Updated API models and rebuilt service gems.

aws · Dec 13, 2024 · a3b1ecf · a3b1ecf
1 parent ba94b1c
commit a3b1ecf
Show file tree

Hide file tree

Showing 73 changed files with 1,422 additions and 117 deletions.
diff --git a/apis/cloudhsmv2/2017-04-28/api-2.json b/apis/cloudhsmv2/2017-04-28/api-2.json
@@ -289,6 +289,7 @@
         {"shape":"CloudHsmAccessDeniedException"},
         {"shape":"CloudHsmInternalFailureException"},
         {"shape":"CloudHsmInvalidRequestException"},
+        {"shape":"CloudHsmResourceLimitExceededException"},
         {"shape":"CloudHsmResourceNotFoundException"},
         {"shape":"CloudHsmServiceException"},
         {"shape":"CloudHsmTagException"}
@@ -422,6 +423,13 @@
       },
       "exception":true
     },
+    "CloudHsmResourceLimitExceededException":{
+      "type":"structure",
+      "members":{
+        "Message":{"shape":"errorMessage"}
+      },
+      "exception":true
+    },
     "CloudHsmResourceNotFoundException":{
       "type":"structure",
       "members":{
@@ -459,6 +467,7 @@
         "StateMessage":{"shape":"StateMessage"},
         "SubnetMapping":{"shape":"ExternalSubnetMapping"},
         "VpcId":{"shape":"VpcId"},
+        "NetworkType":{"shape":"NetworkType"},
         "Certificates":{"shape":"Certificates"},
         "TagList":{"shape":"TagList"},
         "Mode":{"shape":"ClusterMode"}
@@ -484,6 +493,8 @@
         "INITIALIZED",
         "ACTIVE",
         "UPDATE_IN_PROGRESS",
+        "MODIFY_IN_PROGRESS",
+        "ROLLBACK_IN_PROGRESS",
         "DELETE_IN_PROGRESS",
         "DELETED",
         "DEGRADED"
@@ -527,6 +538,7 @@
         "HsmType":{"shape":"HsmType"},
         "SourceBackupId":{"shape":"BackupArn"},
         "SubnetIds":{"shape":"SubnetIds"},
+        "NetworkType":{"shape":"NetworkType"},
         "TagList":{"shape":"TagList"},
         "Mode":{"shape":"ClusterMode"}
       }
@@ -695,6 +707,7 @@
         "SubnetId":{"shape":"SubnetId"},
         "EniId":{"shape":"EniId"},
         "EniIp":{"shape":"IpAddress"},
+        "EniIpV6":{"shape":"IpV6Address"},
         "HsmId":{"shape":"HsmId"},
         "State":{"shape":"HsmState"},
         "StateMessage":{"shape":"String"}
@@ -747,6 +760,10 @@
       "type":"string",
       "pattern":"\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}"
     },
+    "IpV6Address":{
+      "type":"string",
+      "max":100
+    },
     "ListTagsRequest":{
       "type":"structure",
       "required":["ResourceId"],
@@ -803,6 +820,13 @@
         "Cluster":{"shape":"Cluster"}
       }
     },
+    "NetworkType":{
+      "type":"string",
+      "enum":[
+        "IPV4",
+        "DUALSTACK"
+      ]
+    },
     "NextToken":{
       "type":"string",
       "max":256,

diff --git a/apis/cloudhsmv2/2017-04-28/docs-2.json b/apis/cloudhsmv2/2017-04-28/docs-2.json
@@ -147,6 +147,11 @@
       "refs": {
       }
     },
+    "CloudHsmResourceLimitExceededException": {
+      "base": "<p>The request was rejected because it exceeds an CloudHSM limit.</p>",
+      "refs": {
+      }
+    },
     "CloudHsmResourceNotFoundException": {
       "base": "<p>The request was rejected because it refers to a resource that cannot be found.</p>",
       "refs": {
@@ -406,6 +411,12 @@
         "Hsm$EniIp": "<p>The IP address of the HSM's elastic network interface (ENI).</p>"
       }
     },
+    "IpV6Address": {
+      "base": null,
+      "refs": {
+        "Hsm$EniIpV6": "<p>The IPv6 address (if any) of the HSM's elastic network interface (ENI).</p>"
+      }
+    },
     "ListTagsRequest": {
       "base": null,
       "refs": {
@@ -442,6 +453,13 @@
       "refs": {
       }
     },
+    "NetworkType": {
+      "base": null,
+      "refs": {
+        "Cluster$NetworkType": "<p>The cluster's NetworkType can be set to either IPV4 (which is the default) or DUALSTACK. When set to IPV4, communication between your application and the Hardware Security Modules (HSMs) is restricted to the IPv4 protocol only. In contrast, the DUALSTACK network type enables communication over both the IPv4 and IPv6 protocols. To use the DUALSTACK option, you'll need to configure your Virtual Private Cloud (VPC) and subnets to support both IPv4 and IPv6. This involves adding IPv6 Classless Inter-Domain Routing (CIDR) blocks to the existing IPv4 CIDR blocks in your subnets. The choice between IPV4 and DUALSTACK network types determines the flexibility of the network addressing setup for your cluster. The DUALSTACK option provides more flexibility by allowing both IPv4 and IPv6 communication.</p>",
+        "CreateClusterRequest$NetworkType": "<p>The NetworkType to create a cluster with. The allowed values are <code>IPV4</code> and <code>DUALSTACK</code>. </p>"
+      }
+    },
     "NextToken": {
       "base": null,
       "refs": {
@@ -622,6 +640,7 @@
         "CloudHsmAccessDeniedException$Message": null,
         "CloudHsmInternalFailureException$Message": null,
         "CloudHsmInvalidRequestException$Message": null,
+        "CloudHsmResourceLimitExceededException$Message": null,
         "CloudHsmResourceNotFoundException$Message": null,
         "CloudHsmServiceException$Message": null,
         "CloudHsmTagException$Message": null

diff --git a/apis/cloudhsmv2/2017-04-28/smoke-2.json b/apis/cloudhsmv2/2017-04-28/smoke-2.json
@@ -0,0 +1,16 @@
+{
+    "version": 2,
+    "testCases": [
+        {
+            "id": "DescribeClustersSuccess",
+            "operationName": "DescribeClusters",
+            "input": {},
+            "expectation": {
+                "success": {}
+            },
+            "config": {
+                "region": "us-west-2"
+            }
+        }
+    ]
+}
diff --git a/apis/ec2/2016-11-15/api-2.json b/apis/ec2/2016-11-15/api-2.json
@@ -1669,7 +1669,8 @@
         "method":"POST",
         "requestUri":"/"
       },
-      "input":{"shape":"DeleteSecurityGroupRequest"}
+      "input":{"shape":"DeleteSecurityGroupRequest"},
+      "output":{"shape":"DeleteSecurityGroupResult"}
     },
     "DeleteSnapshot":{
       "name":"DeleteSnapshot",
@@ -15060,6 +15061,19 @@
         }
       }
     },
+    "DeleteSecurityGroupResult":{
+      "type":"structure",
+      "members":{
+        "Return":{
+          "shape":"Boolean",
+          "locationName":"return"
+        },
+        "GroupId":{
+          "shape":"SecurityGroupId",
+          "locationName":"groupId"
+        }
+      }
+    },
     "DeleteSnapshotRequest":{
       "type":"structure",
       "required":["SnapshotId"],

diff --git a/apis/ec2/2016-11-15/docs-2.json b/apis/ec2/2016-11-15/docs-2.json
@@ -644,7 +644,7 @@
     "SearchTransitGatewayMulticastGroups": "<p>Searches one or more transit gateway multicast groups and returns the group membership information.</p>",
     "SearchTransitGatewayRoutes": "<p>Searches for routes in the specified transit gateway route table.</p>",
     "SendDiagnosticInterrupt": "<p>Sends a diagnostic interrupt to the specified Amazon EC2 instance to trigger a <i>kernel panic</i> (on Linux instances), or a <i>blue screen</i>/<i>stop error</i> (on Windows instances). For instances based on Intel and AMD processors, the interrupt is received as a <i>non-maskable interrupt</i> (NMI).</p> <p>In general, the operating system crashes and reboots when a kernel panic or stop error is triggered. The operating system can also be configured to perform diagnostic tasks, such as generating a memory dump file, loading a secondary kernel, or obtaining a call trace.</p> <p>Before sending a diagnostic interrupt to your instance, ensure that its operating system is configured to perform the required diagnostic tasks.</p> <p>For more information about configuring your operating system to generate a crash dump when a kernel panic or stop error occurs, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/diagnostic-interrupt.html\">Send a diagnostic interrupt (for advanced users)</a> in the <i>Amazon EC2 User Guide</i>.</p>",
-    "StartDeclarativePoliciesReport": "<p>Generates an account status report. The report is generated asynchronously, and can take several hours to complete.</p> <p>The report provides the current status of all attributes supported by declarative policies for the accounts within the specified scope. The scope is determined by the specified <code>TargetId</code>, which can represent an individual account, or all the accounts that fall under the specified organizational unit (OU) or root (the entire Amazon Web Services Organization).</p> <p>The report is saved to your specified S3 bucket, using the following path structure (with the <i>italicized placeholders</i> representing your specific values):</p> <p> <code>s3://<i>amzn-s3-demo-bucket</i>/<i>your-optional-s3-prefix</i>/ec2_<i>targetId</i>_<i>reportId</i>_<i>yyyyMMdd</i>T<i>hhmm</i>Z.csv</code> </p> <p class=\"title\"> <b>Prerequisites for generating a report</b> </p> <ul> <li> <p>The <code>StartDeclarativePoliciesReport</code> API can only be called by the management account or delegated administrators for the organization.</p> </li> <li> <p>An S3 bucket must be available before generating the report (you can create a new one or use an existing one), and it must have an appropriate bucket policy. For a sample S3 policy, see <i>Sample Amazon S3 policy</i> under .</p> </li> <li> <p>Trusted access must be enabled for the service for which the declarative policy will enforce a baseline configuration. If you use the Amazon Web Services Organizations console, this is done automatically when you enable declarative policies. The API uses the following service principal to identify the EC2 service: <code>ec2.amazonaws.com</code>. For more information on how to enable trusted access with the Amazon Web Services CLI and Amazon Web Services SDKs, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html\">Using Organizations with other Amazon Web Services services</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p> </li> <li> <p>Only one report per organization can be generated at a time. Attempting to generate a report while another is in progress will result in an error.</p> </li> </ul> <p>For more information, including the required IAM permissions to run this API, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative_status-report.html\">Generating the account status report for declarative policies</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p>",
+    "StartDeclarativePoliciesReport": "<p>Generates an account status report. The report is generated asynchronously, and can take several hours to complete.</p> <p>The report provides the current status of all attributes supported by declarative policies for the accounts within the specified scope. The scope is determined by the specified <code>TargetId</code>, which can represent an individual account, or all the accounts that fall under the specified organizational unit (OU) or root (the entire Amazon Web Services Organization).</p> <p>The report is saved to your specified S3 bucket, using the following path structure (with the <i>italicized placeholders</i> representing your specific values):</p> <p> <code>s3://<i>amzn-s3-demo-bucket</i>/<i>your-optional-s3-prefix</i>/ec2_<i>targetId</i>_<i>reportId</i>_<i>yyyyMMdd</i>T<i>hhmm</i>Z.csv</code> </p> <p class=\"title\"> <b>Prerequisites for generating a report</b> </p> <ul> <li> <p>The <code>StartDeclarativePoliciesReport</code> API can only be called by the management account or delegated administrators for the organization.</p> </li> <li> <p>An S3 bucket must be available before generating the report (you can create a new one or use an existing one), it must be in the same Region where the report generation request is made, and it must have an appropriate bucket policy. For a sample S3 policy, see <i>Sample Amazon S3 policy</i> under .</p> </li> <li> <p>Trusted access must be enabled for the service for which the declarative policy will enforce a baseline configuration. If you use the Amazon Web Services Organizations console, this is done automatically when you enable declarative policies. The API uses the following service principal to identify the EC2 service: <code>ec2.amazonaws.com</code>. For more information on how to enable trusted access with the Amazon Web Services CLI and Amazon Web Services SDKs, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html\">Using Organizations with other Amazon Web Services services</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p> </li> <li> <p>Only one report per organization can be generated at a time. Attempting to generate a report while another is in progress will result in an error.</p> </li> </ul> <p>For more information, including the required IAM permissions to run this API, see <a href=\"https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative_status-report.html\">Generating the account status report for declarative policies</a> in the <i>Amazon Web Services Organizations User Guide</i>.</p>",
     "StartInstances": "<p>Starts an Amazon EBS-backed instance that you've previously stopped.</p> <p>Instances that use Amazon EBS volumes as their root devices can be quickly stopped and started. When an instance is stopped, the compute resources are released and you are not billed for instance usage. However, your root partition Amazon EBS volume remains and continues to persist your data, and you are charged for Amazon EBS volume usage. You can restart your instance at any time. Every time you start your instance, Amazon EC2 charges a one-minute minimum for instance usage, and thereafter charges per second for instance usage.</p> <p>Before stopping an instance, make sure it is in a state from which it can be restarted. Stopping an instance does not preserve data stored in RAM.</p> <p>Performing this operation on an instance that uses an instance store as its root device returns an error.</p> <p>If you attempt to start a T3 instance with <code>host</code> tenancy and the <code>unlimited</code> CPU credit option, the request fails. The <code>unlimited</code> CPU credit option is not supported on Dedicated Hosts. Before you start the instance, either change its CPU credit option to <code>standard</code>, or change its tenancy to <code>default</code> or <code>dedicated</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html\">Stop and start Amazon EC2 instances</a> in the <i>Amazon EC2 User Guide</i>.</p>",
     "StartNetworkInsightsAccessScopeAnalysis": "<p>Starts analyzing the specified Network Access Scope.</p>",
     "StartNetworkInsightsAnalysis": "<p>Starts analyzing the specified path. If the path is reachable, the operation returns the shortest feasible path.</p>",
@@ -2361,6 +2361,7 @@
         "DeleteRouteRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
         "DeleteRouteTableRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
         "DeleteSecurityGroupRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
+        "DeleteSecurityGroupResult$Return": "<p>Returns <code>true</code> if the request succeeds; otherwise, returns an error.</p>",
         "DeleteSnapshotRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
         "DeleteSpotDatafeedSubscriptionRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
         "DeleteSubnetCidrReservationRequest$DryRun": "<p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>",
@@ -6116,6 +6117,11 @@
       "refs": {
       }
     },
+    "DeleteSecurityGroupResult": {
+      "base": null,
+      "refs": {
+      }
+    },
     "DeleteSnapshotRequest": {
       "base": null,
       "refs": {
@@ -10128,7 +10134,7 @@
       }
     },
     "Filter": {
-      "base": "<p>A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.</p> <p>If you specify multiple filters, the filters are joined with an <code>AND</code>, and the request returns only results that match all of the specified filters.</p>",
+      "base": "<p>A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.</p> <p>If you specify multiple filters, the filters are joined with an <code>AND</code>, and the request returns only results that match all of the specified filters.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Filtering.html#Filtering_Resources_CLI\">List and filter using the CLI and API</a> in the <i>Amazon EC2 User Guide</i>.</p>",
       "refs": {
         "FilterList$member": null
       }
@@ -19777,6 +19783,7 @@
         "AuthorizeSecurityGroupIngressRequest$GroupId": "<p>The ID of the security group.</p>",
         "ClientVpnSecurityGroupIdSet$member": null,
         "DeleteSecurityGroupRequest$GroupId": "<p>The ID of the security group.</p>",
+        "DeleteSecurityGroupResult$GroupId": "<p>The ID of the deleted security group.</p>",
         "GroupIdStringList$member": null,
         "GroupIds$member": null,
         "ModifySecurityGroupRulesRequest$GroupId": "<p>The ID of the security group.</p>",
@@ -22531,7 +22538,7 @@
         "StaleSecurityGroup$GroupId": "<p>The ID of the security group.</p>",
         "StaleSecurityGroup$GroupName": "<p>The name of the security group.</p>",
         "StaleSecurityGroup$VpcId": "<p>The ID of the VPC for the security group.</p>",
-        "StartDeclarativePoliciesReportRequest$S3Bucket": "<p>The name of the S3 bucket where the report will be saved.</p>",
+        "StartDeclarativePoliciesReportRequest$S3Bucket": "<p>The name of the S3 bucket where the report will be saved. The bucket must be in the same Region where the report generation request is made.</p>",
         "StartDeclarativePoliciesReportRequest$S3Prefix": "<p>The prefix for your S3 object.</p>",
         "StartDeclarativePoliciesReportRequest$TargetId": "<p>The root ID, organizational unit ID, or account ID.</p> <p>Format:</p> <ul> <li> <p>For root: <code>r-ab12</code> </p> </li> <li> <p>For OU: <code>ou-ab12-cdef1234</code> </p> </li> <li> <p>For account: <code>123456789012</code> </p> </li> </ul>",
         "StartDeclarativePoliciesReportResult$ReportId": "<p>The ID of the report.</p>",