { + "ByoipCidr": { + "shape": "ByoipCidr", + "documentation": "<p>Information about the address pool.</p>", + "locationName": "byoipCidr" + } + } + }, + "ZoneIdStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ZoneId" + } + }, + "ZoneNameStringList": { + "type": "list", + "member": { + "shape": "String", + "locationName": "ZoneName" + } + }, + "scope": { + "type": "string", + "enum": [ + "Availability Zone", + "Region" + ] + } + }, + "documentation": "<fullname>Amazon Elastic Compute Cloud</fullname> <p>Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing capacity in the AWS cloud. Using Amazon EC2 eliminates the need to invest in hardware up front, so you can develop and deploy applications faster.</p> <p>To learn more, see the following resources:</p> <ul> <li> <p>Amazon EC2: <a href=\"http://aws.amazon.com/ec2\">Amazon EC2 product page</a>, <a href=\"http://aws.amazon.com/documentation/ec2\">Amazon EC2 documentation</a> </p> </li> <li> <p>Amazon EBS: <a href=\"http://aws.amazon.com/ebs\">Amazon EBS product page</a>, <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html\">Amazon EBS documentation</a> </p> </li> <li> <p>Amazon VPC: <a href=\"http://aws.amazon.com/vpc\">Amazon VPC product page</a>, <a href=\"http://aws.amazon.com/documentation/vpc\">Amazon VPC documentation</a> </p> </li> <li> <p>AWS VPN: <a href=\"http://aws.amazon.com/vpn\">AWS VPN product page</a>, <a href=\"http://aws.amazon.com/documentation/vpn\">AWS VPN documentation</a> </p> </li> </ul>" +}
\ No newline at end of file diff --git a/aws/api/s3-2006-03-01.normal.json b/aws/api/s3-2006-03-01.normal.json new file mode 100644 index 0000000..1fe8975 --- /dev/null +++ b/aws/api/s3-2006-03-01.normal.json @@ -0,0 +1,9222 @@ +{ + "version": "2.0", + "metadata": { + "apiVersion": "2006-03-01", + "checksumFormat": "md5", + "endpointPrefix": "s3", + "globalEndpoint": "s3.amazonaws.com", + "protocol": "rest-xml", + "serviceAbbreviation": "Amazon S3", + "serviceFullName": "Amazon Simple Storage Service", + "serviceId": "S3", + "signatureVersion": "s3", + "uid": "s3-2006-03-01" + }, + "operations": { + "AbortMultipartUpload": { + "name": "AbortMultipartUpload", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}/{Key+}", + "responseCode": 204 + }, + "input": { + "shape": "AbortMultipartUploadRequest" + }, + "output": { + "shape": "AbortMultipartUploadOutput" + }, + "errors": [ + { + "shape": "NoSuchUpload" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadAbort.html", + "documentation": "<p>Aborts a multipart upload.</p> <p>To verify that all parts have been removed, so you don't get charged for the part storage, you should call the List Parts operation and ensure the parts list is empty.</p>" + }, + "CompleteMultipartUpload": { + "name": "CompleteMultipartUpload", + "http": { + "method": "POST", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "CompleteMultipartUploadRequest" + }, + "output": { + "shape": "CompleteMultipartUploadOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadComplete.html", + "documentation": "<p>Completes a multipart upload by assembling previously uploaded parts.</p>" + }, + "CopyObject": { + "name": "CopyObject", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "CopyObjectRequest" + }, + "output": { + "shape": "CopyObjectOutput" + }, + "errors": [ + { + "shape": "ObjectNotInActiveTierError" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectCOPY.html", + "documentation": "<p>Creates a copy of an object that is already stored in Amazon S3.</p>", + "alias": "PutObjectCopy" + }, + "CreateBucket": { + "name": "CreateBucket", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}" + }, + "input": { + "shape": "CreateBucketRequest" + }, + "output": { + "shape": "CreateBucketOutput" + }, + "errors": [ + { + "shape": "BucketAlreadyExists" + }, + { + "shape": "BucketAlreadyOwnedByYou" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUT.html", + "documentation": "<p>Creates a new bucket.</p>", + "alias": "PutBucket" + }, + "CreateMultipartUpload": { + "name": "CreateMultipartUpload", + "http": { + "method": "POST", + "requestUri": "/{Bucket}/{Key+}?uploads" + }, + "input": { + "shape": "CreateMultipartUploadRequest" + }, + "output": { + "shape": "CreateMultipartUploadOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadInitiate.html", + "documentation": "<p>Initiates a multipart upload and returns an upload ID.</p> <p> <b>Note:</b> After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up the parts storage and stops charging you for the parts storage.</p>", + "alias": "InitiateMultipartUpload" + }, + "DeleteBucket": { + "name": "DeleteBucket", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETE.html", + "documentation": "<p>Deletes the bucket. All objects (including all object versions and Delete Markers) in the bucket must be deleted before the bucket itself can be deleted.</p>" + }, + "DeleteBucketAnalyticsConfiguration": { + "name": "DeleteBucketAnalyticsConfiguration", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?analytics", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketAnalyticsConfigurationRequest" + }, + "documentation": "<p>Deletes an analytics configuration for the bucket (specified by the analytics configuration ID).</p> <p>To use this operation, you must have permissions to perform the s3:PutAnalyticsConfiguration action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. </p>" + }, + "DeleteBucketCors": { + "name": "DeleteBucketCors", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?cors", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketCorsRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETEcors.html", + "documentation": "<p>Deletes the CORS configuration information set for the bucket.</p>" + }, + "DeleteBucketEncryption": { + "name": "DeleteBucketEncryption", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?encryption", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketEncryptionRequest" + }, + "documentation": "<p>Deletes the server-side encryption configuration from the bucket.</p>" + }, + "DeleteBucketInventoryConfiguration": { + "name": "DeleteBucketInventoryConfiguration", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?inventory", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketInventoryConfigurationRequest" + }, + "documentation": "<p>Deletes an inventory configuration (identified by the inventory ID) from the bucket.</p>" + }, + "DeleteBucketLifecycle": { + "name": "DeleteBucketLifecycle", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?lifecycle", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketLifecycleRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETElifecycle.html", + "documentation": "<p>Deletes the lifecycle configuration from the bucket.</p>" + }, + "DeleteBucketMetricsConfiguration": { + "name": "DeleteBucketMetricsConfiguration", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?metrics", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketMetricsConfigurationRequest" + }, + "documentation": "<p>Deletes a metrics configuration (specified by the metrics configuration ID) from the bucket.</p>" + }, + "DeleteBucketPolicy": { + "name": "DeleteBucketPolicy", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?policy", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketPolicyRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETEpolicy.html", + "documentation": "<p>Deletes the policy from the bucket.</p>" + }, + "DeleteBucketReplication": { + "name": "DeleteBucketReplication", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?replication", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketReplicationRequest" + }, + "documentation": "<p> Deletes the replication configuration from the bucket. For information about replication configuration, see <a href=\" https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html\">Cross-Region Replication (CRR)</a> in the <i>Amazon S3 Developer Guide</i>. </p>" + }, + "DeleteBucketTagging": { + "name": "DeleteBucketTagging", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?tagging", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketTaggingRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETEtagging.html", + "documentation": "<p>Deletes the tags from the bucket.</p>" + }, + "DeleteBucketWebsite": { + "name": "DeleteBucketWebsite", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?website", + "responseCode": 204 + }, + "input": { + "shape": "DeleteBucketWebsiteRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketDELETEwebsite.html", + "documentation": "<p>This operation removes the website configuration from the bucket.</p>" + }, + "DeleteObject": { + "name": "DeleteObject", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}/{Key+}", + "responseCode": 204 + }, + "input": { + "shape": "DeleteObjectRequest" + }, + "output": { + "shape": "DeleteObjectOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectDELETE.html", + "documentation": "<p>Removes the null version (if there is one) of an object and inserts a delete marker, which becomes the latest version of the object. If there isn't a null version, Amazon S3 does not remove any objects.</p>" + }, + "DeleteObjectTagging": { + "name": "DeleteObjectTagging", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}/{Key+}?tagging", + "responseCode": 204 + }, + "input": { + "shape": "DeleteObjectTaggingRequest" + }, + "output": { + "shape": "DeleteObjectTaggingOutput" + }, + "documentation": "<p>Removes the tag-set from an existing object.</p>" + }, + "DeleteObjects": { + "name": "DeleteObjects", + "http": { + "method": "POST", + "requestUri": "/{Bucket}?delete" + }, + "input": { + "shape": "DeleteObjectsRequest" + }, + "output": { + "shape": "DeleteObjectsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/multiobjectdeleteapi.html", + "documentation": "<p>This operation enables you to delete multiple objects from a bucket using a single HTTP request. You may specify up to 1000 keys.</p>", + "alias": "DeleteMultipleObjects" + }, + "DeletePublicAccessBlock": { + "name": "DeletePublicAccessBlock", + "http": { + "method": "DELETE", + "requestUri": "/{Bucket}?publicAccessBlock", + "responseCode": 204 + }, + "input": { + "shape": "DeletePublicAccessBlockRequest" + }, + "documentation": "<p>Removes the <code>PublicAccessBlock</code> configuration from an Amazon S3 bucket.</p>" + }, + "GetBucketAccelerateConfiguration": { + "name": "GetBucketAccelerateConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?accelerate" + }, + "input": { + "shape": "GetBucketAccelerateConfigurationRequest" + }, + "output": { + "shape": "GetBucketAccelerateConfigurationOutput" + }, + "documentation": "<p>Returns the accelerate configuration of a bucket.</p>" + }, + "GetBucketAcl": { + "name": "GetBucketAcl", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?acl" + }, + "input": { + "shape": "GetBucketAclRequest" + }, + "output": { + "shape": "GetBucketAclOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETacl.html", + "documentation": "<p>Gets the access control policy for the bucket.</p>" + }, + "GetBucketAnalyticsConfiguration": { + "name": "GetBucketAnalyticsConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?analytics" + }, + "input": { + "shape": "GetBucketAnalyticsConfigurationRequest" + }, + "output": { + "shape": "GetBucketAnalyticsConfigurationOutput" + }, + "documentation": "<p>Gets an analytics configuration for the bucket (specified by the analytics configuration ID).</p>" + }, + "GetBucketCors": { + "name": "GetBucketCors", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?cors" + }, + "input": { + "shape": "GetBucketCorsRequest" + }, + "output": { + "shape": "GetBucketCorsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETcors.html", + "documentation": "<p>Returns the CORS configuration for the bucket.</p>" + }, + "GetBucketEncryption": { + "name": "GetBucketEncryption", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?encryption" + }, + "input": { + "shape": "GetBucketEncryptionRequest" + }, + "output": { + "shape": "GetBucketEncryptionOutput" + }, + "documentation": "<p>Returns the server-side encryption configuration of a bucket.</p>" + }, + "GetBucketInventoryConfiguration": { + "name": "GetBucketInventoryConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?inventory" + }, + "input": { + "shape": "GetBucketInventoryConfigurationRequest" + }, + "output": { + "shape": "GetBucketInventoryConfigurationOutput" + }, + "documentation": "<p>Returns an inventory configuration (identified by the inventory ID) from the bucket.</p>" + }, + "GetBucketLifecycle": { + "name": "GetBucketLifecycle", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?lifecycle" + }, + "input": { + "shape": "GetBucketLifecycleRequest" + }, + "output": { + "shape": "GetBucketLifecycleOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETlifecycle.html", + "documentation": "<p> No longer used, see the GetBucketLifecycleConfiguration operation.</p>", + "deprecated": true + }, + "GetBucketLifecycleConfiguration": { + "name": "GetBucketLifecycleConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?lifecycle" + }, + "input": { + "shape": "GetBucketLifecycleConfigurationRequest" + }, + "output": { + "shape": "GetBucketLifecycleConfigurationOutput" + }, + "documentation": "<p>Returns the lifecycle configuration information set on the bucket.</p>" + }, + "GetBucketLocation": { + "name": "GetBucketLocation", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?location" + }, + "input": { + "shape": "GetBucketLocationRequest" + }, + "output": { + "shape": "GetBucketLocationOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETlocation.html", + "documentation": "<p>Returns the region the bucket resides in.</p>" + }, + "GetBucketLogging": { + "name": "GetBucketLogging", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?logging" + }, + "input": { + "shape": "GetBucketLoggingRequest" + }, + "output": { + "shape": "GetBucketLoggingOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETlogging.html", + "documentation": "<p>Returns the logging status of a bucket and the permissions users have to view and modify that status. To use GET, you must be the bucket owner.</p>" + }, + "GetBucketMetricsConfiguration": { + "name": "GetBucketMetricsConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?metrics" + }, + "input": { + "shape": "GetBucketMetricsConfigurationRequest" + }, + "output": { + "shape": "GetBucketMetricsConfigurationOutput" + }, + "documentation": "<p>Gets a metrics configuration (specified by the metrics configuration ID) from the bucket.</p>" + }, + "GetBucketNotification": { + "name": "GetBucketNotification", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?notification" + }, + "input": { + "shape": "GetBucketNotificationConfigurationRequest" + }, + "output": { + "shape": "NotificationConfigurationDeprecated" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETnotification.html", + "documentation": "<p> No longer used, see the GetBucketNotificationConfiguration operation.</p>", + "deprecated": true + }, + "GetBucketNotificationConfiguration": { + "name": "GetBucketNotificationConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?notification" + }, + "input": { + "shape": "GetBucketNotificationConfigurationRequest" + }, + "output": { + "shape": "NotificationConfiguration" + }, + "documentation": "<p>Returns the notification configuration of a bucket.</p>" + }, + "GetBucketPolicy": { + "name": "GetBucketPolicy", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?policy" + }, + "input": { + "shape": "GetBucketPolicyRequest" + }, + "output": { + "shape": "GetBucketPolicyOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETpolicy.html", + "documentation": "<p>Returns the policy of a specified bucket.</p>" + }, + "GetBucketPolicyStatus": { + "name": "GetBucketPolicyStatus", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?policyStatus" + }, + "input": { + "shape": "GetBucketPolicyStatusRequest" + }, + "output": { + "shape": "GetBucketPolicyStatusOutput" + }, + "documentation": "<p>Retrieves the policy status for an Amazon S3 bucket, indicating whether the bucket is public.</p>" + }, + "GetBucketReplication": { + "name": "GetBucketReplication", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?replication" + }, + "input": { + "shape": "GetBucketReplicationRequest" + }, + "output": { + "shape": "GetBucketReplicationOutput" + }, + "documentation": "<p>Returns the replication configuration of a bucket.</p> <note> <p> It can take a while to propagate the put or delete a replication configuration to all Amazon S3 systems. Therefore, a get request soon after put or delete can return a wrong result. </p> </note>" + }, + "GetBucketRequestPayment": { + "name": "GetBucketRequestPayment", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?requestPayment" + }, + "input": { + "shape": "GetBucketRequestPaymentRequest" + }, + "output": { + "shape": "GetBucketRequestPaymentOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTrequestPaymentGET.html", + "documentation": "<p>Returns the request payment configuration of a bucket.</p>" + }, + "GetBucketTagging": { + "name": "GetBucketTagging", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?tagging" + }, + "input": { + "shape": "GetBucketTaggingRequest" + }, + "output": { + "shape": "GetBucketTaggingOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETtagging.html", + "documentation": "<p>Returns the tag set associated with the bucket.</p>" + }, + "GetBucketVersioning": { + "name": "GetBucketVersioning", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?versioning" + }, + "input": { + "shape": "GetBucketVersioningRequest" + }, + "output": { + "shape": "GetBucketVersioningOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETversioningStatus.html", + "documentation": "<p>Returns the versioning state of a bucket.</p>" + }, + "GetBucketWebsite": { + "name": "GetBucketWebsite", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?website" + }, + "input": { + "shape": "GetBucketWebsiteRequest" + }, + "output": { + "shape": "GetBucketWebsiteOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETwebsite.html", + "documentation": "<p>Returns the website configuration for a bucket.</p>" + }, + "GetObject": { + "name": "GetObject", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "GetObjectRequest" + }, + "output": { + "shape": "GetObjectOutput" + }, + "errors": [ + { + "shape": "NoSuchKey" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectGET.html", + "documentation": "<p>Retrieves objects from Amazon S3.</p>" + }, + "GetObjectAcl": { + "name": "GetObjectAcl", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}?acl" + }, + "input": { + "shape": "GetObjectAclRequest" + }, + "output": { + "shape": "GetObjectAclOutput" + }, + "errors": [ + { + "shape": "NoSuchKey" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectGETacl.html", + "documentation": "<p>Returns the access control list (ACL) of an object.</p>" + }, + "GetObjectLegalHold": { + "name": "GetObjectLegalHold", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}?legal-hold" + }, + "input": { + "shape": "GetObjectLegalHoldRequest" + }, + "output": { + "shape": "GetObjectLegalHoldOutput" + }, + "documentation": "<p>Gets an object's current Legal Hold status.</p>" + }, + "GetObjectLockConfiguration": { + "name": "GetObjectLockConfiguration", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?object-lock" + }, + "input": { + "shape": "GetObjectLockConfigurationRequest" + }, + "output": { + "shape": "GetObjectLockConfigurationOutput" + }, + "documentation": "<p>Gets the object lock configuration for a bucket. The rule specified in the object lock configuration will be applied by default to every new object placed in the specified bucket.</p>" + }, + "GetObjectRetention": { + "name": "GetObjectRetention", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}?retention" + }, + "input": { + "shape": "GetObjectRetentionRequest" + }, + "output": { + "shape": "GetObjectRetentionOutput" + }, + "documentation": "<p>Retrieves an object's retention settings.</p>" + }, + "GetObjectTagging": { + "name": "GetObjectTagging", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}?tagging" + }, + "input": { + "shape": "GetObjectTaggingRequest" + }, + "output": { + "shape": "GetObjectTaggingOutput" + }, + "documentation": "<p>Returns the tag-set of an object.</p>" + }, + "GetObjectTorrent": { + "name": "GetObjectTorrent", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}?torrent" + }, + "input": { + "shape": "GetObjectTorrentRequest" + }, + "output": { + "shape": "GetObjectTorrentOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectGETtorrent.html", + "documentation": "<p>Return torrent files from a bucket.</p>" + }, + "GetPublicAccessBlock": { + "name": "GetPublicAccessBlock", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?publicAccessBlock" + }, + "input": { + "shape": "GetPublicAccessBlockRequest" + }, + "output": { + "shape": "GetPublicAccessBlockOutput" + }, + "documentation": "<p>Retrieves the <code>PublicAccessBlock</code> configuration for an Amazon S3 bucket.</p>" + }, + "HeadBucket": { + "name": "HeadBucket", + "http": { + "method": "HEAD", + "requestUri": "/{Bucket}" + }, + "input": { + "shape": "HeadBucketRequest" + }, + "errors": [ + { + "shape": "NoSuchBucket" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketHEAD.html", + "documentation": "<p>This operation is useful to determine if a bucket exists and you have permission to access it.</p>" + }, + "HeadObject": { + "name": "HeadObject", + "http": { + "method": "HEAD", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "HeadObjectRequest" + }, + "output": { + "shape": "HeadObjectOutput" + }, + "errors": [ + { + "shape": "NoSuchKey" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectHEAD.html", + "documentation": "<p>The HEAD operation retrieves metadata from an object without returning the object itself. This operation is useful if you're only interested in an object's metadata. To use HEAD, you must have READ access to the object.</p>" + }, + "ListBucketAnalyticsConfigurations": { + "name": "ListBucketAnalyticsConfigurations", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?analytics" + }, + "input": { + "shape": "ListBucketAnalyticsConfigurationsRequest" + }, + "output": { + "shape": "ListBucketAnalyticsConfigurationsOutput" + }, + "documentation": "<p>Lists the analytics configurations for the bucket.</p>" + }, + "ListBucketInventoryConfigurations": { + "name": "ListBucketInventoryConfigurations", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?inventory" + }, + "input": { + "shape": "ListBucketInventoryConfigurationsRequest" + }, + "output": { + "shape": "ListBucketInventoryConfigurationsOutput" + }, + "documentation": "<p>Returns a list of inventory configurations for the bucket.</p>" + }, + "ListBucketMetricsConfigurations": { + "name": "ListBucketMetricsConfigurations", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?metrics" + }, + "input": { + "shape": "ListBucketMetricsConfigurationsRequest" + }, + "output": { + "shape": "ListBucketMetricsConfigurationsOutput" + }, + "documentation": "<p>Lists the metrics configurations for the bucket.</p>" + }, + "ListBuckets": { + "name": "ListBuckets", + "http": { + "method": "GET", + "requestUri": "/" + }, + "output": { + "shape": "ListBucketsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTServiceGET.html", + "documentation": "<p>Returns a list of all buckets owned by the authenticated sender of the request.</p>", + "alias": "GetService" + }, + "ListMultipartUploads": { + "name": "ListMultipartUploads", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?uploads" + }, + "input": { + "shape": "ListMultipartUploadsRequest" + }, + "output": { + "shape": "ListMultipartUploadsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadListMPUpload.html", + "documentation": "<p>This operation lists in-progress multipart uploads.</p>" + }, + "ListObjectVersions": { + "name": "ListObjectVersions", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?versions" + }, + "input": { + "shape": "ListObjectVersionsRequest" + }, + "output": { + "shape": "ListObjectVersionsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGETVersion.html", + "documentation": "<p>Returns metadata about all of the versions of objects in a bucket.</p>", + "alias": "GetBucketObjectVersions" + }, + "ListObjects": { + "name": "ListObjects", + "http": { + "method": "GET", + "requestUri": "/{Bucket}" + }, + "input": { + "shape": "ListObjectsRequest" + }, + "output": { + "shape": "ListObjectsOutput" + }, + "errors": [ + { + "shape": "NoSuchBucket" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketGET.html", + "documentation": "<p>Returns some or all (up to 1000) of the objects in a bucket. You can use the request parameters as selection criteria to return a subset of the objects in a bucket.</p>", + "alias": "GetBucket" + }, + "ListObjectsV2": { + "name": "ListObjectsV2", + "http": { + "method": "GET", + "requestUri": "/{Bucket}?list-type=2" + }, + "input": { + "shape": "ListObjectsV2Request" + }, + "output": { + "shape": "ListObjectsV2Output" + }, + "errors": [ + { + "shape": "NoSuchBucket" + } + ], + "documentation": "<p>Returns some or all (up to 1000) of the objects in a bucket. You can use the request parameters as selection criteria to return a subset of the objects in a bucket. Note: ListObjectsV2 is the revised List Objects API and we recommend you use this revised API for new application development.</p>" + }, + "ListParts": { + "name": "ListParts", + "http": { + "method": "GET", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "ListPartsRequest" + }, + "output": { + "shape": "ListPartsOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadListParts.html", + "documentation": "<p>Lists the parts that have been uploaded for a specific multipart upload.</p>" + }, + "PutBucketAccelerateConfiguration": { + "name": "PutBucketAccelerateConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?accelerate" + }, + "input": { + "shape": "PutBucketAccelerateConfigurationRequest" + }, + "documentation": "<p>Sets the accelerate configuration of an existing bucket.</p>" + }, + "PutBucketAcl": { + "name": "PutBucketAcl", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?acl" + }, + "input": { + "shape": "PutBucketAclRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTacl.html", + "documentation": "<p>Sets the permissions on a bucket using access control lists (ACL).</p>" + }, + "PutBucketAnalyticsConfiguration": { + "name": "PutBucketAnalyticsConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?analytics" + }, + "input": { + "shape": "PutBucketAnalyticsConfigurationRequest" + }, + "documentation": "<p>Sets an analytics configuration for the bucket (specified by the analytics configuration ID).</p>" + }, + "PutBucketCors": { + "name": "PutBucketCors", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?cors" + }, + "input": { + "shape": "PutBucketCorsRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTcors.html", + "documentation": "<p>Sets the CORS configuration for a bucket.</p>" + }, + "PutBucketEncryption": { + "name": "PutBucketEncryption", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?encryption" + }, + "input": { + "shape": "PutBucketEncryptionRequest" + }, + "documentation": "<p>Creates a new server-side encryption configuration (or replaces an existing one, if present).</p>" + }, + "PutBucketInventoryConfiguration": { + "name": "PutBucketInventoryConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?inventory" + }, + "input": { + "shape": "PutBucketInventoryConfigurationRequest" + }, + "documentation": "<p>Adds an inventory configuration (identified by the inventory ID) from the bucket.</p>" + }, + "PutBucketLifecycle": { + "name": "PutBucketLifecycle", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?lifecycle" + }, + "input": { + "shape": "PutBucketLifecycleRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html", + "documentation": "<p> No longer used, see the PutBucketLifecycleConfiguration operation.</p>", + "deprecated": true + }, + "PutBucketLifecycleConfiguration": { + "name": "PutBucketLifecycleConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?lifecycle" + }, + "input": { + "shape": "PutBucketLifecycleConfigurationRequest" + }, + "documentation": "<p>Sets lifecycle configuration for your bucket. If a lifecycle configuration exists, it replaces it.</p>" + }, + "PutBucketLogging": { + "name": "PutBucketLogging", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?logging" + }, + "input": { + "shape": "PutBucketLoggingRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTlogging.html", + "documentation": "<p>Set the logging parameters for a bucket and to specify permissions for who can view and modify the logging parameters. To set the logging status of a bucket, you must be the bucket owner.</p>" + }, + "PutBucketMetricsConfiguration": { + "name": "PutBucketMetricsConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?metrics" + }, + "input": { + "shape": "PutBucketMetricsConfigurationRequest" + }, + "documentation": "<p>Sets a metrics configuration (specified by the metrics configuration ID) for the bucket.</p>" + }, + "PutBucketNotification": { + "name": "PutBucketNotification", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?notification" + }, + "input": { + "shape": "PutBucketNotificationRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTnotification.html", + "documentation": "<p> No longer used, see the PutBucketNotificationConfiguration operation.</p>", + "deprecated": true + }, + "PutBucketNotificationConfiguration": { + "name": "PutBucketNotificationConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?notification" + }, + "input": { + "shape": "PutBucketNotificationConfigurationRequest" + }, + "documentation": "<p>Enables notifications of specified events for a bucket.</p>" + }, + "PutBucketPolicy": { + "name": "PutBucketPolicy", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?policy" + }, + "input": { + "shape": "PutBucketPolicyRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTpolicy.html", + "documentation": "<p>Applies an Amazon S3 bucket policy to an Amazon S3 bucket.</p>" + }, + "PutBucketReplication": { + "name": "PutBucketReplication", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?replication" + }, + "input": { + "shape": "PutBucketReplicationRequest" + }, + "documentation": "<p> Creates a replication configuration or replaces an existing one. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html\">Cross-Region Replication (CRR)</a> in the <i>Amazon S3 Developer Guide</i>. </p>" + }, + "PutBucketRequestPayment": { + "name": "PutBucketRequestPayment", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?requestPayment" + }, + "input": { + "shape": "PutBucketRequestPaymentRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTrequestPaymentPUT.html", + "documentation": "<p>Sets the request payment configuration for a bucket. By default, the bucket owner pays for downloads from the bucket. This configuration parameter enables the bucket owner (only) to specify that the person requesting the download will be charged for the download. Documentation on requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html</p>" + }, + "PutBucketTagging": { + "name": "PutBucketTagging", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?tagging" + }, + "input": { + "shape": "PutBucketTaggingRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTtagging.html", + "documentation": "<p>Sets the tags for a bucket.</p>" + }, + "PutBucketVersioning": { + "name": "PutBucketVersioning", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?versioning" + }, + "input": { + "shape": "PutBucketVersioningRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html", + "documentation": "<p>Sets the versioning state of an existing bucket. To set the versioning state, you must be the bucket owner.</p>" + }, + "PutBucketWebsite": { + "name": "PutBucketWebsite", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?website" + }, + "input": { + "shape": "PutBucketWebsiteRequest" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTBucketPUTwebsite.html", + "documentation": "<p>Set the website configuration for a bucket.</p>" + }, + "PutObject": { + "name": "PutObject", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "PutObjectRequest" + }, + "output": { + "shape": "PutObjectOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPUT.html", + "documentation": "<p>Adds an object to a bucket.</p>" + }, + "PutObjectAcl": { + "name": "PutObjectAcl", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}?acl" + }, + "input": { + "shape": "PutObjectAclRequest" + }, + "output": { + "shape": "PutObjectAclOutput" + }, + "errors": [ + { + "shape": "NoSuchKey" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectPUTacl.html", + "documentation": "<p>uses the acl subresource to set the access control list (ACL) permissions for an object that already exists in a bucket</p>" + }, + "PutObjectLegalHold": { + "name": "PutObjectLegalHold", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}?legal-hold" + }, + "input": { + "shape": "PutObjectLegalHoldRequest" + }, + "output": { + "shape": "PutObjectLegalHoldOutput" + }, + "documentation": "<p>Applies a Legal Hold configuration to the specified object.</p>" + }, + "PutObjectLockConfiguration": { + "name": "PutObjectLockConfiguration", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?object-lock" + }, + "input": { + "shape": "PutObjectLockConfigurationRequest" + }, + "output": { + "shape": "PutObjectLockConfigurationOutput" + }, + "documentation": "<p>Places an object lock configuration on the specified bucket. The rule specified in the object lock configuration will be applied by default to every new object placed in the specified bucket.</p>" + }, + "PutObjectRetention": { + "name": "PutObjectRetention", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}?retention" + }, + "input": { + "shape": "PutObjectRetentionRequest" + }, + "output": { + "shape": "PutObjectRetentionOutput" + }, + "documentation": "<p>Places an Object Retention configuration on an object.</p>" + }, + "PutObjectTagging": { + "name": "PutObjectTagging", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}?tagging" + }, + "input": { + "shape": "PutObjectTaggingRequest" + }, + "output": { + "shape": "PutObjectTaggingOutput" + }, + "documentation": "<p>Sets the supplied tag-set to an object that already exists in a bucket</p>" + }, + "PutPublicAccessBlock": { + "name": "PutPublicAccessBlock", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}?publicAccessBlock" + }, + "input": { + "shape": "PutPublicAccessBlockRequest" + }, + "documentation": "<p>Creates or modifies the <code>PublicAccessBlock</code> configuration for an Amazon S3 bucket.</p>" + }, + "RestoreObject": { + "name": "RestoreObject", + "http": { + "method": "POST", + "requestUri": "/{Bucket}/{Key+}?restore" + }, + "input": { + "shape": "RestoreObjectRequest" + }, + "output": { + "shape": "RestoreObjectOutput" + }, + "errors": [ + { + "shape": "ObjectAlreadyInActiveTierError" + } + ], + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTObjectRestore.html", + "documentation": "<p>Restores an archived copy of an object back into Amazon S3</p>", + "alias": "PostObjectRestore" + }, + "SelectObjectContent": { + "name": "SelectObjectContent", + "http": { + "method": "POST", + "requestUri": "/{Bucket}/{Key+}?select&select-type=2" + }, + "input": { + "shape": "SelectObjectContentRequest", + "locationName": "SelectObjectContentRequest", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "output": { + "shape": "SelectObjectContentOutput" + }, + "documentation": "<p>This operation filters the contents of an Amazon S3 object based on a simple Structured Query Language (SQL) statement. In the request, along with the SQL expression, you must also specify a data serialization format (JSON or CSV) of the object. Amazon S3 uses this to parse object data into records, and returns only records that match the specified SQL expression. You must also specify the data serialization format for the response.</p>" + }, + "UploadPart": { + "name": "UploadPart", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "UploadPartRequest" + }, + "output": { + "shape": "UploadPartOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadUploadPart.html", + "documentation": "<p>Uploads a part in a multipart upload.</p> <p> <b>Note:</b> After you initiate multipart upload and upload one or more parts, you must either complete or abort multipart upload in order to stop getting charged for storage of the uploaded parts. Only after you either complete or abort multipart upload, Amazon S3 frees up the parts storage and stops charging you for the parts storage.</p>" + }, + "UploadPartCopy": { + "name": "UploadPartCopy", + "http": { + "method": "PUT", + "requestUri": "/{Bucket}/{Key+}" + }, + "input": { + "shape": "UploadPartCopyRequest" + }, + "output": { + "shape": "UploadPartCopyOutput" + }, + "documentationUrl": "http://docs.amazonwebservices.com/AmazonS3/latest/API/mpUploadUploadPartCopy.html", + "documentation": "<p>Uploads a part by copying data from an existing object as data source.</p>" + } + }, + "shapes": { + "AbortDate": { + "type": "timestamp" + }, + "AbortIncompleteMultipartUpload": { + "type": "structure", + "members": { + "DaysAfterInitiation": { + "shape": "DaysAfterInitiation", + "documentation": "<p>Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.</p>" + } + }, + "documentation": "<p>Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config\"> Aborting Incomplete Multipart Uploads Using a Bucket Lifecycle Policy</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "AbortMultipartUploadOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "AbortMultipartUploadRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "UploadId" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the multipart upload was initiated.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Key of the object for which the multipart upload was initiated.</p>", + "location": "uri", + "locationName": "Key" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID that identifies the multipart upload.</p>", + "location": "querystring", + "locationName": "uploadId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "AbortRuleId": { + "type": "string" + }, + "AccelerateConfiguration": { + "type": "structure", + "members": { + "Status": { + "shape": "BucketAccelerateStatus", + "documentation": "<p>Specifies the transfer acceleration status of the bucket.</p>" + } + }, + "documentation": "<p>Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html\">Amazon S3 Transfer Acceleration</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "AcceptRanges": { + "type": "string" + }, + "AccessControlPolicy": { + "type": "structure", + "members": { + "Grants": { + "shape": "Grants", + "documentation": "<p>A list of grants.</p>", + "locationName": "AccessControlList" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p>Container for the bucket owner's display name and ID.</p>" + } + }, + "documentation": "<p>Contains the elements that set the ACL permissions for an object per grantee.</p>" + }, + "AccessControlTranslation": { + "type": "structure", + "required": [ + "Owner" + ], + "members": { + "Owner": { + "shape": "OwnerOverride", + "documentation": "<p>Specifies the replica ownership. For default and valid values, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html\">PUT bucket replication</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + } + }, + "documentation": "<p>A container for information about access control for replicas.</p>" + }, + "AccountId": { + "type": "string" + }, + "AllowQuotedRecordDelimiter": { + "type": "boolean" + }, + "AllowedHeader": { + "type": "string" + }, + "AllowedHeaders": { + "type": "list", + "member": { + "shape": "AllowedHeader" + }, + "flattened": true + }, + "AllowedMethod": { + "type": "string" + }, + "AllowedMethods": { + "type": "list", + "member": { + "shape": "AllowedMethod" + }, + "flattened": true + }, + "AllowedOrigin": { + "type": "string" + }, + "AllowedOrigins": { + "type": "list", + "member": { + "shape": "AllowedOrigin" + }, + "flattened": true + }, + "AnalyticsAndOperator": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix to use when evaluating an AND predicate: The prefix that an object must have to be included in the metrics results.</p>" + }, + "Tags": { + "shape": "TagSet", + "documentation": "<p>The list of tags to use when evaluating an AND predicate.</p>", + "flattened": true, + "locationName": "Tag" + } + }, + "documentation": "<p>A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates in any combination, and an object must match all of the predicates for the filter to apply.</p>" + }, + "AnalyticsConfiguration": { + "type": "structure", + "required": [ + "Id", + "StorageClassAnalysis" + ], + "members": { + "Id": { + "shape": "AnalyticsId", + "documentation": "<p>The ID that identifies the analytics configuration.</p>" + }, + "Filter": { + "shape": "AnalyticsFilter", + "documentation": "<p>The filter used to describe a set of objects for analyses. A filter must have exactly one prefix, one tag, or one conjunction (AnalyticsAndOperator). If no filter is provided, all objects will be considered in any analysis.</p>" + }, + "StorageClassAnalysis": { + "shape": "StorageClassAnalysis", + "documentation": "<p> Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes. </p>" + } + }, + "documentation": "<p> Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETAnalyticsConfig.html\">GET Bucket analytics</a> in the <i>Amazon Simple Storage Service API Reference</i>. </p>" + }, + "AnalyticsConfigurationList": { + "type": "list", + "member": { + "shape": "AnalyticsConfiguration" + }, + "flattened": true + }, + "AnalyticsExportDestination": { + "type": "structure", + "required": [ + "S3BucketDestination" + ], + "members": { + "S3BucketDestination": { + "shape": "AnalyticsS3BucketDestination", + "documentation": "<p>A destination signifying output to an S3 bucket.</p>" + } + }, + "documentation": "<p>Where to publish the analytics results.</p>" + }, + "AnalyticsFilter": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix to use when evaluating an analytics filter.</p>" + }, + "Tag": { + "shape": "Tag", + "documentation": "<p>The tag to use when evaluating an analytics filter.</p>" + }, + "And": { + "shape": "AnalyticsAndOperator", + "documentation": "<p>A conjunction (logical AND) of predicates, which is used in evaluating an analytics filter. The operator must have at least two predicates.</p>" + } + }, + "documentation": "<p/>" + }, + "AnalyticsId": { + "type": "string" + }, + "AnalyticsS3BucketDestination": { + "type": "structure", + "required": [ + "Format", + "Bucket" + ], + "members": { + "Format": { + "shape": "AnalyticsS3ExportFileFormat", + "documentation": "<p>Specifies the file format used when exporting data to Amazon S3.</p>" + }, + "BucketAccountId": { + "shape": "AccountId", + "documentation": "<p>The account ID that owns the destination bucket. If no account ID is provided, the owner will not be validated prior to exporting data.</p>" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The Amazon Resource Name (ARN) of the bucket to which data is exported.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix to use when exporting data. The prefix is prepended to all results.</p>" + } + }, + "documentation": "<p/>" + }, + "AnalyticsS3ExportFileFormat": { + "type": "string", + "enum": [ + "CSV" + ] + }, + "Body": { + "type": "blob" + }, + "Bucket": { + "type": "structure", + "members": { + "Name": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket.</p>" + }, + "CreationDate": { + "shape": "CreationDate", + "documentation": "<p>Date the bucket was created.</p>" + } + }, + "documentation": "<p/>" + }, + "BucketAccelerateStatus": { + "type": "string", + "enum": [ + "Enabled", + "Suspended" + ] + }, + "BucketCannedACL": { + "type": "string", + "enum": [ + "private", + "public-read", + "public-read-write", + "authenticated-read" + ] + }, + "BucketLifecycleConfiguration": { + "type": "structure", + "required": [ + "Rules" + ], + "members": { + "Rules": { + "shape": "LifecycleRules", + "documentation": "<p>A lifecycle rule for individual objects in an Amazon S3 bucket.</p>", + "locationName": "Rule" + } + }, + "documentation": "<p>Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html\">Object Lifecycle Management</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "BucketLocationConstraint": { + "type": "string", + "enum": [ + "EU", + "eu-west-1", + "us-west-1", + "us-west-2", + "ap-south-1", + "ap-southeast-1", + "ap-southeast-2", + "ap-northeast-1", + "sa-east-1", + "cn-north-1", + "eu-central-1" + ] + }, + "BucketLoggingStatus": { + "type": "structure", + "members": { + "LoggingEnabled": { + "shape": "LoggingEnabled", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "BucketLogsPermission": { + "type": "string", + "enum": [ + "FULL_CONTROL", + "READ", + "WRITE" + ] + }, + "BucketName": { + "type": "string" + }, + "BucketVersioningStatus": { + "type": "string", + "enum": [ + "Enabled", + "Suspended" + ] + }, + "Buckets": { + "type": "list", + "member": { + "shape": "Bucket", + "locationName": "Bucket" + } + }, + "BypassGovernanceRetention": { + "type": "boolean" + }, + "BytesProcessed": { + "type": "long" + }, + "BytesReturned": { + "type": "long" + }, + "BytesScanned": { + "type": "long" + }, + "CORSConfiguration": { + "type": "structure", + "required": [ + "CORSRules" + ], + "members": { + "CORSRules": { + "shape": "CORSRules", + "documentation": "<p>A set of allowed origins and methods.</p>", + "locationName": "CORSRule" + } + }, + "documentation": "<p>Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html\">Enabling Cross-Origin Resource Sharing</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "CORSRule": { + "type": "structure", + "required": [ + "AllowedMethods", + "AllowedOrigins" + ], + "members": { + "AllowedHeaders": { + "shape": "AllowedHeaders", + "documentation": "<p>Headers that are specified in the <code>Access-Control-Request-Headers</code> header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.</p>", + "locationName": "AllowedHeader" + }, + "AllowedMethods": { + "shape": "AllowedMethods", + "documentation": "<p>An HTTP method that you allow the origin to execute. Valid values are <code>GET</code>, <code>PUT</code>, <code>HEAD</code>, <code>POST</code>, and <code>DELETE</code>.</p>", + "locationName": "AllowedMethod" + }, + "AllowedOrigins": { + "shape": "AllowedOrigins", + "documentation": "<p>One or more origins you want customers to be able to access the bucket from.</p>", + "locationName": "AllowedOrigin" + }, + "ExposeHeaders": { + "shape": "ExposeHeaders", + "documentation": "<p>One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript <code>XMLHttpRequest</code> object).</p>", + "locationName": "ExposeHeader" + }, + "MaxAgeSeconds": { + "shape": "MaxAgeSeconds", + "documentation": "<p>The time in seconds that your browser is to cache the preflight response for the specified resource.</p>" + } + }, + "documentation": "<p>Specifies a cross-origin access rule for an Amazon S3 bucket.</p>" + }, + "CORSRules": { + "type": "list", + "member": { + "shape": "CORSRule" + }, + "flattened": true + }, + "CSVInput": { + "type": "structure", + "members": { + "FileHeaderInfo": { + "shape": "FileHeaderInfo", + "documentation": "<p>Describes the first line of input. Valid values: None, Ignore, Use.</p>" + }, + "Comments": { + "shape": "Comments", + "documentation": "<p>The single character used to indicate a row should be ignored when present at the start of a row.</p>" + }, + "QuoteEscapeCharacter": { + "shape": "QuoteEscapeCharacter", + "documentation": "<p>The single character used for escaping the quote character inside an already escaped value.</p>" + }, + "RecordDelimiter": { + "shape": "RecordDelimiter", + "documentation": "<p>The value used to separate individual records.</p>" + }, + "FieldDelimiter": { + "shape": "FieldDelimiter", + "documentation": "<p>The value used to separate individual fields in a record.</p>" + }, + "QuoteCharacter": { + "shape": "QuoteCharacter", + "documentation": "<p>Value used for escaping where the field delimiter is part of the value.</p>" + }, + "AllowQuotedRecordDelimiter": { + "shape": "AllowQuotedRecordDelimiter", + "documentation": "<p>Specifies that CSV field values may contain quoted record delimiters and such records should be allowed. Default value is FALSE. Setting this value to TRUE may lower performance.</p>" + } + }, + "documentation": "<p>Describes how a CSV-formatted input object is formatted.</p>" + }, + "CSVOutput": { + "type": "structure", + "members": { + "QuoteFields": { + "shape": "QuoteFields", + "documentation": "<p>Indicates whether or not all output fields should be quoted.</p>" + }, + "QuoteEscapeCharacter": { + "shape": "QuoteEscapeCharacter", + "documentation": "<p>Th single character used for escaping the quote character inside an already escaped value.</p>" + }, + "RecordDelimiter": { + "shape": "RecordDelimiter", + "documentation": "<p>The value used to separate individual records.</p>" + }, + "FieldDelimiter": { + "shape": "FieldDelimiter", + "documentation": "<p>The value used to separate individual fields in a record.</p>" + }, + "QuoteCharacter": { + "shape": "QuoteCharacter", + "documentation": "<p>The value used for escaping where the field delimiter is part of the value.</p>" + } + }, + "documentation": "<p>Describes how CSV-formatted results are formatted.</p>" + }, + "CacheControl": { + "type": "string" + }, + "CloudFunction": { + "type": "string" + }, + "CloudFunctionConfiguration": { + "type": "structure", + "members": { + "Id": { + "shape": "NotificationId" + }, + "Event": { + "shape": "Event", + "deprecated": true + }, + "Events": { + "shape": "EventList", + "documentation": "<p/>", + "locationName": "Event" + }, + "CloudFunction": { + "shape": "CloudFunction", + "documentation": "<p/>" + }, + "InvocationRole": { + "shape": "CloudFunctionInvocationRole", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "CloudFunctionInvocationRole": { + "type": "string" + }, + "Code": { + "type": "string" + }, + "Comments": { + "type": "string" + }, + "CommonPrefix": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "CommonPrefixList": { + "type": "list", + "member": { + "shape": "CommonPrefix" + }, + "flattened": true + }, + "CompleteMultipartUploadOutput": { + "type": "structure", + "members": { + "Location": { + "shape": "Location", + "documentation": "<p/>" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>" + }, + "Expiration": { + "shape": "Expiration", + "documentation": "<p>If the object expiration is configured, this will contain the expiration date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded.</p>", + "location": "header", + "locationName": "x-amz-expiration" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag of the object.</p>" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version of the object.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "CompleteMultipartUploadRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "UploadId" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "MultipartUpload": { + "shape": "CompletedMultipartUpload", + "documentation": "<p/>", + "locationName": "CompleteMultipartUpload", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p/>", + "location": "querystring", + "locationName": "uploadId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + }, + "payload": "MultipartUpload" + }, + "CompletedMultipartUpload": { + "type": "structure", + "members": { + "Parts": { + "shape": "CompletedPartList", + "documentation": "<p/>", + "locationName": "Part" + } + }, + "documentation": "<p/>" + }, + "CompletedPart": { + "type": "structure", + "members": { + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag returned when the part was uploaded.</p>" + }, + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number that identifies the part. This is a positive integer between 1 and 10,000.</p>" + } + }, + "documentation": "<p/>" + }, + "CompletedPartList": { + "type": "list", + "member": { + "shape": "CompletedPart" + }, + "flattened": true + }, + "CompressionType": { + "type": "string", + "enum": [ + "NONE", + "GZIP", + "BZIP2" + ] + }, + "Condition": { + "type": "structure", + "members": { + "HttpErrorCodeReturnedEquals": { + "shape": "HttpErrorCodeReturnedEquals", + "documentation": "<p>The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. Required when parent element <code>Condition</code> is specified and sibling <code>KeyPrefixEquals</code> is not specified. If both are specified, then both must be true for the redirect to be applied.</p>" + }, + "KeyPrefixEquals": { + "shape": "KeyPrefixEquals", + "documentation": "<p>The object key name prefix when the redirect is applied. For example, to redirect requests for <code>ExamplePage.html</code>, the key prefix will be <code>ExamplePage.html</code>. To redirect request for all pages with the prefix <code>docs/</code>, the key prefix will be <code>/docs</code>, which identifies all objects in the docs/ folder. Required when the parent element <code>Condition</code> is specified and sibling <code>HttpErrorCodeReturnedEquals</code> is not specified. If both conditions are specified, both must be true for the redirect to be applied.</p>" + } + }, + "documentation": "<p>Specifies a condition that must be met for a redirect to apply. </p>" + }, + "ConfirmRemoveSelfBucketAccess": { + "type": "boolean" + }, + "ContentDisposition": { + "type": "string" + }, + "ContentEncoding": { + "type": "string" + }, + "ContentLanguage": { + "type": "string" + }, + "ContentLength": { + "type": "long" + }, + "ContentMD5": { + "type": "string" + }, + "ContentRange": { + "type": "string" + }, + "ContentType": { + "type": "string" + }, + "ContinuationEvent": { + "type": "structure", + "members": {}, + "documentation": "<p/>", + "event": true + }, + "CopyObjectOutput": { + "type": "structure", + "members": { + "CopyObjectResult": { + "shape": "CopyObjectResult", + "documentation": "<p/>" + }, + "Expiration": { + "shape": "Expiration", + "documentation": "<p>If the object expiration is configured, the response includes this header.</p>", + "location": "header", + "locationName": "x-amz-expiration" + }, + "CopySourceVersionId": { + "shape": "CopySourceVersionId", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-copy-source-version-id" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version ID of the newly created copy.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + }, + "payload": "CopyObjectResult" + }, + "CopyObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "CopySource", + "Key" + ], + "members": { + "ACL": { + "shape": "ObjectCannedACL", + "documentation": "<p>The canned ACL to apply to the object.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "CacheControl": { + "shape": "CacheControl", + "documentation": "<p>Specifies caching behavior along the request/reply chain.</p>", + "location": "header", + "locationName": "Cache-Control" + }, + "ContentDisposition": { + "shape": "ContentDisposition", + "documentation": "<p>Specifies presentational information for the object.</p>", + "location": "header", + "locationName": "Content-Disposition" + }, + "ContentEncoding": { + "shape": "ContentEncoding", + "documentation": "<p>Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.</p>", + "location": "header", + "locationName": "Content-Encoding" + }, + "ContentLanguage": { + "shape": "ContentLanguage", + "documentation": "<p>The language the content is in.</p>", + "location": "header", + "locationName": "Content-Language" + }, + "ContentType": { + "shape": "ContentType", + "documentation": "<p>A standard MIME type describing the format of the object data.</p>", + "location": "header", + "locationName": "Content-Type" + }, + "CopySource": { + "shape": "CopySource", + "documentation": "<p>The name of the source bucket and key name of the source object, separated by a slash (/). Must be URL-encoded.</p>", + "location": "header", + "locationName": "x-amz-copy-source" + }, + "CopySourceIfMatch": { + "shape": "CopySourceIfMatch", + "documentation": "<p>Copies the object if its entity tag (ETag) matches the specified tag.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-match" + }, + "CopySourceIfModifiedSince": { + "shape": "CopySourceIfModifiedSince", + "documentation": "<p>Copies the object if it has been modified since the specified time.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-modified-since" + }, + "CopySourceIfNoneMatch": { + "shape": "CopySourceIfNoneMatch", + "documentation": "<p>Copies the object if its entity tag (ETag) is different than the specified ETag.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-none-match" + }, + "CopySourceIfUnmodifiedSince": { + "shape": "CopySourceIfUnmodifiedSince", + "documentation": "<p>Copies the object if it hasn't been modified since the specified time.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-unmodified-since" + }, + "Expires": { + "shape": "Expires", + "documentation": "<p>The date and time at which the object is no longer cacheable.</p>", + "location": "header", + "locationName": "Expires" + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to read the object data and its metadata.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the object ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable object.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "Metadata": { + "shape": "Metadata", + "documentation": "<p>A map of metadata to store with the object in S3.</p>", + "location": "headers", + "locationName": "x-amz-meta-" + }, + "MetadataDirective": { + "shape": "MetadataDirective", + "documentation": "<p>Specifies whether the metadata is copied from the source object or replaced with metadata provided in the request.</p>", + "location": "header", + "locationName": "x-amz-metadata-directive" + }, + "TaggingDirective": { + "shape": "TaggingDirective", + "documentation": "<p>Specifies whether the object tag-set are copied from the source object or replaced with tag-set provided in the request.</p>", + "location": "header", + "locationName": "x-amz-tagging-directive" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The type of storage to use for the object. Defaults to 'STANDARD'.</p>", + "location": "header", + "locationName": "x-amz-storage-class" + }, + "WebsiteRedirectLocation": { + "shape": "WebsiteRedirectLocation", + "documentation": "<p>If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.</p>", + "location": "header", + "locationName": "x-amz-website-redirect-location" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "CopySourceSSECustomerAlgorithm": { + "shape": "CopySourceSSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use when decrypting the source object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-algorithm" + }, + "CopySourceSSECustomerKey": { + "shape": "CopySourceSSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-key" + }, + "CopySourceSSECustomerKeyMD5": { + "shape": "CopySourceSSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-key-MD5" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "Tagging": { + "shape": "TaggingHeader", + "documentation": "<p>The tag-set for the object destination object this value must be used in conjunction with the TaggingDirective. The tag-set must be encoded as URL Query parameters</p>", + "location": "header", + "locationName": "x-amz-tagging" + }, + "ObjectLockMode": { + "shape": "ObjectLockMode", + "documentation": "<p>The object lock mode that you want to apply to the copied object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-mode" + }, + "ObjectLockRetainUntilDate": { + "shape": "ObjectLockRetainUntilDate", + "documentation": "<p>The date and time when you want the copied object's object lock to expire.</p>", + "location": "header", + "locationName": "x-amz-object-lock-retain-until-date" + }, + "ObjectLockLegalHoldStatus": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>Specifies whether you want to apply a Legal Hold to the copied object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-legal-hold" + } + } + }, + "CopyObjectResult": { + "type": "structure", + "members": { + "ETag": { + "shape": "ETag", + "documentation": "<p/>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "CopyPartResult": { + "type": "structure", + "members": { + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag of the object.</p>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Date and time at which the object was uploaded.</p>" + } + }, + "documentation": "<p/>" + }, + "CopySource": { + "type": "string", + "pattern": "\\/.+\\/.+" + }, + "CopySourceIfMatch": { + "type": "string" + }, + "CopySourceIfModifiedSince": { + "type": "timestamp" + }, + "CopySourceIfNoneMatch": { + "type": "string" + }, + "CopySourceIfUnmodifiedSince": { + "type": "timestamp" + }, + "CopySourceRange": { + "type": "string" + }, + "CopySourceSSECustomerAlgorithm": { + "type": "string" + }, + "CopySourceSSECustomerKey": { + "type": "blob", + "sensitive": true + }, + "CopySourceSSECustomerKeyMD5": { + "type": "string" + }, + "CopySourceVersionId": { + "type": "string" + }, + "CreateBucketConfiguration": { + "type": "structure", + "members": { + "LocationConstraint": { + "shape": "BucketLocationConstraint", + "documentation": "<p>Specifies the region where the bucket will be created. If you don't specify a region, the bucket is created in US East (N. Virginia) Region (us-east-1).</p>" + } + }, + "documentation": "<p/>" + }, + "CreateBucketOutput": { + "type": "structure", + "members": { + "Location": { + "shape": "Location", + "documentation": "<p/>", + "location": "header", + "locationName": "Location" + } + } + }, + "CreateBucketRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "ACL": { + "shape": "BucketCannedACL", + "documentation": "<p>The canned ACL to apply to the bucket.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "CreateBucketConfiguration": { + "shape": "CreateBucketConfiguration", + "documentation": "<p/>", + "locationName": "CreateBucketConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to list the objects in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the bucket ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWrite": { + "shape": "GrantWrite", + "documentation": "<p>Allows grantee to create, overwrite, and delete any object in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + }, + "ObjectLockEnabledForBucket": { + "shape": "ObjectLockEnabledForBucket", + "documentation": "<p>Specifies whether you want Amazon S3 object lock to be enabled for the new bucket.</p>", + "location": "header", + "locationName": "x-amz-bucket-object-lock-enabled" + } + }, + "payload": "CreateBucketConfiguration" + }, + "CreateMultipartUploadOutput": { + "type": "structure", + "members": { + "AbortDate": { + "shape": "AbortDate", + "documentation": "<p>Date when multipart upload will become eligible for abort operation by lifecycle.</p>", + "location": "header", + "locationName": "x-amz-abort-date" + }, + "AbortRuleId": { + "shape": "AbortRuleId", + "documentation": "<p>Id of the lifecycle rule that makes a multipart upload eligible for abort operation.</p>", + "location": "header", + "locationName": "x-amz-abort-rule-id" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the multipart upload was initiated.</p>", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Object key for which the multipart upload was initiated.</p>" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>ID for the initiated multipart upload.</p>" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "CreateMultipartUploadRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "ACL": { + "shape": "ObjectCannedACL", + "documentation": "<p>The canned ACL to apply to the object.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "CacheControl": { + "shape": "CacheControl", + "documentation": "<p>Specifies caching behavior along the request/reply chain.</p>", + "location": "header", + "locationName": "Cache-Control" + }, + "ContentDisposition": { + "shape": "ContentDisposition", + "documentation": "<p>Specifies presentational information for the object.</p>", + "location": "header", + "locationName": "Content-Disposition" + }, + "ContentEncoding": { + "shape": "ContentEncoding", + "documentation": "<p>Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.</p>", + "location": "header", + "locationName": "Content-Encoding" + }, + "ContentLanguage": { + "shape": "ContentLanguage", + "documentation": "<p>The language the content is in.</p>", + "location": "header", + "locationName": "Content-Language" + }, + "ContentType": { + "shape": "ContentType", + "documentation": "<p>A standard MIME type describing the format of the object data.</p>", + "location": "header", + "locationName": "Content-Type" + }, + "Expires": { + "shape": "Expires", + "documentation": "<p>The date and time at which the object is no longer cacheable.</p>", + "location": "header", + "locationName": "Expires" + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to read the object data and its metadata.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the object ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable object.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "Metadata": { + "shape": "Metadata", + "documentation": "<p>A map of metadata to store with the object in S3.</p>", + "location": "headers", + "locationName": "x-amz-meta-" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The type of storage to use for the object. Defaults to 'STANDARD'.</p>", + "location": "header", + "locationName": "x-amz-storage-class" + }, + "WebsiteRedirectLocation": { + "shape": "WebsiteRedirectLocation", + "documentation": "<p>If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.</p>", + "location": "header", + "locationName": "x-amz-website-redirect-location" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "Tagging": { + "shape": "TaggingHeader", + "documentation": "<p>The tag-set for the object. The tag-set must be encoded as URL Query parameters</p>", + "location": "header", + "locationName": "x-amz-tagging" + }, + "ObjectLockMode": { + "shape": "ObjectLockMode", + "documentation": "<p>Specifies the object lock mode that you want to apply to the uploaded object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-mode" + }, + "ObjectLockRetainUntilDate": { + "shape": "ObjectLockRetainUntilDate", + "documentation": "<p>Specifies the date and time when you want the object lock to expire.</p>", + "location": "header", + "locationName": "x-amz-object-lock-retain-until-date" + }, + "ObjectLockLegalHoldStatus": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>Specifies whether you want to apply a Legal Hold to the uploaded object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-legal-hold" + } + } + }, + "CreationDate": { + "type": "timestamp" + }, + "Date": { + "type": "timestamp", + "timestampFormat": "iso8601" + }, + "Days": { + "type": "integer" + }, + "DaysAfterInitiation": { + "type": "integer" + }, + "DefaultRetention": { + "type": "structure", + "members": { + "Mode": { + "shape": "ObjectLockRetentionMode", + "documentation": "<p>The default object lock retention mode you want to apply to new objects placed in the specified bucket.</p>" + }, + "Days": { + "shape": "Days", + "documentation": "<p>The number of days that you want to specify for the default retention period.</p>" + }, + "Years": { + "shape": "Years", + "documentation": "<p>The number of years that you want to specify for the default retention period.</p>" + } + }, + "documentation": "<p>The container element for specifying the default object lock retention settings for new objects placed in the specified bucket.</p>" + }, + "Delete": { + "type": "structure", + "required": [ + "Objects" + ], + "members": { + "Objects": { + "shape": "ObjectIdentifierList", + "documentation": "<p/>", + "locationName": "Object" + }, + "Quiet": { + "shape": "Quiet", + "documentation": "<p>Element to enable quiet mode for the request. When you add this element, you must set its value to true.</p>" + } + }, + "documentation": "<p/>" + }, + "DeleteBucketAnalyticsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket from which an analytics configuration is deleted.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "AnalyticsId", + "documentation": "<p>The ID that identifies the analytics configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "DeleteBucketCorsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketEncryptionRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the server-side encryption configuration to delete.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketInventoryConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the inventory configuration to delete.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "InventoryId", + "documentation": "<p>The ID used to identify the inventory configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "DeleteBucketLifecycleRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketMetricsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the metrics configuration to delete.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "MetricsId", + "documentation": "<p>The ID used to identify the metrics configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "DeleteBucketPolicyRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketReplicationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p> The bucket name. </p> <note> <p>It can take a while to propagate the deletion of a replication configuration to all Amazon S3 systems.</p> </note>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketTaggingRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteBucketWebsiteRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeleteMarker": { + "type": "boolean" + }, + "DeleteMarkerEntry": { + "type": "structure", + "members": { + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The object key.</p>" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version ID of an object.</p>" + }, + "IsLatest": { + "shape": "IsLatest", + "documentation": "<p>Specifies whether the object is (true) or is not (false) the latest version of an object.</p>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Date and time the object was last modified.</p>" + } + }, + "documentation": "<p/>" + }, + "DeleteMarkerReplication": { + "type": "structure", + "members": { + "Status": { + "shape": "DeleteMarkerReplicationStatus", + "documentation": "<p>The status of the delete marker replication.</p> <note> <p> In the current implementation, Amazon S3 doesn't replicate the delete markers. The status must be <code>Disabled</code>. </p> </note>" + } + }, + "documentation": "<p>Specifies whether Amazon S3 should replicate delete makers.</p>" + }, + "DeleteMarkerReplicationStatus": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "DeleteMarkerVersionId": { + "type": "string" + }, + "DeleteMarkers": { + "type": "list", + "member": { + "shape": "DeleteMarkerEntry" + }, + "flattened": true + }, + "DeleteObjectOutput": { + "type": "structure", + "members": { + "DeleteMarker": { + "shape": "DeleteMarker", + "documentation": "<p>Specifies whether the versioned object that was permanently deleted was (true) or was not (false) a delete marker.</p>", + "location": "header", + "locationName": "x-amz-delete-marker" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Returns the version ID of the delete marker created as a result of the DELETE operation.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "DeleteObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "MFA": { + "shape": "MFA", + "documentation": "<p>The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.</p>", + "location": "header", + "locationName": "x-amz-mfa" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId used to reference a specific version of the object.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "BypassGovernanceRetention": { + "shape": "BypassGovernanceRetention", + "documentation": "<p>Indicates whether Amazon S3 object lock should bypass governance-mode restrictions to process this operation.</p>", + "location": "header", + "locationName": "x-amz-bypass-governance-retention" + } + } + }, + "DeleteObjectTaggingOutput": { + "type": "structure", + "members": { + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The versionId of the object the tag-set was removed from.</p>", + "location": "header", + "locationName": "x-amz-version-id" + } + } + }, + "DeleteObjectTaggingRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The versionId of the object that the tag-set will be removed from.</p>", + "location": "querystring", + "locationName": "versionId" + } + } + }, + "DeleteObjectsOutput": { + "type": "structure", + "members": { + "Deleted": { + "shape": "DeletedObjects", + "documentation": "<p/>" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + }, + "Errors": { + "shape": "Errors", + "documentation": "<p/>", + "locationName": "Error" + } + } + }, + "DeleteObjectsRequest": { + "type": "structure", + "required": [ + "Bucket", + "Delete" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Delete": { + "shape": "Delete", + "documentation": "<p/>", + "locationName": "Delete", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "MFA": { + "shape": "MFA", + "documentation": "<p>The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.</p>", + "location": "header", + "locationName": "x-amz-mfa" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "BypassGovernanceRetention": { + "shape": "BypassGovernanceRetention", + "documentation": "<p>Specifies whether you want to delete this object even if it has a Governance-type object lock in place. You must have sufficient permissions to perform this operation.</p>", + "location": "header", + "locationName": "x-amz-bypass-governance-retention" + } + }, + "payload": "Delete" + }, + "DeletePublicAccessBlockRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The Amazon S3 bucket whose <code>PublicAccessBlock</code> configuration you want to delete. </p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "DeletedObject": { + "type": "structure", + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>" + }, + "DeleteMarker": { + "shape": "DeleteMarker", + "documentation": "<p/>" + }, + "DeleteMarkerVersionId": { + "shape": "DeleteMarkerVersionId", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "DeletedObjects": { + "type": "list", + "member": { + "shape": "DeletedObject" + }, + "flattened": true + }, + "Delimiter": { + "type": "string" + }, + "Description": { + "type": "string" + }, + "Destination": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p> The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store replicas of the object identified by the rule.</p> <p>A replication configuration can replicate objects to only one destination bucket. If there are multiple rules in your replication configuration, all rules must specify the same destination bucket.</p>" + }, + "Account": { + "shape": "AccountId", + "documentation": "<p>Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the <code>AccessControlTranslation</code> property, this is the account ID of the destination bucket owner. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html\">Cross-Region Replication Additional Configuration: Change Replica Owner</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p> The storage class to use when replicating objects, such as standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. </p> <p>For valid values, see the <code>StorageClass</code> element of the <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html\">PUT Bucket replication</a> action in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "AccessControlTranslation": { + "shape": "AccessControlTranslation", + "documentation": "<p>Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.</p>" + }, + "EncryptionConfiguration": { + "shape": "EncryptionConfiguration", + "documentation": "<p>A container that provides information about encryption. If <code>SourceSelectionCriteria</code> is specified, you must specify this element.</p>" + } + }, + "documentation": "<p>Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket.</p>" + }, + "DisplayName": { + "type": "string" + }, + "ETag": { + "type": "string" + }, + "EmailAddress": { + "type": "string" + }, + "EnableRequestProgress": { + "type": "boolean" + }, + "EncodingType": { + "type": "string", + "documentation": "<p>Requests Amazon S3 to encode the object keys in the response and specifies the encoding method to use. An object key may contain any Unicode character; however, XML 1.0 parser cannot parse some characters, such as characters with an ASCII value from 0 to 10. For characters that are not supported in XML 1.0, you can add this parameter to request that Amazon S3 encode the keys in the response.</p>", + "enum": [ + "url" + ] + }, + "Encryption": { + "type": "structure", + "required": [ + "EncryptionType" + ], + "members": { + "EncryptionType": { + "shape": "ServerSideEncryption", + "documentation": "<p>The server-side encryption algorithm used when storing job results in Amazon S3 (e.g., AES256, aws:kms).</p>" + }, + "KMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If the encryption type is aws:kms, this optional value specifies the AWS KMS key ID to use for encryption of job results.</p>" + }, + "KMSContext": { + "shape": "KMSContext", + "documentation": "<p>If the encryption type is aws:kms, this optional value can be used to specify the encryption context for the restore results.</p>" + } + }, + "documentation": "<p>Describes the server-side encryption that will be applied to the restore results.</p>" + }, + "EncryptionConfiguration": { + "type": "structure", + "members": { + "ReplicaKmsKeyID": { + "shape": "ReplicaKmsKeyID", + "documentation": "<p>Specifies the AWS KMS Key ID (Key ARN or Alias ARN) for the destination bucket. Amazon S3 uses this key to encrypt replica objects.</p>" + } + }, + "documentation": "<p>Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.</p>" + }, + "EndEvent": { + "type": "structure", + "members": {}, + "documentation": "<p/>", + "event": true + }, + "Error": { + "type": "structure", + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>" + }, + "Code": { + "shape": "Code", + "documentation": "<p/>" + }, + "Message": { + "shape": "Message", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "ErrorDocument": { + "type": "structure", + "required": [ + "Key" + ], + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The object key name to use when a 4XX class error occurs.</p>" + } + }, + "documentation": "<p/>" + }, + "Errors": { + "type": "list", + "member": { + "shape": "Error" + }, + "flattened": true + }, + "Event": { + "type": "string", + "documentation": "<p>The bucket event for which to send notifications.</p>", + "enum": [ + "s3:ReducedRedundancyLostObject", + "s3:ObjectCreated:*", + "s3:ObjectCreated:Put", + "s3:ObjectCreated:Post", + "s3:ObjectCreated:Copy", + "s3:ObjectCreated:CompleteMultipartUpload", + "s3:ObjectRemoved:*", + "s3:ObjectRemoved:Delete", + "s3:ObjectRemoved:DeleteMarkerCreated", + "s3:ObjectRestore:Post", + "s3:ObjectRestore:Completed" + ] + }, + "EventList": { + "type": "list", + "member": { + "shape": "Event" + }, + "flattened": true + }, + "Expiration": { + "type": "string" + }, + "ExpirationStatus": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "ExpiredObjectDeleteMarker": { + "type": "boolean" + }, + "Expires": { + "type": "timestamp" + }, + "ExposeHeader": { + "type": "string" + }, + "ExposeHeaders": { + "type": "list", + "member": { + "shape": "ExposeHeader" + }, + "flattened": true + }, + "Expression": { + "type": "string" + }, + "ExpressionType": { + "type": "string", + "enum": [ + "SQL" + ] + }, + "FetchOwner": { + "type": "boolean" + }, + "FieldDelimiter": { + "type": "string" + }, + "FileHeaderInfo": { + "type": "string", + "enum": [ + "USE", + "IGNORE", + "NONE" + ] + }, + "FilterRule": { + "type": "structure", + "members": { + "Name": { + "shape": "FilterRuleName", + "documentation": "<p>The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html\">Configuring Event Notifications</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "Value": { + "shape": "FilterRuleValue", + "documentation": "<p>The value that the filter searches for in object key names.</p>" + } + }, + "documentation": "<p>Specifies the Amazon S3 object key name to filter on and whether to filter on the suffix or prefix of the key name.</p>" + }, + "FilterRuleList": { + "type": "list", + "member": { + "shape": "FilterRule" + }, + "documentation": "<p>A list of containers for the key value pair that defines the criteria for the filter rule.</p>", + "flattened": true + }, + "FilterRuleName": { + "type": "string", + "enum": [ + "prefix", + "suffix" + ] + }, + "FilterRuleValue": { + "type": "string" + }, + "GetBucketAccelerateConfigurationOutput": { + "type": "structure", + "members": { + "Status": { + "shape": "BucketAccelerateStatus", + "documentation": "<p>The accelerate configuration of the bucket.</p>" + } + } + }, + "GetBucketAccelerateConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket for which the accelerate configuration is retrieved.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketAclOutput": { + "type": "structure", + "members": { + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + }, + "Grants": { + "shape": "Grants", + "documentation": "<p>A list of grants.</p>", + "locationName": "AccessControlList" + } + } + }, + "GetBucketAclRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketAnalyticsConfigurationOutput": { + "type": "structure", + "members": { + "AnalyticsConfiguration": { + "shape": "AnalyticsConfiguration", + "documentation": "<p>The configuration and any analyses for the analytics filter.</p>" + } + }, + "payload": "AnalyticsConfiguration" + }, + "GetBucketAnalyticsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket from which an analytics configuration is retrieved.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "AnalyticsId", + "documentation": "<p>The ID that identifies the analytics configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "GetBucketCorsOutput": { + "type": "structure", + "members": { + "CORSRules": { + "shape": "CORSRules", + "documentation": "<p/>", + "locationName": "CORSRule" + } + } + }, + "GetBucketCorsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketEncryptionOutput": { + "type": "structure", + "members": { + "ServerSideEncryptionConfiguration": { + "shape": "ServerSideEncryptionConfiguration", + "documentation": "<p/>" + } + }, + "payload": "ServerSideEncryptionConfiguration" + }, + "GetBucketEncryptionRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket from which the server-side encryption configuration is retrieved.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketInventoryConfigurationOutput": { + "type": "structure", + "members": { + "InventoryConfiguration": { + "shape": "InventoryConfiguration", + "documentation": "<p>Specifies the inventory configuration.</p>" + } + }, + "payload": "InventoryConfiguration" + }, + "GetBucketInventoryConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the inventory configuration to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "InventoryId", + "documentation": "<p>The ID used to identify the inventory configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "GetBucketLifecycleConfigurationOutput": { + "type": "structure", + "members": { + "Rules": { + "shape": "LifecycleRules", + "documentation": "<p/>", + "locationName": "Rule" + } + } + }, + "GetBucketLifecycleConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketLifecycleOutput": { + "type": "structure", + "members": { + "Rules": { + "shape": "Rules", + "documentation": "<p/>", + "locationName": "Rule" + } + } + }, + "GetBucketLifecycleRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketLocationOutput": { + "type": "structure", + "members": { + "LocationConstraint": { + "shape": "BucketLocationConstraint", + "documentation": "<p/>" + } + } + }, + "GetBucketLocationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketLoggingOutput": { + "type": "structure", + "members": { + "LoggingEnabled": { + "shape": "LoggingEnabled", + "documentation": "<p/>" + } + } + }, + "GetBucketLoggingRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketMetricsConfigurationOutput": { + "type": "structure", + "members": { + "MetricsConfiguration": { + "shape": "MetricsConfiguration", + "documentation": "<p>Specifies the metrics configuration.</p>" + } + }, + "payload": "MetricsConfiguration" + }, + "GetBucketMetricsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the metrics configuration to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "MetricsId", + "documentation": "<p>The ID used to identify the metrics configuration.</p>", + "location": "querystring", + "locationName": "id" + } + } + }, + "GetBucketNotificationConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to get the notification configuration for.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketPolicyOutput": { + "type": "structure", + "members": { + "Policy": { + "shape": "Policy", + "documentation": "<p>The bucket policy as a JSON document.</p>" + } + }, + "payload": "Policy" + }, + "GetBucketPolicyRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketPolicyStatusOutput": { + "type": "structure", + "members": { + "PolicyStatus": { + "shape": "PolicyStatus", + "documentation": "<p>The policy status for the specified bucket.</p>" + } + }, + "payload": "PolicyStatus" + }, + "GetBucketPolicyStatusRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the Amazon S3 bucket whose policy status you want to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketReplicationOutput": { + "type": "structure", + "members": { + "ReplicationConfiguration": { + "shape": "ReplicationConfiguration", + "documentation": "<p/>" + } + }, + "payload": "ReplicationConfiguration" + }, + "GetBucketReplicationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketRequestPaymentOutput": { + "type": "structure", + "members": { + "Payer": { + "shape": "Payer", + "documentation": "<p>Specifies who pays for the download and request fees.</p>" + } + } + }, + "GetBucketRequestPaymentRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketTaggingOutput": { + "type": "structure", + "required": [ + "TagSet" + ], + "members": { + "TagSet": { + "shape": "TagSet", + "documentation": "<p/>" + } + } + }, + "GetBucketTaggingRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketVersioningOutput": { + "type": "structure", + "members": { + "Status": { + "shape": "BucketVersioningStatus", + "documentation": "<p>The versioning state of the bucket.</p>" + }, + "MFADelete": { + "shape": "MFADeleteStatus", + "documentation": "<p>Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is only returned if the bucket has been configured with MFA delete. If the bucket has never been so configured, this element is not returned.</p>", + "locationName": "MfaDelete" + } + } + }, + "GetBucketVersioningRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetBucketWebsiteOutput": { + "type": "structure", + "members": { + "RedirectAllRequestsTo": { + "shape": "RedirectAllRequestsTo", + "documentation": "<p/>" + }, + "IndexDocument": { + "shape": "IndexDocument", + "documentation": "<p/>" + }, + "ErrorDocument": { + "shape": "ErrorDocument", + "documentation": "<p/>" + }, + "RoutingRules": { + "shape": "RoutingRules", + "documentation": "<p/>" + } + } + }, + "GetBucketWebsiteRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetObjectAclOutput": { + "type": "structure", + "members": { + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + }, + "Grants": { + "shape": "Grants", + "documentation": "<p>A list of grants.</p>", + "locationName": "AccessControlList" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "GetObjectAclRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId used to reference a specific version of the object.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "GetObjectLegalHoldOutput": { + "type": "structure", + "members": { + "LegalHold": { + "shape": "ObjectLockLegalHold", + "documentation": "<p>The current Legal Hold status for the specified object.</p>" + } + }, + "payload": "LegalHold" + }, + "GetObjectLegalHoldRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket containing the object whose Legal Hold status you want to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The key name for the object whose Legal Hold status you want to retrieve.</p>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The version ID of the object whose Legal Hold status you want to retrieve.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "GetObjectLockConfigurationOutput": { + "type": "structure", + "members": { + "ObjectLockConfiguration": { + "shape": "ObjectLockConfiguration", + "documentation": "<p>The specified bucket's object lock configuration.</p>" + } + }, + "payload": "ObjectLockConfiguration" + }, + "GetObjectLockConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket whose object lock configuration you want to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GetObjectOutput": { + "type": "structure", + "members": { + "Body": { + "shape": "Body", + "documentation": "<p>Object data.</p>", + "streaming": true + }, + "DeleteMarker": { + "shape": "DeleteMarker", + "documentation": "<p>Specifies whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response.</p>", + "location": "header", + "locationName": "x-amz-delete-marker" + }, + "AcceptRanges": { + "shape": "AcceptRanges", + "documentation": "<p/>", + "location": "header", + "locationName": "accept-ranges" + }, + "Expiration": { + "shape": "Expiration", + "documentation": "<p>If the object expiration is configured (see PUT Bucket lifecycle), the response includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.</p>", + "location": "header", + "locationName": "x-amz-expiration" + }, + "Restore": { + "shape": "Restore", + "documentation": "<p>Provides information about object restoration operation and expiration time of the restored object copy.</p>", + "location": "header", + "locationName": "x-amz-restore" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Last modified date of the object</p>", + "location": "header", + "locationName": "Last-Modified" + }, + "ContentLength": { + "shape": "ContentLength", + "documentation": "<p>Size of the body in bytes.</p>", + "location": "header", + "locationName": "Content-Length" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>An ETag is an opaque identifier assigned by a web server to a specific version of a resource found at a URL</p>", + "location": "header", + "locationName": "ETag" + }, + "MissingMeta": { + "shape": "MissingMeta", + "documentation": "<p>This is set to the number of metadata entries not returned in x-amz-meta headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers.</p>", + "location": "header", + "locationName": "x-amz-missing-meta" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version of the object.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "CacheControl": { + "shape": "CacheControl", + "documentation": "<p>Specifies caching behavior along the request/reply chain.</p>", + "location": "header", + "locationName": "Cache-Control" + }, + "ContentDisposition": { + "shape": "ContentDisposition", + "documentation": "<p>Specifies presentational information for the object.</p>", + "location": "header", + "locationName": "Content-Disposition" + }, + "ContentEncoding": { + "shape": "ContentEncoding", + "documentation": "<p>Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.</p>", + "location": "header", + "locationName": "Content-Encoding" + }, + "ContentLanguage": { + "shape": "ContentLanguage", + "documentation": "<p>The language the content is in.</p>", + "location": "header", + "locationName": "Content-Language" + }, + "ContentRange": { + "shape": "ContentRange", + "documentation": "<p>The portion of the object returned in the response.</p>", + "location": "header", + "locationName": "Content-Range" + }, + "ContentType": { + "shape": "ContentType", + "documentation": "<p>A standard MIME type describing the format of the object data.</p>", + "location": "header", + "locationName": "Content-Type" + }, + "Expires": { + "shape": "Expires", + "documentation": "<p>The date and time at which the object is no longer cacheable.</p>", + "location": "header", + "locationName": "Expires" + }, + "WebsiteRedirectLocation": { + "shape": "WebsiteRedirectLocation", + "documentation": "<p>If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.</p>", + "location": "header", + "locationName": "x-amz-website-redirect-location" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "Metadata": { + "shape": "Metadata", + "documentation": "<p>A map of metadata to store with the object in S3.</p>", + "location": "headers", + "locationName": "x-amz-meta-" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-storage-class" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + }, + "ReplicationStatus": { + "shape": "ReplicationStatus", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-replication-status" + }, + "PartsCount": { + "shape": "PartsCount", + "documentation": "<p>The count of parts this object has.</p>", + "location": "header", + "locationName": "x-amz-mp-parts-count" + }, + "TagCount": { + "shape": "TagCount", + "documentation": "<p>The number of tags, if any, on the object.</p>", + "location": "header", + "locationName": "x-amz-tagging-count" + }, + "ObjectLockMode": { + "shape": "ObjectLockMode", + "documentation": "<p>The object lock mode currently in place for this object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-mode" + }, + "ObjectLockRetainUntilDate": { + "shape": "ObjectLockRetainUntilDate", + "documentation": "<p>The date and time when this object's object lock will expire.</p>", + "location": "header", + "locationName": "x-amz-object-lock-retain-until-date" + }, + "ObjectLockLegalHoldStatus": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>Indicates whether this object has an active legal hold. This field is only returned if you have permission to view an object's legal hold status.</p>", + "location": "header", + "locationName": "x-amz-object-lock-legal-hold" + } + }, + "payload": "Body" + }, + "GetObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "IfMatch": { + "shape": "IfMatch", + "documentation": "<p>Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed).</p>", + "location": "header", + "locationName": "If-Match" + }, + "IfModifiedSince": { + "shape": "IfModifiedSince", + "documentation": "<p>Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified).</p>", + "location": "header", + "locationName": "If-Modified-Since" + }, + "IfNoneMatch": { + "shape": "IfNoneMatch", + "documentation": "<p>Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified).</p>", + "location": "header", + "locationName": "If-None-Match" + }, + "IfUnmodifiedSince": { + "shape": "IfUnmodifiedSince", + "documentation": "<p>Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed).</p>", + "location": "header", + "locationName": "If-Unmodified-Since" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "Range": { + "shape": "Range", + "documentation": "<p>Downloads the specified range bytes of an object. For more information about the HTTP Range header, go to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.</p>", + "location": "header", + "locationName": "Range" + }, + "ResponseCacheControl": { + "shape": "ResponseCacheControl", + "documentation": "<p>Sets the Cache-Control header of the response.</p>", + "location": "querystring", + "locationName": "response-cache-control" + }, + "ResponseContentDisposition": { + "shape": "ResponseContentDisposition", + "documentation": "<p>Sets the Content-Disposition header of the response</p>", + "location": "querystring", + "locationName": "response-content-disposition" + }, + "ResponseContentEncoding": { + "shape": "ResponseContentEncoding", + "documentation": "<p>Sets the Content-Encoding header of the response.</p>", + "location": "querystring", + "locationName": "response-content-encoding" + }, + "ResponseContentLanguage": { + "shape": "ResponseContentLanguage", + "documentation": "<p>Sets the Content-Language header of the response.</p>", + "location": "querystring", + "locationName": "response-content-language" + }, + "ResponseContentType": { + "shape": "ResponseContentType", + "documentation": "<p>Sets the Content-Type header of the response.</p>", + "location": "querystring", + "locationName": "response-content-type" + }, + "ResponseExpires": { + "shape": "ResponseExpires", + "documentation": "<p>Sets the Expires header of the response.</p>", + "location": "querystring", + "locationName": "response-expires" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId used to reference a specific version of the object.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' GET request for the part specified. Useful for downloading just a part of an object.</p>", + "location": "querystring", + "locationName": "partNumber" + } + } + }, + "GetObjectRetentionOutput": { + "type": "structure", + "members": { + "Retention": { + "shape": "ObjectLockRetention", + "documentation": "<p>The container element for an object's retention settings.</p>" + } + }, + "payload": "Retention" + }, + "GetObjectRetentionRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket containing the object whose retention settings you want to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The key name for the object whose retention settings you want to retrieve.</p>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The version ID for the object whose retention settings you want to retrieve.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "GetObjectTaggingOutput": { + "type": "structure", + "required": [ + "TagSet" + ], + "members": { + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "TagSet": { + "shape": "TagSet", + "documentation": "<p/>" + } + } + }, + "GetObjectTaggingRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>", + "location": "querystring", + "locationName": "versionId" + } + } + }, + "GetObjectTorrentOutput": { + "type": "structure", + "members": { + "Body": { + "shape": "Body", + "documentation": "<p/>", + "streaming": true + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + }, + "payload": "Body" + }, + "GetObjectTorrentRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "GetPublicAccessBlockOutput": { + "type": "structure", + "members": { + "PublicAccessBlockConfiguration": { + "shape": "PublicAccessBlockConfiguration", + "documentation": "<p>The <code>PublicAccessBlock</code> configuration currently in effect for this Amazon S3 bucket.</p>" + } + }, + "payload": "PublicAccessBlockConfiguration" + }, + "GetPublicAccessBlockRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the Amazon S3 bucket whose <code>PublicAccessBlock</code> configuration you want to retrieve. </p>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "GlacierJobParameters": { + "type": "structure", + "required": [ + "Tier" + ], + "members": { + "Tier": { + "shape": "Tier", + "documentation": "<p>Glacier retrieval tier at which the restore will be processed.</p>" + } + }, + "documentation": "<p/>" + }, + "Grant": { + "type": "structure", + "members": { + "Grantee": { + "shape": "Grantee", + "documentation": "<p/>" + }, + "Permission": { + "shape": "Permission", + "documentation": "<p>Specifies the permission given to the grantee.</p>" + } + }, + "documentation": "<p/>" + }, + "GrantFullControl": { + "type": "string" + }, + "GrantRead": { + "type": "string" + }, + "GrantReadACP": { + "type": "string" + }, + "GrantWrite": { + "type": "string" + }, + "GrantWriteACP": { + "type": "string" + }, + "Grantee": { + "type": "structure", + "required": [ + "Type" + ], + "members": { + "DisplayName": { + "shape": "DisplayName", + "documentation": "<p>Screen name of the grantee.</p>" + }, + "EmailAddress": { + "shape": "EmailAddress", + "documentation": "<p>Email address of the grantee.</p>" + }, + "ID": { + "shape": "ID", + "documentation": "<p>The canonical user ID of the grantee.</p>" + }, + "Type": { + "shape": "Type", + "documentation": "<p>Type of grantee</p>", + "locationName": "xsi:type", + "xmlAttribute": true + }, + "URI": { + "shape": "URI", + "documentation": "<p>URI of the grantee group.</p>" + } + }, + "documentation": "<p/>", + "xmlNamespace": { + "prefix": "xsi", + "uri": "http://www.w3.org/2001/XMLSchema-instance" + } + }, + "Grants": { + "type": "list", + "member": { + "shape": "Grant", + "locationName": "Grant" + } + }, + "HeadBucketRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + } + } + }, + "HeadObjectOutput": { + "type": "structure", + "members": { + "DeleteMarker": { + "shape": "DeleteMarker", + "documentation": "<p>Specifies whether the object retrieved was (true) or was not (false) a Delete Marker. If false, this response header does not appear in the response.</p>", + "location": "header", + "locationName": "x-amz-delete-marker" + }, + "AcceptRanges": { + "shape": "AcceptRanges", + "documentation": "<p/>", + "location": "header", + "locationName": "accept-ranges" + }, + "Expiration": { + "shape": "Expiration", + "documentation": "<p>If the object expiration is configured (see PUT Bucket lifecycle), the response includes this header. It includes the expiry-date and rule-id key value pairs providing object expiration information. The value of the rule-id is URL encoded.</p>", + "location": "header", + "locationName": "x-amz-expiration" + }, + "Restore": { + "shape": "Restore", + "documentation": "<p>Provides information about object restoration operation and expiration time of the restored object copy.</p>", + "location": "header", + "locationName": "x-amz-restore" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Last modified date of the object</p>", + "location": "header", + "locationName": "Last-Modified" + }, + "ContentLength": { + "shape": "ContentLength", + "documentation": "<p>Size of the body in bytes.</p>", + "location": "header", + "locationName": "Content-Length" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>An ETag is an opaque identifier assigned by a web server to a specific version of a resource found at a URL</p>", + "location": "header", + "locationName": "ETag" + }, + "MissingMeta": { + "shape": "MissingMeta", + "documentation": "<p>This is set to the number of metadata entries not returned in x-amz-meta headers. This can happen if you create metadata using an API like SOAP that supports more flexible metadata than the REST API. For example, using SOAP, you can create metadata whose values are not legal HTTP headers.</p>", + "location": "header", + "locationName": "x-amz-missing-meta" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version of the object.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "CacheControl": { + "shape": "CacheControl", + "documentation": "<p>Specifies caching behavior along the request/reply chain.</p>", + "location": "header", + "locationName": "Cache-Control" + }, + "ContentDisposition": { + "shape": "ContentDisposition", + "documentation": "<p>Specifies presentational information for the object.</p>", + "location": "header", + "locationName": "Content-Disposition" + }, + "ContentEncoding": { + "shape": "ContentEncoding", + "documentation": "<p>Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.</p>", + "location": "header", + "locationName": "Content-Encoding" + }, + "ContentLanguage": { + "shape": "ContentLanguage", + "documentation": "<p>The language the content is in.</p>", + "location": "header", + "locationName": "Content-Language" + }, + "ContentType": { + "shape": "ContentType", + "documentation": "<p>A standard MIME type describing the format of the object data.</p>", + "location": "header", + "locationName": "Content-Type" + }, + "Expires": { + "shape": "Expires", + "documentation": "<p>The date and time at which the object is no longer cacheable.</p>", + "location": "header", + "locationName": "Expires" + }, + "WebsiteRedirectLocation": { + "shape": "WebsiteRedirectLocation", + "documentation": "<p>If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.</p>", + "location": "header", + "locationName": "x-amz-website-redirect-location" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "Metadata": { + "shape": "Metadata", + "documentation": "<p>A map of metadata to store with the object in S3.</p>", + "location": "headers", + "locationName": "x-amz-meta-" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-storage-class" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + }, + "ReplicationStatus": { + "shape": "ReplicationStatus", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-replication-status" + }, + "PartsCount": { + "shape": "PartsCount", + "documentation": "<p>The count of parts this object has.</p>", + "location": "header", + "locationName": "x-amz-mp-parts-count" + }, + "ObjectLockMode": { + "shape": "ObjectLockMode", + "documentation": "<p>The object lock mode currently in place for this object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-mode" + }, + "ObjectLockRetainUntilDate": { + "shape": "ObjectLockRetainUntilDate", + "documentation": "<p>The date and time when this object's object lock expires.</p>", + "location": "header", + "locationName": "x-amz-object-lock-retain-until-date" + }, + "ObjectLockLegalHoldStatus": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>The Legal Hold status for the specified object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-legal-hold" + } + } + }, + "HeadObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "IfMatch": { + "shape": "IfMatch", + "documentation": "<p>Return the object only if its entity tag (ETag) is the same as the one specified, otherwise return a 412 (precondition failed).</p>", + "location": "header", + "locationName": "If-Match" + }, + "IfModifiedSince": { + "shape": "IfModifiedSince", + "documentation": "<p>Return the object only if it has been modified since the specified time, otherwise return a 304 (not modified).</p>", + "location": "header", + "locationName": "If-Modified-Since" + }, + "IfNoneMatch": { + "shape": "IfNoneMatch", + "documentation": "<p>Return the object only if its entity tag (ETag) is different from the one specified, otherwise return a 304 (not modified).</p>", + "location": "header", + "locationName": "If-None-Match" + }, + "IfUnmodifiedSince": { + "shape": "IfUnmodifiedSince", + "documentation": "<p>Return the object only if it has not been modified since the specified time, otherwise return a 412 (precondition failed).</p>", + "location": "header", + "locationName": "If-Unmodified-Since" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "Range": { + "shape": "Range", + "documentation": "<p>Downloads the specified range bytes of an object. For more information about the HTTP Range header, go to http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.</p>", + "location": "header", + "locationName": "Range" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId used to reference a specific version of the object.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number of the object being read. This is a positive integer between 1 and 10,000. Effectively performs a 'ranged' HEAD request for the part specified. Useful querying about the size of the part and the number of parts in this object.</p>", + "location": "querystring", + "locationName": "partNumber" + } + } + }, + "HostName": { + "type": "string" + }, + "HttpErrorCodeReturnedEquals": { + "type": "string" + }, + "HttpRedirectCode": { + "type": "string" + }, + "ID": { + "type": "string" + }, + "IfMatch": { + "type": "string" + }, + "IfModifiedSince": { + "type": "timestamp" + }, + "IfNoneMatch": { + "type": "string" + }, + "IfUnmodifiedSince": { + "type": "timestamp" + }, + "IndexDocument": { + "type": "structure", + "required": [ + "Suffix" + ], + "members": { + "Suffix": { + "shape": "Suffix", + "documentation": "<p>A suffix that is appended to a request that is for a directory on the website endpoint (e.g. if the suffix is index.html and you make a request to samplebucket/images/ the data that is returned will be for the object with the key name images/index.html) The suffix must not be empty and must not include a slash character.</p>" + } + }, + "documentation": "<p/>" + }, + "Initiated": { + "type": "timestamp" + }, + "Initiator": { + "type": "structure", + "members": { + "ID": { + "shape": "ID", + "documentation": "<p>If the principal is an AWS account, it provides the Canonical User ID. If the principal is an IAM User, it provides a user ARN value.</p>" + }, + "DisplayName": { + "shape": "DisplayName", + "documentation": "<p>Name of the Principal.</p>" + } + }, + "documentation": "<p/>" + }, + "InputSerialization": { + "type": "structure", + "members": { + "CSV": { + "shape": "CSVInput", + "documentation": "<p>Describes the serialization of a CSV-encoded object.</p>" + }, + "CompressionType": { + "shape": "CompressionType", + "documentation": "<p>Specifies object's compression format. Valid values: NONE, GZIP, BZIP2. Default Value: NONE.</p>" + }, + "JSON": { + "shape": "JSONInput", + "documentation": "<p>Specifies JSON as object's input serialization format.</p>" + }, + "Parquet": { + "shape": "ParquetInput", + "documentation": "<p>Specifies Parquet as object's input serialization format.</p>" + } + }, + "documentation": "<p>Describes the serialization format of the object.</p>" + }, + "InventoryConfiguration": { + "type": "structure", + "required": [ + "Destination", + "IsEnabled", + "Id", + "IncludedObjectVersions", + "Schedule" + ], + "members": { + "Destination": { + "shape": "InventoryDestination", + "documentation": "<p>Contains information about where to publish the inventory results.</p>" + }, + "IsEnabled": { + "shape": "IsEnabled", + "documentation": "<p>Specifies whether the inventory is enabled or disabled. If set to <code>True</code>, an inventory list is generated. If set to <code>False</code>, no inventory list is generated.</p>" + }, + "Filter": { + "shape": "InventoryFilter", + "documentation": "<p>Specifies an inventory filter. The inventory only includes objects that meet the filter's criteria.</p>" + }, + "Id": { + "shape": "InventoryId", + "documentation": "<p>The ID used to identify the inventory configuration.</p>" + }, + "IncludedObjectVersions": { + "shape": "InventoryIncludedObjectVersions", + "documentation": "<p>Object versions to include in the inventory list. If set to <code>All</code>, the list includes all the object versions, which adds the version-related fields <code>VersionId</code>, <code>IsLatest</code>, and <code>DeleteMarker</code> to the list. If set to <code>Current</code>, the list does not contain these version-related fields.</p>" + }, + "OptionalFields": { + "shape": "InventoryOptionalFields", + "documentation": "<p>Contains the optional fields that are included in the inventory results.</p>" + }, + "Schedule": { + "shape": "InventorySchedule", + "documentation": "<p>Specifies the schedule for generating inventory results.</p>" + } + }, + "documentation": "<p>Specifies the inventory configuration for an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html\">GET Bucket inventory</a> in the <i>Amazon Simple Storage Service API Reference</i>. </p>" + }, + "InventoryConfigurationList": { + "type": "list", + "member": { + "shape": "InventoryConfiguration" + }, + "flattened": true + }, + "InventoryDestination": { + "type": "structure", + "required": [ + "S3BucketDestination" + ], + "members": { + "S3BucketDestination": { + "shape": "InventoryS3BucketDestination", + "documentation": "<p>Contains the bucket name, file format, bucket owner (optional), and prefix (optional) where inventory results are published.</p>" + } + }, + "documentation": "<p/>" + }, + "InventoryEncryption": { + "type": "structure", + "members": { + "SSES3": { + "shape": "SSES3", + "documentation": "<p>Specifies the use of SSE-S3 to encrypt delivered Inventory reports.</p>", + "locationName": "SSE-S3" + }, + "SSEKMS": { + "shape": "SSEKMS", + "documentation": "<p>Specifies the use of SSE-KMS to encrypt delivered Inventory reports.</p>", + "locationName": "SSE-KMS" + } + }, + "documentation": "<p>Contains the type of server-side encryption used to encrypt the inventory results.</p>" + }, + "InventoryFilter": { + "type": "structure", + "required": [ + "Prefix" + ], + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix that an object must have to be included in the inventory results.</p>" + } + }, + "documentation": "<p/>" + }, + "InventoryFormat": { + "type": "string", + "enum": [ + "CSV", + "ORC", + "Parquet" + ] + }, + "InventoryFrequency": { + "type": "string", + "enum": [ + "Daily", + "Weekly" + ] + }, + "InventoryId": { + "type": "string" + }, + "InventoryIncludedObjectVersions": { + "type": "string", + "enum": [ + "All", + "Current" + ] + }, + "InventoryOptionalField": { + "type": "string", + "enum": [ + "Size", + "LastModifiedDate", + "StorageClass", + "ETag", + "IsMultipartUploaded", + "ReplicationStatus", + "EncryptionStatus", + "ObjectLockRetainUntilDate", + "ObjectLockMode", + "ObjectLockLegalHoldStatus" + ] + }, + "InventoryOptionalFields": { + "type": "list", + "member": { + "shape": "InventoryOptionalField", + "locationName": "Field" + } + }, + "InventoryS3BucketDestination": { + "type": "structure", + "required": [ + "Bucket", + "Format" + ], + "members": { + "AccountId": { + "shape": "AccountId", + "documentation": "<p>The ID of the account that owns the destination bucket.</p>" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The Amazon resource name (ARN) of the bucket where inventory results will be published.</p>" + }, + "Format": { + "shape": "InventoryFormat", + "documentation": "<p>Specifies the output format of the inventory results.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix that is prepended to all inventory results.</p>" + }, + "Encryption": { + "shape": "InventoryEncryption", + "documentation": "<p>Contains the type of server-side encryption used to encrypt the inventory results.</p>" + } + }, + "documentation": "<p/>" + }, + "InventorySchedule": { + "type": "structure", + "required": [ + "Frequency" + ], + "members": { + "Frequency": { + "shape": "InventoryFrequency", + "documentation": "<p>Specifies how frequently inventory results are produced.</p>" + } + }, + "documentation": "<p/>" + }, + "IsEnabled": { + "type": "boolean" + }, + "IsLatest": { + "type": "boolean" + }, + "IsPublic": { + "type": "boolean" + }, + "IsTruncated": { + "type": "boolean" + }, + "JSONInput": { + "type": "structure", + "members": { + "Type": { + "shape": "JSONType", + "documentation": "<p>The type of JSON. Valid values: Document, Lines.</p>" + } + }, + "documentation": "<p/>" + }, + "JSONOutput": { + "type": "structure", + "members": { + "RecordDelimiter": { + "shape": "RecordDelimiter", + "documentation": "<p>The value used to separate individual records in the output.</p>" + } + }, + "documentation": "<p/>" + }, + "JSONType": { + "type": "string", + "enum": [ + "DOCUMENT", + "LINES" + ] + }, + "KMSContext": { + "type": "string" + }, + "KeyCount": { + "type": "integer" + }, + "KeyMarker": { + "type": "string" + }, + "KeyPrefixEquals": { + "type": "string" + }, + "LambdaFunctionArn": { + "type": "string" + }, + "LambdaFunctionConfiguration": { + "type": "structure", + "required": [ + "LambdaFunctionArn", + "Events" + ], + "members": { + "Id": { + "shape": "NotificationId" + }, + "LambdaFunctionArn": { + "shape": "LambdaFunctionArn", + "documentation": "<p>The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.</p>", + "locationName": "CloudFunction" + }, + "Events": { + "shape": "EventList", + "documentation": "<p>The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html\">Supported Event Types</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>", + "locationName": "Event" + }, + "Filter": { + "shape": "NotificationConfigurationFilter", + "documentation": "<p/>" + } + }, + "documentation": "<p>A container for specifying the configuration for AWS Lambda notifications.</p>" + }, + "LambdaFunctionConfigurationList": { + "type": "list", + "member": { + "shape": "LambdaFunctionConfiguration" + }, + "flattened": true + }, + "LastModified": { + "type": "timestamp" + }, + "LifecycleConfiguration": { + "type": "structure", + "required": [ + "Rules" + ], + "members": { + "Rules": { + "shape": "Rules", + "documentation": "<p/>", + "locationName": "Rule" + } + }, + "documentation": "<p/>" + }, + "LifecycleExpiration": { + "type": "structure", + "members": { + "Date": { + "shape": "Date", + "documentation": "<p>Indicates at what date the object is to be moved or deleted. Should be in GMT ISO 8601 Format.</p>" + }, + "Days": { + "shape": "Days", + "documentation": "<p>Indicates the lifetime, in days, of the objects that are subject to the rule. The value must be a non-zero positive integer.</p>" + }, + "ExpiredObjectDeleteMarker": { + "shape": "ExpiredObjectDeleteMarker", + "documentation": "<p>Indicates whether Amazon S3 will remove a delete marker with no noncurrent versions. If set to true, the delete marker will be expired; if set to false the policy takes no action. This cannot be specified with Days or Date in a Lifecycle Expiration Policy.</p>" + } + }, + "documentation": "<p/>" + }, + "LifecycleRule": { + "type": "structure", + "required": [ + "Status" + ], + "members": { + "Expiration": { + "shape": "LifecycleExpiration", + "documentation": "<p/>" + }, + "ID": { + "shape": "ID", + "documentation": "<p>Unique identifier for the rule. The value cannot be longer than 255 characters.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Prefix identifying one or more objects to which the rule applies. This is No longer used; use Filter instead.</p>", + "deprecated": true + }, + "Filter": { + "shape": "LifecycleRuleFilter", + "documentation": "<p/>" + }, + "Status": { + "shape": "ExpirationStatus", + "documentation": "<p>If 'Enabled', the rule is currently being applied. If 'Disabled', the rule is not currently being applied.</p>" + }, + "Transitions": { + "shape": "TransitionList", + "documentation": "<p/>", + "locationName": "Transition" + }, + "NoncurrentVersionTransitions": { + "shape": "NoncurrentVersionTransitionList", + "documentation": "<p/>", + "locationName": "NoncurrentVersionTransition" + }, + "NoncurrentVersionExpiration": { + "shape": "NoncurrentVersionExpiration", + "documentation": "<p/>" + }, + "AbortIncompleteMultipartUpload": { + "shape": "AbortIncompleteMultipartUpload", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "LifecycleRuleAndOperator": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p/>" + }, + "Tags": { + "shape": "TagSet", + "documentation": "<p>All of these tags must exist in the object's tag set in order for the rule to apply.</p>", + "flattened": true, + "locationName": "Tag" + } + }, + "documentation": "<p>This is used in a Lifecycle Rule Filter to apply a logical AND to two or more predicates. The Lifecycle Rule will apply to any object matching all of the predicates configured inside the And operator.</p>" + }, + "LifecycleRuleFilter": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Prefix identifying one or more objects to which the rule applies.</p>" + }, + "Tag": { + "shape": "Tag", + "documentation": "<p>This tag must exist in the object's tag set in order for the rule to apply.</p>" + }, + "And": { + "shape": "LifecycleRuleAndOperator", + "documentation": "<p/>" + } + }, + "documentation": "<p>The Filter is used to identify objects that a Lifecycle Rule applies to. A Filter must have exactly one of Prefix, Tag, or And specified.</p>" + }, + "LifecycleRules": { + "type": "list", + "member": { + "shape": "LifecycleRule" + }, + "flattened": true + }, + "ListBucketAnalyticsConfigurationsOutput": { + "type": "structure", + "members": { + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>Indicates whether the returned list of analytics configurations is complete. A value of true indicates that the list is not complete and the NextContinuationToken will be provided for a subsequent request.</p>" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>The ContinuationToken that represents where this request began.</p>" + }, + "NextContinuationToken": { + "shape": "NextToken", + "documentation": "<p>NextContinuationToken is sent when isTruncated is true, which indicates that there are more analytics configurations to list. The next request must include this NextContinuationToken. The token is obfuscated and is not a usable value.</p>" + }, + "AnalyticsConfigurationList": { + "shape": "AnalyticsConfigurationList", + "documentation": "<p>The list of analytics configurations for a bucket.</p>", + "locationName": "AnalyticsConfiguration" + } + } + }, + "ListBucketAnalyticsConfigurationsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket from which analytics configurations are retrieved.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>The ContinuationToken that represents a placeholder from where this request should begin.</p>", + "location": "querystring", + "locationName": "continuation-token" + } + } + }, + "ListBucketInventoryConfigurationsOutput": { + "type": "structure", + "members": { + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>If sent in the request, the marker that is used as a starting point for this inventory configuration list response.</p>" + }, + "InventoryConfigurationList": { + "shape": "InventoryConfigurationList", + "documentation": "<p>The list of inventory configurations for a bucket.</p>", + "locationName": "InventoryConfiguration" + }, + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>Indicates whether the returned list of inventory configurations is truncated in this response. A value of true indicates that the list is truncated.</p>" + }, + "NextContinuationToken": { + "shape": "NextToken", + "documentation": "<p>The marker used to continue this inventory configuration listing. Use the NextContinuationToken from this response to continue the listing in a subsequent request. The continuation token is an opaque value that Amazon S3 understands.</p>" + } + } + }, + "ListBucketInventoryConfigurationsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the inventory configurations to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>The marker used to continue an inventory configuration listing that has been truncated. Use the NextContinuationToken from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands.</p>", + "location": "querystring", + "locationName": "continuation-token" + } + } + }, + "ListBucketMetricsConfigurationsOutput": { + "type": "structure", + "members": { + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>Indicates whether the returned list of metrics configurations is complete. A value of true indicates that the list is not complete and the NextContinuationToken will be provided for a subsequent request.</p>" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>The marker that is used as a starting point for this metrics configuration list response. This value is present if it was sent in the request.</p>" + }, + "NextContinuationToken": { + "shape": "NextToken", + "documentation": "<p>The marker used to continue a metrics configuration listing that has been truncated. Use the NextContinuationToken from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands.</p>" + }, + "MetricsConfigurationList": { + "shape": "MetricsConfigurationList", + "documentation": "<p>The list of metrics configurations for a bucket.</p>", + "locationName": "MetricsConfiguration" + } + } + }, + "ListBucketMetricsConfigurationsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket containing the metrics configurations to retrieve.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>The marker that is used to continue a metrics configuration listing that has been truncated. Use the NextContinuationToken from a previously truncated list response to continue the listing. The continuation token is an opaque value that Amazon S3 understands.</p>", + "location": "querystring", + "locationName": "continuation-token" + } + } + }, + "ListBucketsOutput": { + "type": "structure", + "members": { + "Buckets": { + "shape": "Buckets", + "documentation": "<p/>" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + } + } + }, + "ListMultipartUploadsOutput": { + "type": "structure", + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the multipart upload was initiated.</p>" + }, + "KeyMarker": { + "shape": "KeyMarker", + "documentation": "<p>The key at or after which the listing began.</p>" + }, + "UploadIdMarker": { + "shape": "UploadIdMarker", + "documentation": "<p>Upload ID after which listing began.</p>" + }, + "NextKeyMarker": { + "shape": "NextKeyMarker", + "documentation": "<p>When a list is truncated, this element specifies the value that should be used for the key-marker request parameter in a subsequent request.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>When a prefix is provided in the request, this field contains the specified prefix. The result contains only keys starting with the specified prefix.</p>" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p/>" + }, + "NextUploadIdMarker": { + "shape": "NextUploadIdMarker", + "documentation": "<p>When a list is truncated, this element specifies the value that should be used for the upload-id-marker request parameter in a subsequent request.</p>" + }, + "MaxUploads": { + "shape": "MaxUploads", + "documentation": "<p>Maximum number of multipart uploads that could have been included in the response.</p>" + }, + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>Indicates whether the returned list of multipart uploads is truncated. A value of true indicates that the list was truncated. The list can be truncated if the number of multipart uploads exceeds the limit allowed or specified by max uploads.</p>" + }, + "Uploads": { + "shape": "MultipartUploadList", + "documentation": "<p/>", + "locationName": "Upload" + }, + "CommonPrefixes": { + "shape": "CommonPrefixList", + "documentation": "<p/>" + }, + "EncodingType": { + "shape": "EncodingType", + "documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response.</p>" + } + } + }, + "ListMultipartUploadsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p>Character you use to group keys.</p>", + "location": "querystring", + "locationName": "delimiter" + }, + "EncodingType": { + "shape": "EncodingType", + "location": "querystring", + "locationName": "encoding-type" + }, + "KeyMarker": { + "shape": "KeyMarker", + "documentation": "<p>Together with upload-id-marker, this parameter specifies the multipart upload after which listing should begin.</p>", + "location": "querystring", + "locationName": "key-marker" + }, + "MaxUploads": { + "shape": "MaxUploads", + "documentation": "<p>Sets the maximum number of multipart uploads, from 1 to 1,000, to return in the response body. 1,000 is the maximum number of uploads that can be returned in a response.</p>", + "location": "querystring", + "locationName": "max-uploads" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Lists in-progress uploads only for those keys that begin with the specified prefix.</p>", + "location": "querystring", + "locationName": "prefix" + }, + "UploadIdMarker": { + "shape": "UploadIdMarker", + "documentation": "<p>Together with key-marker, specifies the multipart upload after which listing should begin. If key-marker is not specified, the upload-id-marker parameter is ignored.</p>", + "location": "querystring", + "locationName": "upload-id-marker" + } + } + }, + "ListObjectVersionsOutput": { + "type": "structure", + "members": { + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>A flag that indicates whether or not Amazon S3 returned all of the results that satisfied the search criteria. If your results were truncated, you can make a follow-up paginated request using the NextKeyMarker and NextVersionIdMarker response parameters as a starting place in another request to return the rest of the results.</p>" + }, + "KeyMarker": { + "shape": "KeyMarker", + "documentation": "<p>Marks the last Key returned in a truncated response.</p>" + }, + "VersionIdMarker": { + "shape": "VersionIdMarker", + "documentation": "<p/>" + }, + "NextKeyMarker": { + "shape": "NextKeyMarker", + "documentation": "<p>Use this value for the key marker request parameter in a subsequent request.</p>" + }, + "NextVersionIdMarker": { + "shape": "NextVersionIdMarker", + "documentation": "<p>Use this value for the next version id marker parameter in a subsequent request.</p>" + }, + "Versions": { + "shape": "ObjectVersionList", + "documentation": "<p/>", + "locationName": "Version" + }, + "DeleteMarkers": { + "shape": "DeleteMarkers", + "documentation": "<p/>", + "locationName": "DeleteMarker" + }, + "Name": { + "shape": "BucketName", + "documentation": "<p/>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p/>" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p/>" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p/>" + }, + "CommonPrefixes": { + "shape": "CommonPrefixList", + "documentation": "<p/>" + }, + "EncodingType": { + "shape": "EncodingType", + "documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response.</p>" + } + } + }, + "ListObjectVersionsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p>A delimiter is a character you use to group keys.</p>", + "location": "querystring", + "locationName": "delimiter" + }, + "EncodingType": { + "shape": "EncodingType", + "location": "querystring", + "locationName": "encoding-type" + }, + "KeyMarker": { + "shape": "KeyMarker", + "documentation": "<p>Specifies the key to start with when listing objects in a bucket.</p>", + "location": "querystring", + "locationName": "key-marker" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p>Sets the maximum number of keys returned in the response. The response might contain fewer keys but will never contain more.</p>", + "location": "querystring", + "locationName": "max-keys" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Limits the response to keys that begin with the specified prefix.</p>", + "location": "querystring", + "locationName": "prefix" + }, + "VersionIdMarker": { + "shape": "VersionIdMarker", + "documentation": "<p>Specifies the object version you want to start listing from.</p>", + "location": "querystring", + "locationName": "version-id-marker" + } + } + }, + "ListObjectsOutput": { + "type": "structure", + "members": { + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>A flag that indicates whether or not Amazon S3 returned all of the results that satisfied the search criteria.</p>" + }, + "Marker": { + "shape": "Marker", + "documentation": "<p/>" + }, + "NextMarker": { + "shape": "NextMarker", + "documentation": "<p>When response is truncated (the IsTruncated element value in the response is true), you can use the key name in this field as marker in the subsequent request to get next set of objects. Amazon S3 lists objects in alphabetical order Note: This element is returned only if you have delimiter request parameter specified. If response does not include the NextMaker and it is truncated, you can use the value of the last Key in the response as the marker in the subsequent request to get the next set of object keys.</p>" + }, + "Contents": { + "shape": "ObjectList", + "documentation": "<p/>" + }, + "Name": { + "shape": "BucketName", + "documentation": "<p/>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p/>" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p/>" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p/>" + }, + "CommonPrefixes": { + "shape": "CommonPrefixList", + "documentation": "<p/>" + }, + "EncodingType": { + "shape": "EncodingType", + "documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response.</p>" + } + } + }, + "ListObjectsRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p>A delimiter is a character you use to group keys.</p>", + "location": "querystring", + "locationName": "delimiter" + }, + "EncodingType": { + "shape": "EncodingType", + "location": "querystring", + "locationName": "encoding-type" + }, + "Marker": { + "shape": "Marker", + "documentation": "<p>Specifies the key to start with when listing objects in a bucket.</p>", + "location": "querystring", + "locationName": "marker" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p>Sets the maximum number of keys returned in the response. The response might contain fewer keys but will never contain more.</p>", + "location": "querystring", + "locationName": "max-keys" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Limits the response to keys that begin with the specified prefix.</p>", + "location": "querystring", + "locationName": "prefix" + }, + "RequestPayer": { + "shape": "RequestPayer", + "documentation": "<p>Confirms that the requester knows that she or he will be charged for the list objects request. Bucket owners need not specify this parameter in their requests.</p>", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "ListObjectsV2Output": { + "type": "structure", + "members": { + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>A flag that indicates whether or not Amazon S3 returned all of the results that satisfied the search criteria.</p>" + }, + "Contents": { + "shape": "ObjectList", + "documentation": "<p>Metadata about each object returned.</p>" + }, + "Name": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to list.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Limits the response to keys that begin with the specified prefix.</p>" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p>A delimiter is a character you use to group keys.</p>" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p>Sets the maximum number of keys returned in the response. The response might contain fewer keys but will never contain more.</p>" + }, + "CommonPrefixes": { + "shape": "CommonPrefixList", + "documentation": "<p>CommonPrefixes contains all (if there are any) keys between Prefix and the next occurrence of the string specified by delimiter</p>" + }, + "EncodingType": { + "shape": "EncodingType", + "documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response.</p>" + }, + "KeyCount": { + "shape": "KeyCount", + "documentation": "<p>KeyCount is the number of keys returned with this request. KeyCount will always be less than equals to MaxKeys field. Say you ask for 50 keys, your result will include less than equals 50 keys </p>" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>ContinuationToken indicates Amazon S3 that the list is being continued on this bucket with a token. ContinuationToken is obfuscated and is not a real key</p>" + }, + "NextContinuationToken": { + "shape": "NextToken", + "documentation": "<p>NextContinuationToken is sent when isTruncated is true which means there are more keys in the bucket that can be listed. The next list requests to Amazon S3 can be continued with this NextContinuationToken. NextContinuationToken is obfuscated and is not a real key</p>" + }, + "StartAfter": { + "shape": "StartAfter", + "documentation": "<p>StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts listing after this specified key. StartAfter can be any key in the bucket</p>" + } + } + }, + "ListObjectsV2Request": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to list.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Delimiter": { + "shape": "Delimiter", + "documentation": "<p>A delimiter is a character you use to group keys.</p>", + "location": "querystring", + "locationName": "delimiter" + }, + "EncodingType": { + "shape": "EncodingType", + "documentation": "<p>Encoding type used by Amazon S3 to encode object keys in the response.</p>", + "location": "querystring", + "locationName": "encoding-type" + }, + "MaxKeys": { + "shape": "MaxKeys", + "documentation": "<p>Sets the maximum number of keys returned in the response. The response might contain fewer keys but will never contain more.</p>", + "location": "querystring", + "locationName": "max-keys" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Limits the response to keys that begin with the specified prefix.</p>", + "location": "querystring", + "locationName": "prefix" + }, + "ContinuationToken": { + "shape": "Token", + "documentation": "<p>ContinuationToken indicates Amazon S3 that the list is being continued on this bucket with a token. ContinuationToken is obfuscated and is not a real key</p>", + "location": "querystring", + "locationName": "continuation-token" + }, + "FetchOwner": { + "shape": "FetchOwner", + "documentation": "<p>The owner field is not present in listV2 by default, if you want to return owner field with each key in the result then set the fetch owner field to true</p>", + "location": "querystring", + "locationName": "fetch-owner" + }, + "StartAfter": { + "shape": "StartAfter", + "documentation": "<p>StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts listing after this specified key. StartAfter can be any key in the bucket</p>", + "location": "querystring", + "locationName": "start-after" + }, + "RequestPayer": { + "shape": "RequestPayer", + "documentation": "<p>Confirms that the requester knows that she or he will be charged for the list objects request in V2 style. Bucket owners need not specify this parameter in their requests.</p>", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "ListPartsOutput": { + "type": "structure", + "members": { + "AbortDate": { + "shape": "AbortDate", + "documentation": "<p>Date when multipart upload will become eligible for abort operation by lifecycle.</p>", + "location": "header", + "locationName": "x-amz-abort-date" + }, + "AbortRuleId": { + "shape": "AbortRuleId", + "documentation": "<p>Id of the lifecycle rule that makes a multipart upload eligible for abort operation.</p>", + "location": "header", + "locationName": "x-amz-abort-rule-id" + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the multipart upload was initiated.</p>" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Object key for which the multipart upload was initiated.</p>" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID identifying the multipart upload whose parts are being listed.</p>" + }, + "PartNumberMarker": { + "shape": "PartNumberMarker", + "documentation": "<p>Part number after which listing begins.</p>" + }, + "NextPartNumberMarker": { + "shape": "NextPartNumberMarker", + "documentation": "<p>When a list is truncated, this element specifies the last part in the list, as well as the value to use for the part-number-marker request parameter in a subsequent request.</p>" + }, + "MaxParts": { + "shape": "MaxParts", + "documentation": "<p>Maximum number of parts that were allowed in the response.</p>" + }, + "IsTruncated": { + "shape": "IsTruncated", + "documentation": "<p>Indicates whether the returned list of parts is truncated.</p>" + }, + "Parts": { + "shape": "Parts", + "documentation": "<p/>", + "locationName": "Part" + }, + "Initiator": { + "shape": "Initiator", + "documentation": "<p>Identifies who initiated the multipart upload.</p>" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The class of storage used to store the object.</p>" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "ListPartsRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "UploadId" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "MaxParts": { + "shape": "MaxParts", + "documentation": "<p>Sets the maximum number of parts to return.</p>", + "location": "querystring", + "locationName": "max-parts" + }, + "PartNumberMarker": { + "shape": "PartNumberMarker", + "documentation": "<p>Specifies the part after which listing should begin. Only parts with higher part numbers will be listed.</p>", + "location": "querystring", + "locationName": "part-number-marker" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID identifying the multipart upload whose parts are being listed.</p>", + "location": "querystring", + "locationName": "uploadId" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "Location": { + "type": "string" + }, + "LocationPrefix": { + "type": "string" + }, + "LoggingEnabled": { + "type": "structure", + "required": [ + "TargetBucket", + "TargetPrefix" + ], + "members": { + "TargetBucket": { + "shape": "TargetBucket", + "documentation": "<p>Specifies the bucket where you want Amazon S3 to store server access logs. You can have your logs delivered to any bucket that you own, including the same bucket that is being logged. You can also configure multiple buckets to deliver their logs to the same target bucket. In this case you should choose a different TargetPrefix for each source bucket so that the delivered log files can be distinguished by key.</p>" + }, + "TargetGrants": { + "shape": "TargetGrants", + "documentation": "<p/>" + }, + "TargetPrefix": { + "shape": "TargetPrefix", + "documentation": "<p>A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.</p>" + } + }, + "documentation": "<p>Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html\">PUT Bucket logging</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "MFA": { + "type": "string" + }, + "MFADelete": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "MFADeleteStatus": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "Marker": { + "type": "string" + }, + "MaxAgeSeconds": { + "type": "integer" + }, + "MaxKeys": { + "type": "integer" + }, + "MaxParts": { + "type": "integer" + }, + "MaxUploads": { + "type": "integer" + }, + "Message": { + "type": "string" + }, + "Metadata": { + "type": "map", + "key": { + "shape": "MetadataKey" + }, + "value": { + "shape": "MetadataValue" + } + }, + "MetadataDirective": { + "type": "string", + "enum": [ + "COPY", + "REPLACE" + ] + }, + "MetadataEntry": { + "type": "structure", + "members": { + "Name": { + "shape": "MetadataKey", + "documentation": "<p/>" + }, + "Value": { + "shape": "MetadataValue", + "documentation": "<p/>" + } + }, + "documentation": "<p>A metadata key-value pair to store with an object.</p>" + }, + "MetadataKey": { + "type": "string" + }, + "MetadataValue": { + "type": "string" + }, + "MetricsAndOperator": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix used when evaluating an AND predicate.</p>" + }, + "Tags": { + "shape": "TagSet", + "documentation": "<p>The list of tags used when evaluating an AND predicate.</p>", + "flattened": true, + "locationName": "Tag" + } + }, + "documentation": "<p/>" + }, + "MetricsConfiguration": { + "type": "structure", + "required": [ + "Id" + ], + "members": { + "Id": { + "shape": "MetricsId", + "documentation": "<p>The ID used to identify the metrics configuration.</p>" + }, + "Filter": { + "shape": "MetricsFilter", + "documentation": "<p>Specifies a metrics configuration filter. The metrics configuration will only include objects that meet the filter's criteria. A filter must be a prefix, a tag, or a conjunction (MetricsAndOperator).</p>" + } + }, + "documentation": "<p>Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html\"> PUT Bucket metrics</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "MetricsConfigurationList": { + "type": "list", + "member": { + "shape": "MetricsConfiguration" + }, + "flattened": true + }, + "MetricsFilter": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>The prefix used when evaluating a metrics filter.</p>" + }, + "Tag": { + "shape": "Tag", + "documentation": "<p>The tag used when evaluating a metrics filter.</p>" + }, + "And": { + "shape": "MetricsAndOperator", + "documentation": "<p>A conjunction (logical AND) of predicates, which is used in evaluating a metrics filter. The operator must have at least two predicates, and an object must match all of the predicates in order for the filter to apply.</p>" + } + }, + "documentation": "<p/>" + }, + "MetricsId": { + "type": "string" + }, + "MissingMeta": { + "type": "integer" + }, + "MultipartUpload": { + "type": "structure", + "members": { + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID that identifies the multipart upload.</p>" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Key of the object for which the multipart upload was initiated.</p>" + }, + "Initiated": { + "shape": "Initiated", + "documentation": "<p>Date and time at which the multipart upload was initiated.</p>" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The class of storage used to store the object.</p>" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + }, + "Initiator": { + "shape": "Initiator", + "documentation": "<p>Identifies who initiated the multipart upload.</p>" + } + }, + "documentation": "<p/>" + }, + "MultipartUploadId": { + "type": "string" + }, + "MultipartUploadList": { + "type": "list", + "member": { + "shape": "MultipartUpload" + }, + "flattened": true + }, + "NextKeyMarker": { + "type": "string" + }, + "NextMarker": { + "type": "string" + }, + "NextPartNumberMarker": { + "type": "integer" + }, + "NextToken": { + "type": "string" + }, + "NextUploadIdMarker": { + "type": "string" + }, + "NextVersionIdMarker": { + "type": "string" + }, + "NoncurrentVersionExpiration": { + "type": "structure", + "members": { + "NoncurrentDays": { + "shape": "Days", + "documentation": "<p>Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations\">How Amazon S3 Calculates When an Object Became Noncurrent</a> in the Amazon Simple Storage Service Developer Guide.</p>" + } + }, + "documentation": "<p>Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.</p>" + }, + "NoncurrentVersionTransition": { + "type": "structure", + "members": { + "NoncurrentDays": { + "shape": "Days", + "documentation": "<p>Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html\">How Amazon S3 Calculates When an Object Became Noncurrent</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "StorageClass": { + "shape": "TransitionStorageClass", + "documentation": "<p>The class of storage used to store the object.</p>" + } + }, + "documentation": "<p>Container for the transition rule that describes when noncurrent objects transition to the <code>STANDARD_IA</code>, <code>ONEZONE_IA</code>, <code>INTELLIGENT_TIERING</code>, <code>GLACIER</code>, or <code>DEEP_ARCHIVE</code> storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the <code>STANDARD_IA</code>, <code>ONEZONE_IA</code>, <code>INTELLIGENT_TIERING</code>, <code>GLACIER</code>, or <code>DEEP_ARCHIVE</code> storage class at a specific period in the object's lifetime.</p>" + }, + "NoncurrentVersionTransitionList": { + "type": "list", + "member": { + "shape": "NoncurrentVersionTransition" + }, + "flattened": true + }, + "NotificationConfiguration": { + "type": "structure", + "members": { + "TopicConfigurations": { + "shape": "TopicConfigurationList", + "documentation": "<p>The topic to which notifications are sent and the events for which notifications are generated.</p>", + "locationName": "TopicConfiguration" + }, + "QueueConfigurations": { + "shape": "QueueConfigurationList", + "documentation": "<p>The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.</p>", + "locationName": "QueueConfiguration" + }, + "LambdaFunctionConfigurations": { + "shape": "LambdaFunctionConfigurationList", + "documentation": "<p>Describes the AWS Lambda functions to invoke and the events for which to invoke them.</p>", + "locationName": "CloudFunctionConfiguration" + } + }, + "documentation": "<p>A container for specifying the notification configuration of the bucket. If this element is empty, notifications are turned off for the bucket.</p>" + }, + "NotificationConfigurationDeprecated": { + "type": "structure", + "members": { + "TopicConfiguration": { + "shape": "TopicConfigurationDeprecated", + "documentation": "<p/>" + }, + "QueueConfiguration": { + "shape": "QueueConfigurationDeprecated", + "documentation": "<p/>" + }, + "CloudFunctionConfiguration": { + "shape": "CloudFunctionConfiguration", + "documentation": "<p/>" + } + } + }, + "NotificationConfigurationFilter": { + "type": "structure", + "members": { + "Key": { + "shape": "S3KeyFilter", + "documentation": "<p/>", + "locationName": "S3Key" + } + }, + "documentation": "<p>Specifies object key name filtering rules. For information about key name filtering, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html\">Configuring Event Notifications</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "NotificationId": { + "type": "string", + "documentation": "<p>An optional unique identifier for configurations in a notification configuration. If you don't provide one, Amazon S3 will assign an ID.</p>" + }, + "Object": { + "type": "structure", + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p/>" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p/>" + }, + "Size": { + "shape": "Size", + "documentation": "<p/>" + }, + "StorageClass": { + "shape": "ObjectStorageClass", + "documentation": "<p>The class of storage used to store the object.</p>" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "ObjectCannedACL": { + "type": "string", + "enum": [ + "private", + "public-read", + "public-read-write", + "authenticated-read", + "aws-exec-read", + "bucket-owner-read", + "bucket-owner-full-control" + ] + }, + "ObjectIdentifier": { + "type": "structure", + "required": [ + "Key" + ], + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Key name of the object to delete.</p>" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId for the specific version of the object to delete.</p>" + } + }, + "documentation": "<p/>" + }, + "ObjectIdentifierList": { + "type": "list", + "member": { + "shape": "ObjectIdentifier" + }, + "flattened": true + }, + "ObjectKey": { + "type": "string", + "min": 1 + }, + "ObjectList": { + "type": "list", + "member": { + "shape": "Object" + }, + "flattened": true + }, + "ObjectLockConfiguration": { + "type": "structure", + "members": { + "ObjectLockEnabled": { + "shape": "ObjectLockEnabled", + "documentation": "<p>Indicates whether this bucket has an object lock configuration enabled.</p>" + }, + "Rule": { + "shape": "ObjectLockRule", + "documentation": "<p>The object lock rule in place for the specified object.</p>" + } + }, + "documentation": "<p>The container element for object lock configuration parameters.</p>" + }, + "ObjectLockEnabled": { + "type": "string", + "enum": [ + "Enabled" + ] + }, + "ObjectLockEnabledForBucket": { + "type": "boolean" + }, + "ObjectLockLegalHold": { + "type": "structure", + "members": { + "Status": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>Indicates whether the specified object has a Legal Hold in place.</p>" + } + }, + "documentation": "<p>A Legal Hold configuration for an object.</p>" + }, + "ObjectLockLegalHoldStatus": { + "type": "string", + "enum": [ + "ON", + "OFF" + ] + }, + "ObjectLockMode": { + "type": "string", + "enum": [ + "GOVERNANCE", + "COMPLIANCE" + ] + }, + "ObjectLockRetainUntilDate": { + "type": "timestamp", + "timestampFormat": "iso8601" + }, + "ObjectLockRetention": { + "type": "structure", + "members": { + "Mode": { + "shape": "ObjectLockRetentionMode", + "documentation": "<p>Indicates the Retention mode for the specified object.</p>" + }, + "RetainUntilDate": { + "shape": "Date", + "documentation": "<p>The date on which this object lock retention expires.</p>" + } + }, + "documentation": "<p>A Retention configuration for an object.</p>" + }, + "ObjectLockRetentionMode": { + "type": "string", + "enum": [ + "GOVERNANCE", + "COMPLIANCE" + ] + }, + "ObjectLockRule": { + "type": "structure", + "members": { + "DefaultRetention": { + "shape": "DefaultRetention", + "documentation": "<p>The default retention period that you want to apply to new objects placed in the specified bucket.</p>" + } + }, + "documentation": "<p>The container element for an object lock rule.</p>" + }, + "ObjectLockToken": { + "type": "string" + }, + "ObjectStorageClass": { + "type": "string", + "enum": [ + "STANDARD", + "REDUCED_REDUNDANCY", + "GLACIER", + "STANDARD_IA", + "ONEZONE_IA", + "INTELLIGENT_TIERING", + "DEEP_ARCHIVE" + ] + }, + "ObjectVersion": { + "type": "structure", + "members": { + "ETag": { + "shape": "ETag", + "documentation": "<p/>" + }, + "Size": { + "shape": "Size", + "documentation": "<p>Size in bytes of the object.</p>" + }, + "StorageClass": { + "shape": "ObjectVersionStorageClass", + "documentation": "<p>The class of storage used to store the object.</p>" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The object key.</p>" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version ID of an object.</p>" + }, + "IsLatest": { + "shape": "IsLatest", + "documentation": "<p>Specifies whether the object is (true) or is not (false) the latest version of an object.</p>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Date and time the object was last modified.</p>" + }, + "Owner": { + "shape": "Owner", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "ObjectVersionId": { + "type": "string" + }, + "ObjectVersionList": { + "type": "list", + "member": { + "shape": "ObjectVersion" + }, + "flattened": true + }, + "ObjectVersionStorageClass": { + "type": "string", + "enum": [ + "STANDARD" + ] + }, + "OutputLocation": { + "type": "structure", + "members": { + "S3": { + "shape": "S3Location", + "documentation": "<p>Describes an S3 location that will receive the results of the restore request.</p>" + } + }, + "documentation": "<p>Describes the location where the restore job's output is stored.</p>" + }, + "OutputSerialization": { + "type": "structure", + "members": { + "CSV": { + "shape": "CSVOutput", + "documentation": "<p>Describes the serialization of CSV-encoded Select results.</p>" + }, + "JSON": { + "shape": "JSONOutput", + "documentation": "<p>Specifies JSON as request's output serialization format.</p>" + } + }, + "documentation": "<p>Describes how results of the Select job are serialized.</p>" + }, + "Owner": { + "type": "structure", + "members": { + "DisplayName": { + "shape": "DisplayName", + "documentation": "<p/>" + }, + "ID": { + "shape": "ID", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "OwnerOverride": { + "type": "string", + "enum": [ + "Destination" + ] + }, + "ParquetInput": { + "type": "structure", + "members": {}, + "documentation": "<p/>" + }, + "Part": { + "type": "structure", + "members": { + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number identifying the part. This is a positive integer between 1 and 10,000.</p>" + }, + "LastModified": { + "shape": "LastModified", + "documentation": "<p>Date and time at which the part was uploaded.</p>" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag returned when the part was uploaded.</p>" + }, + "Size": { + "shape": "Size", + "documentation": "<p>Size in bytes of the uploaded part data.</p>" + } + }, + "documentation": "<p/>" + }, + "PartNumber": { + "type": "integer" + }, + "PartNumberMarker": { + "type": "integer" + }, + "Parts": { + "type": "list", + "member": { + "shape": "Part" + }, + "flattened": true + }, + "PartsCount": { + "type": "integer" + }, + "Payer": { + "type": "string", + "enum": [ + "Requester", + "BucketOwner" + ] + }, + "Permission": { + "type": "string", + "enum": [ + "FULL_CONTROL", + "WRITE", + "WRITE_ACP", + "READ", + "READ_ACP" + ] + }, + "Policy": { + "type": "string" + }, + "PolicyStatus": { + "type": "structure", + "members": { + "IsPublic": { + "shape": "IsPublic", + "documentation": "<p>The policy status for this bucket. <code>TRUE</code> indicates that this bucket is public. <code>FALSE</code> indicates that the bucket is not public.</p>", + "locationName": "IsPublic" + } + }, + "documentation": "<p>The container element for a bucket's policy status.</p>" + }, + "Prefix": { + "type": "string" + }, + "Priority": { + "type": "integer" + }, + "Progress": { + "type": "structure", + "members": { + "BytesScanned": { + "shape": "BytesScanned", + "documentation": "<p>The current number of object bytes scanned.</p>" + }, + "BytesProcessed": { + "shape": "BytesProcessed", + "documentation": "<p>The current number of uncompressed object bytes processed.</p>" + }, + "BytesReturned": { + "shape": "BytesReturned", + "documentation": "<p>The current number of bytes of records payload data returned.</p>" + } + }, + "documentation": "<p/>" + }, + "ProgressEvent": { + "type": "structure", + "members": { + "Details": { + "shape": "Progress", + "documentation": "<p>The Progress event details.</p>", + "eventpayload": true + } + }, + "documentation": "<p/>", + "event": true + }, + "Protocol": { + "type": "string", + "enum": [ + "http", + "https" + ] + }, + "PublicAccessBlockConfiguration": { + "type": "structure", + "members": { + "BlockPublicAcls": { + "shape": "Setting", + "documentation": "<p>Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to <code>TRUE</code> causes the following behavior:</p> <ul> <li> <p>PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.</p> </li> <li> <p>PUT Object calls fail if the request includes a public ACL.</p> </li> </ul> <p>Enabling this setting doesn't affect existing policies or ACLs.</p>", + "locationName": "BlockPublicAcls" + }, + "IgnorePublicAcls": { + "shape": "Setting", + "documentation": "<p>Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to <code>TRUE</code> causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.</p> <p>Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.</p>", + "locationName": "IgnorePublicAcls" + }, + "BlockPublicPolicy": { + "shape": "Setting", + "documentation": "<p>Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to <code>TRUE</code> causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. </p> <p>Enabling this setting doesn't affect existing bucket policies.</p>", + "locationName": "BlockPublicPolicy" + }, + "RestrictPublicBuckets": { + "shape": "Setting", + "documentation": "<p>Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to <code>TRUE</code> restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.</p> <p>Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.</p>", + "locationName": "RestrictPublicBuckets" + } + }, + "documentation": "<p>Specifies the Block Public Access configuration for an Amazon S3 bucket.</p>" + }, + "PutBucketAccelerateConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "AccelerateConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket for which the accelerate configuration is set.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "AccelerateConfiguration": { + "shape": "AccelerateConfiguration", + "documentation": "<p>Specifies the Accelerate Configuration you want to set for the bucket.</p>", + "locationName": "AccelerateConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "AccelerateConfiguration" + }, + "PutBucketAclRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "ACL": { + "shape": "BucketCannedACL", + "documentation": "<p>The canned ACL to apply to the bucket.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "AccessControlPolicy": { + "shape": "AccessControlPolicy", + "documentation": "<p>Contains the elements that set the ACL permissions for an object per grantee.</p>", + "locationName": "AccessControlPolicy", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to list the objects in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the bucket ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWrite": { + "shape": "GrantWrite", + "documentation": "<p>Allows grantee to create, overwrite, and delete any object in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + } + }, + "payload": "AccessControlPolicy" + }, + "PutBucketAnalyticsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id", + "AnalyticsConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket to which an analytics configuration is stored.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "AnalyticsId", + "documentation": "<p>The ID that identifies the analytics configuration.</p>", + "location": "querystring", + "locationName": "id" + }, + "AnalyticsConfiguration": { + "shape": "AnalyticsConfiguration", + "documentation": "<p>The configuration and any analyses for the analytics filter.</p>", + "locationName": "AnalyticsConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "AnalyticsConfiguration" + }, + "PutBucketCorsRequest": { + "type": "structure", + "required": [ + "Bucket", + "CORSConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "CORSConfiguration": { + "shape": "CORSConfiguration", + "documentation": "<p/>", + "locationName": "CORSConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + } + }, + "payload": "CORSConfiguration" + }, + "PutBucketEncryptionRequest": { + "type": "structure", + "required": [ + "Bucket", + "ServerSideEncryptionConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS). For information about the Amazon S3 default encryption feature, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html\">Amazon S3 Default Bucket Encryption</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The base64-encoded 128-bit MD5 digest of the server-side encryption configuration. This parameter is auto-populated when using the command from the CLI.</p>", + "location": "header", + "locationName": "Content-MD5" + }, + "ServerSideEncryptionConfiguration": { + "shape": "ServerSideEncryptionConfiguration", + "documentation": "<p/>", + "locationName": "ServerSideEncryptionConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "ServerSideEncryptionConfiguration" + }, + "PutBucketInventoryConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id", + "InventoryConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket where the inventory configuration will be stored.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "InventoryId", + "documentation": "<p>The ID used to identify the inventory configuration.</p>", + "location": "querystring", + "locationName": "id" + }, + "InventoryConfiguration": { + "shape": "InventoryConfiguration", + "documentation": "<p>Specifies the inventory configuration.</p>", + "locationName": "InventoryConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "InventoryConfiguration" + }, + "PutBucketLifecycleConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "LifecycleConfiguration": { + "shape": "BucketLifecycleConfiguration", + "documentation": "<p/>", + "locationName": "LifecycleConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "LifecycleConfiguration" + }, + "PutBucketLifecycleRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "LifecycleConfiguration": { + "shape": "LifecycleConfiguration", + "documentation": "<p/>", + "locationName": "LifecycleConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "LifecycleConfiguration" + }, + "PutBucketLoggingRequest": { + "type": "structure", + "required": [ + "Bucket", + "BucketLoggingStatus" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "BucketLoggingStatus": { + "shape": "BucketLoggingStatus", + "documentation": "<p/>", + "locationName": "BucketLoggingStatus", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + } + }, + "payload": "BucketLoggingStatus" + }, + "PutBucketMetricsConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "Id", + "MetricsConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket for which the metrics configuration is set.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Id": { + "shape": "MetricsId", + "documentation": "<p>The ID used to identify the metrics configuration.</p>", + "location": "querystring", + "locationName": "id" + }, + "MetricsConfiguration": { + "shape": "MetricsConfiguration", + "documentation": "<p>Specifies the metrics configuration.</p>", + "locationName": "MetricsConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "MetricsConfiguration" + }, + "PutBucketNotificationConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket", + "NotificationConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "NotificationConfiguration": { + "shape": "NotificationConfiguration", + "documentation": "<p/>", + "locationName": "NotificationConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "NotificationConfiguration" + }, + "PutBucketNotificationRequest": { + "type": "structure", + "required": [ + "Bucket", + "NotificationConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "NotificationConfiguration": { + "shape": "NotificationConfigurationDeprecated", + "documentation": "<p/>", + "locationName": "NotificationConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "NotificationConfiguration" + }, + "PutBucketPolicyRequest": { + "type": "structure", + "required": [ + "Bucket", + "Policy" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "ConfirmRemoveSelfBucketAccess": { + "shape": "ConfirmRemoveSelfBucketAccess", + "documentation": "<p>Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.</p>", + "location": "header", + "locationName": "x-amz-confirm-remove-self-bucket-access" + }, + "Policy": { + "shape": "Policy", + "documentation": "<p>The bucket policy as a JSON document.</p>" + } + }, + "payload": "Policy" + }, + "PutBucketReplicationRequest": { + "type": "structure", + "required": [ + "Bucket", + "ReplicationConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The base64-encoded 128-bit MD5 digest of the data. You must use this header as a message integrity check to verify that the request body was not corrupted in transit.</p>", + "location": "header", + "locationName": "Content-MD5" + }, + "ReplicationConfiguration": { + "shape": "ReplicationConfiguration", + "documentation": "<p/>", + "locationName": "ReplicationConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "Token": { + "shape": "ObjectLockToken", + "documentation": "<p>A token that allows Amazon S3 object lock to be enabled for an existing bucket.</p>", + "location": "header", + "locationName": "x-amz-bucket-object-lock-token" + } + }, + "payload": "ReplicationConfiguration" + }, + "PutBucketRequestPaymentRequest": { + "type": "structure", + "required": [ + "Bucket", + "RequestPaymentConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "RequestPaymentConfiguration": { + "shape": "RequestPaymentConfiguration", + "documentation": "<p/>", + "locationName": "RequestPaymentConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "RequestPaymentConfiguration" + }, + "PutBucketTaggingRequest": { + "type": "structure", + "required": [ + "Bucket", + "Tagging" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "Tagging": { + "shape": "Tagging", + "documentation": "<p/>", + "locationName": "Tagging", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "Tagging" + }, + "PutBucketVersioningRequest": { + "type": "structure", + "required": [ + "Bucket", + "VersioningConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "MFA": { + "shape": "MFA", + "documentation": "<p>The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.</p>", + "location": "header", + "locationName": "x-amz-mfa" + }, + "VersioningConfiguration": { + "shape": "VersioningConfiguration", + "documentation": "<p/>", + "locationName": "VersioningConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "VersioningConfiguration" + }, + "PutBucketWebsiteRequest": { + "type": "structure", + "required": [ + "Bucket", + "WebsiteConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "WebsiteConfiguration": { + "shape": "WebsiteConfiguration", + "documentation": "<p/>", + "locationName": "WebsiteConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "WebsiteConfiguration" + }, + "PutObjectAclOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "PutObjectAclRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "ACL": { + "shape": "ObjectCannedACL", + "documentation": "<p>The canned ACL to apply to the object.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "AccessControlPolicy": { + "shape": "AccessControlPolicy", + "documentation": "<p>Contains the elements that set the ACL permissions for an object per grantee.</p>", + "locationName": "AccessControlPolicy", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to list the objects in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the bucket ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWrite": { + "shape": "GrantWrite", + "documentation": "<p>Allows grantee to create, overwrite, and delete any object in the bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable bucket.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>VersionId used to reference a specific version of the object.</p>", + "location": "querystring", + "locationName": "versionId" + } + }, + "payload": "AccessControlPolicy" + }, + "PutObjectLegalHoldOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "PutObjectLegalHoldRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket containing the object that you want to place a Legal Hold on.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The key name for the object that you want to place a Legal Hold on.</p>", + "location": "uri", + "locationName": "Key" + }, + "LegalHold": { + "shape": "ObjectLockLegalHold", + "documentation": "<p>Container element for the Legal Hold configuration you want to apply to the specified object.</p>", + "locationName": "LegalHold", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The version ID of the object that you want to place a Legal Hold on.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The MD5 hash for the request body.</p>", + "location": "header", + "locationName": "Content-MD5" + } + }, + "payload": "LegalHold" + }, + "PutObjectLockConfigurationOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "PutObjectLockConfigurationRequest": { + "type": "structure", + "required": [ + "Bucket" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket whose object lock configuration you want to create or replace.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ObjectLockConfiguration": { + "shape": "ObjectLockConfiguration", + "documentation": "<p>The object lock configuration that you want to apply to the specified bucket.</p>", + "locationName": "ObjectLockConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "Token": { + "shape": "ObjectLockToken", + "documentation": "<p>A token to allow Amazon S3 object lock to be enabled for an existing bucket.</p>", + "location": "header", + "locationName": "x-amz-bucket-object-lock-token" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The MD5 hash for the request body.</p>", + "location": "header", + "locationName": "Content-MD5" + } + }, + "payload": "ObjectLockConfiguration" + }, + "PutObjectOutput": { + "type": "structure", + "members": { + "Expiration": { + "shape": "Expiration", + "documentation": "<p>If the object expiration is configured, this will contain the expiration date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded.</p>", + "location": "header", + "locationName": "x-amz-expiration" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag for the uploaded object.</p>", + "location": "header", + "locationName": "ETag" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>Version of the object.</p>", + "location": "header", + "locationName": "x-amz-version-id" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "PutObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "ACL": { + "shape": "ObjectCannedACL", + "documentation": "<p>The canned ACL to apply to the object.</p>", + "location": "header", + "locationName": "x-amz-acl" + }, + "Body": { + "shape": "Body", + "documentation": "<p>Object data.</p>", + "streaming": true + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the PUT operation was initiated.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "CacheControl": { + "shape": "CacheControl", + "documentation": "<p>Specifies caching behavior along the request/reply chain.</p>", + "location": "header", + "locationName": "Cache-Control" + }, + "ContentDisposition": { + "shape": "ContentDisposition", + "documentation": "<p>Specifies presentational information for the object.</p>", + "location": "header", + "locationName": "Content-Disposition" + }, + "ContentEncoding": { + "shape": "ContentEncoding", + "documentation": "<p>Specifies what content encodings have been applied to the object and thus what decoding mechanisms must be applied to obtain the media-type referenced by the Content-Type header field.</p>", + "location": "header", + "locationName": "Content-Encoding" + }, + "ContentLanguage": { + "shape": "ContentLanguage", + "documentation": "<p>The language the content is in.</p>", + "location": "header", + "locationName": "Content-Language" + }, + "ContentLength": { + "shape": "ContentLength", + "documentation": "<p>Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically.</p>", + "location": "header", + "locationName": "Content-Length" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The base64-encoded 128-bit MD5 digest of the part data. This parameter is auto-populated when using the command from the CLI. This parameted is required if object lock parameters are specified.</p>", + "location": "header", + "locationName": "Content-MD5" + }, + "ContentType": { + "shape": "ContentType", + "documentation": "<p>A standard MIME type describing the format of the object data.</p>", + "location": "header", + "locationName": "Content-Type" + }, + "Expires": { + "shape": "Expires", + "documentation": "<p>The date and time at which the object is no longer cacheable.</p>", + "location": "header", + "locationName": "Expires" + }, + "GrantFullControl": { + "shape": "GrantFullControl", + "documentation": "<p>Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object.</p>", + "location": "header", + "locationName": "x-amz-grant-full-control" + }, + "GrantRead": { + "shape": "GrantRead", + "documentation": "<p>Allows grantee to read the object data and its metadata.</p>", + "location": "header", + "locationName": "x-amz-grant-read" + }, + "GrantReadACP": { + "shape": "GrantReadACP", + "documentation": "<p>Allows grantee to read the object ACL.</p>", + "location": "header", + "locationName": "x-amz-grant-read-acp" + }, + "GrantWriteACP": { + "shape": "GrantWriteACP", + "documentation": "<p>Allows grantee to write the ACL for the applicable object.</p>", + "location": "header", + "locationName": "x-amz-grant-write-acp" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Object key for which the PUT operation was initiated.</p>", + "location": "uri", + "locationName": "Key" + }, + "Metadata": { + "shape": "Metadata", + "documentation": "<p>A map of metadata to store with the object in S3.</p>", + "location": "headers", + "locationName": "x-amz-meta-" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The type of storage to use for the object. Defaults to 'STANDARD'.</p>", + "location": "header", + "locationName": "x-amz-storage-class" + }, + "WebsiteRedirectLocation": { + "shape": "WebsiteRedirectLocation", + "documentation": "<p>If the bucket is configured as a website, redirects requests for this object to another object in the same bucket or to an external URL. Amazon S3 stores the value of this header in the object metadata.</p>", + "location": "header", + "locationName": "x-amz-website-redirect-location" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>Specifies the AWS KMS key ID to use for object encryption. All GET and PUT requests for an object protected by AWS KMS will fail if not made via SSL or using SigV4. Documentation on configuring any of the officially supported AWS SDKs and CLI can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "Tagging": { + "shape": "TaggingHeader", + "documentation": "<p>The tag-set for the object. The tag-set must be encoded as URL Query parameters. (For example, \"Key1=Value1\")</p>", + "location": "header", + "locationName": "x-amz-tagging" + }, + "ObjectLockMode": { + "shape": "ObjectLockMode", + "documentation": "<p>The object lock mode that you want to apply to this object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-mode" + }, + "ObjectLockRetainUntilDate": { + "shape": "ObjectLockRetainUntilDate", + "documentation": "<p>The date and time when you want this object's object lock to expire.</p>", + "location": "header", + "locationName": "x-amz-object-lock-retain-until-date" + }, + "ObjectLockLegalHoldStatus": { + "shape": "ObjectLockLegalHoldStatus", + "documentation": "<p>The Legal Hold status that you want to apply to the specified object.</p>", + "location": "header", + "locationName": "x-amz-object-lock-legal-hold" + } + }, + "payload": "Body" + }, + "PutObjectRetentionOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "PutObjectRetentionRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The bucket that contains the object you want to apply this Object Retention configuration to.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The key name for the object that you want to apply this Object Retention configuration to.</p>", + "location": "uri", + "locationName": "Key" + }, + "Retention": { + "shape": "ObjectLockRetention", + "documentation": "<p>The container element for the Object Retention configuration.</p>", + "locationName": "Retention", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p>The version ID for the object that you want to apply this Object Retention configuration to.</p>", + "location": "querystring", + "locationName": "versionId" + }, + "BypassGovernanceRetention": { + "shape": "BypassGovernanceRetention", + "documentation": "<p>Indicates whether this operation should bypass Governance-mode restrictions.j</p>", + "location": "header", + "locationName": "x-amz-bypass-governance-retention" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The MD5 hash for the request body.</p>", + "location": "header", + "locationName": "Content-MD5" + } + }, + "payload": "Retention" + }, + "PutObjectTaggingOutput": { + "type": "structure", + "members": { + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>", + "location": "header", + "locationName": "x-amz-version-id" + } + } + }, + "PutObjectTaggingRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "Tagging" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>", + "location": "querystring", + "locationName": "versionId" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p/>", + "location": "header", + "locationName": "Content-MD5" + }, + "Tagging": { + "shape": "Tagging", + "documentation": "<p/>", + "locationName": "Tagging", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "Tagging" + }, + "PutPublicAccessBlockRequest": { + "type": "structure", + "required": [ + "Bucket", + "PublicAccessBlockConfiguration" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The name of the Amazon S3 bucket whose <code>PublicAccessBlock</code> configuration you want to set.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The MD5 hash of the <code>PutPublicAccessBlock</code> request body. </p>", + "location": "header", + "locationName": "Content-MD5" + }, + "PublicAccessBlockConfiguration": { + "shape": "PublicAccessBlockConfiguration", + "documentation": "<p>The <code>PublicAccessBlock</code> configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status\">The Meaning of \"Public\"</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>", + "locationName": "PublicAccessBlockConfiguration", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + } + }, + "payload": "PublicAccessBlockConfiguration" + }, + "QueueArn": { + "type": "string" + }, + "QueueConfiguration": { + "type": "structure", + "required": [ + "QueueArn", + "Events" + ], + "members": { + "Id": { + "shape": "NotificationId" + }, + "QueueArn": { + "shape": "QueueArn", + "documentation": "<p>The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type.</p>", + "locationName": "Queue" + }, + "Events": { + "shape": "EventList", + "documentation": "<p/>", + "locationName": "Event" + }, + "Filter": { + "shape": "NotificationConfigurationFilter", + "documentation": "<p/>" + } + }, + "documentation": "<p>Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events.</p>" + }, + "QueueConfigurationDeprecated": { + "type": "structure", + "members": { + "Id": { + "shape": "NotificationId" + }, + "Event": { + "shape": "Event", + "deprecated": true + }, + "Events": { + "shape": "EventList", + "documentation": "<p/>", + "locationName": "Event" + }, + "Queue": { + "shape": "QueueArn", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "QueueConfigurationList": { + "type": "list", + "member": { + "shape": "QueueConfiguration" + }, + "flattened": true + }, + "Quiet": { + "type": "boolean" + }, + "QuoteCharacter": { + "type": "string" + }, + "QuoteEscapeCharacter": { + "type": "string" + }, + "QuoteFields": { + "type": "string", + "enum": [ + "ALWAYS", + "ASNEEDED" + ] + }, + "Range": { + "type": "string" + }, + "RecordDelimiter": { + "type": "string" + }, + "RecordsEvent": { + "type": "structure", + "members": { + "Payload": { + "shape": "Body", + "documentation": "<p>The byte array of partial, one or more result records.</p>", + "eventpayload": true + } + }, + "documentation": "<p/>", + "event": true + }, + "Redirect": { + "type": "structure", + "members": { + "HostName": { + "shape": "HostName", + "documentation": "<p>The host name to use in the redirect request.</p>" + }, + "HttpRedirectCode": { + "shape": "HttpRedirectCode", + "documentation": "<p>The HTTP redirect code to use on the response. Not required if one of the siblings is present.</p>" + }, + "Protocol": { + "shape": "Protocol", + "documentation": "<p>Protocol to use when redirecting requests. The default is the protocol that is used in the original request.</p>" + }, + "ReplaceKeyPrefixWith": { + "shape": "ReplaceKeyPrefixWith", + "documentation": "<p>The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix <code>docs/</code> (objects in the <code>docs/</code> folder) to <code>documents/</code>, you can set a condition block with <code>KeyPrefixEquals</code> set to <code>docs/</code> and in the Redirect set <code>ReplaceKeyPrefixWith</code> to <code>/documents</code>. Not required if one of the siblings is present. Can be present only if <code>ReplaceKeyWith</code> is not provided.</p>" + }, + "ReplaceKeyWith": { + "shape": "ReplaceKeyWith", + "documentation": "<p>The specific object key to use in the redirect request. For example, redirect request to <code>error.html</code>. Not required if one of the siblings is present. Can be present only if <code>ReplaceKeyPrefixWith</code> is not provided.</p>" + } + }, + "documentation": "<p>Specifies how requests are redirected. In the event of an error, you can specify a different error code to return.</p>" + }, + "RedirectAllRequestsTo": { + "type": "structure", + "required": [ + "HostName" + ], + "members": { + "HostName": { + "shape": "HostName", + "documentation": "<p>Name of the host where requests are redirected.</p>" + }, + "Protocol": { + "shape": "Protocol", + "documentation": "<p>Protocol to use when redirecting requests. The default is the protocol that is used in the original request.</p>" + } + }, + "documentation": "<p>Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket.</p>" + }, + "ReplaceKeyPrefixWith": { + "type": "string" + }, + "ReplaceKeyWith": { + "type": "string" + }, + "ReplicaKmsKeyID": { + "type": "string" + }, + "ReplicationConfiguration": { + "type": "structure", + "required": [ + "Role", + "Rules" + ], + "members": { + "Role": { + "shape": "Role", + "documentation": "<p>The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-how-setup.html\">How to Set Up Cross-Region Replication</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>" + }, + "Rules": { + "shape": "ReplicationRules", + "documentation": "<p>A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules. </p>", + "locationName": "Rule" + } + }, + "documentation": "<p>A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB.</p>" + }, + "ReplicationRule": { + "type": "structure", + "required": [ + "Status", + "Destination" + ], + "members": { + "ID": { + "shape": "ID", + "documentation": "<p>A unique identifier for the rule. The maximum value is 255 characters.</p>" + }, + "Priority": { + "shape": "Priority", + "documentation": "<p>The priority associated with the rule. If you specify multiple rules in a replication configuration, Amazon S3 prioritizes the rules to prevent conflicts when filtering. If two or more rules identify the same object based on a specified filter, the rule with higher priority takes precedence. For example:</p> <ul> <li> <p>Same object quality prefix based filter criteria If prefixes you specified in multiple rules overlap </p> </li> <li> <p>Same object qualify tag based filter criteria specified in multiple rules</p> </li> </ul> <p>For more information, see <a href=\" https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.html\">Cross-Region Replication (CRR)</a> in the <i>Amazon S3 Developer Guide</i>.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>An object keyname prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. </p>", + "deprecated": true + }, + "Filter": { + "shape": "ReplicationRuleFilter", + "documentation": "<p/>" + }, + "Status": { + "shape": "ReplicationRuleStatus", + "documentation": "<p>Specifies whether the rule is enabled.</p>" + }, + "SourceSelectionCriteria": { + "shape": "SourceSelectionCriteria", + "documentation": "<p>A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. Currently, Amazon S3 supports only the filter that you can specify for objects created with server-side encryption using an AWS KMS-Managed Key (SSE-KMS).</p>" + }, + "Destination": { + "shape": "Destination", + "documentation": "<p>A container for information about the replication destination.</p>" + }, + "DeleteMarkerReplication": { + "shape": "DeleteMarkerReplication", + "documentation": "<p/>" + } + }, + "documentation": "<p>Specifies which Amazon S3 objects to replicate and where to store the replicas.</p>" + }, + "ReplicationRuleAndOperator": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p/>" + }, + "Tags": { + "shape": "TagSet", + "documentation": "<p/>", + "flattened": true, + "locationName": "Tag" + } + }, + "documentation": "<p/>" + }, + "ReplicationRuleFilter": { + "type": "structure", + "members": { + "Prefix": { + "shape": "Prefix", + "documentation": "<p>An object keyname prefix that identifies the subset of objects to which the rule applies.</p>" + }, + "Tag": { + "shape": "Tag", + "documentation": "<p>A container for specifying a tag key and value. </p> <p>The rule applies only to objects that have the tag in their tag set.</p>" + }, + "And": { + "shape": "ReplicationRuleAndOperator", + "documentation": "<p>A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: </p> <ul> <li> <p>If you specify both a <code>Prefix</code> and a <code>Tag</code> filter, wrap these filters in an <code>And</code> tag.</p> </li> <li> <p>If you specify a filter based on multiple tags, wrap the <code>Tag</code> elements in an <code>And</code> tag.</p> </li> </ul>" + } + }, + "documentation": "<p>A filter that identifies the subset of objects to which the replication rule applies. A <code>Filter</code> must specify exactly one <code>Prefix</code>, <code>Tag</code>, or an <code>And</code> child element.</p>" + }, + "ReplicationRuleStatus": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "ReplicationRules": { + "type": "list", + "member": { + "shape": "ReplicationRule" + }, + "flattened": true + }, + "ReplicationStatus": { + "type": "string", + "enum": [ + "COMPLETE", + "PENDING", + "FAILED", + "REPLICA" + ] + }, + "RequestCharged": { + "type": "string", + "documentation": "<p>If present, indicates that the requester was successfully charged for the request.</p>", + "enum": [ + "requester" + ] + }, + "RequestPayer": { + "type": "string", + "documentation": "<p>Confirms that the requester knows that she or he will be charged for the request. Bucket owners need not specify this parameter in their requests. Documentation on downloading objects from requester pays buckets can be found at http://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html</p>", + "enum": [ + "requester" + ] + }, + "RequestPaymentConfiguration": { + "type": "structure", + "required": [ + "Payer" + ], + "members": { + "Payer": { + "shape": "Payer", + "documentation": "<p>Specifies who pays for the download and request fees.</p>" + } + }, + "documentation": "<p/>" + }, + "RequestProgress": { + "type": "structure", + "members": { + "Enabled": { + "shape": "EnableRequestProgress", + "documentation": "<p>Specifies whether periodic QueryProgress frames should be sent. Valid values: TRUE, FALSE. Default value: FALSE.</p>" + } + }, + "documentation": "<p/>" + }, + "ResponseCacheControl": { + "type": "string" + }, + "ResponseContentDisposition": { + "type": "string" + }, + "ResponseContentEncoding": { + "type": "string" + }, + "ResponseContentLanguage": { + "type": "string" + }, + "ResponseContentType": { + "type": "string" + }, + "ResponseExpires": { + "type": "timestamp" + }, + "Restore": { + "type": "string" + }, + "RestoreObjectOutput": { + "type": "structure", + "members": { + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + }, + "RestoreOutputPath": { + "shape": "RestoreOutputPath", + "documentation": "<p>Indicates the path in the provided S3 output location where Select results will be restored to.</p>", + "location": "header", + "locationName": "x-amz-restore-output-path" + } + } + }, + "RestoreObjectRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "VersionId": { + "shape": "ObjectVersionId", + "documentation": "<p/>", + "location": "querystring", + "locationName": "versionId" + }, + "RestoreRequest": { + "shape": "RestoreRequest", + "documentation": "<p/>", + "locationName": "RestoreRequest", + "xmlNamespace": { + "uri": "http://s3.amazonaws.com/doc/2006-03-01/" + } + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + }, + "payload": "RestoreRequest" + }, + "RestoreOutputPath": { + "type": "string" + }, + "RestoreRequest": { + "type": "structure", + "members": { + "Days": { + "shape": "Days", + "documentation": "<p>Lifetime of the active copy in days. Do not use with restores that specify OutputLocation.</p>" + }, + "GlacierJobParameters": { + "shape": "GlacierJobParameters", + "documentation": "<p>Glacier related parameters pertaining to this job. Do not use with restores that specify OutputLocation.</p>" + }, + "Type": { + "shape": "RestoreRequestType", + "documentation": "<p>Type of restore request.</p>" + }, + "Tier": { + "shape": "Tier", + "documentation": "<p>Glacier retrieval tier at which the restore will be processed.</p>" + }, + "Description": { + "shape": "Description", + "documentation": "<p>The optional description for the job.</p>" + }, + "SelectParameters": { + "shape": "SelectParameters", + "documentation": "<p>Describes the parameters for Select job types.</p>" + }, + "OutputLocation": { + "shape": "OutputLocation", + "documentation": "<p>Describes the location where the restore job's output is stored.</p>" + } + }, + "documentation": "<p>Container for restore job parameters.</p>" + }, + "RestoreRequestType": { + "type": "string", + "enum": [ + "SELECT" + ] + }, + "Role": { + "type": "string" + }, + "RoutingRule": { + "type": "structure", + "required": [ + "Redirect" + ], + "members": { + "Condition": { + "shape": "Condition", + "documentation": "<p>A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the <code>/docs</code> folder, redirect to the <code>/documents</code> folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.</p>" + }, + "Redirect": { + "shape": "Redirect", + "documentation": "<p>Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.</p>" + } + }, + "documentation": "<p>Specifies the redirect behavior and when a redirect is applied.</p>" + }, + "RoutingRules": { + "type": "list", + "member": { + "shape": "RoutingRule", + "locationName": "RoutingRule" + } + }, + "Rule": { + "type": "structure", + "required": [ + "Prefix", + "Status" + ], + "members": { + "Expiration": { + "shape": "LifecycleExpiration", + "documentation": "<p/>" + }, + "ID": { + "shape": "ID", + "documentation": "<p>Unique identifier for the rule. The value can't be longer than 255 characters.</p>" + }, + "Prefix": { + "shape": "Prefix", + "documentation": "<p>Object key prefix that identifies one or more objects to which this rule applies.</p>" + }, + "Status": { + "shape": "ExpirationStatus", + "documentation": "<p>If <code>Enabled</code>, the rule is currently being applied. If <code>Disabled</code>, the rule is not currently being applied.</p>" + }, + "Transition": { + "shape": "Transition", + "documentation": "<p/>" + }, + "NoncurrentVersionTransition": { + "shape": "NoncurrentVersionTransition", + "documentation": "<p/>" + }, + "NoncurrentVersionExpiration": { + "shape": "NoncurrentVersionExpiration", + "documentation": "<p/>" + }, + "AbortIncompleteMultipartUpload": { + "shape": "AbortIncompleteMultipartUpload", + "documentation": "<p/>" + } + }, + "documentation": "<p>Specifies lifecycle rules for an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html\">PUT Bucket lifecycle</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "Rules": { + "type": "list", + "member": { + "shape": "Rule" + }, + "flattened": true + }, + "S3KeyFilter": { + "type": "structure", + "members": { + "FilterRules": { + "shape": "FilterRuleList", + "documentation": "<p/>", + "locationName": "FilterRule" + } + }, + "documentation": "<p>A container for object key name prefix and suffix filtering rules.</p>" + }, + "S3Location": { + "type": "structure", + "required": [ + "BucketName", + "Prefix" + ], + "members": { + "BucketName": { + "shape": "BucketName", + "documentation": "<p>The name of the bucket where the restore results will be placed.</p>" + }, + "Prefix": { + "shape": "LocationPrefix", + "documentation": "<p>The prefix that is prepended to the restore results for this request.</p>" + }, + "Encryption": { + "shape": "Encryption", + "documentation": "<p/>" + }, + "CannedACL": { + "shape": "ObjectCannedACL", + "documentation": "<p>The canned ACL to apply to the restore results.</p>" + }, + "AccessControlList": { + "shape": "Grants", + "documentation": "<p>A list of grants that control access to the staged results.</p>" + }, + "Tagging": { + "shape": "Tagging", + "documentation": "<p>The tag-set that is applied to the restore results.</p>" + }, + "UserMetadata": { + "shape": "UserMetadata", + "documentation": "<p>A list of metadata to store with the restore results in S3.</p>" + }, + "StorageClass": { + "shape": "StorageClass", + "documentation": "<p>The class of storage used to store the restore results.</p>" + } + }, + "documentation": "<p>Describes an S3 location that will receive the results of the restore request.</p>" + }, + "SSECustomerAlgorithm": { + "type": "string" + }, + "SSECustomerKey": { + "type": "blob", + "sensitive": true + }, + "SSECustomerKeyMD5": { + "type": "string" + }, + "SSEKMS": { + "type": "structure", + "required": [ + "KeyId" + ], + "members": { + "KeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>Specifies the ID of the AWS Key Management Service (KMS) master encryption key to use for encrypting Inventory reports.</p>" + } + }, + "documentation": "<p>Specifies the use of SSE-KMS to encrypt delivered Inventory reports.</p>", + "locationName": "SSE-KMS" + }, + "SSEKMSKeyId": { + "type": "string", + "sensitive": true + }, + "SSES3": { + "type": "structure", + "members": {}, + "documentation": "<p>Specifies the use of SSE-S3 to encrypt delivered Inventory reports.</p>", + "locationName": "SSE-S3" + }, + "SelectObjectContentEventStream": { + "type": "structure", + "members": { + "Records": { + "shape": "RecordsEvent", + "documentation": "<p>The Records Event.</p>" + }, + "Stats": { + "shape": "StatsEvent", + "documentation": "<p>The Stats Event.</p>" + }, + "Progress": { + "shape": "ProgressEvent", + "documentation": "<p>The Progress Event.</p>" + }, + "Cont": { + "shape": "ContinuationEvent", + "documentation": "<p>The Continuation Event.</p>" + }, + "End": { + "shape": "EndEvent", + "documentation": "<p>The End Event.</p>" + } + }, + "documentation": "<p/>", + "eventstream": true + }, + "SelectObjectContentOutput": { + "type": "structure", + "members": { + "Payload": { + "shape": "SelectObjectContentEventStream", + "documentation": "<p/>" + } + }, + "payload": "Payload" + }, + "SelectObjectContentRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "Expression", + "ExpressionType", + "InputSerialization", + "OutputSerialization" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p>The S3 bucket.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>The object key.</p>", + "location": "uri", + "locationName": "Key" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>The SSE Algorithm used to encrypt the object. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html\"> Server-Side Encryption (Using Customer-Provided Encryption Keys</a>. </p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>The SSE Customer Key. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html\"> Server-Side Encryption (Using Customer-Provided Encryption Keys</a>. </p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>The SSE Customer Key MD5. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html\"> Server-Side Encryption (Using Customer-Provided Encryption Keys</a>. </p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "Expression": { + "shape": "Expression", + "documentation": "<p>The expression that is used to query the object.</p>" + }, + "ExpressionType": { + "shape": "ExpressionType", + "documentation": "<p>The type of the provided expression (for example., SQL).</p>" + }, + "RequestProgress": { + "shape": "RequestProgress", + "documentation": "<p>Specifies if periodic request progress information should be enabled.</p>" + }, + "InputSerialization": { + "shape": "InputSerialization", + "documentation": "<p>Describes the format of the data in the object that is being queried.</p>" + }, + "OutputSerialization": { + "shape": "OutputSerialization", + "documentation": "<p>Describes the format of the data that you want Amazon S3 to return in response.</p>" + } + }, + "documentation": "<p>Request to filter the contents of an Amazon S3 object based on a simple Structured Query Language (SQL) statement. In the request, along with the SQL expression, you must specify a data serialization format (JSON or CSV) of the object. Amazon S3 uses this to parse object data into records. It returns only records that match the specified SQL expression. You must also specify the data serialization format for the response. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectSELECTContent.html\">S3Select API Documentation</a>.</p>" + }, + "SelectParameters": { + "type": "structure", + "required": [ + "InputSerialization", + "ExpressionType", + "Expression", + "OutputSerialization" + ], + "members": { + "InputSerialization": { + "shape": "InputSerialization", + "documentation": "<p>Describes the serialization format of the object.</p>" + }, + "ExpressionType": { + "shape": "ExpressionType", + "documentation": "<p>The type of the provided expression (e.g., SQL).</p>" + }, + "Expression": { + "shape": "Expression", + "documentation": "<p>The expression that is used to query the object.</p>" + }, + "OutputSerialization": { + "shape": "OutputSerialization", + "documentation": "<p>Describes how the results of the Select job are serialized.</p>" + } + }, + "documentation": "<p>Describes the parameters for Select job types.</p>" + }, + "ServerSideEncryption": { + "type": "string", + "enum": [ + "AES256", + "aws:kms" + ] + }, + "ServerSideEncryptionByDefault": { + "type": "structure", + "required": [ + "SSEAlgorithm" + ], + "members": { + "SSEAlgorithm": { + "shape": "ServerSideEncryption", + "documentation": "<p>Server-side encryption algorithm to use for the default encryption.</p>" + }, + "KMSMasterKeyID": { + "shape": "SSEKMSKeyId", + "documentation": "<p>KMS master key ID to use for the default encryption. This parameter is allowed if and only if <code>SSEAlgorithm</code> is set to <code>aws:kms</code>.</p>" + } + }, + "documentation": "<p>Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html\">PUT Bucket encryption</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "ServerSideEncryptionConfiguration": { + "type": "structure", + "required": [ + "Rules" + ], + "members": { + "Rules": { + "shape": "ServerSideEncryptionRules", + "documentation": "<p>Container for information about a particular server-side encryption configuration rule.</p>", + "locationName": "Rule" + } + }, + "documentation": "<p>Specifies the default server-side-encryption configuration.</p>" + }, + "ServerSideEncryptionRule": { + "type": "structure", + "members": { + "ApplyServerSideEncryptionByDefault": { + "shape": "ServerSideEncryptionByDefault", + "documentation": "<p>Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.</p>" + } + }, + "documentation": "<p>Specifies the default server-side encryption configuration.</p>" + }, + "ServerSideEncryptionRules": { + "type": "list", + "member": { + "shape": "ServerSideEncryptionRule" + }, + "flattened": true + }, + "Setting": { + "type": "boolean" + }, + "Size": { + "type": "integer" + }, + "SourceSelectionCriteria": { + "type": "structure", + "members": { + "SseKmsEncryptedObjects": { + "shape": "SseKmsEncryptedObjects", + "documentation": "<p> A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. If you include <code>SourceSelectionCriteria</code> in the replication configuration, this element is required. </p>" + } + }, + "documentation": "<p>A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. Currently, Amazon S3 supports only the filter that you can specify for objects created with server-side encryption using an AWS KMS-Managed Key (SSE-KMS).</p>" + }, + "SseKmsEncryptedObjects": { + "type": "structure", + "required": [ + "Status" + ], + "members": { + "Status": { + "shape": "SseKmsEncryptedObjectsStatus", + "documentation": "<p>Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS-managed key.</p>" + } + }, + "documentation": "<p>A container for filter information for the selection of S3 objects encrypted with AWS KMS.</p>" + }, + "SseKmsEncryptedObjectsStatus": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + "StartAfter": { + "type": "string" + }, + "Stats": { + "type": "structure", + "members": { + "BytesScanned": { + "shape": "BytesScanned", + "documentation": "<p>The total number of object bytes scanned.</p>" + }, + "BytesProcessed": { + "shape": "BytesProcessed", + "documentation": "<p>The total number of uncompressed object bytes processed.</p>" + }, + "BytesReturned": { + "shape": "BytesReturned", + "documentation": "<p>The total number of bytes of records payload data returned.</p>" + } + }, + "documentation": "<p/>" + }, + "StatsEvent": { + "type": "structure", + "members": { + "Details": { + "shape": "Stats", + "documentation": "<p>The Stats event details.</p>", + "eventpayload": true + } + }, + "documentation": "<p/>", + "event": true + }, + "StorageClass": { + "type": "string", + "enum": [ + "STANDARD", + "REDUCED_REDUNDANCY", + "STANDARD_IA", + "ONEZONE_IA", + "INTELLIGENT_TIERING", + "GLACIER", + "DEEP_ARCHIVE" + ] + }, + "StorageClassAnalysis": { + "type": "structure", + "members": { + "DataExport": { + "shape": "StorageClassAnalysisDataExport", + "documentation": "<p>Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.</p>" + } + }, + "documentation": "<p>Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket.</p>" + }, + "StorageClassAnalysisDataExport": { + "type": "structure", + "required": [ + "OutputSchemaVersion", + "Destination" + ], + "members": { + "OutputSchemaVersion": { + "shape": "StorageClassAnalysisSchemaVersion", + "documentation": "<p>The version of the output schema to use when exporting data. Must be <code>V_1</code>.</p>" + }, + "Destination": { + "shape": "AnalyticsExportDestination", + "documentation": "<p>The place to store the data for an analysis.</p>" + } + }, + "documentation": "<p/>" + }, + "StorageClassAnalysisSchemaVersion": { + "type": "string", + "enum": [ + "V_1" + ] + }, + "Suffix": { + "type": "string" + }, + "Tag": { + "type": "structure", + "required": [ + "Key", + "Value" + ], + "members": { + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Name of the tag.</p>" + }, + "Value": { + "shape": "Value", + "documentation": "<p>Value of the tag.</p>" + } + }, + "documentation": "<p/>" + }, + "TagCount": { + "type": "integer" + }, + "TagSet": { + "type": "list", + "member": { + "shape": "Tag", + "locationName": "Tag" + } + }, + "Tagging": { + "type": "structure", + "required": [ + "TagSet" + ], + "members": { + "TagSet": { + "shape": "TagSet", + "documentation": "<p/>" + } + }, + "documentation": "<p/>" + }, + "TaggingDirective": { + "type": "string", + "enum": [ + "COPY", + "REPLACE" + ] + }, + "TaggingHeader": { + "type": "string" + }, + "TargetBucket": { + "type": "string" + }, + "TargetGrant": { + "type": "structure", + "members": { + "Grantee": { + "shape": "Grantee", + "documentation": "<p/>" + }, + "Permission": { + "shape": "BucketLogsPermission", + "documentation": "<p>Logging permissions assigned to the Grantee for the bucket.</p>" + } + }, + "documentation": "<p/>" + }, + "TargetGrants": { + "type": "list", + "member": { + "shape": "TargetGrant", + "locationName": "Grant" + } + }, + "TargetPrefix": { + "type": "string" + }, + "Tier": { + "type": "string", + "enum": [ + "Standard", + "Bulk", + "Expedited" + ] + }, + "Token": { + "type": "string" + }, + "TopicArn": { + "type": "string" + }, + "TopicConfiguration": { + "type": "structure", + "required": [ + "TopicArn", + "Events" + ], + "members": { + "Id": { + "shape": "NotificationId" + }, + "TopicArn": { + "shape": "TopicArn", + "documentation": "<p>The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.</p>", + "locationName": "Topic" + }, + "Events": { + "shape": "EventList", + "documentation": "<p>The Amazon S3 bucket event about which to send notifications. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html\">Supported Event Types</a> in the <i>Amazon Simple Storage Service Developer Guide</i>.</p>", + "locationName": "Event" + }, + "Filter": { + "shape": "NotificationConfigurationFilter", + "documentation": "<p/>" + } + }, + "documentation": "<p>A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events.</p>" + }, + "TopicConfigurationDeprecated": { + "type": "structure", + "members": { + "Id": { + "shape": "NotificationId" + }, + "Events": { + "shape": "EventList", + "documentation": "<p/>", + "locationName": "Event" + }, + "Event": { + "shape": "Event", + "documentation": "<p>Bucket event for which to send notifications.</p>", + "deprecated": true + }, + "Topic": { + "shape": "TopicArn", + "documentation": "<p>Amazon SNS topic to which Amazon S3 will publish a message to report the specified events for the bucket.</p>" + } + }, + "documentation": "<p/>" + }, + "TopicConfigurationList": { + "type": "list", + "member": { + "shape": "TopicConfiguration" + }, + "flattened": true + }, + "Transition": { + "type": "structure", + "members": { + "Date": { + "shape": "Date", + "documentation": "<p>Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.</p>" + }, + "Days": { + "shape": "Days", + "documentation": "<p>Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.</p>" + }, + "StorageClass": { + "shape": "TransitionStorageClass", + "documentation": "<p>The storage class to which you want the object to transition.</p>" + } + }, + "documentation": "<p>Specifies when an object transitions to a specified storage class.</p>" + }, + "TransitionList": { + "type": "list", + "member": { + "shape": "Transition" + }, + "flattened": true + }, + "TransitionStorageClass": { + "type": "string", + "enum": [ + "GLACIER", + "STANDARD_IA", + "ONEZONE_IA", + "INTELLIGENT_TIERING", + "DEEP_ARCHIVE" + ] + }, + "Type": { + "type": "string", + "enum": [ + "CanonicalUser", + "AmazonCustomerByEmail", + "Group" + ] + }, + "URI": { + "type": "string" + }, + "UploadIdMarker": { + "type": "string" + }, + "UploadPartCopyOutput": { + "type": "structure", + "members": { + "CopySourceVersionId": { + "shape": "CopySourceVersionId", + "documentation": "<p>The version of the source object that was copied, if you have enabled versioning on the source bucket.</p>", + "location": "header", + "locationName": "x-amz-copy-source-version-id" + }, + "CopyPartResult": { + "shape": "CopyPartResult", + "documentation": "<p/>" + }, + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + }, + "payload": "CopyPartResult" + }, + "UploadPartCopyRequest": { + "type": "structure", + "required": [ + "Bucket", + "CopySource", + "Key", + "PartNumber", + "UploadId" + ], + "members": { + "Bucket": { + "shape": "BucketName", + "documentation": "<p/>", + "location": "uri", + "locationName": "Bucket" + }, + "CopySource": { + "shape": "CopySource", + "documentation": "<p>The name of the source bucket and key name of the source object, separated by a slash (/). Must be URL-encoded.</p>", + "location": "header", + "locationName": "x-amz-copy-source" + }, + "CopySourceIfMatch": { + "shape": "CopySourceIfMatch", + "documentation": "<p>Copies the object if its entity tag (ETag) matches the specified tag.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-match" + }, + "CopySourceIfModifiedSince": { + "shape": "CopySourceIfModifiedSince", + "documentation": "<p>Copies the object if it has been modified since the specified time.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-modified-since" + }, + "CopySourceIfNoneMatch": { + "shape": "CopySourceIfNoneMatch", + "documentation": "<p>Copies the object if its entity tag (ETag) is different than the specified ETag.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-none-match" + }, + "CopySourceIfUnmodifiedSince": { + "shape": "CopySourceIfUnmodifiedSince", + "documentation": "<p>Copies the object if it hasn't been modified since the specified time.</p>", + "location": "header", + "locationName": "x-amz-copy-source-if-unmodified-since" + }, + "CopySourceRange": { + "shape": "CopySourceRange", + "documentation": "<p>The range of bytes to copy from the source object. The range value must use the form bytes=first-last, where the first and last are the zero-based byte offsets to copy. For example, bytes=0-9 indicates that you want to copy the first ten bytes of the source. You can copy a range only if the source object is greater than 5 MB.</p>", + "location": "header", + "locationName": "x-amz-copy-source-range" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p/>", + "location": "uri", + "locationName": "Key" + }, + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number of part being copied. This is a positive integer between 1 and 10,000.</p>", + "location": "querystring", + "locationName": "partNumber" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID identifying the multipart upload whose part is being copied.</p>", + "location": "querystring", + "locationName": "uploadId" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header. This must be the same encryption key specified in the initiate multipart upload request.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "CopySourceSSECustomerAlgorithm": { + "shape": "CopySourceSSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use when decrypting the source object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-algorithm" + }, + "CopySourceSSECustomerKey": { + "shape": "CopySourceSSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use to decrypt the source object. The encryption key provided in this header must be one that was used when the source object was created.</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-key" + }, + "CopySourceSSECustomerKeyMD5": { + "shape": "CopySourceSSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-copy-source-server-side-encryption-customer-key-MD5" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + } + }, + "UploadPartOutput": { + "type": "structure", + "members": { + "ServerSideEncryption": { + "shape": "ServerSideEncryption", + "documentation": "<p>The Server-side encryption algorithm used when storing this object in S3 (e.g., AES256, aws:kms).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption" + }, + "ETag": { + "shape": "ETag", + "documentation": "<p>Entity tag for the uploaded object.</p>", + "location": "header", + "locationName": "ETag" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header confirming the encryption algorithm used.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>If server-side encryption with a customer-provided encryption key was requested, the response will include this header to provide round trip message integrity verification of the customer-provided encryption key.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "SSEKMSKeyId": { + "shape": "SSEKMSKeyId", + "documentation": "<p>If present, specifies the ID of the AWS Key Management Service (KMS) master encryption key that was used for the object.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-aws-kms-key-id" + }, + "RequestCharged": { + "shape": "RequestCharged", + "location": "header", + "locationName": "x-amz-request-charged" + } + } + }, + "UploadPartRequest": { + "type": "structure", + "required": [ + "Bucket", + "Key", + "PartNumber", + "UploadId" + ], + "members": { + "Body": { + "shape": "Body", + "documentation": "<p>Object data.</p>", + "streaming": true + }, + "Bucket": { + "shape": "BucketName", + "documentation": "<p>Name of the bucket to which the multipart upload was initiated.</p>", + "location": "uri", + "locationName": "Bucket" + }, + "ContentLength": { + "shape": "ContentLength", + "documentation": "<p>Size of the body in bytes. This parameter is useful when the size of the body cannot be determined automatically.</p>", + "location": "header", + "locationName": "Content-Length" + }, + "ContentMD5": { + "shape": "ContentMD5", + "documentation": "<p>The base64-encoded 128-bit MD5 digest of the part data. This parameter is auto-populated when using the command from the CLI. This parameted is required if object lock parameters are specified.</p>", + "location": "header", + "locationName": "Content-MD5" + }, + "Key": { + "shape": "ObjectKey", + "documentation": "<p>Object key for which the multipart upload was initiated.</p>", + "location": "uri", + "locationName": "Key" + }, + "PartNumber": { + "shape": "PartNumber", + "documentation": "<p>Part number of part being uploaded. This is a positive integer between 1 and 10,000.</p>", + "location": "querystring", + "locationName": "partNumber" + }, + "UploadId": { + "shape": "MultipartUploadId", + "documentation": "<p>Upload ID identifying the multipart upload whose part is being uploaded.</p>", + "location": "querystring", + "locationName": "uploadId" + }, + "SSECustomerAlgorithm": { + "shape": "SSECustomerAlgorithm", + "documentation": "<p>Specifies the algorithm to use to when encrypting the object (e.g., AES256).</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-algorithm" + }, + "SSECustomerKey": { + "shape": "SSECustomerKey", + "documentation": "<p>Specifies the customer-provided encryption key for Amazon S3 to use in encrypting data. This value is used to store the object and then it is discarded; Amazon does not store the encryption key. The key must be appropriate for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm header. This must be the same encryption key specified in the initiate multipart upload request.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key" + }, + "SSECustomerKeyMD5": { + "shape": "SSECustomerKeyMD5", + "documentation": "<p>Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. Amazon S3 uses this header for a message integrity check to ensure the encryption key was transmitted without error.</p>", + "location": "header", + "locationName": "x-amz-server-side-encryption-customer-key-MD5" + }, + "RequestPayer": { + "shape": "RequestPayer", + "location": "header", + "locationName": "x-amz-request-payer" + } + }, + "payload": "Body" + }, + "UserMetadata": { + "type": "list", + "member": { + "shape": "MetadataEntry", + "locationName": "MetadataEntry" + } + }, + "Value": { + "type": "string" + }, + "VersionIdMarker": { + "type": "string" + }, + "VersioningConfiguration": { + "type": "structure", + "members": { + "MFADelete": { + "shape": "MFADelete", + "documentation": "<p>Specifies whether MFA delete is enabled in the bucket versioning configuration. This element is only returned if the bucket has been configured with MFA delete. If the bucket has never been so configured, this element is not returned.</p>", + "locationName": "MfaDelete" + }, + "Status": { + "shape": "BucketVersioningStatus", + "documentation": "<p>The versioning state of the bucket.</p>" + } + }, + "documentation": "<p>Describes the versioning state of an Amazon S3 bucket. For more information, see <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html\">PUT Bucket versioning</a> in the <i>Amazon Simple Storage Service API Reference</i>.</p>" + }, + "WebsiteConfiguration": { + "type": "structure", + "members": { + "ErrorDocument": { + "shape": "ErrorDocument", + "documentation": "<p>The name of the error document for the website.</p>" + }, + "IndexDocument": { + "shape": "IndexDocument", + "documentation": "<p>The name of the index document for the website.</p>" + }, + "RedirectAllRequestsTo": { + "shape": "RedirectAllRequestsTo", + "documentation": "<p>The redirect behavior for every request to this bucket's website endpoint.</p> <important> <p>If you specify this property, you can't specify any other property.</p> </important>" + }, + "RoutingRules": { + "shape": "RoutingRules", + "documentation": "<p>Rules that define when a redirect is applied and the redirect behavior.</p>" + } + }, + "documentation": "<p>Specifies website configuration parameters for an Amazon S3 bucket.</p>" + }, + "WebsiteRedirectLocation": { + "type": "string" + }, + "Years": { + "type": "integer" + } + }, + "documentation": "<p/>" +}
\ No newline at end of file diff --git a/aws/base.scm b/aws/base.scm new file mode 100644 index 0000000..55346c7 --- /dev/null +++ b/aws/base.scm @@ -0,0 +1,150 @@ +;;; guile-aws --- Scheme DSL for the AWS APIs +;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net> +;;; +;;; Guile-AWS is free software: you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published +;;; by the Free Software Foundation, either version 3 of the License, +;;; or (at your option) any later version. +;;; +;;; Guile-AWS is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with this program. If not, see +;;; <http://www.gnu.org/licenses/>. + +;;; Commentary: +;;; +;;; This module defines the basic record types, their constructors and +;;; accessors, as well as the type checker procedure generator. +;;; +;;; There are three records: 1) <aws-shape> for types that are little +;;; more than type-checked wrappers around primitive types (e.g. a +;;; ranged integer, a typed list, or a string with an enumeration of +;;; possible values; 2) <aws-structure> for composite types, which can +;;; have an arbitrary number of members of different types; and 3) +;;; <aws-operation>, which is how either of the previous types can be +;;; turned into API requests. +;;; +;;; Code: + +(define-module (aws base) + #:use-module (ice-9 match) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-9) + #:use-module (srfi srfi-9 gnu) + #:use-module ((srfi srfi-19) #:select (date?)) + #:use-module (srfi srfi-26) + #:use-module ((rnrs bytevectors) #:select (bytevector?)) + #:export (aws-shape + aws-shape? + aws-shape-aws-name + aws-shape-value + aws-shape-location-name + aws-shape-primitive? + + aws-structure + aws-structure-aws-name + aws-structure-members + aws-structure? + + aws-member + aws-member-name + aws-member-value + aws-member-documentation + aws-member-location + aws-member-location-name + + aws-name + ensure + + aws-operation)) + + +;;; Simple shapes + +(define-record-type <aws-shape> + (make-aws-shape aws-name primitive? type-checker location location-name value) + aws-shape? + (aws-name aws-shape-aws-name) + (primitive? aws-shape-primitive?) + (type-checker aws-shape-type-checker) + (location aws-shape-location) + (location-name aws-shape-location-name) + (value aws-shape-value)) + +(define* (aws-shape #:key aws-name primitive? type-checker location location-name documentation) + (let ((proc (lambda (value) + (if (type-checker value) + (make-aws-shape aws-name primitive? type-checker location location-name value) + (error (format #f "~a: invalid value: ~a~%" + aws-name value)))))) + (set-procedure-property! proc 'name aws-name) + (set-procedure-property! proc 'documentation documentation) + proc)) + +(set-record-type-printer! <aws-shape> + (lambda (obj port) + (format port "#<aws:~a ~a>" + (aws-shape-aws-name obj) + (aws-shape-value obj)))) + + +;;; Structures +(define-record-type <aws-structure> + (aws-structure aws-name members) + aws-structure? + (aws-name aws-structure-aws-name) + (members aws-structure-members)) + +(set-record-type-printer! <aws-structure> + (lambda (obj port) + (format port "#<aws-structure:~a>" + (aws-structure-aws-name obj)))) + +(define-record-type <aws-member> + (make-aws-member name value shape documentation location location-name) + aws-member? + (name aws-member-name) + (value aws-member-value) + (shape aws-member-shape) + (documentation aws-member-documentation) + (location aws-member-location) + (location-name aws-member-location-name)) + +(define* (aws-member #:key name value shape documentation location location-name) + (make-aws-member name value shape documentation location location-name)) + +(set-record-type-printer! <aws-structure> + (lambda (obj port) + (format port "#<aws-structure:~a>" + (aws-structure-aws-name obj)))) + + +(define (aws-name thing) + (cond + ((aws-structure? thing) + (aws-structure-aws-name thing)) + ((aws-shape? thing) + (aws-shape-aws-name thing)) + (else #f))) + +(define (ensure value type) + (unless (and=> (aws-name value) (cut eq? <> type)) + (error (format #f "wrong type: ~a, expected ~a~%." + value type)))) + + +(define* (aws-operation requester #:key name input-type output-type http documentation) + (let ((proc + (lambda (input) + (unless (eq? (aws-name input) input-type) + (error (format #f "~a: input must be of type ~a: ~a~%" + name input-type input))) + ;; TODO: do something with the response! + (requester #:http http #:operation-name name #:input input)))) + (set-procedure-property! proc 'documentation documentation) + (set-procedure-property! proc 'name name) + proc)) diff --git a/aws/request.scm b/aws/request.scm new file mode 100644 index 0000000..5773398 --- /dev/null +++ b/aws/request.scm @@ -0,0 +1,238 @@ +;;; guile-aws --- Scheme DSL for the AWS APIs +;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net> +;;; +;;; Guile-AWS is free software: you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published +;;; by the Free Software Foundation, either version 3 of the License, +;;; or (at your option) any later version. +;;; +;;; Guile-AWS is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with this program. If not, see +;;; <http://www.gnu.org/licenses/>. + +(define-module (aws request) + #:use-module (aws base) + #:use-module (ice-9 match) + #:use-module (ice-9 format) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-19) + #:use-module (srfi srfi-26) + #:use-module (gcrypt hash) + #:use-module (gcrypt hmac) + #:use-module (rnrs bytevectors) + #:use-module (web client) + #:use-module ((web http) #:select (header-writer)) + #:use-module (sxml simple) + #:export (make-operation->request serialize-aws-value)) + +;;; Commentary: + +;;; See: http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html +;;; Make a POST request and pass request parameters in the body of the +;;; request. Auth information is provided in an Authorization header. + +;;; Code: + +(define algorithm "AWS4-HMAC-SHA256") + +(define (sign key msg) + "Sign the string MSG with the secret key KEY (a bytevector) using the SHA256 algorithm." + (sign-data key (string->utf8 msg) #:algorithm 'sha256)) + +(define (hexify bv) + (format #f "~{~2,'0x~}" (bytevector->u8-list bv))) + + +;; See https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html +(define* (serialize-aws-value thing #:key (path '()) n (depth 0)) + (define top? (zero? depth)) + (cond + ((aws-structure? thing) + (filter-map (lambda (member) + (match (aws-member-value member) + ('__unspecified__ #f) + (value + (serialize-aws-value value + #:path + (if top? + (list (or (aws-member-location-name member) + (aws-member-name member))) + (cons* (or (aws-member-location-name member) + (aws-member-name member)) + n + (aws-structure-aws-name thing) + path)) + #:depth + (1+ depth))))) + (aws-structure-members thing))) + ((aws-shape? thing) + (cond + ((aws-shape-primitive? thing) + (serialize-aws-value (aws-shape-value thing) + #:path path + #:depth (1+ depth))) + (else + (serialize-aws-value (aws-shape-value thing) + #:path + (cons (or (aws-shape-location-name thing) + (aws-shape-aws-name thing)) path) + #:depth (1+ depth))))) + ((boolean? thing) + (serialize-aws-value (or (and thing "true") "false") + #:path path + #:depth (1+ depth))) + ((list? thing) + (append-map (lambda (item n) + (serialize-aws-value item + #:path path + #:n n + #:depth (1+ depth))) + thing + (iota (length thing) 1))) + (else (format #f "~a=~a" + (string-join (map (cut format #f "~a" <>) + (reverse (filter identity path))) + ".") + thing)))) + +(define* (make-operation->request api-metadata) + "Return a procedure that accepts an operation and returns an HTTP request." + (define endpoint-prefix + (assoc-ref api-metadata 'endpointPrefix)) + (define service-name endpoint-prefix) + (define api-version + (assoc-ref api-metadata 'apiVersion)) + + (lambda* (#:key http operation-name input) + (define region + (or (getenv "AWS_DEFAULT_REGION") + "us-west-2")) + (define access-key + (or (getenv "AWS_ACCESS_KEY_ID") + (error "No access key available. Set the AWS_ACCESS_KEY_ID environment variable."))) + (define secret-key + (or (getenv "AWS_SECRET_ACCESS_KEY") + (error "No secret access key available. Set the AWS_SECRET_ACCESS_KEY environment variable."))) + (define method + (assoc-ref http "method")) + (define host + (string-join (list endpoint-prefix + region + "amazonaws.com") + ".")) + (define endpoint + (string-append "https://" host "/")) + (define content-type + '(application/x-www-form-urlencoded (charset . "utf-8"))) + + ;; DynamoDB needs this, others don't. + (define amz-target (and=> (assoc-ref api-metadata 'targetPrefix) + (cut string-append <> "." + operation-name))) + + ;; TODO: some APIs use JSON, others (like EC2) use plain query strings. + (define request-parameters + (string-join (cons* (format #f "Action=~a" operation-name) + (format #f "Version=~a" api-version) + (serialize-aws-value input)) + "&")) + + (define now (current-date 0)) + (define amz-date + (date->string now "~Y~m~dT~H~M~SZ")) + (define date-stamp + (date->string now "~Y~m~d")) + + + ;; https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html + + ;; TODO: Create canonical URI--the part of the URI from domain to query + ;; string (use '/' if no path) + (define canonical-uri "/") + + (define headers + (filter cdr `((content-type . ,content-type) + (host . (,host . #f)) + (x-amz-date . ,amz-date) + (x-amz-target . ,amz-target)))) + (define authorization-header + (let* ((canonical-headers + ;; Header names must be trimmed, lower-case, sorted in + ;; code point order from low to high! Note: there must + ;; be a trailing newline character. + (string-join (map (match-lambda + ((key . value) + (string-append (symbol->string key) ":" + (with-output-to-string + (lambda () + ((header-writer key) value (current-output-port))))))) + headers) + "\n" 'suffix)) + (signed-headers + ;; This lists the headers in the canonical-headers list, + ;; delimited with ";" and in alpha order. The request + ;; can include any headers; canonical-headers and + ;; signed-headers include those that you want to be + ;; included in the hash of the request. "Host" and + ;; "x-amz-date" are always required. + (string-join (map (compose symbol->string first) headers) ";")) + ;; The query string is blank because parameters are passed + ;; in the body of the request. + (canonical-querystring "") + (canonical-request + (string-join (list method + canonical-uri + canonical-querystring + canonical-headers + signed-headers + ;; The payload hash + (hexify (sha256 (string->utf8 request-parameters)))) + "\n")) + (credential-scope + (string-join (list date-stamp + region + service-name + "aws4_request") "/")) + (string-to-sign + (string-join (list algorithm + amz-date + credential-scope + (hexify (sha256 (string->utf8 canonical-request)))) + "\n")) + (signature + (let* ((kdate (sign (string->utf8 (string-append "AWS4" secret-key)) date-stamp)) + (kregion (sign kdate region)) + (kservice (sign kregion service-name)) + (signing-key (sign kservice "aws4_request"))) + (hexify (sign signing-key string-to-sign))))) + `(,(string->symbol algorithm) + (Credential . ,(string-append access-key "/" credential-scope)) + (SignedHeaders . ,signed-headers) + (Signature . ,signature)))) + + ;; For DynamoDB, the request can include any headers, but MUST + ;; include "host", "x-amz-date", "x-amz-target", "content-type", + ;; and "Authorization". Except for the authorization header, the + ;; headers must be included in the canonical-headers and + ;; signed-headers values, as noted earlier. Order here is not + ;; significant. + (define new-headers + (cons `(Authorization . ,authorization-header) + (filter cdr headers))) + + (call-with-values + (lambda () + (http-post endpoint + ;#:method (string->symbol method) + #:body (string->utf8 request-parameters) + #:headers new-headers)) + (lambda (response body) + (xml->sxml (match body + ((? bytevector? bv) + (utf8->string bv)) + ((? string? s) s))))))) diff --git a/aws/utils/json.scm b/aws/utils/json.scm new file mode 100644 index 0000000..2117a2c --- /dev/null +++ b/aws/utils/json.scm @@ -0,0 +1,382 @@ +;;;; json.scm --- JSON reader/writer +;;;; Copyright © 2015, 2017 David Thompson <davet@gnu.org> +;;;; Copyright © 2017 Christopher Allan Webber <cwebber@dustycloud.org> +;;;; +;;;; This library is free software; you can redistribute it and/or +;;;; modify it under the terms of the GNU Lesser General Public +;;;; License as published by the Free Software Foundation; either +;;;; version 3 of the License, or (at your option) any later version. +;;;; +;;;; This library is distributed in the hope that it will be useful, +;;;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;;; Lesser General Public License for more details. +;;;; +;;;; You should have received a copy of the GNU Lesser General Public +;;;; License along with this library; if not, write to the Free Software +;;;; Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +;;;; 02110-1301 USA + +(define-module (aws utils json) + #:use-module (ice-9 match) + #:export (read-json write-json)) + +(define (json-error port) + (throw 'json-error port)) + +(define (assert-char port char) + "Read a character from PORT and throw an invalid JSON error if the +character is not CHAR." + (unless (eqv? (read-char port) char) + (json-error port))) + +(define (whitespace? char) + "Return #t if CHAR is a whitespace character." + (char-set-contains? char-set:whitespace char)) + +(define (consume-whitespace port) + "Discard characters from PORT until a non-whitespace character is +encountered.." + (match (peek-char port) + ((? eof-object?) *unspecified*) + ((? whitespace?) + (read-char port) + (consume-whitespace port)) + (_ *unspecified*))) + +(define (make-keyword-reader keyword value) + "Parse the keyword symbol KEYWORD as VALUE." + (let ((str (symbol->string keyword))) + (lambda (port) + (let loop ((i 0)) + (cond + ((= i (string-length str)) value) + ((eqv? (string-ref str i) (read-char port)) + (loop (1+ i))) + (else (json-error port))))))) + +(define read-true (make-keyword-reader 'true #t)) +(define read-false (make-keyword-reader 'false #f)) +(define read-null (make-keyword-reader 'null 'null)) + +(define (read-hex-digit port) + "Read a hexadecimal digit from PORT." + (match (read-char port) + (#\0 0) + (#\1 1) + (#\2 2) + (#\3 3) + (#\4 4) + (#\5 5) + (#\6 6) + (#\7 7) + (#\8 8) + (#\9 9) + ((or #\A #\a) 10) + ((or #\B #\b) 11) + ((or #\C #\c) 12) + ((or #\D #\d) 13) + ((or #\E #\e) 14) + ((or #\F #\f) 15) + (_ (json-error port)))) + +(define (read-utf16-character port) + "Read a hexadecimal encoded UTF-16 character from PORT." + (integer->char + (+ (* (read-hex-digit port) (expt 16 3)) + (* (read-hex-digit port) (expt 16 2)) + (* (read-hex-digit port) 16) + (read-hex-digit port)))) + +(define (read-escape-character port) + "Read escape character from PORT." + (match (read-char port) + (#\" #\") + (#\\ #\\) + (#\/ #\/) + (#\b #\backspace) + (#\f #\page) + (#\n #\newline) + (#\r #\return) + (#\t #\tab) + (#\u (read-utf16-character port)) + (_ (json-error port)))) + +(define (read-string port) + "Read a JSON encoded string from PORT." + (assert-char port #\") + (let loop ((result '())) + (match (read-char port) + ((? eof-object?) (json-error port)) + (#\" (list->string (reverse result))) + (#\\ (loop (cons (read-escape-character port) result))) + (char (loop (cons char result)))))) + +(define char-set:json-digit + (char-set #\0 #\1 #\2 #\3 #\4 #\5 #\6 #\7 #\8 #\9)) + +(define (digit? char) + (char-set-contains? char-set:json-digit char)) + +(define (read-digit port) + "Read a digit 0-9 from PORT." + (match (read-char port) + (#\0 0) + (#\1 1) + (#\2 2) + (#\3 3) + (#\4 4) + (#\5 5) + (#\6 6) + (#\7 7) + (#\8 8) + (#\9 9) + (else (json-error port)))) + +(define (read-digits port) + "Read a sequence of digits from PORT." + (let loop ((result '())) + (match (peek-char port) + ((? eof-object?) + (reverse result)) + ((? digit?) + (loop (cons (read-digit port) result))) + (else (reverse result))))) + +(define (list->integer digits) + "Convert the list DIGITS to an integer." + (let loop ((i (1- (length digits))) + (result 0) + (digits digits)) + (match digits + (() result) + ((n . tail) + (loop (1- i) + (+ result (* n (expt 10 i))) + tail))))) + +(define (read-positive-integer port) + "Read a positive integer with no leading zeroes from PORT." + (match (read-digits port) + ((0 . _) + (json-error port)) ; no leading zeroes allowed + ((digits ...) + (list->integer digits)))) + +(define (read-exponent port) + "Read exponent from PORT." + (define (read-expt) + (list->integer (read-digits port))) + + (unless (memv (read-char port) '(#\e #\E)) + (json-error port)) + + (match (peek-char port) + ((? eof-object?) + (json-error port)) + (#\- + (read-char port) + (- (read-expt))) + (#\+ + (read-char port) + (read-expt)) + ((? digit?) + (read-expt)) + (_ (json-error port)))) + +(define (read-fraction port) + "Read fractional number part from PORT as an inexact number." + (let* ((digits (read-digits port)) + (numerator (list->integer digits)) + (denomenator (expt 10 (length digits)))) + (/ numerator denomenator))) + +(define (read-positive-number port) + "Read a positive number from PORT." + (let* ((integer (match (peek-char port) + ((? eof-object?) + (json-error port)) + (#\0 + (read-char port) + 0) + ((? digit?) + (read-positive-integer port)) + (_ (json-error port)))) + (fraction (match (peek-char port) + (#\. + (read-char port) + (read-fraction port)) + (_ 0))) + (exponent (match (peek-char port) + ((or #\e #\E) + (read-exponent port)) + (_ 0))) + (n (* (+ integer fraction) (expt 10 exponent)))) + + ;; Keep integers as exact numbers, but convert numbers encoded as + ;; floating point numbers to an inexact representation. + (if (zero? fraction) + n + (exact->inexact n)))) + +(define (read-number port) + "Read a number from PORT" + (match (peek-char port) + ((? eof-object?) + (json-error port)) + (#\- + (read-char port) + (- (read-positive-number port))) + ((? digit?) + (read-positive-number port)) + (_ (json-error port)))) + +(define (read-object port) + "Read key/value map from PORT." + (define (read-key+value-pair) + (let ((key (read-string port))) + (consume-whitespace port) + (assert-char port #\:) + (consume-whitespace port) + (let ((value (read-value port))) + (cons key value)))) + + (assert-char port #\{) + (consume-whitespace port) + + (if (eqv? #\} (peek-char port)) + (begin + (read-char port) + '()) ; empty object + (cons (read-key+value-pair) + (let loop () + (consume-whitespace port) + (match (peek-char port) + (#\, ; read another value + (read-char port) + (consume-whitespace port) + (cons (read-key+value-pair) (loop))) + (#\} ; end of object + (read-char port) + '()) + (_ (json-error port))))))) + +(define (read-array port) + "Read array from PORT." + (assert-char port #\[) + (consume-whitespace port) + + (list->vector + (if (eqv? #\] (peek-char port)) + (begin + (read-char port) + '() ); empty array + (cons (read-value port) + (let loop () + (consume-whitespace port) + (match (peek-char port) + (#\, ; read another value + (read-char port) + (consume-whitespace port) + (cons (read-value port) (loop))) + (#\] ; end of array + (read-char port) + '()) + (_ (json-error port)))))))) + +(define (read-value port) + "Read a JSON value from PORT." + (consume-whitespace port) + (match (peek-char port) + ((? eof-object?) (json-error port)) + (#\" (read-string port)) + (#\{ (read-object port)) + (#\[ (read-array port)) + (#\t (read-true port)) + (#\f (read-false port)) + (#\n (read-null port)) + ((or #\- (? digit?)) + (read-number port)) + (_ (json-error port)))) + +(define (read-json port) + "Read JSON text from port and return an s-expression representation." + (let ((result (read-value port))) + (consume-whitespace port) + (unless (eof-object? (peek-char port)) + result + (json-error port)) + result)) + + +;;; +;;; Writer +;;; + +(define (write-string str port) + "Write STR to PORT in JSON string format." + (define (escape-char char) + (display (match char + (#\" "\\\"") + (#\\ "\\\\") + (#\/ "\\/") + (#\backspace "\\b") + (#\page "\\f") + (#\newline "\\n") + (#\return "\\r") + (#\tab "\\t") + (_ char)) + port)) + + (display "\"" port) + (string-for-each escape-char str) + (display "\"" port)) + +(define (write-object object port) + "Write ALIST to PORT in JSON object format." + ;; Keys may be strings or symbols. + (define key->string + (match-lambda + ((? string? key) key) + ((? symbol? key) (symbol->string key)))) + + (define (write-kv-pair key value) + (write-string (key->string key) port) + (display ":" port) + (write-json value port)) + + (display "{" port) + (match object + (() #f) + ((front ... (end-key . end-val)) + (for-each (match-lambda + ((key . value) + (write-kv-pair key value) + (display "," port))) + front) + (write-kv-pair end-key end-val))) + (display "}" port)) + +(define (write-array lst port) + "Write LST to PORT in JSON array format." + (display "[" port) + (match lst + (() #f) + ((front ... end) + (for-each (lambda (val) + (write-json val port) + (display "," port)) + front) + (write-json end port))) + (display "]" port)) + +(define (write-json exp port) + "Write EXP to PORT in JSON format." + (match exp + (#t (display "true" port)) + (#f (display "false" port)) + ('null (display "null" port)) + ((? string? s) (write-string s port)) + ((? real? n) (display n port)) + (('@ . alist) (write-object alist port)) + ((vals ...) (write-array vals port)))) diff --git a/bootstrap b/bootstrap new file mode 100755 index 0000000..5a29d5f --- /dev/null +++ b/bootstrap @@ -0,0 +1,2 @@ +#!/bin/sh +autoreconf -vif diff --git a/configure.ac b/configure.ac new file mode 100644 index 0000000..0b86834 --- /dev/null +++ b/configure.ac @@ -0,0 +1,15 @@ +dnl -*- Autoconf -*- + +AC_INIT([guile-aws], [0.1.0]) +AC_CONFIG_AUX_DIR([build-aux]) +AM_INIT_AUTOMAKE([color-tests -Wall -Wno-portability foreign]) +AM_SILENT_RULES([yes]) + +AC_PATH_PROG([GUILE], [guile]) +AC_CONFIG_FILES([Makefile]) +AC_CONFIG_FILES([pre-inst-env], [chmod +x pre-inst-env]) + +GUILE_PKG([3.0 2.2]) +GUILE_PROGS + +AC_OUTPUT diff --git a/guix.scm b/guix.scm new file mode 100644 index 0000000..bd65210 --- /dev/null +++ b/guix.scm @@ -0,0 +1,3 @@ +(specifications->manifest + '("guile" "guile-gcrypt" + "autoconf" "automake" "pkg-config")) diff --git a/language/aws/spec.scm b/language/aws/spec.scm new file mode 100644 index 0000000..5498c11 --- /dev/null +++ b/language/aws/spec.scm @@ -0,0 +1,218 @@ +;;; guile-aws --- Scheme DSL for the AWS APIs +;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net> +;;; +;;; Guile-AWS is free software: you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published +;;; by the Free Software Foundation, either version 3 of the License, +;;; or (at your option) any later version. +;;; +;;; Guile-AWS is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with this program. If not, see +;;; <http://www.gnu.org/licenses/>. + +(define-module (language aws spec) + #:use-module (aws base) + #:use-module (aws utils json) + #:use-module (ice-9 match) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-2) + #:use-module (system base language) + #:export (aws)) + +(define (primitive? exp) + (member (assoc-ref exp "type") + '("string" + "blob" + "boolean" + "timestamp" + "integer" "long" + "double" "float" + "list"))) + +(define (primitive-type-checker exp) + "Return an S-expression representation of a type checking procedure +for a shape expression EXP with a primitive data type. Throw an error +if this is not a primitive data type." + (match (assoc-ref exp "type") + ("string" + (let ((enum (and=> (assoc-ref exp "enum") + vector->list))) + (if enum + `(lambda (value) + (member value ',enum)) + 'string?))) + ("blob" 'bytevector?) + ("boolean" 'boolean?) + ("timestamp" 'date?) + ((or "integer" "long") + `(lambda (value) + (let ((min ,(assoc-ref exp "min")) + (max ,(assoc-ref exp "max"))) + (and (integer? value) + (if min (>= value min) #t) + (if max (<= value max) #t))))) + ((or "double" "float") 'real?) + ("list" + (let ((member-spec (assoc-ref exp "member"))) + (if member-spec + `(lambda (value) + (let ((shape ',(string->symbol (assoc-ref member-spec "shape")))) + (and (list? value) + (every (lambda (item) + (and=> (aws-name item) + (cut eq? <> shape))) + value)))) + 'list?))) + ("map" + `(lambda (value) + (let ((key-shape + ',(string->symbol (assoc-ref (assoc-ref exp "key") "shape"))) + (value-shape + ',(string->symbol (assoc-ref (assoc-ref exp "value") "shape")))) + (and (list? value) + (every (match-lambda + ((key . value) + (and (and=> (aws-name key) + (cut eq? <> key-shape)) + (and=> (aws-name value) + (cut eq? <> value-shape)))) + (_ #f)) + value))))) + ;; Not a primitive type. + (unknown + (error (format #f "unknown primitive type: ~a~%" unknown))))) + +(define (compile-member-args members required) + (append-map (match-lambda + ((name . spec) + (let ((slot-name (string->symbol name))) + (if (member name required) + `((,slot-name + (error (format #f "~a: required value missing." + ,name)))) + (list (list slot-name ''__unspecified__)))))) + members)) + +(define (compile-shape-stubs exp) + "Compile an AWS shape expression EXP to a stub." + (match exp + ((name . _) + `(define ,(string->symbol name) #f)))) + +(define (compile-shape exp) + "Compile an AWS shape expression EXP." + (define required + (or (and=> (assoc-ref exp "required") vector->list) + '())) + (define members (assoc-ref exp "members")) + (define structure? (string=? (assoc-ref exp "type") "structure")) + (match exp + ((name . spec) + (let ((scm-name (string->symbol name))) + (if structure? + `(begin + (define ,scm-name + (lambda* (#:key ,@(compile-member-args members required)) + ,(assoc-ref spec "documentation") + ;; Type checks + ,@(map (match-lambda + ((name . spec) + (let ((key-name (string->symbol name))) + `(unless (eq? ,key-name '__unspecified__) + (ensure ,key-name + ',(string->symbol (assoc-ref spec "shape"))))))) + members) + (aws-structure + ',scm-name + (list ,@(map (match-lambda + ((name . spec) + `(aws-member #:name ',(string->symbol name) + #:shape ',(and=> (assoc-ref spec "shape") string->symbol) + #:location ,(assoc-ref spec "location") + #:location-name ,(assoc-ref spec "locationName") + #:documentation ,(assoc-ref spec "documentation") + #:value ,(string->symbol name)))) + members))))) + (export ,scm-name)) + `(begin + (define ,scm-name + (aws-shape #:aws-name ',scm-name + #:primitive? + ,(and (primitive? + (alist-delete "documentation" spec)) #t) + #:type-checker + ,(primitive-type-checker + (alist-delete "documentation" spec)) + #:location + ',(and=> (assoc-ref spec "location") string->symbol) + #:location-name + ,(assoc-ref spec "locationName") + #:documentation + ,(assoc-ref spec "documentation"))) + (export ,scm-name))))))) + +(define (compile-operation exp) + "Compile an AWS operation expression EXP." + (match exp + ((name . spec) + `(begin + (define ,(string->symbol name) + (aws-operation + operation->request + #:name ,name + #:input-type + ',(and=> (assoc-ref spec "input") + (lambda (input) + (and=> (assoc-ref input "shape") string->symbol))) + #:output-type + ',(and=> (assoc-ref spec "output") + (lambda (output) + (and=> (assoc-ref output "shape") string->symbol))) + #:http + ',(assoc-ref spec "http") + #:documentation + ,(assoc-ref spec "documentation"))) + (export ,(string->symbol name)))))) + +(define (compile-scheme exp env opts) + (and-let* ((meta (assoc-ref exp "metadata")) + (module-name (string->symbol (assoc-ref meta "uid")))) + (values `(begin + (define-module (aws api ,module-name) + #:use-module (aws base) + #:use-module (aws request) + #:use-module (ice-9 match) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-9) + #:use-module ((srfi srfi-19) #:select (date?)) + #:use-module (srfi srfi-26) + #:use-module ((rnrs bytevectors) #:select (bytevector?))) + (define-public api-documentation + ,(assoc-ref exp "documentation")) + (define api-metadata + ',(map (lambda (key) + `(,(string->symbol key) . ,(assoc-ref meta key))) + (map car meta))) + (define operation->request + (make-operation->request api-metadata)) + ;; Define all shapes first so that we don't have to do + ;; a topological sort. In the next step the shapes are + ;; redefined. + ,@(map compile-shape-stubs (assoc-ref exp "shapes")) + ,@(map compile-shape (assoc-ref exp "shapes")) + ,@(map compile-operation (assoc-ref exp "operations"))) + env env))) + +(define-language aws + #:title "AWS JSON specification language" + #:reader (lambda (port env) + (if (eof-object? (peek-char port)) + (read-char port) + (read-json port))) + #:compilers `((scheme . ,compile-scheme)) + #:printer write) diff --git a/pre-inst-env.in b/pre-inst-env.in new file mode 100644 index 0000000..cfafd48 --- /dev/null +++ b/pre-inst-env.in @@ -0,0 +1,10 @@ +#!/bin/sh + +abs_top_srcdir="`cd "@abs_top_srcdir@" > /dev/null; pwd`" +abs_top_builddir="`cd "@abs_top_builddir@" > /dev/null; pwd`" + +GUILE_LOAD_COMPILED_PATH="$abs_top_builddir${GUILE_LOAD_COMPILED_PATH:+:}$GUILE_LOAD_COMPILED_PATH" +GUILE_LOAD_PATH="$abs_top_builddir:$abs_top_srcdir${GUILE_LOAD_PATH:+:}:$GUILE_LOAD_PATH" +export GUILE_LOAD_COMPILED_PATH GUILE_LOAD_PATH + +exec "$@" |