The basic authorization credentials for the autocreated branch.
+ * The basic authorization credentials for the autocreated branch. You must base64-encode the authorization credentials and provide them in the format user:password.
The credentials for basic authorization for an Amplify app.
+ * The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for branches for the Amplify app.
+ * The basic authorization credentials for branches for the Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for the branch.
+ * The basic authorization credentials for the branch. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for a branch of an Amplify app.
+ * The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for an Amplify app.
+ * The basic authorization credentials for an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for the branch.
+ * The basic authorization credentials for the branch. You must base64-encode the authorization credentials and provide them in the format user:password.
During a configuration deployment, AppConfig monitors the application to ensure that the deployment is successful. If the system encounters an error, AppConfig rolls back the @@ -29,15 +29,15 @@ triggers an alarm, AppConfig automatically rolls back to the previous version. <
-Application tuning: Use AppConfig to carefully -introduce changes to your application that can only be tested with production -traffic.
+Feature flags: Use AppConfig to turn on new +features that require a timely deployment, such as a product launch or announcement. +-Feature toggle: Use AppConfig to turn on new -features that require a timely deployment, such as a product launch or announcement. -
+Application tuning: Use AppConfig to carefully +introduce changes to your application that can only be tested with production +traffic.diff --git a/clients/client-appconfig/src/AppConfig.ts b/clients/client-appconfig/src/AppConfig.ts index 7ac0218fd1d7..c57af74ebcac 100644 --- a/clients/client-appconfig/src/AppConfig.ts +++ b/clients/client-appconfig/src/AppConfig.ts @@ -173,8 +173,8 @@ import { * systems where a simple typo could cause an unexpected outage, AppConfig includes * validators. A validator provides a syntactic or semantic check to ensure that the * configuration you want to deploy works as intended. To validate your application - * configuration data, you provide a schema or a Lambda function that runs against the - * configuration. The configuration deployment or update can only proceed when the + * configuration data, you provide a schema or an Amazon Web Services Lambda function that runs against + * the configuration. The configuration deployment or update can only proceed when the * configuration data is valid.
*During a configuration deployment, AppConfig monitors the application to ensure that the * deployment is successful. If the system encounters an error, AppConfig rolls back the @@ -186,15 +186,15 @@ import { *
- * Application tuning: Use AppConfig to carefully - * introduce changes to your application that can only be tested with production - * traffic.
+ * Feature flags: Use AppConfig to turn on new + * features that require a timely deployment, such as a product launch or announcement. + * *- * Feature toggle: Use AppConfig to turn on new - * features that require a timely deployment, such as a product launch or announcement. - *
+ * Application tuning: Use AppConfig to carefully + * introduce changes to your application that can only be tested with production + * traffic. *@@ -264,7 +264,7 @@ export class AppConfig extends AppConfigClient { *
A validator for the configuration data. Available validators include either a JSON - * Schema or an Lambda function.
+ * Schema or an Amazon Web Services Lambda function. *For more information, see Create a
@@ -604,18 +604,39 @@ export class AppConfig extends AppConfigClient {
}
/**
- * Retrieves information about a configuration. Retrieves the latest deployed configuration. AppConfig uses the value of the To avoid excess charges, we recommend that you include the
- * Note the following important information. This API action has been deprecated. Calls to receive configuration data should
+ * use the StartConfigurationSession and GetLatestConfiguration APIs instead.
+ * AppConfig uses the value of the To avoid excess charges, we recommend you use the StartConfigurationSession and GetLatestConfiguration APIs, which track the client configuration
+ * version on your behalf. If you choose to continue using
+ * Lists the deployments for an environment. Lists the deployments for an environment in descending deployment number order.ClientConfigurationVersion parameter to
- * identify the configuration version on your clients. If you don’t send
- * ClientConfigurationVersion with each call to
- * GetConfiguration, your clients receive the current configuration. You
- * are charged each time your clients receive a configuration.ClientConfigurationVersion value with every call to
- * GetConfiguration. This value must be saved on your client. Subsequent
- * calls to GetConfiguration must pass this value by using the
- * ClientConfigurationVersion parameter.
+ *
* GetConfiguration is a priced call. For more information, see
+ * Pricing.ClientConfigurationVersion
+ * parameter to identify the configuration version on your clients. If you don’t send
+ * ClientConfigurationVersion with each call to
+ * GetConfiguration, your clients receive the current configuration.
+ * You are charged each time your clients receive a configuration.GetConfiguration, we recommend that you include the
+ * ClientConfigurationVersion value with every call to
+ * GetConfiguration. The value to use for
+ * ClientConfigurationVersion comes from the
+ * ConfigurationVersion attribute returned by
+ * GetConfiguration when there is new or updated data, and should be
+ * saved for subsequent calls to GetConfiguration.
During a configuration deployment, AppConfig monitors the application to ensure that the * deployment is successful. If the system encounters an error, AppConfig rolls back the @@ -379,15 +379,15 @@ export interface AppConfigClientResolvedConfig extends AppConfigClientResolvedCo *
- * Application tuning: Use AppConfig to carefully - * introduce changes to your application that can only be tested with production - * traffic.
+ * Feature flags: Use AppConfig to turn on new + * features that require a timely deployment, such as a product launch or announcement. + * *- * Feature toggle: Use AppConfig to turn on new - * features that require a timely deployment, such as a product launch or announcement. - *
+ * Application tuning: Use AppConfig to carefully + * introduce changes to your application that can only be tested with production + * traffic. *diff --git a/clients/client-appconfig/src/commands/CreateConfigurationProfileCommand.ts b/clients/client-appconfig/src/commands/CreateConfigurationProfileCommand.ts index a2f51e654485..54342d39291c 100644 --- a/clients/client-appconfig/src/commands/CreateConfigurationProfileCommand.ts +++ b/clients/client-appconfig/src/commands/CreateConfigurationProfileCommand.ts @@ -38,7 +38,7 @@ export interface CreateConfigurationProfileCommandOutput extends ConfigurationPr *
A validator for the configuration data. Available validators include either a JSON - * Schema or an Lambda function.
+ * Schema or an Amazon Web Services Lambda function. *For more information, see Create a
diff --git a/clients/client-appconfig/src/commands/GetConfigurationCommand.ts b/clients/client-appconfig/src/commands/GetConfigurationCommand.ts
index 51162f4d2603..4dd29ced4c91 100644
--- a/clients/client-appconfig/src/commands/GetConfigurationCommand.ts
+++ b/clients/client-appconfig/src/commands/GetConfigurationCommand.ts
@@ -22,18 +22,39 @@ export interface GetConfigurationCommandInput extends GetConfigurationRequest {}
export interface GetConfigurationCommandOutput extends Configuration, __MetadataBearer {}
/**
- * Retrieves information about a configuration. Retrieves the latest deployed configuration. AppConfig uses the value of the To avoid excess charges, we recommend that you include the
- * Note the following important information. This API action has been deprecated. Calls to receive configuration data should
+ * use the StartConfigurationSession and GetLatestConfiguration APIs instead.
+ * AppConfig uses the value of the To avoid excess charges, we recommend you use the StartConfigurationSession and GetLatestConfiguration APIs, which track the client configuration
+ * version on your behalf. If you choose to continue using
+ * Lists the deployments for an environment. Lists the deployments for an environment in descending deployment number order. Detailed information about the bad request exception error when creating a hosted configuration version. Detailed information about the bad request exception error when creating a hosted
+ * configuration version. The invalid or out-of-range validation constraint in your JSON schema that failed validation. The invalid or out-of-range validation constraint in your JSON schema that failed
+ * validation. Location of the validation constraint in the configuration JSON schema that failed validation. Location of the validation constraint in the configuration JSON schema that failed
+ * validation. Detailed information about the input that failed to satisfy the constraints specified by an AWS service. Detailed information about the input that failed to satisfy the constraints specified by
+ * a call. Detailed information about the bad request exception error when creating a hosted configuration version. Detailed information about the bad request exception error when creating a hosted
+ * configuration version. Detailed information about the input that failed to satisfy the constraints specified by an AWS service. Detailed information about the input that failed to satisfy the constraints specified by
+ * a call. A validator provides a syntactic or semantic check to ensure the configuration that you
* want to deploy functions as intended. To validate your application configuration data, you
- * provide a schema or a Lambda function that runs against the configuration. The
+ * provide a schema or an Amazon Web Services Lambda function that runs against the configuration. The
* configuration deployment or update can only proceed when the configuration data is
* valid. The type of configurations that the configuration profile contains. A configuration can
- * be a feature flag used for enabling or disabling new features or a free-form configuration
- * used for distributing configurations to your application. The type of configurations contained in the profile. AppConfig supports
+ *
+ * The type of configurations that the configuration profile contains. A configuration can
- * be a feature flag used for enabling or disabling new features or a free-form configuration
- * used for distributing configurations to your application. The type of configurations contained in the profile. AppConfig supports
+ *
+ * The content of the configuration or the configuration data. Compare the configuration version numbers of the configuration cached locally on your
- * machine and the configuration number in the the header. If the configuration numbers are
- * the same, the content can be ignored. The The The type of configurations that the configuration profile contains. A configuration can
- * be a feature flag used for enabling or disabling new features or a free-form configuration
- * used to introduce changes to your application. The type of configurations contained in the profile. AppConfig supports
+ *
+ * A filter based on the type of configurations that the configuration profile contains. A
- * configuration can be a feature flag or a free-form configuration.ClientConfigurationVersion parameter to
- * identify the configuration version on your clients. If you don’t send
- * ClientConfigurationVersion with each call to
- * GetConfiguration, your clients receive the current configuration. You
- * are charged each time your clients receive a configuration.ClientConfigurationVersion value with every call to
- * GetConfiguration. This value must be saved on your client. Subsequent
- * calls to GetConfiguration must pass this value by using the
- * ClientConfigurationVersion parameter.
+ *
* GetConfiguration is a priced call. For more information, see
+ * Pricing.ClientConfigurationVersion
+ * parameter to identify the configuration version on your clients. If you don’t send
+ * ClientConfigurationVersion with each call to
+ * GetConfiguration, your clients receive the current configuration.
+ * You are charged each time your clients receive a configuration.GetConfiguration, we recommend that you include the
+ * ClientConfigurationVersion value with every call to
+ * GetConfiguration. The value to use for
+ * ClientConfigurationVersion comes from the
+ * ConfigurationVersion attribute returned by
+ * GetConfiguration when there is new or updated data, and should be
+ * saved for subsequent calls to GetConfiguration.feature
+ * flags and freeform configurations. We recommend you create feature
+ * flag configurations to enable or disable new features and freeform configurations to
+ * distribute configurations to an application. When calling this API, enter one of the
+ * following values for Type:AWS.AppConfig.FeatureFlags
+ * AWS.Freeform
+ * feature
+ * flags and freeform configurations. We recommend you create feature
+ * flag configurations to enable or disable new features and freeform configurations to
+ * distribute configurations to an application. When calling this API, enter one of the
+ * following values for Type:AWS.AppConfig.FeatureFlags
+ * AWS.Freeform
+ * Content section only appears if
- * the system finds new or updated configuration data. If the system doesn't find new or
- * updated configuration data, then the Content section is not
- * returned.Content attribute only contains data if the system finds new or
+ * updated configuration data. If there is no new or updated data and
+ * ClientConfigurationVersion matches the version of the current
+ * configuration, AppConfig returns a 204 No Content HTTP response code and
+ * the Content value will be empty.feature
+ * flags and freeform configurations. We recommend you create feature
+ * flag configurations to enable or disable new features and freeform configurations to
+ * distribute configurations to an application. When calling this API, enter one of the
+ * following values for Type:AWS.AppConfig.FeatureFlags
+ * AWS.Freeform
+ *
The maximum number of items to return for this call. The call also returns a token that - * you can specify in a subsequent call to get the next set of results.
+ *The maximum number of items that may be returned for this call. If there are items that
+ * have not yet been returned, the response will include a non-null NextToken
+ * that you can provide in a subsequent call to get the next set of results.
A token to start the list. Use this token to get the next set of results.
+ *The token returned by a prior call to this operation indicating the next set of results + * to be returned. If not specified, the operation will return the first set of + * results.
*/ NextToken?: string; } diff --git a/clients/client-appconfigdata/README.md b/clients/client-appconfigdata/README.md index 08bafdfd7936..93f95840b3df 100644 --- a/clients/client-appconfigdata/README.md +++ b/clients/client-appconfigdata/README.md @@ -7,7 +7,51 @@ AWS SDK for JavaScript AppConfigData Client for Node.js, Browser and React Native. -Use the AppConfigData API, a capability of AWS AppConfig, to retrieve deployed configuration.
+AppConfig Data provides the data plane APIs your application uses to retrieve configuration data. +Here's how it works:
+Your application retrieves configuration data by first establishing a configuration +session using the AppConfig Data StartConfigurationSession API action. Your session's +client then makes periodic calls to GetLatestConfiguration to check for +and retrieve the latest data available.
+When calling StartConfigurationSession, your code sends the following
+information:
Identifiers (ID or name) of an AppConfig application, environment, and +configuration profile that the session tracks.
+(Optional) The minimum amount of time the session's client must wait between calls
+to GetLatestConfiguration.
In response, AppConfig provides an InitialConfigurationToken to be given to
+the session's client and used the first time it calls GetLatestConfiguration
+for that session.
When calling GetLatestConfiguration, your client code sends the most recent
+ConfigurationToken value it has and receives in response:
+NextPollConfigurationToken: the ConfigurationToken value
+to use on the next call to GetLatestConfiguration.
+NextPollIntervalInSeconds: the duration the client should wait before
+making its next call to GetLatestConfiguration. This duration may vary
+over the course of the session, so it should be used instead of the value sent on the
+StartConfigurationSession call.
The configuration: the latest data intended for the session. This may be empty if +the client already has the latest version of the configuration.
+For more information and to view example CLI commands that show how to retrieve a
+configuration using the AppConfig Data StartConfigurationSession and
+GetLatestConfiguration API actions, see Receiving the
+configuration in the AppConfig User Guide.
Use the AppConfigData API, a capability of AWS AppConfig, to retrieve deployed configuration.
+ *AppConfig Data provides the data plane APIs your application uses to retrieve configuration data. + * Here's how it works:
+ *Your application retrieves configuration data by first establishing a configuration + * session using the AppConfig Data StartConfigurationSession API action. Your session's + * client then makes periodic calls to GetLatestConfiguration to check for + * and retrieve the latest data available.
+ *When calling StartConfigurationSession, your code sends the following
+ * information:
Identifiers (ID or name) of an AppConfig application, environment, and + * configuration profile that the session tracks.
+ *(Optional) The minimum amount of time the session's client must wait between calls
+ * to GetLatestConfiguration.
In response, AppConfig provides an InitialConfigurationToken to be given to
+ * the session's client and used the first time it calls GetLatestConfiguration
+ * for that session.
When calling GetLatestConfiguration, your client code sends the most recent
+ * ConfigurationToken value it has and receives in response:
+ * NextPollConfigurationToken: the ConfigurationToken value
+ * to use on the next call to GetLatestConfiguration.
+ * NextPollIntervalInSeconds: the duration the client should wait before
+ * making its next call to GetLatestConfiguration. This duration may vary
+ * over the course of the session, so it should be used instead of the value sent on the
+ * StartConfigurationSession call.
The configuration: the latest data intended for the session. This may be empty if + * the client already has the latest version of the configuration.
+ *For more information and to view example CLI commands that show how to retrieve a
+ * configuration using the AppConfig Data StartConfigurationSession and
+ * GetLatestConfiguration API actions, see Receiving the
+ * configuration in the AppConfig User Guide.
Retrieves the latest deployed configuration. This API may return empty Configuration data if the client already has the latest version. See StartConfigurationSession to obtain an InitialConfigurationToken to call this API.
- *Each call to GetLatestConfiguration returns a new ConfigurationToken (NextPollConfigurationToken - * in the response). This new token MUST be provided to the next call to GetLatestConfiguration when - * polling for configuration updates.
- *To avoid excess charges, we recommend that you include the
- * ClientConfigurationVersion value with every call to
- * GetConfiguration. This value must be saved on your client. Subsequent
- * calls to GetConfiguration must pass this value by using the
- * ClientConfigurationVersion parameter.
Retrieves the latest deployed configuration. This API may return empty configuration + * data if the client already has the latest version. For more information about this API + * action and to view example CLI commands that show how to use it with the StartConfigurationSession API action, see Receiving the + * configuration in the AppConfig User Guide.
+ *Note the following important information.
+ *Each configuration token is only valid for one call to GetLatestConfiguration.
+ * The GetLatestConfiguration response includes a NextPollConfigurationToken that
+ * should always replace the token used for the just-completed call in preparation
+ * for the next one.
+ * GetLatestConfiguration is a priced call. For more information, see
+ * Pricing.
Starts a configuration session used to retrieve a deployed configuration. See the GetLatestConfiguration API for more details.
+ *Starts a configuration session used to retrieve a deployed configuration. For more + * information about this API action and to view example CLI commands that show how to use + * it with the GetLatestConfiguration API action, see Receiving the + * configuration in the AppConfig User Guide.
*/ public startConfigurationSession( args: StartConfigurationSessionCommandInput, diff --git a/clients/client-appconfigdata/src/AppConfigDataClient.ts b/clients/client-appconfigdata/src/AppConfigDataClient.ts index 1516ae3b0eb4..8144eebc4a76 100644 --- a/clients/client-appconfigdata/src/AppConfigDataClient.ts +++ b/clients/client-appconfigdata/src/AppConfigDataClient.ts @@ -218,7 +218,51 @@ type AppConfigDataClientResolvedConfigType = __SmithyResolvedConfiguration<__Htt export interface AppConfigDataClientResolvedConfig extends AppConfigDataClientResolvedConfigType {} /** - *Use the AppConfigData API, a capability of AWS AppConfig, to retrieve deployed configuration.
+ *AppConfig Data provides the data plane APIs your application uses to retrieve configuration data. + * Here's how it works:
+ *Your application retrieves configuration data by first establishing a configuration + * session using the AppConfig Data StartConfigurationSession API action. Your session's + * client then makes periodic calls to GetLatestConfiguration to check for + * and retrieve the latest data available.
+ *When calling StartConfigurationSession, your code sends the following
+ * information:
Identifiers (ID or name) of an AppConfig application, environment, and + * configuration profile that the session tracks.
+ *(Optional) The minimum amount of time the session's client must wait between calls
+ * to GetLatestConfiguration.
In response, AppConfig provides an InitialConfigurationToken to be given to
+ * the session's client and used the first time it calls GetLatestConfiguration
+ * for that session.
When calling GetLatestConfiguration, your client code sends the most recent
+ * ConfigurationToken value it has and receives in response:
+ * NextPollConfigurationToken: the ConfigurationToken value
+ * to use on the next call to GetLatestConfiguration.
+ * NextPollIntervalInSeconds: the duration the client should wait before
+ * making its next call to GetLatestConfiguration. This duration may vary
+ * over the course of the session, so it should be used instead of the value sent on the
+ * StartConfigurationSession call.
The configuration: the latest data intended for the session. This may be empty if + * the client already has the latest version of the configuration.
+ *For more information and to view example CLI commands that show how to retrieve a
+ * configuration using the AppConfig Data StartConfigurationSession and
+ * GetLatestConfiguration API actions, see Receiving the
+ * configuration in the AppConfig User Guide.
Retrieves the latest deployed configuration. This API may return empty Configuration data if the client already has the latest version. See StartConfigurationSession to obtain an InitialConfigurationToken to call this API.
- *Each call to GetLatestConfiguration returns a new ConfigurationToken (NextPollConfigurationToken - * in the response). This new token MUST be provided to the next call to GetLatestConfiguration when - * polling for configuration updates.
- *To avoid excess charges, we recommend that you include the
- * ClientConfigurationVersion value with every call to
- * GetConfiguration. This value must be saved on your client. Subsequent
- * calls to GetConfiguration must pass this value by using the
- * ClientConfigurationVersion parameter.
Retrieves the latest deployed configuration. This API may return empty configuration + * data if the client already has the latest version. For more information about this API + * action and to view example CLI commands that show how to use it with the StartConfigurationSession API action, see Receiving the + * configuration in the AppConfig User Guide.
+ *Note the following important information.
+ *Each configuration token is only valid for one call to GetLatestConfiguration.
+ * The GetLatestConfiguration response includes a NextPollConfigurationToken that
+ * should always replace the token used for the just-completed call in preparation
+ * for the next one.
+ * GetLatestConfiguration is a priced call. For more information, see
+ * Pricing.
Starts a configuration session used to retrieve a deployed configuration. See the GetLatestConfiguration API for more details.
+ *Starts a configuration session used to retrieve a deployed configuration. For more + * information about this API action and to view example CLI commands that show how to use + * it with the GetLatestConfiguration API action, see Receiving the + * configuration in the AppConfig User Guide.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-appconfigdata/src/models/models_0.ts b/clients/client-appconfigdata/src/models/models_0.ts index d4574b58679d..dfc7a929a2b7 100644 --- a/clients/client-appconfigdata/src/models/models_0.ts +++ b/clients/client-appconfigdata/src/models/models_0.ts @@ -17,11 +17,11 @@ export enum InvalidParameterProblem { } /** - *Contains details about an invalid parameter.
+ *Information about an invalid parameter.
*/ export interface InvalidParameterDetail { /** - *Detail describing why an individual parameter did not satisfy the constraints specified by the service
+ *The reason the parameter is invalid.
*/ Problem?: InvalidParameterProblem | string; } @@ -36,13 +36,14 @@ export namespace InvalidParameterDetail { } /** - *Details describing why the request was invalid
+ *Detailed information about the input that failed to satisfy the constraints specified by + * a call.
*/ export type BadRequestDetails = BadRequestDetails.InvalidParametersMember | BadRequestDetails.$UnknownMember; export namespace BadRequestDetails { /** - *Present if the Reason for the bad request was 'InvalidParameters'
+ *One or more specified parameters are not valid for the call.
*/ export interface InvalidParametersMember { InvalidParameters: { [key: string]: InvalidParameterDetail }; @@ -103,7 +104,7 @@ export interface BadRequestException extends __SmithyException, $MetadataBearer Reason?: BadRequestReason | string; /** - *Details describing why the request was invalid
+ *Details describing why the request was invalid.
*/ Details?: BadRequestDetails; } @@ -158,9 +159,6 @@ export interface ResourceNotFoundException extends __SmithyException, $MetadataB ReferencedBy?: { [key: string]: string }; } -/** - *Request parameters for the StartConfigurationSession API.
- */ export interface StartConfigurationSessionRequest { /** *The application ID or the application name.
@@ -178,9 +176,9 @@ export interface StartConfigurationSessionRequest { ConfigurationProfileIdentifier: string | undefined; /** - *The interval at which your client will poll for configuration. If provided, the service - * will throw a BadRequestException if the client polls before the specified poll interval. By default, - * client poll intervals are not enforced.
+ *Sets a constraint on a session. If you specify a value of, for example, 60 seconds, then + * the client that established the session can't call GetLatestConfiguration + * more frequently then every 60 seconds.
*/ RequiredMinimumPollIntervalInSeconds?: number; } @@ -194,17 +192,17 @@ export namespace StartConfigurationSessionRequest { }); } -/** - *Response parameters for the StartConfigurationSession API.
- */ export interface StartConfigurationSessionResponse { /** - *Token encapsulating state about the configuration session. Provide this token to the GetLatestConfiguration API to retrieve configuration data.
- *This token should only be used once in your first call to GetLatestConfiguration. You MUST use the - * new token in the GetConfiguration response (NextPollConfigurationToken) in each subsequent call to - * GetLatestConfiguration.
- *Token encapsulating state about the configuration session. Provide this token to the
+ * GetLatestConfiguration API to retrieve configuration data.
This token should only be used once in your first call to
+ * GetLatestConfiguration. You MUST use the new token in the
+ * GetLatestConfiguration response
+ * (NextPollConfigurationToken) in each subsequent call to
+ * GetLatestConfiguration.
Request parameters for the GetLatestConfiguration API
- */ export interface GetLatestConfigurationRequest { /** - *Token describing the current state of the configuration session. To obtain a token, first call the StartConfigurationSession API. Note that every call to GetLatestConfiguration will return a new ConfigurationToken (NextPollConfigurationToken in the response) and MUST be provided to subsequent GetLatestConfiguration API calls.
+ *Token describing the current state of the configuration session. To obtain a token,
+ * first call the StartConfigurationSession API. Note that every call to
+ * GetLatestConfiguration will return a new ConfigurationToken
+ * (NextPollConfigurationToken in the response) and MUST be provided to
+ * subsequent GetLatestConfiguration API calls.
Response parameters for the GetLatestConfiguration API
- */ export interface GetLatestConfigurationResponse { /** - *The latest token describing the current state of the configuration session. This MUST be provided to the next call to GetLatestConfiguration.
+ *The latest token describing the current state of the configuration session. This MUST be
+ * provided to the next call to GetLatestConfiguration.
+ *
The amount of time the client should wait before polling for configuration updates again. See RequiredMinimumPollIntervalInSeconds to set the desired poll interval.
+ *The amount of time the client should wait before polling for configuration updates
+ * again. Use RequiredMinimumPollIntervalInSeconds to set the desired poll
+ * interval.
The data of the configuration. Note that this may be empty if the client already has the latest version of configuration.
+ *The data of the configuration. This may be empty if the client already has the latest + * version of configuration.
*/ Configuration?: Uint8Array; } diff --git a/clients/client-athena/src/models/models_0.ts b/clients/client-athena/src/models/models_0.ts index 2c82955a811f..b5d2475aa53b 100644 --- a/clients/client-athena/src/models/models_0.ts +++ b/clients/client-athena/src/models/models_0.ts @@ -190,7 +190,8 @@ export namespace EngineVersion { */ export interface QueryExecutionContext { /** - *The name of the database used in the query execution. The database must exist in the catalog.
+ *The name of the database used in the query execution. The database must exist in the + * catalog.
*/ Database?: string; @@ -352,6 +353,37 @@ export namespace QueryExecutionStatistics { }); } +/** + *Provides information about an Athena query error. The
+ * AthenaError feature provides standardized error information to help you
+ * understand failed queries and take steps after a query failure occurs.
+ * AthenaError includes an ErrorCategory field that specifies
+ * whether the cause of the failed query is due to system error, user error, or unknown
+ * error.
An integer value that specifies the category of a query failure error. The following + * list shows the category for each integer value.
+ *+ * 1 - System
+ *+ * 2 - User
+ *+ * 3 - Unknown
+ */ + ErrorCategory?: number; +} + +export namespace AthenaError { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AthenaError): any => ({ + ...obj, + }); +} + export enum QueryExecutionState { CANCELLED = "CANCELLED", FAILED = "FAILED", @@ -395,6 +427,11 @@ export interface QueryExecutionStatus { *The date and time that the query completed.
*/ CompletionDateTime?: Date; + + /** + *Provides information about an Athena query error.
+ */ + AthenaError?: AthenaError; } export namespace QueryExecutionStatus { @@ -573,8 +610,9 @@ export enum DataCatalogType { export interface CreateDataCatalogInput { /** *The name of the data catalog to create. The catalog name must be unique for the - * Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at - * sign, or hyphen characters.
+ * Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at + * sign, or hyphen characters. The remainder of the length constraint of 256 is reserved + * for use by Athena. */ Name: string | undefined; @@ -840,7 +878,7 @@ export interface WorkGroupConfiguration { * workgroup members cannot query data from Requester Pays buckets, and queries that * retrieve data from Requester Pays buckets cause an error. The default is *false. For more information about Requester Pays buckets, see Requester
- * Pays Buckets in the Amazon Simple Storage Service Developer
+ * Pays Buckets in the Amazon Simple Storage Service Developer
* Guide.
*/
RequesterPaysEnabled?: boolean;
@@ -1140,8 +1178,9 @@ export namespace GetDataCatalogInput {
*/
export interface DataCatalog {
/**
- * The name of the data catalog. The catalog name must be unique for the Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at sign, - * or hyphen characters.
+ *The name of the data catalog. The catalog name must be unique for the Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at sign, + * or hyphen characters. The remainder of the length constraint of 256 is reserved for use + * by Athena.
*/ Name: string | undefined; @@ -1894,7 +1933,9 @@ export namespace ListDataCatalogsInput { */ export interface DataCatalogSummary { /** - *The name of the data catalog.
+ *The name of the data catalog. The catalog name is unique for the Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at sign, + * or hyphen characters. The remainder of the length constraint of 256 is reserved for use + * by Athena.
*/ CatalogName?: string; @@ -2540,8 +2581,9 @@ export namespace UntagResourceOutput { export interface UpdateDataCatalogInput { /** *The name of the data catalog to update. The catalog name must be unique for the - * Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at - * sign, or hyphen characters.
+ * Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at + * sign, or hyphen characters. The remainder of the length constraint of 256 is reserved + * for use by Athena. */ Name: string | undefined; diff --git a/clients/client-athena/src/protocols/Aws_json1_1.ts b/clients/client-athena/src/protocols/Aws_json1_1.ts index e11434e513ee..076f74959070 100644 --- a/clients/client-athena/src/protocols/Aws_json1_1.ts +++ b/clients/client-athena/src/protocols/Aws_json1_1.ts @@ -80,6 +80,7 @@ import { } from "../commands/UpdatePreparedStatementCommand"; import { UpdateWorkGroupCommandInput, UpdateWorkGroupCommandOutput } from "../commands/UpdateWorkGroupCommand"; import { + AthenaError, BatchGetNamedQueryInput, BatchGetNamedQueryOutput, BatchGetQueryExecutionInput, @@ -3386,6 +3387,12 @@ const serializeAws_json1_1WorkGroupConfigurationUpdates = ( }; }; +const deserializeAws_json1_1AthenaError = (output: any, context: __SerdeContext): AthenaError => { + return { + ErrorCategory: __expectInt32(output.ErrorCategory), + } as any; +}; + const deserializeAws_json1_1BatchGetNamedQueryOutput = ( output: any, context: __SerdeContext @@ -3976,6 +3983,10 @@ const deserializeAws_json1_1QueryExecutionStatistics = ( const deserializeAws_json1_1QueryExecutionStatus = (output: any, context: __SerdeContext): QueryExecutionStatus => { return { + AthenaError: + output.AthenaError !== undefined && output.AthenaError !== null + ? deserializeAws_json1_1AthenaError(output.AthenaError, context) + : undefined, CompletionDateTime: output.CompletionDateTime !== undefined && output.CompletionDateTime !== null ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.CompletionDateTime))) diff --git a/clients/client-codeguru-reviewer/src/waiters/waitForCodeReviewCompleted.ts b/clients/client-codeguru-reviewer/src/waiters/waitForCodeReviewCompleted.ts index 603bdaa4543e..89d10f5ce500 100644 --- a/clients/client-codeguru-reviewer/src/waiters/waitForCodeReviewCompleted.ts +++ b/clients/client-codeguru-reviewer/src/waiters/waitForCodeReviewCompleted.ts @@ -19,6 +19,14 @@ const checkState = async ( return { state: WaiterState.SUCCESS, reason }; } } catch (e) {} + try { + const returnComparator = () => { + return result.CodeReview.State; + }; + if (returnComparator() === "Failed") { + return { state: WaiterState.FAILURE, reason }; + } + } catch (e) {} try { const returnComparator = () => { return result.CodeReview.State; diff --git a/clients/client-codeguru-reviewer/src/waiters/waitForRepositoryAssociationSucceeded.ts b/clients/client-codeguru-reviewer/src/waiters/waitForRepositoryAssociationSucceeded.ts index e8fb3fd0e4d5..5080898b3446 100644 --- a/clients/client-codeguru-reviewer/src/waiters/waitForRepositoryAssociationSucceeded.ts +++ b/clients/client-codeguru-reviewer/src/waiters/waitForRepositoryAssociationSucceeded.ts @@ -22,6 +22,14 @@ const checkState = async ( return { state: WaiterState.SUCCESS, reason }; } } catch (e) {} + try { + const returnComparator = () => { + return result.RepositoryAssociation.State; + }; + if (returnComparator() === "Failed") { + return { state: WaiterState.FAILURE, reason }; + } + } catch (e) {} try { const returnComparator = () => { return result.RepositoryAssociation.State; diff --git a/clients/client-cognito-identity-provider/README.md b/clients/client-cognito-identity-provider/README.md index 4885f0516e50..1b69f331731d 100644 --- a/clients/client-cognito-identity-provider/README.md +++ b/clients/client-cognito-identity-provider/README.md @@ -7,13 +7,9 @@ AWS SDK for JavaScript CognitoIdentityProvider Client for Node.js, Browser and React Native. -Using the Amazon Cognito User Pools API, you can create a user pool to manage -directories and users. You can authenticate a user to obtain tokens related to user -identity and access policies.
-This API reference provides information about user pools in Amazon Cognito User -Pools.
-For more information, see the Amazon Cognito -Documentation.
+Using the Amazon Cognito user pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.
+This API reference provides information about user pools in Amazon Cognito user pools.
+For more information, see the Amazon Cognito Documentation.
## Installing diff --git a/clients/client-cognito-identity-provider/src/CognitoIdentityProvider.ts b/clients/client-cognito-identity-provider/src/CognitoIdentityProvider.ts index 60cd00fb5591..b3a62f859280 100644 --- a/clients/client-cognito-identity-provider/src/CognitoIdentityProvider.ts +++ b/clients/client-cognito-identity-provider/src/CognitoIdentityProvider.ts @@ -456,13 +456,9 @@ import { } from "./commands/VerifyUserAttributeCommand"; /** - *Using the Amazon Cognito User Pools API, you can create a user pool to manage - * directories and users. You can authenticate a user to obtain tokens related to user - * identity and access policies.
- *This API reference provides information about user pools in Amazon Cognito User - * Pools.
- *For more information, see the Amazon Cognito - * Documentation.
+ *Using the Amazon Cognito user pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.
+ *This API reference provides information about user pools in Amazon Cognito user pools.
+ *For more information, see the Amazon Cognito Documentation.
*/ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { /** @@ -531,8 +527,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Confirms user registration as an admin without using a confirmation code. Works on any - * user.
+ *Confirms user registration as an admin without using a confirmation code. Works on any user.
*Calling this action requires developer credentials.
*/ public adminConfirmSignUp( @@ -566,33 +561,30 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { /** *Creates a new user in the specified user pool.
- *If MessageAction is not set, the default is to send a welcome message via
- * email or phone (SMS).
If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*This message is based on a template that you configured in your call to create or - * update a user pool. This template includes your custom sign-up instructions and - * placeholders for user name and temporary password.
- *Alternatively, you can call AdminCreateUser with “SUPPRESS” for the
- * MessageAction parameter, and Amazon Cognito will not send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until
- * they sign in and change their password.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for + * user name and temporary password.
+ *Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.
* AdminCreateUser requires developer credentials.
Deletes the user attributes in a user pool as an administrator. Works on any - * user.
+ *Deletes the user attributes in a user pool as an administrator. Works on any user.
*Calling this action requires developer credentials.
*/ public adminDeleteUserAttributes( @@ -693,34 +684,20 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Disables the user from signing in with the specified external (SAML or social)
- * identity provider. If the user to disable is a Cognito User Pools native username +
- * password user, they are not permitted to use their password to sign-in. If the user to
- * disable is a linked external IdP user, any link between that user and an existing user
- * is removed. The next time the external user (no longer attached to the previously linked
- * DestinationUser) signs in, they must create a new user account. See
- * AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer - * credentials.
- *The ProviderName must match the value specified when creating an IdP for
- * the pool.
To disable a native username + password user, the ProviderName value must
- * be Cognito and the ProviderAttributeName must be
- * Cognito_Subject, with the ProviderAttributeValue being the
- * name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for
- * social identity providers. The ProviderAttributeValue must always be the
- * exact subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has
- * not yet been used to sign-in, the ProviderAttributeName and
- * ProviderAttributeValue must be the same values that were used for the
- * SourceUser when the identities were originally linked using
- * AdminLinkProviderForUser call. (If the linking was done with
- * ProviderAttributeName set to Cognito_Subject, the same
- * applies here). However, if the user has already signed in, the
- * ProviderAttributeName must be Cognito_Subject and
- * ProviderAttributeValue must be the subject of the SAML
- * assertion.
Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Amazon Cognito User Pools native username + password user,
+ * they aren't permitted to use their password to sign in. If the user to deactivate is a linked external identity provider (IdP) user, any link between that user and an existing
+ * user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account.
+ * See AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer credentials.
+ *The ProviderName must match the value specified when creating an IdP for the pool.
To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject.
+ * The ProviderAttributeValue must be the name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for social identity providers. The ProviderAttributeValue must always be the exact
+ * subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue
+ * must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done
+ * with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must
+ * be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.
Gets the specified user by user name in a user pool as an administrator. Works on any - * user.
+ *Gets the specified user by user name in a user pool as an administrator. Works on any user.
*Calling this action requires developer credentials.
*/ public adminGetUser( @@ -919,20 +895,20 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
@@ -967,27 +943,20 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Links an existing user account in a user pool (DestinationUser) to an
- * identity from an external identity provider (SourceUser) based on a
- * specified attribute name and value from the external identity provider. This allows you
- * to create a link from the existing user account to an external federated user identity
- * that has not yet been used to sign in, so that the federated user identity can be used
- * to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API - * links that user to a federated user identity, so that when the federated user identity - * is used, the user signs in as the existing user account.
- *Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified
+ * attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not
+ * yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user + * identity, they sign in as the existing user account.
+ *The maximum number of federated identities linked to a user is 5.
- *Because this API allows a user with an external federated identity to sign in as - * an existing user in the user pool, it is critical that it only be used with external - * identity providers and provider attributes that have been trusted by the application - * owner.
- *Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external + * identity providers and provider attributes that have been trusted by the application owner.
+ *This action is enabled only for admin access and requires developer - * credentials.
+ *This action is administrative and requires developer credentials.
*/ public adminLinkProviderForUser( args: AdminLinkProviderForUserCommandInput, @@ -1085,8 +1054,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Lists a history of user activity and any risks detected as part of Amazon Cognito - * advanced security.
+ *A history of user activity and any risks detected as part of Amazon Cognito advanced security.
*/ public adminListUserAuthEvents( args: AdminListUserAuthEventsCommandInput, @@ -1151,33 +1119,29 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Resets the specified user's password in a user pool as an administrator. Works on any - * user.
- *When a developer calls this API, the current password is invalidated, so it must be - * changed. If a user tries to sign in after the API is called, the app will get a - * PasswordResetRequiredException exception back and should direct the user down the flow - * to reset the password, which is the same as the forgot password flow. In addition, if - * the user pool has phone verification selected and a verified phone number exists for the - * user, or if email verification is selected and a verified email exists for the user, - * calling this API will also result in sending a message to the end user with the code to - * change their password.
+ *Resets the specified user's password in a user pool as an administrator. Works on any user.
+ *When a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, + * the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same + * as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if + * email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user + * with the code to change their password.
* * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
@@ -1215,20 +1179,20 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { *Responds to an authentication challenge, as an administrator.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
@@ -1263,11 +1227,9 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Sets the user's multi-factor authentication (MFA) preference, including which MFA - * options are enabled and if any are preferred. Only one factor can be set as preferred. - * The preferred MFA factor will be used to authenticate a user if multiple factors are - * enabled. If multiple options are enabled and no preference is set, a challenge to choose - * an MFA option will be returned during sign in.
+ *The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred + * MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will + * be returned during sign-in.
*/ public adminSetUserMFAPreference( args: AdminSetUserMFAPreferenceCommandInput, @@ -1299,16 +1261,11 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Sets the specified user's password in a user pool as an administrator. Works on any - * user.
- *The password can be temporary or permanent. If it is temporary, the user status will
- * be placed into the FORCE_CHANGE_PASSWORD state. When the user next tries to
- * sign in, the InitiateAuth/AdminInitiateAuth response will contain the
- * NEW_PASSWORD_REQUIRED challenge. If the user does not sign in before it
- * expires, the user will not be able to sign in and their password will need to be reset
- * by an administrator.
Once the user has set a new password, or the password is permanent, the user status
- * will be set to Confirmed.
Sets the specified user's password in a user pool as an administrator. Works on any user.
+ *The password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in,
+ * the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before it expires, the user won't be
+ * able to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.
- * This action is no longer supported. You can use it to configure - * only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either - * type of MFA, use AdminSetUserMFAPreference instead.
+ * This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) + * software token MFA. To configure either type of MFA, + * use AdminSetUserMFAPreference instead. */ public adminSetUserSettings( args: AdminSetUserSettingsCommandInput, @@ -1375,9 +1332,8 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Provides feedback for an authentication event as to whether it was from a valid user. - * This feedback is used for improving the risk evaluation decision for the user pool as - * part of Amazon Cognito advanced security.
+ *Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool + * as part of Amazon Cognito advanced security.
*/ public adminUpdateAuthEventFeedback( args: AdminUpdateAuthEventFeedbackCommandInput, @@ -1442,28 +1398,25 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Updates the specified user's attributes, including developer attributes, as an - * administrator. Works on any user.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
In addition to updating user attributes, this API can also be used to mark phone and - * email as verified.
+ *Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
+ *For custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
@@ -1498,9 +1451,8 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Signs out users from all devices, as an administrator. It also invalidates all refresh - * tokens issued to a user. The user's current access and Id tokens remain valid until - * their expiry. Access and Id tokens expire one hour after they are issued.
+ *Signs out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and + * Id tokens expire one hour after they're issued.
*Calling this action requires developer credentials.
*/ public adminUserGlobalSignOut( @@ -1533,16 +1485,12 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Returns a unique generated shared secret key code for the user account. The request - * takes an access token or a session string, but not both.
- *Calling AssociateSoftwareToken immediately disassociates the existing software - * token from the user account. If the user doesn't subsequently verify the software - * token, their account is essentially set up to authenticate without MFA. If MFA - * config is set to Optional at the user pool level, the user can then login without - * MFA. However, if MFA is set to Required for the user pool, the user will be asked to - * setup a new software token MFA during sign in.
- *Returns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.
+ *Calling AssociateSoftwareToken immediately disassociates the existing software token from the user account. If the user doesn't subsequently verify the software token, + * their account is set up to authenticate without MFA. If MFA config is set to Optional at the user pool level, the user can then log in without MFA. However, if MFA is + * set to Required for the user pool, the user is asked to set up a new software token MFA during sign-in.
+ *Confirms tracking of the device. This API call is the call that begins device - * tracking.
+ *Confirms tracking of the device. This API call is the call that begins device tracking.
*/ public confirmDevice( args: ConfirmDeviceCommandInput, @@ -1671,8 +1618,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Confirms registration of a user and handles the existing alias from a previous - * user.
+ *Confirms registration of a user and handles the existing alias from a previous user.
*/ public confirmSignUp( args: ConfirmSignUpCommandInput, @@ -1763,7 +1709,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Creates a new OAuth2.0 resource server and defines custom scopes in it.
+ *Creates a new OAuth2.0 resource server and defines custom scopes within it.
*/ public createResourceServer( args: CreateResourceServerCommandInput, @@ -1827,24 +1773,24 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Creates a new Amazon Cognito user pool and sets the password policy for the - * pool.
+ *Creates a new Amazon Cognito user pool and sets the password policy for the pool.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Creates the user pool client.
- *When you create a new user pool client, token revocation is automatically enabled. For more information - * about revoking tokens, see RevokeToken.
+ *When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, + * see RevokeToken.
*/ public createUserPoolClient( args: CreateUserPoolClientCommandInput, @@ -2348,8 +2294,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Client method for returning the configuration information and metadata of the - * specified user pool app client.
+ *Client method for returning the configuration information and metadata of the specified user pool app client.
*/ public describeUserPoolClient( args: DescribeUserPoolClientCommandInput, @@ -2442,30 +2387,31 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Calling this API causes a message to be sent to the end user with a confirmation code
- * that is required to change the user's password. For the Username parameter,
- * you can use the username or user alias. The method used to send the confirmation code is
- * sent according to the specified AccountRecoverySetting. For more information, see Recovering
- * User Accounts in the Amazon Cognito Developer Guide. If
- * neither a verified phone number nor a verified email exists, an
- * InvalidParameterException is thrown. To use the confirmation code for
- * resetting the password, call ConfirmForgotPassword.
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the
+ * Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the
+ * specified AccountRecoverySetting. For more information,
+ * see Recovering User Accounts
+ * in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists,
+ * an InvalidParameterException is thrown. To use the confirmation code for resetting the password,
+ * call ConfirmForgotPassword.
+ *
This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Gets the header information for the .csv file to be used as input for the user import - * job.
+ *Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
*/ public getCSVHeader( args: GetCSVHeaderCommandInput, @@ -2645,10 +2590,8 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Gets the UI Customization information for a particular app client's app UI, if there
- * is something set. If nothing is set for the particular client, but there is an existing
- * pool level customization (app clientId will be ALL), then that
- * is returned. If nothing is present, then an empty shape is returned.
Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client,
+ * but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.
Gets the user attribute verification code for the specified attribute name.
* + * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Signs out users from all devices. It also invalidates all refresh tokens issued to a - * user. The user's current access and Id tokens remain valid until their expiry. Access - * and Id tokens expire one hour after they are issued.
+ *Signs out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and ID tokens remain valid until their expiry. Access and Id tokens expire + * one hour after they're issued.
*/ public globalSignOut( args: GlobalSignOutCommandInput, @@ -2824,20 +2767,20 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { *Initiates the authentication flow.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Lists the tags that are assigned to an Amazon Cognito user pool.
- *A tag is a label that you can apply to user pools to categorize and manage them in - * different ways, such as by purpose, owner, environment, or other criteria.
+ *A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
*You can use this action up to 10 times per second, per account.
*/ public listTagsForResource( @@ -3083,7 +3025,7 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Lists the user pools associated with an account.
+ *Lists the user pools associated with an Amazon Web Services account.
*/ public listUserPools( args: ListUserPoolsCommandInput, @@ -3174,24 +3116,24 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Resends the confirmation (for confirmation of registration) to a specific user in the - * user pool.
+ *Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Responds to the authentication challenge.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can not - * use the revoked token to access Cognito authenticated APIs.
+ *Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can't use the revoked token to access Amazon Cognito authenticated APIs.
*/ public revokeToken(args: RevokeTokenCommandInput, options?: __HttpHandlerOptions): PromiseConfigures actions on detected risks. To delete the risk configuration for
- * UserPoolId or ClientId, pass null values for all four
- * configuration types.
To enable Amazon Cognito advanced security features, update the user pool to include
- * the UserPoolAddOns keyAdvancedSecurityMode.
Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.
To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.
Sets the UI customization information for a user pool's built-in app UI.
- *You can specify app UI customization settings for a single client (with a specific
- * clientId) or for all clients (by setting the clientId to
- * ALL). If you specify ALL, the default configuration will
- * be used for every client that has no UI customization set previously. If you specify UI
- * customization settings for a particular client, it will no longer fall back to the
- * ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, - * there is no place to host the app's pages, and the service will throw an - * error.
- *Sets the user interface (UI) customization information for a user pool's built-in app UI.
+ *You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId
+ * to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI
+ * customization settings for a particular client, it will no longer return to the ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
+ *Set the user's multi-factor authentication (MFA) method preference, including which - * MFA factors are enabled and if any are preferred. Only one factor can be set as - * preferred. The preferred MFA factor will be used to authenticate a user if multiple - * factors are enabled. If multiple options are enabled and no preference is set, a - * challenge to choose an MFA option will be returned during sign in. If an MFA type is - * enabled for a user, the user will be prompted for MFA during all sign in attempts, - * unless device tracking is turned on and the device has been trusted. If you would like - * MFA to be applied selectively based on the assessed risk level of sign in attempts, - * disable MFA for users and turn on Adaptive Authentication for the user pool.
+ *Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. + * Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. + * If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an + * MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and + * the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate + * MFA for users and turn on Adaptive Authentication for the user pool.
*/ public setUserMFAPreference( args: SetUserMFAPreferenceCommandInput, @@ -3419,24 +3349,24 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Set the user pool multi-factor authentication (MFA) configuration.
+ *Sets the user pool multi-factor authentication (MFA) configuration.
* - *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
- *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
+ *- * This action is no longer supported. You can use it to configure - * only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either - * type of MFA, use SetUserMFAPreference instead.
+ * This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. + * To configure either type of MFA, use SetUserMFAPreference instead. */ public setUserSettings( args: SetUserSettingsCommandInput, @@ -3503,24 +3432,24 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Registers the user in the specified user pool and creates a user name, password, and - * user attributes.
+ *Registers the user in the specified user pool and creates a user name, password, and user attributes.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can - * use to categorize and manage user pools in different ways, such as by purpose, owner, - * environment, or other criteria.
- *Each tag consists of a key and value, both of which you define. A key is a general
- * category for more specific values. For example, if you have two versions of a user pool,
- * one for testing and another for production, you might assign an Environment
- * tag key to both user pools. The value of this key might be Test for one
- * user pool and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so - * that they appear on the Billing and Cost Management console, where you can track the - * costs associated with your user pools. In an IAM policy, you can constrain permissions - * for user pools based on specific tags or tag values.
- *You can use this action up to 5 times per second, per account. A user pool can have as - * many as 50 tags.
+ *Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
+ *Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool,
+ * one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for
+ * one user pool, and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with + * your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
+ *You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
*/ public tagResource(args: TagResourceCommandInput, options?: __HttpHandlerOptions): PromiseRemoves the specified tags from an Amazon Cognito user pool. You can use this action - * up to 5 times per second, per account
+ *Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
*/ public untagResource( args: UntagResourceCommandInput, @@ -3683,9 +3604,8 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Provides the feedback for an authentication event whether it was from a valid user or - * not. This feedback is used for improving the risk evaluation decision for the user pool - * as part of Amazon Cognito advanced security.
+ *Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part + * of Amazon Cognito advanced security.
*/ public updateAuthEventFeedback( args: UpdateAuthEventFeedbackCommandInput, @@ -3809,10 +3729,9 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { /** *Updates the name and scopes of resource server. All other fields are read-only.
- *If you don't provide a value for an attribute, it will be set to the default - * value.
- *If you don't provide a value for an attribute, it is set to the default value.
+ *Allows a user to update a specific attribute (one at a time).
* + * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Updates the specified user pool with the specified attributes. You can get a list of - * the current user pool settings using DescribeUserPool. If you don't provide a value for an attribute, it will be set to the default - * value.
+ *Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using + * DescribeUserPool. + * If you don't provide a value for an attribute, it will be set to the default value.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Updates the specified user pool app client with the specified attributes. You can get - * a list of the current user pool app client settings using DescribeUserPoolClient.
- *If you don't provide a value for an attribute, it will be set to the default - * value.
- *You can also use this operation to enable token revocation for user pool clients. For more information - * about revoking tokens, see RevokeToken.
+ *Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using + * DescribeUserPoolClient.
+ *If you don't provide a value for an attribute, it will be set to the default value.
+ *You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, + * see RevokeToken.
*/ public updateUserPoolClient( args: UpdateUserPoolClientCommandInput, @@ -3983,27 +3903,18 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user - * pool.
- *You can use this operation to provide the Amazon Resource Name (ARN) of a new - * certificate to Amazon Cognito. You cannot use it to change the domain for a user - * pool.
- *A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up - * and sign-in pages for your application. When you set up a custom domain, you provide a - * certificate that you manage with Certificate Manager (ACM). When necessary, you can - * use this operation to change the certificate that you applied to your custom - * domain.
- *Usually, this is unnecessary following routine certificate renewal with ACM. When you - * renew your existing certificate in ACM, the ARN for your certificate remains the same, + *
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
+ *You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
+ *A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you + * manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
+ *Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, * and your custom domain uses the new certificate automatically.
- *However, if you replace your existing certificate with a new one, ACM gives the new - * certificate a new ARN. To apply the new certificate to your custom domain, you must - * provide this ARN to Amazon Cognito.
- *When you add your new certificate in ACM, you must choose US East (N. Virginia) as the - * Region.
- *After you submit your request, Amazon Cognito requires up to 1 hour to distribute your - * new certificate to your custom domain.
- *For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
+ *However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide + * this ARN to Amazon Cognito.
+ *When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
+ *After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
+ *For more information about adding a custom domain to your user pool, + * see Using Your Own Domain for the Hosted UI.
*/ public updateUserPoolDomain( args: UpdateUserPoolDomainCommandInput, @@ -4035,9 +3946,8 @@ export class CognitoIdentityProvider extends CognitoIdentityProviderClient { } /** - *Use this API to register a user's entered TOTP code and mark the user's software token - * MFA status as "verified" if successful. The request takes an access token or a session - * string, but not both.
+ *Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access + * token or a session string, but not both.
*/ public verifySoftwareToken( args: VerifySoftwareTokenCommandInput, diff --git a/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts b/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts index 8397b64b406e..ac570ad08bcf 100644 --- a/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts +++ b/clients/client-cognito-identity-provider/src/CognitoIdentityProviderClient.ts @@ -676,13 +676,9 @@ type CognitoIdentityProviderClientResolvedConfigType = __SmithyResolvedConfigura export interface CognitoIdentityProviderClientResolvedConfig extends CognitoIdentityProviderClientResolvedConfigType {} /** - *Using the Amazon Cognito User Pools API, you can create a user pool to manage - * directories and users. You can authenticate a user to obtain tokens related to user - * identity and access policies.
- *This API reference provides information about user pools in Amazon Cognito User - * Pools.
- *For more information, see the Amazon Cognito - * Documentation.
+ *Using the Amazon Cognito user pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.
+ *This API reference provides information about user pools in Amazon Cognito user pools.
+ *For more information, see the Amazon Cognito Documentation.
*/ export class CognitoIdentityProviderClient extends __Client< __HttpHandlerOptions, diff --git a/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts index af25988bcb7c..409665e70b2b 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminConfirmSignUpCommand.ts @@ -27,8 +27,7 @@ export interface AdminConfirmSignUpCommandInput extends AdminConfirmSignUpReques export interface AdminConfirmSignUpCommandOutput extends AdminConfirmSignUpResponse, __MetadataBearer {} /** - *Confirms user registration as an admin without using a confirmation code. Works on any - * user.
+ *Confirms user registration as an admin without using a confirmation code. Works on any user.
*Calling this action requires developer credentials.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts index a8a864cc694b..5fc74ebd1c43 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminCreateUserCommand.ts @@ -28,33 +28,30 @@ export interface AdminCreateUserCommandOutput extends AdminCreateUserResponse, _ /** *Creates a new user in the specified user pool.
- *If MessageAction is not set, the default is to send a welcome message via
- * email or phone (SMS).
If MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*This message is based on a template that you configured in your call to create or - * update a user pool. This template includes your custom sign-up instructions and - * placeholders for user name and temporary password.
- *Alternatively, you can call AdminCreateUser with “SUPPRESS” for the
- * MessageAction parameter, and Amazon Cognito will not send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until
- * they sign in and change their password.
This message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for + * user name and temporary password.
+ *Alternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.
* AdminCreateUser requires developer credentials.
Deletes the user attributes in a user pool as an administrator. Works on any - * user.
+ *Deletes the user attributes in a user pool as an administrator. Works on any user.
*Calling this action requires developer credentials.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts index 74c12be9703c..12db8b208399 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminDisableProviderForUserCommand.ts @@ -29,34 +29,20 @@ export interface AdminDisableProviderForUserCommandOutput __MetadataBearer {} /** - *Disables the user from signing in with the specified external (SAML or social)
- * identity provider. If the user to disable is a Cognito User Pools native username +
- * password user, they are not permitted to use their password to sign-in. If the user to
- * disable is a linked external IdP user, any link between that user and an existing user
- * is removed. The next time the external user (no longer attached to the previously linked
- * DestinationUser) signs in, they must create a new user account. See
- * AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer - * credentials.
- *The ProviderName must match the value specified when creating an IdP for
- * the pool.
To disable a native username + password user, the ProviderName value must
- * be Cognito and the ProviderAttributeName must be
- * Cognito_Subject, with the ProviderAttributeValue being the
- * name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for
- * social identity providers. The ProviderAttributeValue must always be the
- * exact subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has
- * not yet been used to sign-in, the ProviderAttributeName and
- * ProviderAttributeValue must be the same values that were used for the
- * SourceUser when the identities were originally linked using
- * AdminLinkProviderForUser call. (If the linking was done with
- * ProviderAttributeName set to Cognito_Subject, the same
- * applies here). However, if the user has already signed in, the
- * ProviderAttributeName must be Cognito_Subject and
- * ProviderAttributeValue must be the subject of the SAML
- * assertion.
Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Amazon Cognito User Pools native username + password user,
+ * they aren't permitted to use their password to sign in. If the user to deactivate is a linked external identity provider (IdP) user, any link between that user and an existing
+ * user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account.
+ * See AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer credentials.
+ *The ProviderName must match the value specified when creating an IdP for the pool.
To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject.
+ * The ProviderAttributeValue must be the name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for social identity providers. The ProviderAttributeValue must always be the exact
+ * subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue
+ * must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done
+ * with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must
+ * be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.
Gets the specified user by user name in a user pool as an administrator. Works on any - * user.
+ *Gets the specified user by user name in a user pool as an administrator. Works on any user.
*Calling this action requires developer credentials.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts index eac155472b74..fbdf5b1c966c 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminInitiateAuthCommand.ts @@ -31,20 +31,20 @@ export interface AdminInitiateAuthCommandOutput extends AdminInitiateAuthRespons * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
diff --git a/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts index 75f07ba47747..55d14b1dc2d0 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminLinkProviderForUserCommand.ts @@ -27,27 +27,20 @@ export interface AdminLinkProviderForUserCommandInput extends AdminLinkProviderF export interface AdminLinkProviderForUserCommandOutput extends AdminLinkProviderForUserResponse, __MetadataBearer {} /** - *Links an existing user account in a user pool (DestinationUser) to an
- * identity from an external identity provider (SourceUser) based on a
- * specified attribute name and value from the external identity provider. This allows you
- * to create a link from the existing user account to an external federated user identity
- * that has not yet been used to sign in, so that the federated user identity can be used
- * to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API - * links that user to a federated user identity, so that when the federated user identity - * is used, the user signs in as the existing user account.
- *Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified
+ * attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not
+ * yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user + * identity, they sign in as the existing user account.
+ *The maximum number of federated identities linked to a user is 5.
- *Because this API allows a user with an external federated identity to sign in as - * an existing user in the user pool, it is critical that it only be used with external - * identity providers and provider attributes that have been trusted by the application - * owner.
- *Because this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external + * identity providers and provider attributes that have been trusted by the application owner.
+ *This action is enabled only for admin access and requires developer - * credentials.
+ *This action is administrative and requires developer credentials.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts index cd52358dcbee..48c7efc8e7a0 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminListUserAuthEventsCommand.ts @@ -27,8 +27,7 @@ export interface AdminListUserAuthEventsCommandInput extends AdminListUserAuthEv export interface AdminListUserAuthEventsCommandOutput extends AdminListUserAuthEventsResponse, __MetadataBearer {} /** - *Lists a history of user activity and any risks detected as part of Amazon Cognito - * advanced security.
+ *A history of user activity and any risks detected as part of Amazon Cognito advanced security.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts index c6f80a46b85f..90f34adbb0d0 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminResetUserPasswordCommand.ts @@ -27,33 +27,29 @@ export interface AdminResetUserPasswordCommandInput extends AdminResetUserPasswo export interface AdminResetUserPasswordCommandOutput extends AdminResetUserPasswordResponse, __MetadataBearer {} /** - *Resets the specified user's password in a user pool as an administrator. Works on any - * user.
- *When a developer calls this API, the current password is invalidated, so it must be - * changed. If a user tries to sign in after the API is called, the app will get a - * PasswordResetRequiredException exception back and should direct the user down the flow - * to reset the password, which is the same as the forgot password flow. In addition, if - * the user pool has phone verification selected and a verified phone number exists for the - * user, or if email verification is selected and a verified email exists for the user, - * calling this API will also result in sending a message to the end user with the code to - * change their password.
+ *Resets the specified user's password in a user pool as an administrator. Works on any user.
+ *When a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, + * the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same + * as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if + * email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user + * with the code to change their password.
* * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
diff --git a/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts index cc04db1d72be..bbd9aa5e9061 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminRespondToAuthChallengeCommand.ts @@ -32,20 +32,20 @@ export interface AdminRespondToAuthChallengeCommandOutput *Responds to an authentication challenge, as an administrator.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
diff --git a/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts index 7f1358d65077..704cd282fd81 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminSetUserMFAPreferenceCommand.ts @@ -27,11 +27,9 @@ export interface AdminSetUserMFAPreferenceCommandInput extends AdminSetUserMFAPr export interface AdminSetUserMFAPreferenceCommandOutput extends AdminSetUserMFAPreferenceResponse, __MetadataBearer {} /** - *Sets the user's multi-factor authentication (MFA) preference, including which MFA - * options are enabled and if any are preferred. Only one factor can be set as preferred. - * The preferred MFA factor will be used to authenticate a user if multiple factors are - * enabled. If multiple options are enabled and no preference is set, a challenge to choose - * an MFA option will be returned during sign in.
+ *The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred + * MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will + * be returned during sign-in.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts index c59c8b06389f..02b6afc01c03 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminSetUserPasswordCommand.ts @@ -27,16 +27,11 @@ export interface AdminSetUserPasswordCommandInput extends AdminSetUserPasswordRe export interface AdminSetUserPasswordCommandOutput extends AdminSetUserPasswordResponse, __MetadataBearer {} /** - *Sets the specified user's password in a user pool as an administrator. Works on any - * user.
- *The password can be temporary or permanent. If it is temporary, the user status will
- * be placed into the FORCE_CHANGE_PASSWORD state. When the user next tries to
- * sign in, the InitiateAuth/AdminInitiateAuth response will contain the
- * NEW_PASSWORD_REQUIRED challenge. If the user does not sign in before it
- * expires, the user will not be able to sign in and their password will need to be reset
- * by an administrator.
Once the user has set a new password, or the password is permanent, the user status
- * will be set to Confirmed.
Sets the specified user's password in a user pool as an administrator. Works on any user.
+ *The password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in,
+ * the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before it expires, the user won't be
+ * able to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.
- * This action is no longer supported. You can use it to configure - * only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either - * type of MFA, use AdminSetUserMFAPreference instead.
+ * This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) + * software token MFA. To configure either type of MFA, + * use AdminSetUserMFAPreference instead. * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts index 3e39c9fed895..5a9eb2647cfb 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUpdateAuthEventFeedbackCommand.ts @@ -29,9 +29,8 @@ export interface AdminUpdateAuthEventFeedbackCommandOutput __MetadataBearer {} /** - *Provides feedback for an authentication event as to whether it was from a valid user. - * This feedback is used for improving the risk evaluation decision for the user pool as - * part of Amazon Cognito advanced security.
+ *Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool + * as part of Amazon Cognito advanced security.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts index 5b864e594893..af4e73109ad4 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUpdateUserAttributesCommand.ts @@ -27,28 +27,25 @@ export interface AdminUpdateUserAttributesCommandInput extends AdminUpdateUserAt export interface AdminUpdateUserAttributesCommandOutput extends AdminUpdateUserAttributesResponse, __MetadataBearer {} /** - *Updates the specified user's attributes, including developer attributes, as an - * administrator. Works on any user.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
In addition to updating user attributes, this API can also be used to mark phone and - * email as verified.
+ *Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
+ *For custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Calling this action requires developer credentials.
diff --git a/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts b/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts index 0040592a831d..843e5c77a380 100644 --- a/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AdminUserGlobalSignOutCommand.ts @@ -27,9 +27,8 @@ export interface AdminUserGlobalSignOutCommandInput extends AdminUserGlobalSignO export interface AdminUserGlobalSignOutCommandOutput extends AdminUserGlobalSignOutResponse, __MetadataBearer {} /** - *Signs out users from all devices, as an administrator. It also invalidates all refresh - * tokens issued to a user. The user's current access and Id tokens remain valid until - * their expiry. Access and Id tokens expire one hour after they are issued.
+ *Signs out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and + * Id tokens expire one hour after they're issued.
*Calling this action requires developer credentials.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-cognito-identity-provider/src/commands/AssociateSoftwareTokenCommand.ts b/clients/client-cognito-identity-provider/src/commands/AssociateSoftwareTokenCommand.ts index 218e89d4fe3c..69af15302595 100644 --- a/clients/client-cognito-identity-provider/src/commands/AssociateSoftwareTokenCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/AssociateSoftwareTokenCommand.ts @@ -27,16 +27,12 @@ export interface AssociateSoftwareTokenCommandInput extends AssociateSoftwareTok export interface AssociateSoftwareTokenCommandOutput extends AssociateSoftwareTokenResponse, __MetadataBearer {} /** - *Returns a unique generated shared secret key code for the user account. The request - * takes an access token or a session string, but not both.
- *Calling AssociateSoftwareToken immediately disassociates the existing software - * token from the user account. If the user doesn't subsequently verify the software - * token, their account is essentially set up to authenticate without MFA. If MFA - * config is set to Optional at the user pool level, the user can then login without - * MFA. However, if MFA is set to Required for the user pool, the user will be asked to - * setup a new software token MFA during sign in.
- *Returns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.
+ *Calling AssociateSoftwareToken immediately disassociates the existing software token from the user account. If the user doesn't subsequently verify the software token, + * their account is set up to authenticate without MFA. If MFA config is set to Optional at the user pool level, the user can then log in without MFA. However, if MFA is + * set to Required for the user pool, the user is asked to set up a new software token MFA during sign-in.
+ *Confirms tracking of the device. This API call is the call that begins device - * tracking.
+ *Confirms tracking of the device. This API call is the call that begins device tracking.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/ConfirmSignUpCommand.ts b/clients/client-cognito-identity-provider/src/commands/ConfirmSignUpCommand.ts index 6527fbac537f..0aaa6e302764 100644 --- a/clients/client-cognito-identity-provider/src/commands/ConfirmSignUpCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ConfirmSignUpCommand.ts @@ -26,8 +26,7 @@ export interface ConfirmSignUpCommandInput extends ConfirmSignUpRequest {} export interface ConfirmSignUpCommandOutput extends ConfirmSignUpResponse, __MetadataBearer {} /** - *Confirms registration of a user and handles the existing alias from a previous - * user.
+ *Confirms registration of a user and handles the existing alias from a previous user.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts index 46d9dcbbc52b..52464d545806 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateResourceServerCommand.ts @@ -27,7 +27,7 @@ export interface CreateResourceServerCommandInput extends CreateResourceServerRe export interface CreateResourceServerCommandOutput extends CreateResourceServerResponse, __MetadataBearer {} /** - *Creates a new OAuth2.0 resource server and defines custom scopes in it.
+ *Creates a new OAuth2.0 resource server and defines custom scopes within it.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts index 27f3b93a71ab..446aa47c6e20 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolClientCommand.ts @@ -28,8 +28,8 @@ export interface CreateUserPoolClientCommandOutput extends CreateUserPoolClientR /** *Creates the user pool client.
- *When you create a new user pool client, token revocation is automatically enabled. For more information - * about revoking tokens, see RevokeToken.
+ *When you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, + * see RevokeToken.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts index e1bb4a77afc9..c2485761d692 100644 --- a/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/CreateUserPoolCommand.ts @@ -27,24 +27,24 @@ export interface CreateUserPoolCommandInput extends CreateUserPoolRequest {} export interface CreateUserPoolCommandOutput extends CreateUserPoolResponse, __MetadataBearer {} /** - *Creates a new Amazon Cognito user pool and sets the password policy for the - * pool.
+ *Creates a new Amazon Cognito user pool and sets the password policy for the pool.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Client method for returning the configuration information and metadata of the - * specified user pool app client.
+ *Client method for returning the configuration information and metadata of the specified user pool app client.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/ForgotPasswordCommand.ts b/clients/client-cognito-identity-provider/src/commands/ForgotPasswordCommand.ts index b6a50892ce50..ea33fd8a237f 100644 --- a/clients/client-cognito-identity-provider/src/commands/ForgotPasswordCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ForgotPasswordCommand.ts @@ -26,30 +26,31 @@ export interface ForgotPasswordCommandInput extends ForgotPasswordRequest {} export interface ForgotPasswordCommandOutput extends ForgotPasswordResponse, __MetadataBearer {} /** - *Calling this API causes a message to be sent to the end user with a confirmation code
- * that is required to change the user's password. For the Username parameter,
- * you can use the username or user alias. The method used to send the confirmation code is
- * sent according to the specified AccountRecoverySetting. For more information, see Recovering
- * User Accounts in the Amazon Cognito Developer Guide. If
- * neither a verified phone number nor a verified email exists, an
- * InvalidParameterException is thrown. To use the confirmation code for
- * resetting the password, call ConfirmForgotPassword.
Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the
+ * Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the
+ * specified AccountRecoverySetting. For more information,
+ * see Recovering User Accounts
+ * in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists,
+ * an InvalidParameterException is thrown. To use the confirmation code for resetting the password,
+ * call ConfirmForgotPassword.
+ *
This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Gets the header information for the .csv file to be used as input for the user import - * job.
+ *Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts b/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts index b00637716bee..0d940c7ddc12 100644 --- a/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/GetUICustomizationCommand.ts @@ -27,10 +27,8 @@ export interface GetUICustomizationCommandInput extends GetUICustomizationReques export interface GetUICustomizationCommandOutput extends GetUICustomizationResponse, __MetadataBearer {} /** - *Gets the UI Customization information for a particular app client's app UI, if there
- * is something set. If nothing is set for the particular client, but there is an existing
- * pool level customization (app clientId will be ALL), then that
- * is returned. If nothing is present, then an empty shape is returned.
Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client,
+ * but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.
Gets the user attribute verification code for the specified attribute name.
* + * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Signs out users from all devices. It also invalidates all refresh tokens issued to a - * user. The user's current access and Id tokens remain valid until their expiry. Access - * and Id tokens expire one hour after they are issued.
+ *Signs out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and ID tokens remain valid until their expiry. Access and Id tokens expire + * one hour after they're issued.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/InitiateAuthCommand.ts b/clients/client-cognito-identity-provider/src/commands/InitiateAuthCommand.ts index 324cfb47f7d4..7fe128efdafe 100644 --- a/clients/client-cognito-identity-provider/src/commands/InitiateAuthCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/InitiateAuthCommand.ts @@ -29,20 +29,20 @@ export interface InitiateAuthCommandOutput extends InitiateAuthResponse, __Metad *Initiates the authentication flow.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Lists the tags that are assigned to an Amazon Cognito user pool.
- *A tag is a label that you can apply to user pools to categorize and manage them in - * different ways, such as by purpose, owner, environment, or other criteria.
+ *A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
*You can use this action up to 10 times per second, per account.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts b/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts index b1064b2bbc88..9a71218c1c77 100644 --- a/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ListUserPoolsCommand.ts @@ -27,7 +27,7 @@ export interface ListUserPoolsCommandInput extends ListUserPoolsRequest {} export interface ListUserPoolsCommandOutput extends ListUserPoolsResponse, __MetadataBearer {} /** - *Lists the user pools associated with an account.
+ *Lists the user pools associated with an Amazon Web Services account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/ResendConfirmationCodeCommand.ts b/clients/client-cognito-identity-provider/src/commands/ResendConfirmationCodeCommand.ts index d592963fee5a..45f32b3fc555 100644 --- a/clients/client-cognito-identity-provider/src/commands/ResendConfirmationCodeCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/ResendConfirmationCodeCommand.ts @@ -26,24 +26,24 @@ export interface ResendConfirmationCodeCommandInput extends ResendConfirmationCo export interface ResendConfirmationCodeCommandOutput extends ResendConfirmationCodeResponse, __MetadataBearer {} /** - *Resends the confirmation (for confirmation of registration) to a specific user in the - * user pool.
+ *Resends the confirmation (for confirmation of registration) to a specific user in the user pool.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Responds to the authentication challenge.
* *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can not - * use the revoked token to access Cognito authenticated APIs.
+ *Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can't use the revoked token to access Amazon Cognito authenticated APIs.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts index fd3f28adbc91..d5cbbbc959a7 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetRiskConfigurationCommand.ts @@ -27,11 +27,8 @@ export interface SetRiskConfigurationCommandInput extends SetRiskConfigurationRe export interface SetRiskConfigurationCommandOutput extends SetRiskConfigurationResponse, __MetadataBearer {} /** - *Configures actions on detected risks. To delete the risk configuration for
- * UserPoolId or ClientId, pass null values for all four
- * configuration types.
To enable Amazon Cognito advanced security features, update the user pool to include
- * the UserPoolAddOns keyAdvancedSecurityMode.
Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.
To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.
Sets the UI customization information for a user pool's built-in app UI.
- *You can specify app UI customization settings for a single client (with a specific
- * clientId) or for all clients (by setting the clientId to
- * ALL). If you specify ALL, the default configuration will
- * be used for every client that has no UI customization set previously. If you specify UI
- * customization settings for a particular client, it will no longer fall back to the
- * ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, - * there is no place to host the app's pages, and the service will throw an - * error.
- *Sets the user interface (UI) customization information for a user pool's built-in app UI.
+ *You can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId
+ * to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI
+ * customization settings for a particular client, it will no longer return to the ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
+ *Set the user's multi-factor authentication (MFA) method preference, including which - * MFA factors are enabled and if any are preferred. Only one factor can be set as - * preferred. The preferred MFA factor will be used to authenticate a user if multiple - * factors are enabled. If multiple options are enabled and no preference is set, a - * challenge to choose an MFA option will be returned during sign in. If an MFA type is - * enabled for a user, the user will be prompted for MFA during all sign in attempts, - * unless device tracking is turned on and the device has been trusted. If you would like - * MFA to be applied selectively based on the assessed risk level of sign in attempts, - * disable MFA for users and turn on Adaptive Authentication for the user pool.
+ *Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. + * Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. + * If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an + * MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and + * the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate + * MFA for users and turn on Adaptive Authentication for the user pool.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts b/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts index 3d1cff751cf7..805bdb117a71 100644 --- a/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SetUserPoolMfaConfigCommand.ts @@ -27,24 +27,24 @@ export interface SetUserPoolMfaConfigCommandInput extends SetUserPoolMfaConfigRe export interface SetUserPoolMfaConfigCommandOutput extends SetUserPoolMfaConfigResponse, __MetadataBearer {} /** - *Set the user pool multi-factor authentication (MFA) configuration.
+ *Sets the user pool multi-factor authentication (MFA) configuration.
* - *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
- *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
+ *- * This action is no longer supported. You can use it to configure - * only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either - * type of MFA, use SetUserMFAPreference instead.
+ * This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. + * To configure either type of MFA, use SetUserMFAPreference instead. * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/SignUpCommand.ts b/clients/client-cognito-identity-provider/src/commands/SignUpCommand.ts index b7b1394c4b91..2a38bda539ba 100644 --- a/clients/client-cognito-identity-provider/src/commands/SignUpCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/SignUpCommand.ts @@ -23,24 +23,24 @@ export interface SignUpCommandInput extends SignUpRequest {} export interface SignUpCommandOutput extends SignUpResponse, __MetadataBearer {} /** - *Registers the user in the specified user pool and creates a user name, password, and - * user attributes.
+ *Registers the user in the specified user pool and creates a user name, password, and user attributes.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can - * use to categorize and manage user pools in different ways, such as by purpose, owner, - * environment, or other criteria.
- *Each tag consists of a key and value, both of which you define. A key is a general
- * category for more specific values. For example, if you have two versions of a user pool,
- * one for testing and another for production, you might assign an Environment
- * tag key to both user pools. The value of this key might be Test for one
- * user pool and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so - * that they appear on the Billing and Cost Management console, where you can track the - * costs associated with your user pools. In an IAM policy, you can constrain permissions - * for user pools based on specific tags or tag values.
- *You can use this action up to 5 times per second, per account. A user pool can have as - * many as 50 tags.
+ *Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
+ *Each tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool,
+ * one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for
+ * one user pool, and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with + * your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
+ *You can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts b/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts index aba6f783ee30..14d936a9dc86 100644 --- a/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UntagResourceCommand.ts @@ -27,8 +27,7 @@ export interface UntagResourceCommandInput extends UntagResourceRequest {} export interface UntagResourceCommandOutput extends UntagResourceResponse, __MetadataBearer {} /** - *Removes the specified tags from an Amazon Cognito user pool. You can use this action - * up to 5 times per second, per account
+ *Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateAuthEventFeedbackCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateAuthEventFeedbackCommand.ts index 10e9a2de2c53..6371503e0969 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateAuthEventFeedbackCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateAuthEventFeedbackCommand.ts @@ -27,9 +27,8 @@ export interface UpdateAuthEventFeedbackCommandInput extends UpdateAuthEventFeed export interface UpdateAuthEventFeedbackCommandOutput extends UpdateAuthEventFeedbackResponse, __MetadataBearer {} /** - *Provides the feedback for an authentication event whether it was from a valid user or - * not. This feedback is used for improving the risk evaluation decision for the user pool - * as part of Amazon Cognito advanced security.
+ *Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part + * of Amazon Cognito advanced security.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts index 667bf1c74bec..db8b1dc46c62 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateResourceServerCommand.ts @@ -28,10 +28,9 @@ export interface UpdateResourceServerCommandOutput extends UpdateResourceServerR /** *Updates the name and scopes of resource server. All other fields are read-only.
- *If you don't provide a value for an attribute, it will be set to the default - * value.
- *If you don't provide a value for an attribute, it is set to the default value.
+ *Allows a user to update a specific attribute (one at a time).
* + * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Updates the specified user pool app client with the specified attributes. You can get - * a list of the current user pool app client settings using DescribeUserPoolClient.
- *If you don't provide a value for an attribute, it will be set to the default - * value.
- *You can also use this operation to enable token revocation for user pool clients. For more information - * about revoking tokens, see RevokeToken.
+ *Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using + * DescribeUserPoolClient.
+ *If you don't provide a value for an attribute, it will be set to the default value.
+ *You can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, + * see RevokeToken.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts index daf6bb0a866d..c500334df896 100644 --- a/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/UpdateUserPoolCommand.ts @@ -27,25 +27,26 @@ export interface UpdateUserPoolCommandInput extends UpdateUserPoolRequest {} export interface UpdateUserPoolCommandOutput extends UpdateUserPoolResponse, __MetadataBearer {} /** - *Updates the specified user pool with the specified attributes. You can get a list of - * the current user pool settings using DescribeUserPool. If you don't provide a value for an attribute, it will be set to the default - * value.
+ *Updates the specified user pool with the specified attributes. You can get a list of the current user pool settings using + * DescribeUserPool. + * If you don't provide a value for an attribute, it will be set to the default value.
+ * * *This action might generate an SMS text message. Starting June 1, 2021, U.S. - * telecom carriers require that you register an origination phone number before you can - * send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, - * you must register a phone number with Amazon Pinpoint. - * Cognito will use the the registered number automatically. Otherwise, Cognito users that must - * receive SMS messages might be unable to sign up, activate their accounts, or sign - * in.
- *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In - * sandbox - * mode - * , you’ll have limitations, such as sending messages - * to only verified phone numbers. After testing in the sandbox environment, you can - * move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon - * Cognito Developer Guide.
+ *This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an + * origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must + * register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number + * automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, + * or sign in.
+ *If you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service + * might place your account in SMS sandbox. In + * + * sandbox mode + * , you will have + * limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move + * out of the SMS sandbox and into production. For more information, see + * SMS + * message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
*Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user - * pool.
- *You can use this operation to provide the Amazon Resource Name (ARN) of a new - * certificate to Amazon Cognito. You cannot use it to change the domain for a user - * pool.
- *A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up - * and sign-in pages for your application. When you set up a custom domain, you provide a - * certificate that you manage with Certificate Manager (ACM). When necessary, you can - * use this operation to change the certificate that you applied to your custom - * domain.
- *Usually, this is unnecessary following routine certificate renewal with ACM. When you - * renew your existing certificate in ACM, the ARN for your certificate remains the same, + *
Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
+ *You can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
+ *A custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you + * manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
+ *Usually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, * and your custom domain uses the new certificate automatically.
- *However, if you replace your existing certificate with a new one, ACM gives the new - * certificate a new ARN. To apply the new certificate to your custom domain, you must - * provide this ARN to Amazon Cognito.
- *When you add your new certificate in ACM, you must choose US East (N. Virginia) as the - * Region.
- *After you submit your request, Amazon Cognito requires up to 1 hour to distribute your - * new certificate to your custom domain.
- *For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
+ *However, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide + * this ARN to Amazon Cognito.
+ *When you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
+ *After you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
+ *For more information about adding a custom domain to your user pool, + * see Using Your Own Domain for the Hosted UI.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/commands/VerifySoftwareTokenCommand.ts b/clients/client-cognito-identity-provider/src/commands/VerifySoftwareTokenCommand.ts index 494911dc1e1c..be98a8cfb103 100644 --- a/clients/client-cognito-identity-provider/src/commands/VerifySoftwareTokenCommand.ts +++ b/clients/client-cognito-identity-provider/src/commands/VerifySoftwareTokenCommand.ts @@ -27,9 +27,8 @@ export interface VerifySoftwareTokenCommandInput extends VerifySoftwareTokenRequ export interface VerifySoftwareTokenCommandOutput extends VerifySoftwareTokenResponse, __MetadataBearer {} /** - *Use this API to register a user's entered TOTP code and mark the user's software token - * MFA status as "verified" if successful. The request takes an access token or a session - * string, but not both.
+ *Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful. The request takes an access + * token or a session string, but not both.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-cognito-identity-provider/src/models/models_0.ts b/clients/client-cognito-identity-provider/src/models/models_0.ts index 56dc87c7d68d..8e54b1a1b515 100644 --- a/clients/client-cognito-identity-provider/src/models/models_0.ts +++ b/clients/client-cognito-identity-provider/src/models/models_0.ts @@ -12,13 +12,12 @@ export enum RecoveryOptionNameType { */ export interface RecoveryOptionType { /** - *A positive integer specifying priority of a method with 1 being the highest - * priority.
+ *A positive integer specifying priority of a method with 1 being the highest priority.
*/ Priority: number | undefined; /** - *Specifies the recovery method for a user.
+ *The recovery method for a user.
*/ Name: RecoveryOptionNameType | string | undefined; } @@ -69,24 +68,23 @@ export interface AccountTakeoverActionType { /** *The event action.
- *+ *
* BLOCK Choosing this action will block the request.
- * MFA_IF_CONFIGURED Throw MFA challenge if user has configured it,
- * else allow the request.
+ * MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
- * MFA_REQUIRED Throw MFA challenge if user has configured it, else
- * block the request.
+ * MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
- * NO_ACTION Allow the user sign-in.
+ * NO_ACTION Allow the user to sign in.
The subject.
+ *The email subject.
*/ Subject: string | undefined; /** - *The HTML body.
+ *The email HTML body.
*/ HtmlBody?: string; /** - *The text body.
+ *The email text body.
*/ TextBody?: string; } @@ -165,8 +163,7 @@ export namespace NotifyEmailType { */ export interface NotifyConfigurationType { /** - *The email address that is sending the email. It must be either individually verified - * with Amazon SES, or from a domain that has been verified with Amazon SES.
+ *The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
*/ From?: string; @@ -176,9 +173,8 @@ export interface NotifyConfigurationType { ReplyTo?: string; /** - *The Amazon Resource Name (ARN) of the identity that is associated with the sending
- * authorization policy. It permits Amazon Cognito to send for the email address specified
- * in the From parameter.
The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the
+ * From parameter.
The MFA email template used when MFA is challenged as part of a detected risk.
+ *The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
*/ MfaEmail?: NotifyEmailType; } @@ -208,8 +204,7 @@ export namespace NotifyConfigurationType { } /** - *Configuration for mitigation actions and notification for different levels of risk - * detected for a potential account takeover.
+ *Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.
*/ export interface AccountTakeoverRiskConfigurationType { /** @@ -218,7 +213,7 @@ export interface AccountTakeoverRiskConfigurationType { NotifyConfiguration?: NotifyConfigurationType; /** - *Account takeover risk configuration actions
+ *Account takeover risk configuration actions.
*/ Actions: AccountTakeoverActionsType | undefined; } @@ -240,7 +235,7 @@ export enum AttributeDataType { } /** - *The minimum and maximum value of an attribute that is of the number data type.
+ *The minimum and maximum values of an attribute that is of the number data type.
*/ export interface NumberAttributeConstraintsType { /** @@ -303,31 +298,25 @@ export interface SchemaAttributeType { /** *We recommend that you use WriteAttributes in the user pool client to control how attributes can
- * be mutated for new use cases instead of using
- * DeveloperOnlyAttribute.
Specifies whether the attribute type is developer only. This attribute can only be
- * modified by an administrator. Users will not be able to modify this attribute using
- * their access token. For example, DeveloperOnlyAttribute can be modified
- * using AdminUpdateUserAttributes but cannot be updated using UpdateUserAttributes.
You should use WriteAttributes
+ * in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute.
Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access
+ * token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.
Specifies whether the value of the attribute can be changed.
- *For any user pool attribute that's mapped to an identity provider attribute, you must
- * set this parameter to true. Amazon Cognito updates mapped attributes when
- * users sign in to your application through an identity provider. If an attribute is
- * immutable, Amazon Cognito throws an error when it attempts to update the attribute. For
- * more information, see Specifying Identity Provider Attribute Mappings for Your User
- * Pool.
For any user pool attribute that is mapped to an identity provider attribute, you must set this parameter to true. Amazon Cognito updates mapped attributes when users
+ * sign in to your application through an identity provider. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information,
+ * see Specifying Identity Provider Attribute Mappings for
+ * Your User Pool.
Specifies whether a user pool attribute is required. If the attribute is required and - * the user does not provide a value, registration or sign-in will fail.
+ *Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.
*/ Required?: boolean; @@ -376,8 +365,7 @@ export namespace AddCustomAttributesRequest { } /** - *Represents the response from the server for the request to add custom - * attributes.
+ *Represents the response from the server for the request to add custom attributes.
*/ export interface AddCustomAttributesResponse {} @@ -403,63 +391,55 @@ export interface InternalErrorException extends __SmithyException, $MetadataBear } /** - *This exception is thrown when the Amazon Cognito service encounters an invalid - * parameter.
+ *This exception is thrown when the Amazon Cognito service encounters an invalid parameter.
*/ export interface InvalidParameterException extends __SmithyException, $MetadataBearer { name: "InvalidParameterException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service throws an invalid parameter - * exception.
+ *The message returned when the Amazon Cognito service throws an invalid parameter exception.
*/ message?: string; } /** - *This exception is thrown when a user is not authorized.
+ *This exception is thrown when a user isn't authorized.
*/ export interface NotAuthorizedException extends __SmithyException, $MetadataBearer { name: "NotAuthorizedException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns a not authorized - * exception.
+ *The message returned when the Amazon Cognito service returns a not authorized exception.
*/ message?: string; } /** - *This exception is thrown when the Amazon Cognito service cannot find the requested - * resource.
+ *This exception is thrown when the Amazon Cognito service can't find the requested resource.
*/ export interface ResourceNotFoundException extends __SmithyException, $MetadataBearer { name: "ResourceNotFoundException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns a resource not found - * exception.
+ *The message returned when the Amazon Cognito service returns a resource not found exception.
*/ message?: string; } /** - *This exception is thrown when the user has made too many requests for a given - * operation.
+ *This exception is thrown when the user has made too many requests for a given operation.
*/ export interface TooManyRequestsException extends __SmithyException, $MetadataBearer { name: "TooManyRequestsException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns a too many requests - * exception.
+ *The message returned when the Amazon Cognito service returns a too many requests exception.
*/ message?: string; } /** - *This exception is thrown when you are trying to modify a user pool while a user import - * job is in progress for that pool.
+ *This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.
*/ export interface UserImportInProgressException extends __SmithyException, $MetadataBearer { name: "UserImportInProgressException"; @@ -498,13 +478,13 @@ export namespace AdminAddUserToGroupRequest { } /** - *This exception is thrown when a user is not found.
+ *This exception is thrown when a user isn't found.
*/ export interface UserNotFoundException extends __SmithyException, $MetadataBearer { name: "UserNotFoundException"; $fault: "client"; /** - *The message returned when a user is not found.
+ *The message returned when a user isn't found.
*/ message?: string; } @@ -524,37 +504,31 @@ export interface AdminConfirmSignUpRequest { Username: string | undefined; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *If your user pool configuration includes triggers, the AdminConfirmSignUp API action
- * invokes the Lambda function that is specified for the post
- * confirmation trigger. When Amazon Cognito invokes this function, it
- * passes a JSON payload, which the function receives as input. In this payload, the
- * clientMetadata attribute provides the data that you assigned to the
- * ClientMetadata parameter in your AdminConfirmSignUp request. In your function code in
- * Lambda, you can process the ClientMetadata value to enhance your workflow for your
- * specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *If your user pool configuration includes triggers, the AdminConfirmSignUp API action invokes the Lambda function that is specified
+ * for the post confirmation trigger. When Amazon Cognito invokes this function, it passes a
+ * JSON
+ * payload, which the function receives as input. In this payload, the clientMetadata attribute provides the data that you assigned
+ * to the ClientMetadata parameter in your AdminConfirmSignUp request. In your function code in Lambda, you can process the ClientMetadata value
+ * to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows + * with Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration + * doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *Represents the response from the server for the request to confirm - * registration.
+ *Represents the response from the server for the request to confirm registration.
*/ export interface AdminConfirmSignUpResponse {} @@ -585,21 +558,19 @@ export namespace AdminConfirmSignUpResponse { } /** - *This exception is thrown when the Amazon Cognito service encounters an invalid Lambda response.
+ *This exception is thrown when Amazon Cognito encounters an invalid Lambda response.
*/ export interface InvalidLambdaResponseException extends __SmithyException, $MetadataBearer { name: "InvalidLambdaResponseException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service throws an invalid Lambda - * response exception.
+ *The message returned when Amazon Cognito hrows an invalid Lambda response exception.
*/ message?: string; } /** - *This exception is thrown when a user exceeds the limit for a requested Amazon Web Services - * resource.
+ *This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.
*/ export interface LimitExceededException extends __SmithyException, $MetadataBearer { name: "LimitExceededException"; @@ -611,43 +582,37 @@ export interface LimitExceededException extends __SmithyException, $MetadataBear } /** - *This exception is thrown when the user has made too many failed attempts for a given - * action (e.g., sign in).
+ *This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.
*/ export interface TooManyFailedAttemptsException extends __SmithyException, $MetadataBearer { name: "TooManyFailedAttemptsException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns a too many failed - * attempts exception.
+ *The message returned when Amazon Cognito returns a TooManyFailedAttempts exception.
This exception is thrown when the Amazon Cognito service encounters an unexpected - * exception with the Lambda service.
+ *This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.
*/ export interface UnexpectedLambdaException extends __SmithyException, $MetadataBearer { name: "UnexpectedLambdaException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns an unexpected Lambda - * exception.
+ *The message returned when Amazon Cognito returns an unexpected Lambda exception.
*/ message?: string; } /** - *This exception is thrown when the Amazon Cognito service encounters a user validation - * exception with the Lambda service.
+ *This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.
*/ export interface UserLambdaValidationException extends __SmithyException, $MetadataBearer { name: "UserLambdaValidationException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service returns a user validation - * exception with the Lambda service.
+ *The message returned when the Amazon Cognito service returns a user validation exception with the Lambda service.
*/ message?: string; } @@ -697,137 +662,98 @@ export interface AdminCreateUserRequest { UserPoolId: string | undefined; /** - *The username for the user. Must be unique within the user pool. Must be a UTF-8 string - * between 1 and 128 characters. After the user is created, the username cannot be - * changed.
+ *The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username can't be changed.
*/ Username: string | undefined; /** - *An array of name-value pairs that contain user attributes and attribute values to be
- * set for the user to be created. You can create a user without specifying any attributes
- * other than Username. However, any attributes that you specify as required
- * (when creating a user pool or in the Attributes tab of
- * the console) must be supplied either by you (in your call to
- * AdminCreateUser) or by the user (when he or she signs up in response to
- * your welcome message).
For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
To send a message inviting the user to sign up, you must specify the user's email - * address or phone number. This can be done in your call to AdminCreateUser or in the - * Users tab of the Amazon Cognito console for - * managing your user pools.
- *In your call to AdminCreateUser, you can set the
- * email_verified attribute to True, and you can set the
- * phone_number_verified attribute to True. (You can also do
- * this by calling AdminUpdateUserAttributes.)
- * email: The email address of the user to whom
- * the message that contains the code and username will be sent. Required if the
- * email_verified attribute is set to True, or if
- * "EMAIL" is specified in the DesiredDeliveryMediums
- * parameter.
- * phone_number: The phone number of the user to
- * whom the message that contains the code and username will be sent. Required if
- * the phone_number_verified attribute is set to True, or
- * if "SMS" is specified in the DesiredDeliveryMediums
- * parameter.
An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes
+ * other than Username. However, any attributes that you specify as required (when creating a user pool or in the Attributes tab
+ * of the console) either you should supply (in your call to AdminCreateUser) or the user should supply (when they sign up in response to your welcome message).
For custom attributes, you must prepend the custom: prefix to the attribute name.
To send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or + * in the Users tab of the Amazon Cognito console for managing your user pools.
+ *In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified
+ * attribute to True. You can also do this by calling
+ * AdminUpdateUserAttributes.
+ * email: The email address of the user to whom the message that contains the code and username will be sent. Required if the
+ * email_verified attribute is set to True, or if "EMAIL" is specified in the DesiredDeliveryMediums parameter.
+ * phone_number: The phone number of the user to whom the message that contains the code and username will be sent. Required if the
+ * phone_number_verified attribute is set to True, or if "SMS" is specified in the DesiredDeliveryMediums parameter.
The user's validation data. This is an array of name-value pairs that contain user - * attributes and attribute values that you can use for custom validation, such as - * restricting the types of user accounts that can be registered. For example, you might - * choose to allow or disallow user sign-up based on the user's domain.
- *To configure custom validation, you must create a Pre Sign-up Lambda trigger for the - * user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger - * receives the validation data and uses it in the validation process.
- *The user's validation data is not persisted.
+ *The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the + * types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.
+ *To configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation + * data and uses it in the validation process.
+ *The user's validation data isn't persisted.
*/ ValidationData?: AttributeType[]; /** - *The user's temporary password. This password must conform to the password policy that - * you specified when you created the user pool.
- *The temporary password is valid only once. To complete the Admin Create User flow, the - * user must enter the temporary password in the sign-in page along with a new password to - * be used in all future sign-ins.
- *This parameter is not required. If you do not specify a value, Amazon Cognito - * generates one for you.
- *The temporary password can only be used until the user account expiration limit that
- * you specified when you created the user pool. To reset the account after that time
- * limit, you must call AdminCreateUser again, specifying
- * "RESEND" for the MessageAction parameter.
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.
+ *The temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page, along with a new password to be used + * in all future sign-ins.
+ *This parameter isn't required. If you don't specify a value, Amazon Cognito generates one for you.
+ *The temporary password can only be used until the user account expiration limit that you specified when you created the user pool. To reset the account after that time limit, you must
+ * call AdminCreateUser again, specifying "RESEND" for the MessageAction parameter.
This parameter is only used if the phone_number_verified or
- * email_verified attribute is set to True. Otherwise, it is
- * ignored.
If this parameter is set to True and the phone number or email address
- * specified in the UserAttributes parameter already exists as an alias with a different
- * user, the API call will migrate the alias from the previous user to the newly created
- * user. The previous user will no longer be able to log in using that alias.
If this parameter is set to False, the API throws an
- * AliasExistsException error if the alias already exists. The default
- * value is False.
This parameter is used only if the phone_number_verified or email_verified attribute is set to True. Otherwise, it is ignored.
If this parameter is set to True and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API
+ * call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.
If this parameter is set to False, the API throws an AliasExistsException error if the alias already exists. The default value is False.
Set to "RESEND" to resend the invitation message to a user that already
- * exists and reset the expiration limit on the user's account. Set to
- * "SUPPRESS" to suppress sending the message. Only one value can be
- * specified.
Set to RESEND to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to SUPPRESS to suppress
+ * sending the message. You can specify only one value.
Specify "EMAIL" if email will be used to send the welcome message.
- * Specify "SMS" if the phone number will be used. The default value is
- * "SMS". More than one value can be specified.
Specify "EMAIL" if email will be used to send the welcome message. Specify "SMS" if the phone number will be used. The default value is "SMS". You
+ * can specify more than one value.
A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is
- * assigned to the pre sign-up trigger. When Amazon Cognito invokes
- * this function, it passes a JSON payload, which the function receives as input. This
- * payload contains a clientMetadata attribute, which provides the data that
- * you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your
- * function code in Lambda, you can process the clientMetadata value to
- * enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminCreateUser API action,
+ * Amazon Cognito invokes the function that is assigned to the pre sign-up trigger. When Amazon Cognito invokes this function,
+ * it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute,
+ * which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code
+ * in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
*Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *- * This data type is no longer supported. You can use it only for - * SMS MFA configurations. You can't use it for TOTP software token MFA - * configurations.
+ * This data type is no longer supported. You can use it + * only for SMS multi-factor authentication (MFA) configurations. You can't use it for time-based one-time password (TOTP) software token MFA configurations. */ export interface MFAOptionType { /** - *The delivery medium to send the MFA code. You can use this parameter to set only the
- * SMS delivery medium value.
The delivery medium to send the MFA code. You can use this parameter to set only the SMS delivery medium value.
The attribute name of the MFA option type. The only valid value is
- * phone_number.
The attribute name of the MFA option type. The only valid value is phone_number.
The user name of the user you wish to describe.
+ *The user name of the user you want to describe.
*/ Username?: string; @@ -920,31 +843,30 @@ export interface UserType { Enabled?: boolean; /** - *The user status. Can be one of the following:
- *The user status. This can be one of the following:
+ * + *UNCONFIRMED - User has been created but not confirmed.
+ *UNCONFIRMED - User has been created but not confirmed.
*CONFIRMED - User has been confirmed.
+ *CONFIRMED - User has been confirmed.
*ARCHIVED - User is no longer active.
+ *ARCHIVED - User is no longer active.
*COMPROMISED - User is disabled due to a potential security threat.
+ *COMPROMISED - User is disabled due to a potential security threat.
*UNKNOWN - User status is not known.
+ *UNKNOWN - User status isn't known.
*RESET_REQUIRED - User is confirmed, but the user must request a code and reset - * his or her password before he or she can sign in.
+ *RESET_REQUIRED - User is confirmed, but the user must request a code and reset their password before they can sign in.
*FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a - * temporary password, but on first sign-in, the user must change his or her - * password to a new value before doing anything else.
+ *FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a temporary password, but on first sign-in, the user must change their password to a + * new value before doing anything else.
*This exception is thrown when a verification code fails to deliver - * successfully.
+ *This exception is thrown when a verification code fails to deliver successfully.
*/ export interface CodeDeliveryFailureException extends __SmithyException, $MetadataBearer { name: "CodeDeliveryFailureException"; @@ -1001,44 +922,38 @@ export interface CodeDeliveryFailureException extends __SmithyException, $Metada } /** - *This exception is thrown when the Amazon Cognito service encounters an invalid - * password.
+ *This exception is thrown when Amazon Cognito encounters an invalid password.
*/ export interface InvalidPasswordException extends __SmithyException, $MetadataBearer { name: "InvalidPasswordException"; $fault: "client"; /** - *The message returned when the Amazon Cognito service throws an invalid user password - * exception.
+ *The message returned when Amazon Cognito throws an invalid user password exception.
*/ message?: string; } /** - *This exception is returned when the role provided for SMS configuration does not have - * permission to publish using Amazon SNS.
+ *This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.
*/ export interface InvalidSmsRoleAccessPolicyException extends __SmithyException, $MetadataBearer { name: "InvalidSmsRoleAccessPolicyException"; $fault: "client"; /** - *The message retuned when the invalid SMS role access policy exception is - * thrown.
+ *The message returned when the invalid SMS role access policy exception is thrown.
*/ message?: string; } /** - *This exception is thrown when the trust relationship is invalid for the role provided
- * for SMS configuration. This can happen if you do not trust cognito-idp.amazonaws.com or the external ID provided in the role does
- * not match what is provided in the SMS configuration for the user pool.
This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the
+ * external ID provided in the role does not match what is provided in the SMS configuration for the user pool.
The message returned when the role trust relationship for the SMS message is - * invalid.
+ *The message returned when the role trust relationship for the SMS message is not valid.
*/ message?: string; } @@ -1056,7 +971,8 @@ export interface PreconditionNotMetException extends __SmithyException, $Metadat } /** - *The request failed because the user is in an unsupported state.
+ *The request failed because the user is in an unsupported + * state.
*/ export interface UnsupportedUserStateException extends __SmithyException, $MetadataBearer { name: "UnsupportedUserStateException"; @@ -1068,8 +984,7 @@ export interface UnsupportedUserStateException extends __SmithyException, $Metad } /** - *This exception is thrown when Amazon Cognito encounters a user name that already - * exists in the user pool.
+ *This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.
*/ export interface UsernameExistsException extends __SmithyException, $MetadataBearer { name: "UsernameExistsException"; @@ -1090,12 +1005,14 @@ export interface MessageTemplateType { SMSMessage?: string; /** - *The message template for email messages. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
+ *The message template for email messages. EmailMessage is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailMessage?: string; /** - *The subject line for email messages. EmailSubject is allowed only if EmailSendingAccount is DEVELOPER.
+ *The subject line for email messages. EmailSubject is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailSubject?: string; } @@ -1114,22 +1031,17 @@ export namespace MessageTemplateType { */ export interface AdminCreateUserConfigType { /** - *Set to True if only the administrator is allowed to create user profiles.
- * Set to False if users can sign themselves up via an app.
Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.
The user account expiration limit, in days, after which the account is no longer
- * usable. To reset the account after that time limit, you must call
- * AdminCreateUser again, specifying "RESEND" for the
- * MessageAction parameter. The default value for this parameter is 7.
If you set a value for TemporaryPasswordValidityDays in
- * PasswordPolicy, that value will be used and
- * UnusedAccountValidityDays will be deprecated for that user pool.
- *
The user account expiration limit, in days, after which the account is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again,
+ * specifying "RESEND" for the MessageAction parameter. The default value for this parameter is 7.
If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that value will be used, and UnusedAccountValidityDays will be no longer
+ * be an available parameter for that user pool.
The user name of the user you wish to delete.
+ *The user name of the user you want to delete.
*/ Username: string | undefined; } @@ -1189,9 +1101,8 @@ export interface AdminDeleteUserAttributesRequest { Username: string | undefined; /** - *An array of strings representing the user attribute names you wish to delete.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
An array of strings representing the user attribute names you want to delete.
+ *For custom attributes, you must prepend the custom: prefix to the attribute name.
Represents the response received from the server for a request to delete user - * attributes.
+ *Represents the response received from the server for a request to delete user attributes.
*/ export interface AdminDeleteUserAttributesResponse {} @@ -1226,19 +1136,17 @@ export namespace AdminDeleteUserAttributesResponse { */ export interface ProviderUserIdentifierType { /** - *The name of the provider, for example, Facebook, Google, or Login with Amazon.
+ *The name of the provider, such as Facebook, Google, or Login with Amazon.
*/ ProviderName?: string; /** - *The name of the provider attribute to link to, for example,
- * NameID.
The name of the provider attribute to link to, such as NameID.
The value of the provider attribute to link to, for example,
- * xxxxx_account.
The value of the provider attribute to link to, such as xxxxx_account.
This exception is thrown when a user tries to confirm the account with an email or - * phone number that has already been supplied as an alias from a different account. This - * exception tells user that an account with this email or phone already exists.
+ *This exception is thrown when a user tries to confirm the account with an email or phone number that has already been supplied as an alias from a different account. This exception + * tells user that an account with this email or phone already exists.
*/ export interface AliasExistsException extends __SmithyException, $MetadataBearer { name: "AliasExistsException"; @@ -1308,7 +1215,7 @@ export interface AdminDisableUserRequest { UserPoolId: string | undefined; /** - *The user name of the user you wish to disable.
+ *The user name of the user you want to disable.
*/ Username: string | undefined; } @@ -1324,8 +1231,7 @@ export namespace AdminDisableUserRequest { } /** - *Represents the response received from the server to disable the user as an - * administrator.
+ *Represents the response received from the server to disable the user as an administrator.
*/ export interface AdminDisableUserResponse {} @@ -1348,7 +1254,7 @@ export interface AdminEnableUserRequest { UserPoolId: string | undefined; /** - *The user name of the user you wish to enable.
+ *The user name of the user you want to enable.
*/ Username: string | undefined; } @@ -1364,8 +1270,7 @@ export namespace AdminEnableUserRequest { } /** - *Represents the response from the server for the request to enable a user as an - * administrator.
+ *Represents the response from the server for the request to enable a user as an administrator.
*/ export interface AdminEnableUserResponse {} @@ -1409,13 +1314,13 @@ export namespace AdminForgetDeviceRequest { } /** - *This exception is thrown when the user pool configuration is invalid.
+ *This exception is thrown when the user pool configuration is not valid.
*/ export interface InvalidUserPoolConfigurationException extends __SmithyException, $MetadataBearer { name: "InvalidUserPoolConfigurationException"; $fault: "client"; /** - *The message returned when the user pool configuration is invalid.
+ *The message returned when the user pool configuration is not valid.
*/ message?: string; } @@ -1475,7 +1380,7 @@ export interface DeviceType { DeviceLastModifiedDate?: Date; /** - *The date in which the device was last authenticated.
+ *The date when the device was last authenticated.
*/ DeviceLastAuthenticatedDate?: Date; } @@ -1517,13 +1422,12 @@ export namespace AdminGetDeviceResponse { */ export interface AdminGetUserRequest { /** - *The user pool ID for the user pool where you want to get information about the - * user.
+ *The user pool ID for the user pool where you want to get information about the user.
*/ UserPoolId: string | undefined; /** - *The user name of the user you wish to retrieve.
+ *The user name of the user you want to retrieve.
*/ Username: string | undefined; } @@ -1539,12 +1443,11 @@ export namespace AdminGetUserRequest { } /** - *Represents the response from the server from the request to get the specified user as - * an administrator.
+ *Represents the response from the server from the request to get the specified user as an administrator.
*/ export interface AdminGetUserResponse { /** - *The user name of the user about whom you are receiving information.
+ *The user name of the user about whom you're receiving information.
*/ Username: string | undefined; @@ -1564,36 +1467,34 @@ export interface AdminGetUserResponse { UserLastModifiedDate?: Date; /** - *Indicates that the status is enabled.
+ *Indicates that the status is enabled.
The user status. Can be one of the following:
- *UNCONFIRMED - User has been created but not confirmed.
+ *UNCONFIRMED - User has been created but not confirmed.
*CONFIRMED - User has been confirmed.
+ *CONFIRMED - User has been confirmed.
*ARCHIVED - User is no longer active.
+ *ARCHIVED - User is no longer active.
*COMPROMISED - User is disabled due to a potential security threat.
+ *COMPROMISED - User is disabled due to a potential security threat.
*UNKNOWN - User status is not known.
+ *UNKNOWN - User status isn't known.
*RESET_REQUIRED - User is confirmed, but the user must request a code and reset - * his or her password before he or she can sign in.
+ *RESET_REQUIRED - User is confirmed, but the user must request a code and reset their password before they can sign in.
*FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a - * temporary password, but on first sign-in, the user must change his or her - * password to a new value before doing anything else.
+ *FORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a temporary password, but on first sign-in, the user must change their password to a new value + * before doing anything else.
*- * This response parameter is no longer supported. It provides - * information only about SMS MFA configurations. It doesn't provide information about TOTP - * software token MFA configurations. To look up information about either type of MFA - * configuration, use UserMFASettingList instead.
+ * This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about time-based one-time + * password (TOTP) software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead. */ MFAOptions?: MFAOptionType[]; @@ -1614,8 +1513,7 @@ export interface AdminGetUserResponse { PreferredMfaSetting?: string; /** - *The MFA options that are enabled for the user. The possible values in this list are
- * SMS_MFA and SOFTWARE_TOKEN_MFA.
The MFA options that are activated for the user. The possible values in this list are SMS_MFA and SOFTWARE_TOKEN_MFA.
An Amazon Pinpoint analytics endpoint.
- *An endpoint uniquely identifies a mobile device, email address, or phone number that - * can receive messages from Amazon Pinpoint analytics.
- *Cognito User Pools only supports sending events to Amazon Pinpoint projects in the - * US East (N. Virginia) us-east-1 Region, regardless of the region in which the user - * pool resides.
- *An endpoint uniquely identifies a mobile device, email address, or phone number that can receive messages from Amazon Pinpoint analytics.
+ *Amazon Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the Region in which the user pool resides.
+ *The header name
+ *The header name.
*/ headerName?: string; @@ -1694,8 +1589,7 @@ export namespace HttpHeader { } /** - *Contextual user data type used for evaluating the risk of an unexpected event by - * Amazon Cognito advanced security.
+ *Contextual user data type used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ export interface ContextDataType { /** @@ -1709,7 +1603,7 @@ export interface ContextDataType { ServerName: string | undefined; /** - *Your server path where this API is invoked.
+ *Your server path where this API is invoked.
*/ ServerPath: string | undefined; @@ -1719,8 +1613,7 @@ export interface ContextDataType { HttpHeaders: HttpHeader[] | undefined; /** - *Encoded data containing device fingerprinting details, collected using the Amazon - * Cognito context data collection library.
+ *Encoded data containing device fingerprinting details collected using the Amazon Cognito context data collection library.
*/ EncodedData?: string; } @@ -1749,179 +1642,142 @@ export interface AdminInitiateAuthRequest { ClientId: string | undefined; /** - *The authentication flow for this call to execute. The API action will depend on this - * value. For example:
- *The authentication flow for this call to run. The API action will depend on this value. For example:
+ * + *
- * REFRESH_TOKEN_AUTH will take in a valid refresh token and return
- * new tokens.
+ * REFRESH_TOKEN_AUTH will take in a valid refresh token and return new tokens.
- * USER_SRP_AUTH will take in USERNAME and
- * SRP_A and return the SRP variables to be used for next
- * challenge execution.
+ * USER_SRP_AUTH will take in USERNAME and SRP_A and return the Secure Remote Password (SRP) protocol variables to be used for next
+ * challenge execution.
- * USER_PASSWORD_AUTH will take in USERNAME and
- * PASSWORD and return the next challenge or tokens.
+ * ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD and return the next challenge or tokens.
Valid values include:
- *
- * USER_SRP_AUTH: Authentication flow for the Secure Remote Password
- * (SRP) protocol.
+ * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
- * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication
- * flow for refreshing the access token and ID token by supplying a valid refresh
- * token.
+ * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
+ *
* CUSTOM_AUTH: Custom authentication flow.
- * ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in
- * the USERNAME and PASSWORD directly if the flow is enabled for calling the app
- * client.
+ * ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the USERNAME and PASSWORD directly if the flow is enabled for calling the app client.
- * USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and
- * PASSWORD are passed directly. If a user migration Lambda trigger is set, this
- * flow will invoke the user migration Lambda if the USERNAME is not found in the
- * user pool.
- * ADMIN_USER_PASSWORD_AUTH: Admin-based user password
- * authentication. This replaces the ADMIN_NO_SRP_AUTH authentication
- * flow. In this flow, Cognito receives the password in the request instead of
- * using the SRP process to verify passwords.
+ * ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication. This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow, Amazon Cognito
+ * receives the password in the request instead of using the SRP process to verify passwords.
The authentication parameters. These are inputs corresponding to the
- * AuthFlow that you are invoking. The required values depend on the value
- * of AuthFlow:
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required),
- * SRP_A (required), SECRET_HASH (required if the app
- * client is configured with a client secret), DEVICE_KEY.
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client
+ * secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN
- * (required), SECRET_HASH (required if the app client is configured
- * with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret),
+ * DEVICE_KEY.
For ADMIN_NO_SRP_AUTH: USERNAME (required),
- * SECRET_HASH (if app client is configured with client secret),
- * PASSWORD (required), DEVICE_KEY.
For ADMIN_NO_SRP_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), PASSWORD (required),
+ * DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required),
- * SECRET_HASH (if app client is configured with client secret),
- * DEVICE_KEY. To start the authentication flow with password
- * verification, include ChallengeName: SRP_A and SRP_A: (The
- * SRP_A Value).
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the
+ * authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
A map of custom key-value pairs that you can provide as input for certain custom - * workflows that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers. - * When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda - * functions that are specified for various triggers. The ClientMetadata value is passed as - * input to the functions for only the following triggers:
- *A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for + * various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
+ *Pre signup
+ *Pre signup
*Pre authentication
+ *Pre authentication
*User migration
+ *User migration
*When Amazon Cognito invokes the functions for these triggers, it passes a JSON
- * payload, which the function receives as input. This payload contains a
- * validationData attribute, which provides the data that you assigned to
- * the ClientMetadata parameter in your AdminInitiateAuth request. In your function code in
- * Lambda, you can process the validationData value to enhance your
- * workflow for your specific needs.
When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the - * functions for the following triggers, but it does not provide the ClientMetadata value - * as input:
- *validationData attribute, which provides the data that you assigned to the
+ * ClientMetadata parameter in your AdminInitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance
+ * your workflow for your specific needs.
+ * When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
+ *Post authentication
+ *Post authentication
*Custom message
+ *Custom message
*Pre token generation
+ *Pre token generation
*Create auth challenge
+ *Create auth challenge
*Define auth challenge
+ *Define auth challenge
*Verify auth challenge
+ *Verify auth challenge
*For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
+ *For more information, see Customizing User Pool Workflows with + * Lambda Triggers in the Amazon Cognito Developer Guide.
+ * *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration + * doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The analytics metadata for collecting Amazon Pinpoint metrics for
- * AdminInitiateAuth calls.
The analytics metadata for collecting Amazon Pinpoint metrics for AdminInitiateAuth calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ ContextData?: ContextDataType; } @@ -2026,111 +1882,82 @@ export enum ChallengeNameType { */ export interface AdminInitiateAuthResponse { /** - *The name of the challenge which you are responding to with this call. This is returned
- * to you in the AdminInitiateAuth response if you need to pass another
- * challenge.
The name of the challenge that you're responding to with this call. This is returned in the AdminInitiateAuth response if you must pass another challenge.
- * MFA_SETUP: If MFA is required, users who do not have at least one
- * of the MFA methods set up are presented with an MFA_SETUP
- * challenge. The user must set up at least one MFA type to continue to
- * authenticate.
+ * MFA_SETUP: If MFA is required, users who don't have at least one of the MFA methods set up are presented with an MFA_SETUP challenge. The user must set up at
+ * least one MFA type to continue to authenticate.
- * SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are
- * SMS_MFA for text SMS MFA, and SOFTWARE_TOKEN_MFA
- * for TOTP software token MFA.
+ * SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA for text SMS MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password (TOTP)
+ * software token MFA.
- * SMS_MFA: Next challenge is to supply an
- * SMS_MFA_CODE, delivered via SMS.
+ * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
- * PASSWORD_VERIFIER: Next challenge is to supply
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after
- * the client-side SRP calculations.
+ * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the
+ * client-side SRP calculations.
- * CUSTOM_CHALLENGE: This is returned if your custom authentication
- * flow determines that the user should pass another challenge before tokens are
- * issued.
+ * CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
- * DEVICE_SRP_AUTH: If device tracking was enabled on your user pool
- * and the previous challenges were passed, this challenge is returned so that
- * Amazon Cognito can start tracking this device.
+ * DEVICE_SRP_AUTH: If device tracking was activated in your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking
+ * this device.
- * DEVICE_PASSWORD_VERIFIER: Similar to
- * PASSWORD_VERIFIER, but for devices only.
+ * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
- * ADMIN_NO_SRP_AUTH: This is returned if you need to authenticate
- * with USERNAME and PASSWORD directly. An app client
- * must be enabled to use this flow.
+ * ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME and PASSWORD directly. An app client must be enabled to use this flow.
- * NEW_PASSWORD_REQUIRED: For users who are required to change their
- * passwords after successful first login. This challenge should be passed with
- * NEW_PASSWORD and any other required attributes.
+ * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. This challenge should be passed with NEW_PASSWORD
+ * and any other required attributes.
- * MFA_SETUP: For users who are required to setup an MFA factor
- * before they can sign-in. The MFA types enabled for the user pool will be listed
- * in the challenge parameters MFA_CAN_SETUP value.
To setup software token MFA, use the session returned here from
- * InitiateAuth as an input to
- * AssociateSoftwareToken, and use the session returned by
- * VerifySoftwareToken as an input to
- * RespondToAuthChallenge with challenge name
- * MFA_SETUP to complete sign-in. To setup SMS MFA, users will
- * need help from an administrator to add a phone number to their account and then
- * call InitiateAuth again to restart sign-in.
+ * MFA_SETUP: For users who are required to set up an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge
+ * parameters MFA_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken, and use the session returned by
+ * VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, users will
+ * need help from an administrator to add a phone number to their account and then call InitiateAuth again to restart sign-in.
The session which should be passed both ways in challenge-response calls to the
- * service. If AdminInitiateAuth or AdminRespondToAuthChallenge
- * API call determines that the caller needs to go through another challenge, they return a
- * session with other challenge parameters. This session should be passed as it is to the
- * next AdminRespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If AdminInitiateAuth or AdminRespondToAuthChallenge API call determines
+ * that the caller must pass another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next AdminRespondToAuthChallenge
+ * API call.
The challenge parameters. These are returned to you in the
- * AdminInitiateAuth response if you need to pass another challenge. The
- * responses in this parameter should be used to compute inputs to the next call
- * (AdminRespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if
- * applicable).
The value of the USER_ID_FOR_SRP attribute will be the user's actual
- * username, not an alias (such as email address or phone number), even if you specified an
- * alias in your call to AdminInitiateAuth. This is because, in the
- * AdminRespondToAuthChallenge API ChallengeResponses, the
- * USERNAME attribute cannot be an alias.
The challenge parameters. These are returned to you in the AdminInitiateAuth response if you must pass another challenge. The responses in this parameter should be used to
+ * compute inputs to the next call (AdminRespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if applicable).
The value of the USER_ID_FOR_SRP attribute is the user's actual username, not an alias (such as email address or phone number), even if you specified an alias in your call
+ * to AdminInitiateAuth. This happens because, in the AdminRespondToAuthChallenge API ChallengeResponses, the USERNAME attribute can't be
+ * an alias.
The result of the authentication response. This is only returned if the caller does
- * not need to pass another challenge. If the caller does need to pass another challenge
- * before it gets tokens, ChallengeName, ChallengeParameters, and
- * Session are returned.
The result of the authentication response. This is only returned if the caller doesn't need to pass another challenge. If the caller does need to pass another challenge before it gets tokens,
+ * ChallengeName, ChallengeParameters, and Session are returned.
This exception is thrown when Amazon Cognito cannot find a multi-factor authentication - * (MFA) method.
+ *This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.
*/ export interface MFAMethodNotFoundException extends __SmithyException, $MetadataBearer { name: "MFAMethodNotFoundException"; $fault: "client"; /** - *The message returned when Amazon Cognito throws an MFA method not found - * exception.
+ *The message returned when Amazon Cognito throws an MFA method not found exception.
*/ message?: string; } @@ -2174,13 +1999,13 @@ export interface PasswordResetRequiredException extends __SmithyException, $Meta } /** - *This exception is thrown when a user is not confirmed successfully.
+ *This exception is thrown when a user isn't confirmed successfully.
*/ export interface UserNotConfirmedException extends __SmithyException, $MetadataBearer { name: "UserNotConfirmedException"; $fault: "client"; /** - *The message returned when a user is not confirmed successfully.
+ *The message returned when a user isn't confirmed successfully.
*/ message?: string; } @@ -2192,42 +2017,29 @@ export interface AdminLinkProviderForUserRequest { UserPoolId: string | undefined; /** - *The existing user in the user pool to be linked to the external identity provider user - * account. Can be a native (Username + Password) Cognito User Pools user or a federated - * user (for example, a SAML or Facebook user). If the user doesn't exist, an exception is - * thrown. This is the user that is returned when the new user (with the linked identity - * provider attribute) signs in.
- *For a native username + password user, the ProviderAttributeValue for the
- * DestinationUser should be the username in the user pool. For a
- * federated user, it should be the provider-specific user_id.
The ProviderAttributeName of the DestinationUser is
- * ignored.
The ProviderName should be set to Cognito for users in
- * Cognito user pools.
The existing user in the user pool to be linked to the external identity provider user account. Can be a native (Username + Password) Amazon Cognito User Pools user or a federated user + * (for example, a SAML or Facebook user). If the user doesn't exist, an exception is thrown. This is the user that is returned when the new user (with the linked identity provider + * attribute) signs in.
+ *For a native username + password user, the ProviderAttributeValue for the DestinationUser should be the username in the user pool. For a federated user,
+ * it should be the provider-specific user_id.
The ProviderAttributeName of the DestinationUser is ignored.
The ProviderName should be set to Cognito for users in Cognito user pools.
All attributes in the DestinationUser profile must be mutable. If you have assigned the user any immutable custom attributes, the operation won't succeed.
+ *An external identity provider account for a user who does not currently exist yet in - * the user pool. This user must be a federated user (for example, a SAML or Facebook - * user), not another native user.
- *If the SourceUser is a federated social identity provider user (Facebook,
- * Google, or Login with Amazon), you must set the ProviderAttributeName to
- * Cognito_Subject. For social identity providers, the
- * ProviderName will be Facebook, Google, or
- * LoginWithAmazon, and Cognito will automatically parse the Facebook,
- * Google, and Login with Amazon tokens for id, sub, and
- * user_id, respectively. The ProviderAttributeValue for the
- * user must be the same value as the id, sub, or
- * user_id value found in the social identity provider token.
For SAML, the ProviderAttributeName can be any value that matches a claim
- * in the SAML assertion. If you wish to link SAML users based on the subject of the SAML
- * assertion, you should map the subject to a claim through the SAML identity provider and
- * submit that claim name as the ProviderAttributeName. If you set
- * ProviderAttributeName to Cognito_Subject, Cognito will
- * automatically parse the default unique identifier found in the subject from the SAML
- * token.
An external identity provider account for a user who doesn't exist yet in the user pool. This user must be a federated user (for example, a SAML or Facebook user), not another native user.
+ *If the SourceUser is using a federated social identity provider, such as Facebook, Google, or Login with Amazon, you must set the ProviderAttributeName
+ * to Cognito_Subject. For social identity providers, the ProviderName will be Facebook, Google, or LoginWithAmazon,
+ * and Amazon Cognito will automatically parse the Facebook, Google, and Login with Amazon tokens for id, sub, and user_id, respectively. The
+ * ProviderAttributeValue for the user must be the same value as the id, sub, or user_id value found in the social identity provider token.
For SAML, the ProviderAttributeName can be any value that matches a claim in the SAML assertion. If you want to link SAML users based on the subject of the SAML
+ * assertion, you should map the subject to a claim through the SAML identity provider and submit that claim name as the ProviderAttributeName. If you set
+ * ProviderAttributeName to Cognito_Subject, Amazon Cognito will automatically parse the default unique identifier found in the subject from the SAML token.
An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -2364,24 +2175,19 @@ export interface GroupType { Description?: string; /** - *The role ARN for the group.
+ *The role Amazon Resource Name (ARN) for the group.
*/ RoleArn?: string; /** - *A nonnegative integer value that specifies the precedence of this group relative to
- * the other groups that a user can belong to in the user pool. If a user belongs to two or
- * more groups, it is the group with the highest precedence whose role ARN will be used in
- * the cognito:roles and cognito:preferred_role claims in the
- * user's tokens. Groups with higher Precedence values take precedence over
- * groups with lower Precedence values or with null Precedence
- * values.
Two groups can have the same Precedence value. If this happens, neither
- * group takes precedence over the other. If two groups with the same
- * Precedence have the same role ARN, that role is used in the
- * cognito:preferred_role claim in tokens for users in each group. If the
- * two groups have different role ARNs, the cognito:preferred_role claim is
- * not set in users' tokens.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in
+ * the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with
+ * higher ornull Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence
+ * value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two
+ * groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim
+ * in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in
+ * users' tokens.
The default Precedence value is null.
An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -2475,7 +2280,7 @@ export enum ChallengeResponse { */ export interface ChallengeResponseType { /** - *The challenge name
+ *The challenge name.
*/ ChallengeName?: ChallengeName | string; @@ -2599,8 +2404,7 @@ export interface EventRiskType { RiskLevel?: RiskLevelType | string; /** - *Indicates whether compromised credentials were detected during an authentication - * event.
+ *Indicates whether compromised credentials were detected during an authentication event.
*/ CompromisedCredentialsDetected?: boolean; } @@ -2655,14 +2459,12 @@ export interface AuthEventType { ChallengeResponses?: ChallengeResponseType[]; /** - *The user context data captured at the time of an event request. It provides additional - * information about the client from which event the request is received.
+ *The user context data captured at the time of an event request. This value provides additional information about the client from which event the request is received.
*/ EventContextData?: EventContextDataType; /** - *A flag specifying the user feedback captured at the time of an event request is good - * or bad.
+ *A flag specifying the user feedback captured at the time of an event request is good or bad.
*/ EventFeedback?: EventFeedbackType; } @@ -2678,9 +2480,7 @@ export namespace AuthEventType { export interface AdminListUserAuthEventsResponse { /** - *The response object. It includes the EventID, EventType,
- * CreationDate, EventRisk, and
- * EventResponse.
The response object. It includes the EventID, EventType, CreationDate, EventRisk, and EventResponse.
This exception is thrown when user pool add-ons are not enabled.
+ *This exception is thrown when user pool add-ons aren't enabled.
*/ export interface UserPoolAddOnNotEnabledException extends __SmithyException, $MetadataBearer { name: "UserPoolAddOnNotEnabledException"; @@ -2745,43 +2545,37 @@ export interface AdminResetUserPasswordRequest { UserPoolId: string | undefined; /** - *The user name of the user whose password you wish to reset.
+ *The user name of the user whose password you want to reset.
*/ Username: string | undefined; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the AdminResetUserPassword API action, Amazon Cognito invokes the function
- * that is assigned to the custom message trigger. When Amazon Cognito
- * invokes this function, it passes a JSON payload, which the function receives as input.
- * This payload contains a clientMetadata attribute, which provides the data
- * that you assigned to the ClientMetadata parameter in your AdminResetUserPassword
- * request. In your function code in Lambda, you can process the
- * clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ * + *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminResetUserPassword API action,
+ * Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload,
+ * which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the
+ * ClientMetadata parameter in your AdminResetUserPassword request. In your function code in Lambda, you can process the clientMetadata
+ * value to enhance your workflow for your specific needs.
+ *
For more information, see Customizing User Pool + * Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *Represents the response from the server to reset a user password as an - * administrator.
+ *Represents the response from the server to reset a user password as an administrator.
*/ export interface AdminResetUserPasswordResponse {} @@ -2812,15 +2605,13 @@ export namespace AdminResetUserPasswordResponse { } /** - *This exception is thrown when Amazon Cognito is not allowed to use your email - * identity. HTTP status code: 400.
+ *This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.
*/ export interface InvalidEmailRoleAccessPolicyException extends __SmithyException, $MetadataBearer { name: "InvalidEmailRoleAccessPolicyException"; $fault: "client"; /** - *The message returned when you have an unverified email address or the identity policy - * is not set on an email address that Amazon Cognito can access.
+ *The message returned when you have an unverified email address or the identity policy isn't set on an email address that Amazon Cognito can access.
*/ message?: string; } @@ -2845,108 +2636,87 @@ export interface AdminRespondToAuthChallengeRequest { ChallengeName: ChallengeNameType | string | undefined; /** - *The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
- * SMS_MFA: SMS_MFA_CODE, USERNAME,
- * SECRET_HASH (if app client is configured with client
- * secret).
+ * SMS_MFA: SMS_MFA_CODE, USERNAME, SECRET_HASH (if app client is configured with client secret).
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME, SECRET_HASH (if app client is configured
- * with client secret).
+ * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME, SECRET_HASH
+ * (if app client is configured with client secret).
+ * PASSWORD_VERIFIER requires DEVICE_KEY when signing in with a remembered device.
- * ADMIN_NO_SRP_AUTH: PASSWORD, USERNAME,
- * SECRET_HASH (if app client is configured with client secret).
- *
+ * ADMIN_NO_SRP_AUTH: PASSWORD, USERNAME, SECRET_HASH (if app client is configured with client secret).
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other
- * required attributes, USERNAME, SECRET_HASH (if app
- * client is configured with client secret).
+ * NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other required attributes, USERNAME, SECRET_HASH (if app client is configured with
+ * client secret).
- * MFA_SETUP requires USERNAME, plus you need to use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * MFA_SETUP requires USERNAME, plus you must use the session value returned by VerifySoftwareToken in the Session parameter.
The value of the USERNAME attribute must be the user's actual username,
- * not an alias (such as email address or phone number). To make this easier, the
- * AdminInitiateAuth response includes the actual username value in the
- * USERNAMEUSER_ID_FOR_SRP attribute, even if you specified an alias in
- * your call to AdminInitiateAuth.
The value of the USERNAME attribute must be the user's actual username, not an alias (such as an email address or phone number). To make this simpler, the
+ * AdminInitiateAuth response includes the actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you specified an
+ * alias in your call to AdminInitiateAuth.
The session which should be passed both ways in challenge-response calls to the
- * service. If InitiateAuth or RespondToAuthChallenge API call
- * determines that the caller needs to go through another challenge, they return a session
- * with other challenge parameters. This session should be passed as it is to the next
- * RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If an InitiateAuth or RespondToAuthChallenge API call determines
+ * that the caller must pass another challenge, it returns a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge
+ * API call.
The analytics metadata for collecting Amazon Pinpoint metrics for
- * AdminRespondToAuthChallenge calls.
The analytics metadata for collecting Amazon Pinpoint metrics for AdminRespondToAuthChallenge calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ ContextData?: ContextDataType; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the AdminRespondToAuthChallenge API action, Amazon Cognito invokes any
- * functions that are assigned to the following triggers: pre sign-up,
- * custom message, post authentication,
- * user migration, pre token generation,
- * define auth challenge, create auth
- * challenge, and verify auth challenge response. When
- * Amazon Cognito invokes any of these functions, it passes a JSON payload, which the
- * function receives as input. This payload contains a clientMetadata
- * attribute, which provides the data that you assigned to the ClientMetadata parameter in
- * your AdminRespondToAuthChallenge request. In your function code in Lambda, you can
- * process the clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminRespondToAuthChallenge API action, Amazon Cognito
+ * invokes any functions that are assigned to the
+ * following triggers: pre sign-up, custom message, post authentication,
+ * user migration, pre token generation, define auth challenge, create auth
+ * challenge, and verify auth challenge response. When Amazon Cognito invokes any of these functions, it passes a JSON
+ * payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned
+ * to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In your function code in Lambda, you can process the
+ * clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with + * Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration + * doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The session which should be passed both ways in challenge-response calls to the
- * service. If the caller needs to go through another challenge, they return a session with
- * other challenge parameters. This session should be passed as it is to the next
- * RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters.
+ * This session should be passed as it is to the next RespondToAuthChallenge API call.
This exception is thrown if the provided code does not match what the server was - * expecting.
+ *This exception is thrown if the provided code doesn't match what the server was expecting.
*/ export interface CodeMismatchException extends __SmithyException, $MetadataBearer { name: "CodeMismatchException"; @@ -3027,8 +2794,7 @@ export interface ExpiredCodeException extends __SmithyException, $MetadataBearer } /** - *This exception is thrown when the software token TOTP multi-factor authentication - * (MFA) is not enabled for the user pool.
+ *This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
*/ export interface SoftwareTokenMFANotFoundException extends __SmithyException, $MetadataBearer { name: "SoftwareTokenMFANotFoundException"; @@ -3037,18 +2803,14 @@ export interface SoftwareTokenMFANotFoundException extends __SmithyException, $M } /** - *The type used for enabling SMS MFA at the user level. Phone numbers don't need to be - * verified to be used for SMS MFA. If an MFA type is enabled for a user, the user will be - * prompted for MFA during all sign in attempts, unless device tracking is turned on and - * the device has been trusted. If you would like MFA to be applied selectively based on - * the assessed risk level of sign in attempts, disable MFA for users and turn on Adaptive - * Authentication for the user pool.
+ *The type used for enabling SMS multi-factor authentication (MFA) at the user level. Phone numbers don't need to be verified to be used for SMS MFA. If an MFA type + * is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you + * would like MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
*/ export interface SMSMfaSettingsType { /** - *Specifies whether SMS text message MFA is enabled. If an MFA type is enabled for a - * user, the user will be prompted for MFA during all sign in attempts, unless device - * tracking is turned on and the device has been trusted.
+ *Specifies whether SMS text message MFA is activated. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is + * turned on and the device has been trusted.
*/ Enabled?: boolean; @@ -3068,17 +2830,14 @@ export namespace SMSMfaSettingsType { } /** - *The type used for enabling software token MFA at the user level. If an MFA type is - * enabled for a user, the user will be prompted for MFA during all sign in attempts, - * unless device tracking is turned on and the device has been trusted. If you would like - * MFA to be applied selectively based on the assessed risk level of sign in attempts, - * disable MFA for users and turn on Adaptive Authentication for the user pool.
+ *The type used for enabling software token MFA at the user level. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking + * is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive + * Authentication for the user pool.
*/ export interface SoftwareTokenMfaSettingsType { /** - *Specifies whether software token MFA is enabled. If an MFA type is enabled for a user, - * the user will be prompted for MFA during all sign in attempts, unless device tracking is - * turned on and the device has been trusted.
+ *Specifies whether software token MFA is activated. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned + * on and the device has been trusted.
*/ Enabled?: boolean; @@ -3147,7 +2906,7 @@ export interface AdminSetUserPasswordRequest { UserPoolId: string | undefined; /** - *The user name of the user whose password you wish to set.
+ *The user name of the user whose password you want to set.
*/ Username: string | undefined; @@ -3158,8 +2917,7 @@ export interface AdminSetUserPasswordRequest { /** *
- * True if the password is permanent, False if it is
- * temporary.
True if the password is permanent, False if it is temporary.
*/
Permanent?: boolean;
}
@@ -3187,24 +2945,21 @@ export namespace AdminSetUserPasswordResponse {
}
/**
- * You can use this parameter to set an MFA configuration that uses the SMS delivery - * medium.
+ *You can use this parameter to set an MFA configuration that uses the SMS delivery medium.
*/ export interface AdminSetUserSettingsRequest { /** - *The ID of the user pool that contains the user that you are setting options - * for.
+ *The ID of the user pool that contains the user whose options you're setting.
*/ UserPoolId: string | undefined; /** - *The user name of the user that you are setting options for.
+ *The user name of the user whose options you're setting.
*/ Username: string | undefined; /** - *You can use this parameter only to set an SMS configuration that uses SMS for - * delivery.
+ *You can use this parameter only to set an SMS configuration that uses SMS for delivery.
*/ MFAOptions: MFAOptionType[] | undefined; } @@ -3220,8 +2975,7 @@ export namespace AdminSetUserSettingsRequest { } /** - *Represents the response from the server to set user settings as an - * administrator.
+ *Represents the response from the server to set user settings as an administrator.
*/ export interface AdminSetUserSettingsResponse {} @@ -3318,7 +3072,7 @@ export namespace AdminUpdateDeviceStatusRequest { } /** - *The status response from the request to update the device, as an administrator.
+ *The status response to the request to update the device, as an administrator.
*/ export interface AdminUpdateDeviceStatusResponse {} @@ -3347,42 +3101,35 @@ export interface AdminUpdateUserAttributesRequest { /** *An array of name-value pairs representing user attributes.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
For custom attributes, you must prepend the custom: prefix to the attribute name.
A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes the
- * function that is assigned to the custom message trigger. When
- * Amazon Cognito invokes this function, it passes a JSON payload, which the function
- * receives as input. This payload contains a clientMetadata attribute, which
- * provides the data that you assigned to the ClientMetadata parameter in your
- * AdminUpdateUserAttributes request. In your function code in Lambda, you can process
- * the clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ * + *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes
+ * the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives
+ * as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your
+ * AdminUpdateUserAttributes request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for
+ * your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *Represents the response from the server for the request to update user attributes as - * an administrator.
+ *Represents the response from the server for the request to update user attributes as an administrator.
*/ export interface AdminUpdateUserAttributesResponse {} @@ -3469,14 +3215,11 @@ export enum AliasAttributeType { } /** - *The Amazon Pinpoint analytics configuration for collecting metrics for a user - * pool.
- *In regions where Pinpoint is not available, Cognito User Pools only supports - * sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint - * is available, Cognito User Pools will support sending events to Amazon Pinpoint - * projects within that same region.
- *The Amazon Pinpoint analytics configuration for collecting metrics for a user pool.
+ *In Regions where Pinpoint isn't available, User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In Regions where Pinpoint is available, User Pools will support + * sending events to Amazon Pinpoint projects within that same Region.
+ *The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon - * Pinpoint project for Pinpoint integration with the chosen User Pool Client. Amazon - * Cognito publishes events to the pinpoint project declared by the app ARN.
+ *The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project for integration with the chosen User Pool Client. Amazon Cognito publishes events to the Amazon Pinpointproject + * declared by the app ARN.
*/ ApplicationArn?: string; /** - *The ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon - * Pinpoint analytics.
+ *The ARN of an Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.
*/ RoleArn?: string; @@ -3503,8 +3244,7 @@ export interface AnalyticsConfigurationType { ExternalId?: string; /** - *If UserDataShared is true, Amazon Cognito will include user
- * data in the events it publishes to Amazon Pinpoint analytics.
If UserDataShared is true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.
The session which should be passed both ways in challenge-response calls to the - * service. This allows authentication of the user as part of the MFA setup process.
+ *The session that should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.
*/ Session?: string; } @@ -3543,14 +3282,12 @@ export namespace AssociateSoftwareTokenRequest { export interface AssociateSoftwareTokenResponse { /** - *A unique generated shared secret code that is used in the TOTP algorithm to generate a - * one time code.
+ *A unique generated shared secret code that is used in the time-based one-time password (TOTP) algorithm to generate a one-time code.
*/ SecretCode?: string; /** - *The session which should be passed both ways in challenge-response calls to the - * service. This allows authentication of the user as part of the MFA setup process.
+ *The session that should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.
*/ Session?: string; } @@ -3566,8 +3303,7 @@ export namespace AssociateSoftwareTokenResponse { } /** - *This exception is thrown if two or more modifications are happening - * concurrently.
+ *This exception is thrown if two or more modifications are happening concurrently.
*/ export interface ConcurrentModificationException extends __SmithyException, $MetadataBearer { name: "ConcurrentModificationException"; @@ -3625,7 +3361,7 @@ export namespace ChangePasswordResponse { } /** - *The device verifier against which it will be authenticated.
+ *The device verifier against which it is authenticated.
*/ export interface DeviceSecretVerifierConfigType { /** @@ -3688,8 +3424,7 @@ export namespace ConfirmDeviceRequest { */ export interface ConfirmDeviceResponse { /** - *Indicates whether the user confirmation is necessary to confirm the device - * response.
+ *Indicates whether the user confirmation must confirm the device response.
*/ UserConfirmationNecessary?: boolean; } @@ -3704,15 +3439,11 @@ export namespace ConfirmDeviceResponse { } /** - *Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ export interface UserContextDataType { /** - *Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ EncodedData?: string; } @@ -3736,20 +3467,18 @@ export interface ConfirmForgotPasswordRequest { ClientId: string | undefined; /** - *A keyed-hash message authentication code (HMAC) calculated using the secret key of a - * user pool client and username plus the client ID in the message.
+ *A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
*/ SecretHash?: string; /** - *The user name of the user for whom you want to enter a code to retrieve a forgotten - * password.
+ *The user name of the user for whom you want to enter a code to retrieve a forgotten password.
*/ Username: string | undefined; /** - *The confirmation code sent by a user's request to retrieve a forgotten password. For - * more information, see ForgotPassword.
+ *The confirmation code sent by a user's request to retrieve a forgotten password. For more information, + * see ForgotPassword.
*/ ConfirmationCode: string | undefined; @@ -3759,51 +3488,42 @@ export interface ConfirmForgotPasswordRequest { Password: string | undefined; /** - *The Amazon Pinpoint analytics metadata for collecting metrics for
- * ConfirmForgotPassword calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmForgotPassword calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the ConfirmForgotPassword API action, Amazon Cognito invokes the function
- * that is assigned to the post confirmation trigger. When Amazon
- * Cognito invokes this function, it passes a JSON payload, which the function receives as
- * input. This payload contains a clientMetadata attribute, which provides the
- * data that you assigned to the ClientMetadata parameter in your ConfirmForgotPassword
- * request. In your function code in Lambda, you can process the
- * clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ConfirmForgotPassword API action, Amazon Cognito
+ * invokes the function that is assigned to the post confirmation trigger. When Amazon Cognito invokes this function, it passes a
+ * JSON payload,
+ * which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned
+ * to the ClientMetadata parameter in your ConfirmForgotPassword request. In your function code in Lambda, you can process the
+ * clientMetadata value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The response from the server that results from a user's request to retrieve a - * forgotten password.
+ *The response from the server that results from a user's request to retrieve a forgotten password.
*/ export interface ConfirmForgotPasswordResponse {} @@ -3846,13 +3565,12 @@ export interface ConfirmSignUpRequest { ClientId: string | undefined; /** - *A keyed-hash message authentication code (HMAC) calculated using the secret key of a - * user pool client and username plus the client ID in the message.
+ *A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
*/ SecretHash?: string; /** - *The user name of the user whose registration you wish to confirm.
+ *The user name of the user whose registration you want to confirm.
*/ Username: string | undefined; @@ -3862,60 +3580,50 @@ export interface ConfirmSignUpRequest { ConfirmationCode: string | undefined; /** - *Boolean to be specified to force user confirmation irrespective of existing alias. By
- * default set to False. If this parameter is set to True and the
- * phone number/email used for sign up confirmation already exists as an alias with a
- * different user, the API call will migrate the alias from the previous user to the newly
- * created user being confirmed. If set to False, the API will throw an
- * AliasExistsException error.
Boolean to be specified to force user confirmation irrespective of existing alias. By default set to False. If this parameter is set to
+ * True and the phone number/email used for sign up confirmation already exists as an alias with a different user, the API call will migrate
+ * the alias from the previous user to the newly created user being confirmed. If set to False, the API will throw an
+ * AliasExistsException error.
The Amazon Pinpoint analytics metadata for collecting metrics for
- * ConfirmSignUp calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmSignUp calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the ConfirmSignUp API action, Amazon Cognito invokes the function that is
- * assigned to the post confirmation trigger. When Amazon Cognito
- * invokes this function, it passes a JSON payload, which the function receives as input.
- * This payload contains a clientMetadata attribute, which provides the data
- * that you assigned to the ClientMetadata parameter in your ConfirmSignUp request. In your
- * function code in Lambda, you can process the clientMetadata value to
- * enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ * + *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ConfirmSignUp API action,
+ * Amazon Cognito invokes the function that is assigned to the post confirmation trigger. When Amazon Cognito invokes this
+ * function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which
+ * provides the data that you assigned to the ClientMetadata parameter in your ConfirmSignUp request. In your function code in Lambda,
+ * you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The role ARN for the group.
+ *The role Amazon Resource Name (ARN) for the group.
*/ RoleArn?: string; /** - *A nonnegative integer value that specifies the precedence of this group relative to
- * the other groups that a user can belong to in the user pool. Zero is the highest
- * precedence value. Groups with lower Precedence values take precedence over
- * groups with higher or null Precedence values. If a user belongs to two or
- * more groups, it is the group with the lowest precedence value whose role ARN will be
- * used in the cognito:roles and cognito:preferred_role claims in
- * the user's tokens.
Two groups can have the same Precedence value. If this happens, neither
- * group takes precedence over the other. If two groups with the same
- * Precedence have the same role ARN, that role is used in the
- * cognito:preferred_role claim in tokens for users in each group. If the
- * two groups have different role ARNs, the cognito:preferred_role claim is
- * not set in users' tokens.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool.
+ * Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher ornull Precedence
+ * values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the
+ * cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same
+ * Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If
+ * the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
The default Precedence value is null.
This exception is thrown when Amazon Cognito encounters a group that already exists in - * the user pool.
+ *This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.
*/ export interface GroupExistsException extends __SmithyException, $MetadataBearer { name: "GroupExistsException"; @@ -4047,110 +3748,108 @@ export interface CreateIdentityProviderRequest { ProviderType: IdentityProviderTypeType | string | undefined; /** - *The identity provider details. The following list describes the provider detail keys - * for each identity provider type.
- *The identity provider details. The following list describes the provider detail keys for each identity provider type.
+ *For Google and Login with Amazon:
- *For Google and Login with Amazon:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *authorize_scopes
- *authorize_scopes
+ * *For Facebook:
- *For Facebook:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *authorize_scopes
- *authorize_scopes
+ * *api_version
- *api_version
+ * *For Sign in with Apple:
- *For Sign in with Apple:
+ *client_id
- *client_id
+ *team_id
- *team_id
+ * *key_id
- *key_id
+ * *private_key
- *private_key
+ * *authorize_scopes
- *authorize_scopes
+ * *For OIDC providers:
- *For OpenID Connect (OIDC) providers:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *attributes_request_method
- *attributes_request_method
+ * *oidc_issuer
- *oidc_issuer
+ * *authorize_scopes
- *authorize_scopes
+ * *authorize_url if not available from discovery URL specified - * by oidc_issuer key + *
authorize_url if not available from discovery URL specified by oidc_issuer key *
- *token_url if not available from discovery URL specified by - * oidc_issuer key + *
token_url if not available from discovery URL specified by oidc_issuer key *
- *attributes_url if not available from discovery URL specified - * by oidc_issuer key + *
attributes_url if not available from discovery URL specified by oidc_issuer key *
- *jwks_uri if not available from discovery URL specified by - * oidc_issuer key + *
jwks_uri if not available from discovery URL specified by oidc_issuer key *
- *attributes_url_add_attributes a read-only property that is set automatically + *
+ *For SAML providers:
- *For SAML providers:
+ *MetadataFile OR MetadataURL
- *MetadataFile OR MetadataURL
+ *IDPSignout optional - *
- *IDPSignout (optional)
+ * *A mapping of identity provider attributes to standard and custom user pool - * attributes.
+ *A mapping of identity provider attributes to standard and custom user pool attributes.
*/ AttributeMapping?: { [key: string]: string }; @@ -4198,110 +3896,109 @@ export interface IdentityProviderType { ProviderType?: IdentityProviderTypeType | string; /** - *The identity provider details. The following list describes the provider detail keys - * for each identity provider type.
- *The identity provider details. The following list describes the provider detail keys for each identity provider type.
+ *For Google and Login with Amazon:
- *For Google and Login with Amazon:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *authorize_scopes
- *authorize_scopes
+ * *For Facebook:
- *For Facebook:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *authorize_scopes
- *authorize_scopes
+ * *api_version
- *api_version
+ * *For Sign in with Apple:
- *For Sign in with Apple:
+ *client_id
- *client_id
+ *team_id
- *team_id
+ * *key_id
- *key_id
+ * *private_key
- *private_key
+ * *authorize_scopes
- *authorize_scopes
+ * *For OIDC providers:
- *For OIDC providers:
+ *client_id
- *client_id
+ *client_secret
- *client_secret
+ * *attributes_request_method
- *attributes_request_method
+ * *oidc_issuer
- *oidc_issuer
+ * *authorize_scopes
- *authorize_scopes
+ * *authorize_url if not available from discovery URL specified - * by oidc_issuer key + *
authorize_url if not available from discovery URL specified by oidc_issuer key *
- *token_url if not available from discovery URL specified by - * oidc_issuer key + *
token_url if not available from discovery URL specified by oidc_issuer key *
- *attributes_url if not available from discovery URL specified - * by oidc_issuer key + *
attributes_url if not available from discovery URL specified by oidc_issuer key *
- *jwks_uri if not available from discovery URL specified by - * oidc_issuer key + *
jwks_uri if not available from discovery URL specified by oidc_issuer key *
- *attributes_url_add_attributes a read-only property that is set automatically + *
+ *For SAML providers:
- *For SAML providers:
+ *MetadataFile OR MetadataURL
- *MetadataFile or MetadataURL
+ *IDPSignOut optional + *
IDPSignOut optional *
- *A mapping of identity provider attributes to standard and custom user pool - * attributes.
+ *A mapping of identity provider attributes to standard and custom user pool attributes.
*/ AttributeMapping?: { [key: string]: string }; @@ -4356,8 +4052,7 @@ export namespace CreateIdentityProviderResponse { } /** - *This exception is thrown when the provider is already supported by the user - * pool.
+ *This exception is thrown when the provider is already supported by the user pool.
*/ export interface DuplicateProviderException extends __SmithyException, $MetadataBearer { name: "DuplicateProviderException"; @@ -4396,9 +4091,7 @@ export interface CreateResourceServerRequest { UserPoolId: string | undefined; /** - *A unique resource server identifier for the resource server. This could be an HTTPS
- * endpoint where the resource server is located. For example,
- * https://my-weather-api.example.com.
A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located, such as https://my-weather-api.example.com.
A list of scopes. Each scope is map, where the keys are name and
- * description.
A list of scopes. Each scope is a key-value map with the keys name and description.
The user pool ID for the user pool that the users are being imported into.
+ *The user pool ID for the user pool that the users are being imported + * into.
*/ UserPoolId: string | undefined; /** - *The role ARN for the Amazon CloudWatch Logging role for the user import job.
+ *The role ARN for the Amazon CloudWatch Logs Logging role for the user import job.
*/ CloudWatchLogsRoleArn: string | undefined; } @@ -4528,7 +4221,8 @@ export interface UserImportJobType { JobId?: string; /** - *The user pool ID for the user pool that the users are being imported into.
+ *The user pool ID for the user pool that the users are being imported + * into.
*/ UserPoolId?: string; @@ -4554,53 +4248,46 @@ export interface UserImportJobType { /** *The status of the user import job. One of the following:
- *+ *
* Created - The job was created but not started.
- * Pending - A transition state. You have started the job, but it
- * has not begun importing users yet.
+ * Pending - A transition state. You have started the job, but it has not begun importing users yet.
- * InProgress - The job has started, and users are being
- * imported.
+ * InProgress - The job has started, and users are being imported.
- * Stopping - You have stopped the job, but the job has not stopped
- * importing users yet.
+ * Stopping - You have stopped the job, but the job has not stopped importing users yet.
- * Stopped - You have stopped the job, and the job has stopped
- * importing users.
+ * Stopped - You have stopped the job, and the job has stopped importing users.
+ *
* Succeeded - The job has completed successfully.
+ *
* Failed - The job has stopped due to an error.
- * Expired - You created a job, but did not start the job within
- * 24-48 hours. All data associated with the job was deleted, and the job cannot be
- * started.
+ * Expired - You created a job, but did not start the job within 24-48 hours. All data associated with the job was deleted, and the job can't be started.
The role ARN for the Amazon CloudWatch Logging role for the user import job. For more - * information, see "Creating the CloudWatch Logs IAM Role" in the Amazon Cognito Developer - * Guide.
+ *The role Amazon Resource Name (ARN) for the Amazon CloudWatch Logging role for the user import job. For more information, see "Creating the CloudWatch Logs IAM Role" in the Amazon Cognito Developer Guide.
*/ CloudWatchLogsRoleArn?: string; @@ -4615,7 +4302,7 @@ export interface UserImportJobType { SkippedUsers?: number; /** - *The number of users that could not be imported.
+ *The number of users that couldn't be imported.
*/ FailedUsers?: number; @@ -4635,8 +4322,7 @@ export namespace UserImportJobType { } /** - *Represents the response from the server to the request to create the user import - * job.
+ *Represents the response from the server to the request to create the user import job.
*/ export interface CreateUserImportJobResponse { /** @@ -4660,17 +4346,23 @@ export enum VerifiedAttributeType { } /** - *The configuration for the user pool's device tracking.
+ *The device tracking configuration for a user pool. A user pool with device tracking deactivated returns a null value.
+ *When you provide values for any DeviceConfiguration field, you activate device tracking.
+ *Indicates whether a challenge is required on a new device. Only applicable to a new - * device.
+ *When true, device authentication can replace SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).
+ *Users that sign in with devices that have not been confirmed or remembered will still have to provide a second factor, whether or not ChallengeRequiredOnNewDevice is true, when your user + * pool requires MFA.
+ *If true, a device is only remembered on user prompt.
+ *When true, users can opt in to remembering their device. Your app code must use callback functions to return the user's choice.
*/ DeviceOnlyRememberedOnUserPrompt?: boolean; } @@ -4690,81 +4382,70 @@ export enum EmailSendingAccountType { } /** - *The email configuration type.
- *Amazon Cognito has specific regions for use with Amazon SES. For more information - * on the supported regions, see Email Settings for Amazon Cognito User Pools.
- *The email configuration type.
+ *Amazon Cognito has specific Regions for use with Amazon Simple Email Service. For more information on the supported Regions, see Email + * settings for Amazon Cognito user pools.
+ *The Amazon Resource Name (ARN) of a verified email address in Amazon SES. This email
- * address is used in one of the following ways, depending on the value that you specify
- * for the EmailSendingAccount parameter:
The ARN of a verified email address in Amazon SES. Amazon Cognito uses this email address in one of the following ways, depending on the value that you specify for the EmailSendingAccount
+ * parameter:
If you specify COGNITO_DEFAULT, Amazon Cognito uses this address
- * as the custom FROM address when it emails your users by using its built-in email
- * account.
If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.
If you specify DEVELOPER, Amazon Cognito emails your users with
- * this address by calling Amazon SES on your behalf.
If you specify DEVELOPER, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.
The destination to which the receiver of the email should reply to.
+ *The destination to which the receiver of the email should reply.
*/ ReplyToEmailAddress?: string; /** - *Specifies whether Amazon Cognito emails your users by using its built-in email - * functionality or your Amazon SES email configuration. Specify one of the following - * values:
- *Specifies whether Amazon Cognito emails your users by using its built-in email functionality or your Amazon Simple Email Service email configuration. Specify one of the following values:
+ *When Amazon Cognito emails your users, it uses its built-in email - * functionality. When you use the default option, Amazon Cognito allows only a - * limited number of emails each day for your user pool. For typical production - * environments, the default email limit is below the required delivery volume. - * To achieve a higher delivery volume, specify DEVELOPER to use your Amazon - * SES email configuration.
- *To look up the email delivery limit for the default option, see Limits in Amazon Cognito in the Amazon Cognito - * Developer Guide.
- *The default FROM address is no-reply@verificationemail.com. To customize - * the FROM address, provide the ARN of an Amazon SES verified email address + *
When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. + * For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email + * configuration.
+ *To look up the email delivery limit for the default option, see Limits in in the + * Developer Guide.
+ *The default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address
* for the SourceArn parameter.
If EmailSendingAccount is COGNITO_DEFAULT, the following parameters - * aren't allowed:
- *If EmailSendingAccount is COGNITO_DEFAULT, you can't use the following parameters:
+ *EmailVerificationMessage
- *EmailVerificationMessage
+ * *EmailVerificationSubject
- *EmailVerificationSubject
+ * *InviteMessageTemplate.EmailMessage
- *InviteMessageTemplate.EmailMessage
+ * *InviteMessageTemplate.EmailSubject
- *InviteMessageTemplate.EmailSubject
+ * *VerificationMessageTemplate.EmailMessage
- *VerificationMessageTemplate.EmailMessage
+ * *VerificationMessageTemplate.EmailMessageByLink
- *VerificationMessageTemplate.EmailMessageByLink
+ * *VerificationMessageTemplate.EmailSubject,
- *VerificationMessageTemplate.EmailSubject,
+ * *VerificationMessageTemplate.EmailSubjectByLink
- *VerificationMessageTemplate.EmailSubjectByLink
+ * *DEVELOPER EmailSendingAccount is required.
@@ -4772,52 +4453,40 @@ export interface EmailConfigurationType { *When Amazon Cognito emails your users, it uses your Amazon SES - * configuration. Amazon Cognito calls Amazon SES on your behalf to send email - * from your verified email address. When you use this option, the email - * delivery limits are the same limits that apply to your Amazon SES verified - * email address in your account.
- *If you use this option, you must provide the ARN of an Amazon SES verified
- * email address for the SourceArn parameter.
Before Amazon Cognito can email your users, it requires additional - * permissions to call Amazon SES on your behalf. When you update your user - * pool with this option, Amazon Cognito creates a service-linked - * role, which is a type of IAM role, in your account. This - * role contains the permissions that allow Amazon Cognito to access Amazon SES - * and send email messages with your address. For more information about the - * service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon - * Cognito in the Amazon Cognito Developer - * Guide.
- *When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this + * option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your Amazon Web Services account.
+ *If you use this option, you must provide the ARN of an Amazon SES verified email address for the SourceArn parameter.
Before Amazon Cognito can email your users, it requires additional permissions to call + * Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito + * creates a service-linked role, which is a type of role, + * in your Amazon Web Services account. This role contains the permissions that + * allow to access Amazon SES and send email messages with your address. For more + * information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the + * Amazon Cognito Developer Guide.
+ * *Identifies either the sender’s email address or the sender’s name with their email
- * address. For example, testuser@example.com or Test User
- * . This address will appear before the body of the
- * email.
Either the sender’s email address or the sender’s name with their email address. For example, testuser@example.com or
+ * Test User . This address appears before the body of the email.
The set of configuration rules that can be applied to emails sent using Amazon SES. A - * configuration set is applied to an email by including a reference to the configuration - * set in the headers of the email. Once applied, all of the rules in that configuration - * set are applied to the email. Configuration sets can be used to apply the following + *
The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration + * set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following * types of rules to emails:
- *Event publishing – Amazon SES can track the number of send, delivery, open, - * click, bounce, and complaint events for each email sent. Use event publishing to - * send information about these events to other Amazon Web Services services such as SNS and - * CloudWatch.
+ *Event publishing – Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing + * to send information about these events to other Amazon Web Services services such as and Amazon CloudWatch.
*IP pool management – When leasing dedicated IP addresses with Amazon SES, you - * can create groups of IP addresses, called dedicated IP pools. You can then - * associate the dedicated IP pools with configuration sets.
+ *IP pool management – When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then + * associate the dedicated IP pools with configuration sets.
*The Lambda version represents the signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom email Lambda function. The only
- * supported value is V1_0.
Signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom email Lambda function. The only supported value is V1_0.
The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to - * send email notifications to users.
+ *The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito activates to send email notifications to users.
*/ LambdaArn: string | undefined; } @@ -4873,15 +4539,12 @@ export enum CustomSMSSenderLambdaVersionType { */ export interface CustomSMSLambdaVersionConfigType { /** - *The Lambda version represents the signature of the "request" attribute in the "event"
- * information Amazon Cognito passes to your custom SMS Lambda function. The only supported
- * value is V1_0.
Signature of the "request" attribute in the "event" information that Amazon Cognito passes to your custom SMS Lambda function. The only supported value is V1_0.
The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to - * send SMS notifications to users.
+ *The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito activates to send SMS notifications to users.
*/ LambdaArn: string | undefined; } @@ -4960,9 +4623,8 @@ export interface LambdaConfigType { CustomEmailSender?: CustomEmailLambdaVersionConfigType; /** - *The Amazon Resource Name of Key Management Service Customer master
- * keys . Amazon Cognito uses the key to encrypt codes and temporary passwords
- * sent to CustomEmailSender and CustomSMSSender.
The Amazon Resource Name (ARN) of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to
+ * CustomEmailSender and CustomSMSSender.
The minimum length of the password policy that you have set. Cannot be less than - * 6.
+ *The minimum length of the password in the policy that you have set. This value can't be less than 6.
*/ MinimumLength?: number; /** - *In the password policy that you have set, refers to whether you have required users to - * use at least one uppercase letter in their password.
+ *In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
*/ RequireUppercase?: boolean; /** - *In the password policy that you have set, refers to whether you have required users to - * use at least one lowercase letter in their password.
+ *In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
*/ RequireLowercase?: boolean; /** - *In the password policy that you have set, refers to whether you have required users to - * use at least one number in their password.
+ *In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
*/ RequireNumbers?: boolean; /** - *In the password policy that you have set, refers to whether you have required users to - * use at least one symbol in their password.
+ *In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
*/ RequireSymbols?: boolean; /** - *In the password policy you have set, refers to the number of days a temporary password - * is valid. If the user does not sign-in during this time, their password will need to be - * reset by an administrator.
- *When you set TemporaryPasswordValidityDays for a user pool, you will
- * no longer be able to set the deprecated UnusedAccountValidityDays value
- * for that user pool.
The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password.
+ *When you set TemporaryPasswordValidityDays for a user pool, you can no longer set the deprecated UnusedAccountValidityDays value for that user pool.
The SMS configuration type that includes the settings the Cognito User Pool needs to - * call for the Amazon SNS service to send an SMS message from your account. The - * Cognito User Pool makes the request to the Amazon SNS Service by using an IAM role - * that you provide for your account.
+ *The SMS configuration type that includes the settings the Amazon Cognito User Pool must call for the Amazon Simple Notification Service service to send an SMS message from your Amazon Web Services account. The + * Amazon Cognito User Pool makes the request to the Amazon SNS Service by using an Identity and Access Management role that you provide for your Amazon Web Services account.
*/ export interface SmsConfigurationType { /** - *The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) caller. - * This is the ARN of the IAM role in your account which Cognito will use to send SMS - * messages. SMS messages are subject to a spending limit.
+ *The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your Amazon Web Services account that Amazon Cognito will use to send SMS messages. SMS messages are + * subject to a spending limit.
*/ SnsCallerArn: string | undefined; /** - *The external ID is a value that we recommend you use to add security to your IAM role
- * which is used to call Amazon SNS to send SMS messages for your user pool. If you provide
- * an ExternalId, the Cognito User Pool will include it when attempting to
- * assume your IAM role, so that you can set your roles trust policy to require the
- * ExternalID. If you use the Cognito Management Console to create a role
- * for SMS MFA, Cognito will create a role with the required permissions and a trust policy
- * that demonstrates use of the ExternalId.
For more information about the ExternalId of a role, see How to use an
- * external ID when granting access to your Amazon Web Services resources to a third
- * party
+ *
The external ID is a value that you should use to add security to your IAM role that is used to call Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId,
+ * the Amazon Cognito User Pool will include it when attempting to assume your IAM role so that you can set your roles trust policy to require the ExternalID. If you use the Amazon Cognito Management
+ * Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito will create a role with the required permissions and a trust policy that demonstrates use of the ExternalId.
For more information about the ExternalId of a role,
+ * see How to use an external ID when granting access to your Amazon Web Services resources to a
+ * third party
*
Specifies whether username case sensitivity will be applied for all users in the user - * pool through Cognito APIs.
+ *Specifies whether username case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs.
*Valid values include:
- *+ *
*
* True
- * : Enables case sensitivity
- * for all username input. When this option is set to True, users must
- * sign in using the exact capitalization of their given username. For example,
- * “UserName”. This is the default value.
True,
+ * users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
* + *
*
* False
- * : Enables case
- * insensitivity for all username input. For example, when this option is set to
- * False, users will be able to sign in using either "username" or
- * "Username". This option also enables both preferred_username and
- * email alias to be case insensitive, in addition to the
- * username attribute.
False, users can sign in using either "username" or "Username". This option also enables both preferred_username and email
+ * alias to be case insensitive, in addition to the username attribute.
* The email message template. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
+ *The email message template. EmailMessage is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailMessage?: string; /** *The subject line for the email message template. EmailSubject is allowed only if - * EmailSendingAccount is DEVELOPER.
+ * EmailSendingAccount is DEVELOPER. */ EmailSubject?: string; /** - *The email message template for sending a confirmation link to the user. - * EmailMessageByLink is allowed only if EmailSendingAccount is DEVELOPER.
+ *The email message template for sending a confirmation link to the user. EmailMessageByLink is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailMessageByLink?: string; /** - *The subject line for the email message template for sending a confirmation link to the - * user. EmailSubjectByLink is allowed only EmailSendingAccount is DEVELOPER.
+ *The subject line for the email message template for sending a confirmation link to the user. EmailSubjectByLink is allowed only + * EmailSendingAccount is DEVELOPER.
*/ EmailSubjectByLink?: string; @@ -5231,16 +4873,14 @@ export interface CreateUserPoolRequest { /** *The Lambda trigger configuration information for the new user pool.
- *In a push model, event sources (such as Amazon S3 and custom applications) need - * permission to invoke a function. So you will need to make an extra call to add - * permission for these event sources to invoke your Lambda function.
+ *In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an + * extra call to add permission for these event sources to invoke your Lambda function.
* - *For more information on using the Lambda API to add permission, see - * AddPermission .
- *For adding permission using the CLI, see add-permission - * .
- *For more information on using the Lambda API + * to add permission, see AddPermission .
+ *For adding permission using the CLI, see add-permission .
+ *Attributes supported as an alias for this user pool. Possible values: phone_number, email, or - * preferred_username.
+ * preferred_username. */ AliasAttributes?: (AliasAttributeType | string)[]; /** - *Specifies whether email addresses or phone numbers can be specified as usernames when - * a user signs up.
+ *Specifies whether a user can use an email address or phone number as a username when they sign up.
*/ UsernameAttributes?: (UsernameAttributeType | string)[]; @@ -5267,20 +4906,19 @@ export interface CreateUserPoolRequest { SmsVerificationMessage?: string; /** - *A string representing the email verification message. EmailVerificationMessage is - * allowed only if EmailSendingAccount is DEVELOPER.
+ *A string representing the email verification message. EmailVerificationMessage is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailVerificationMessage?: string; /** - *A string representing the email verification subject. EmailVerificationSubject is - * allowed only if EmailSendingAccount is DEVELOPER.
+ *A string representing the email verification subject. EmailVerificationSubject is allowed only if + * EmailSendingAccount is DEVELOPER.
*/ EmailVerificationSubject?: string; /** - *The template for the verification message that the user sees when the app requests - * permission to access the user's information.
+ *The template for the verification message that the user sees when the app requests permission to access the user's information.
*/ VerificationMessageTemplate?: VerificationMessageTemplateType; @@ -5310,9 +4948,8 @@ export interface CreateUserPoolRequest { SmsConfiguration?: SmsConfigurationType; /** - *The tag keys and values to assign to the user pool. A tag is a label that you can use - * to categorize and manage user pools in different ways, such as by purpose, owner, - * environment, or other criteria.
+ *The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, + * or other criteria.
*/ UserPoolTags?: { [key: string]: string }; @@ -5322,32 +4959,27 @@ export interface CreateUserPoolRequest { AdminCreateUserConfig?: AdminCreateUserConfigType; /** - *An array of schema attributes for the new user pool. These attributes can be standard - * or custom attributes.
+ *An array of schema attributes for the new user pool. These attributes can be standard or custom attributes.
*/ Schema?: SchemaAttributeType[]; /** - *Used to enable advanced security risk detection. Set the key
- * AdvancedSecurityMode to the value "AUDIT".
Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value "AUDIT".
You can choose to set case sensitivity on the username input for the selected sign-in
- * option. For example, when this is set to False, users will be able to sign
- * in using either "username" or "Username". This configuration is immutable once it has
- * been set. For more information, see UsernameConfigurationType.
Case sensitivity on the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either "username"
+ * or "Username". This configuration is immutable once it has been set. For more information,
+ * see UsernameConfigurationType.
Use this setting to define which verified available method a user can use to recover
- * their password when they call ForgotPassword. It allows you to define a
- * preferred method when a user has more than one method available. With this setting, SMS
- * does not qualify for a valid password recovery mechanism if the user also has SMS MFA
- * enabled. In the absence of this setting, Cognito uses the legacy behavior to determine
- * the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a
+ * preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the
+ * user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method
+ * where SMS is preferred through email.
Specifies the attributes that are auto-verified in a user pool.
+ *The attributes that are auto-verified in a user pool.
*/ AutoVerifiedAttributes?: (VerifiedAttributeType | string)[]; /** - *Specifies the attributes that are aliased in a user pool.
+ *The attributes that are aliased in a user pool.
*/ AliasAttributes?: (AliasAttributeType | string)[]; /** - *Specifies whether email addresses or phone numbers can be specified as usernames when - * a user signs up.
+ *Specifies whether a user can use an email address or phone number as a username when they sign up.
*/ UsernameAttributes?: (UsernameAttributeType | string)[]; @@ -5453,21 +5084,19 @@ export interface UserPoolType { /** *Can be one of the following values:
- *
- * OFF - MFA tokens are not required and cannot be specified during
- * user registration.
+ * OFF - MFA tokens aren't required and can't be specified during user registration.
- * ON - MFA tokens are required for all user registrations. You can
- * only specify required when you are initially creating a user pool.
+ * ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.
- * OPTIONAL - Users have the option when registering to create an MFA
- * token.
+ * OPTIONAL - Users have the option when registering to create an MFA token.
The tags that are assigned to the user pool. A tag is a label that you can apply to - * user pools to categorize and manage them in different ways, such as by purpose, owner, - * environment, or other criteria.
+ *The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, + * or other criteria.
*/ UserPoolTags?: { [key: string]: string }; /** - *The reason why the SMS configuration cannot send the messages to your users.
- *This message might include comma-separated values to describe why your SMS configuration - * can't send messages to user pool end users.
+ *The reason why the SMS configuration can't send the messages to your users.
+ *This message might include comma-separated values to describe why your SMS configuration can't send messages to user pool end users.
+ * * - *InvalidSmsRoleAccessPolicyException - The IAM role which Cognito uses to send - * SMS messages is not properly configured. For more information, see SmsConfigurationType.
+ *InvalidSmsRoleAccessPolicyException - The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn't properly configured. For more information, + * see SmsConfigurationType.
*SNSSandbox - The account is in SNS Sandbox and messages won’t reach - * unverified end users. This parameter won’t get populated - * with SNSSandbox if the IAM user creating the user pool doesn’t have SNS permissions. - * To learn how to move your account out of the sandbox, see Moving out of the SMS sandbox.
+ *SNSSandbox - + * The Amazon Web Services account is in SNS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the IAM user creating the user pool + * doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, + * see Moving out of the SMS sandbox.
*The reason why the email configuration cannot send the messages to your users.
+ *The reason why the email configuration can't send the messages to your users.
*/ EmailConfigurationFailure?: string; /** - *Holds the domain prefix if the user pool has a domain associated with it.
+ *The domain prefix, if the user pool has a domain associated with it.
*/ Domain?: string; /** - *A custom domain name that you provide to Amazon Cognito. This parameter applies only
- * if you use a custom domain to host the sign-up and sign-in pages for your application.
- * For example: auth.example.com.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
+ *A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An
+ * example of a custom domain name might be auth.example.com.
For more information about adding a custom domain to your user pool, + * see Using Your Own Domain for the Hosted UI.
*/ CustomDomain?: string; @@ -5549,10 +5177,9 @@ export interface UserPoolType { UserPoolAddOns?: UserPoolAddOnsType; /** - *You can choose to enable case sensitivity on the username input for the selected
- * sign-in option. For example, when this is set to False, users will be able
- * to sign in using either "username" or "Username". This configuration is immutable once
- * it has been set. For more information, see UsernameConfigurationType.
Case sensitivity of the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either "username"
+ * or "Username". This configuration is immutable once it has been set. For more information,
+ * see UsernameConfigurationType.
Use this setting to define which verified available method a user can use to recover
- * their password when they call ForgotPassword. It allows you to define a
- * preferred method when a user has more than one method available. With this setting, SMS
- * does not qualify for a valid password recovery mechanism if the user also has SMS MFA
- * enabled. In the absence of this setting, Cognito uses the legacy behavior to determine
- * the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a
+ * preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user
+ * also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method
+ * where SMS is preferred through email.
This exception is thrown when a user pool tag cannot be set or updated.
+ *This exception is thrown when a user pool tag can't be set or updated.
*/ export interface UserPoolTaggingException extends __SmithyException, $MetadataBearer { name: "UserPoolTaggingException"; @@ -5639,25 +5264,21 @@ export enum TimeUnitsType { } /** - *The data type for TokenValidityUnits that specifics the time measurements for token - * validity.
+ *The data type for TokenValidityUnits that specifics the time measurements for token validity.
*/ export interface TokenValidityUnitsType { /** - *A time unit in “seconds”, “minutes”, “hours” or “days” for the value in - * AccessTokenValidity, defaults to hours.
+ *A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in AccessTokenValidity, defaulting to hours.
*/ AccessToken?: TimeUnitsType | string; /** - *A time unit in “seconds”, “minutes”, “hours” or “days” for the value in - * IdTokenValidity, defaults to hours.
+ *A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in IdTokenValidity, defaulting to hours.
*/ IdToken?: TimeUnitsType | string; /** - *A time unit in “seconds”, “minutes”, “hours” or “days” for the value in - * RefreshTokenValidity, defaults to days.
+ *A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in RefreshTokenValidity, defaulting to days.
*/ RefreshToken?: TimeUnitsType | string; } @@ -5686,34 +5307,29 @@ export interface CreateUserPoolClientRequest { ClientName: string | undefined; /** - *Boolean to specify whether you want to generate a secret for the user pool client - * being created.
+ *Boolean to specify whether you want to generate a secret for the user pool client being created.
*/ GenerateSecret?: boolean; /** - *The time limit, in days, after which the refresh token is no longer valid and cannot - * be used.
+ *The time limit, in days, after which the refresh token is no longer valid and can't be used.
*/ RefreshTokenValidity?: number; /** - *The time limit, between 5 minutes and 1 day, after which the access token is no longer - * valid and cannot be used. This value will be overridden if you have entered a value in - * TokenValidityUnits.
+ *The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override + * the default time unit.
*/ AccessTokenValidity?: number; /** - *The time limit, between 5 minutes and 1 day, after which the ID token is no longer - * valid and cannot be used. This value will be overridden if you have entered a value in - * TokenValidityUnits.
+ *The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override + * the default time unit.
*/ IdTokenValidity?: number; /** - *The units in which the validity times are represented in. Default for RefreshToken is - * days, and default for ID and access tokens are hours.
+ *The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens are hours.
*/ TokenValidityUnits?: TokenValidityUnitsType; @@ -5724,80 +5340,71 @@ export interface CreateUserPoolClientRequest { /** *The user pool attributes that the app client can write to.
- *If your app client allows users to sign in through an identity provider, this array - * must include all attributes that are mapped to identity provider attributes. Amazon - * Cognito updates mapped attributes when users sign in to your application through an - * identity provider. If your app client lacks write access to a mapped attribute, Amazon - * Cognito throws an error when it attempts to update the attribute. For more information, - * see Specifying Identity Provider Attribute Mappings for Your User - * Pool.
+ *If your app client allows users to sign in through an identity provider, this array must include all attributes that are mapped to identity + * provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client + * lacks write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see + * Specifying Identity + * Provider Attribute Mappings for Your User Pool.
*/ WriteAttributes?: string[]; /** - *The authentication flows that are supported by the user pool clients. Flow names
- * without the ALLOW_ prefix are deprecated in favor of new names with the
- * ALLOW_ prefix. Note that values with ALLOW_ prefix cannot
- * be used along with values without ALLOW_ prefix.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported,
+ * in favor of new names with the ALLOW_ prefix.
+ * Note that values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.
Valid values include:
- *
- * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password
- * authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces
- * the ADMIN_NO_SRP_AUTH setting. With this authentication flow,
- * Cognito receives the password in the request instead of using the SRP (Secure
- * Remote Password protocol) protocol to verify passwords.
+ * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the
+ * ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to
+ * verify passwords.
- * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based
- * authentication.
+ * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
- * ALLOW_USER_PASSWORD_AUTH: Enable user password-based
- * authentication. In this flow, Cognito receives the password in the request
- * instead of using the SRP protocol to verify passwords.
+ * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP
+ * protocol to verify passwords.
- * ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
+ * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
- * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh
- * tokens.
+ * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this client.
- * The following are supported: COGNITO, Facebook,
- * Google and LoginWithAmazon.
A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google
+ * and LoginWithAmazon.
A list of allowed redirect (callback) URLs for the identity providers.
*A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*App callback URLs such as myapp://example are also supported.
*/ CallbackURLs?: string[]; @@ -5810,99 +5417,77 @@ export interface CreateUserPoolClientRequest { /** *The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*App callback URLs such as myapp://example are also supported.
*/ DefaultRedirectURI?: string; /** *The allowed OAuth flows.
- *Set to code to initiate a code grant flow, which provides an
- * authorization code as the response. This code can be exchanged for access tokens with
- * the token endpoint.
Set to implicit to specify that the client should get the access token
- * (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the
- * access token (and, optionally, ID token, based on scopes) from the token endpoint using
- * a combination of client and client_secret.
Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a
+ * combination of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,
- * email, openid, and profile. Possible values
- * provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created
- * in Resource Servers are also supported.
The allowed OAuth scopes. Possible values provided by OAuth are: phone, email, openid, and profile. Possible values
+ * provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting - * with Cognito user pools.
+ *Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
*/ AllowedOAuthFlowsUserPoolClient?: boolean; /** - *The Amazon Pinpoint analytics configuration for collecting metrics for this user - * pool.
- *In regions where Pinpoint is not available, Cognito User Pools only supports - * sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint - * is available, Cognito User Pools will support sending events to Amazon Pinpoint - * projects within that same region.
- *The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.
+ *In Amazon Web Services Regions where isn't available, User Pools only supports sending events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where is available, User Pools will support + * sending events to Amazon Pinpoint projects within that same Region.
+ *Use this setting to choose which errors and responses are returned by Cognito APIs
- * during authentication, account confirmation, and password recovery when the user does
- * not exist in the user pool. When set to ENABLED and the user does not
- * exist, authentication returns an error indicating either the username or password was
- * incorrect, and account confirmation and password recovery return a response indicating a
- * code was sent to a simulated destination. When set to LEGACY, those APIs
- * will return a UserNotFoundException exception if the user does not exist in
- * the user pool.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user
+ * pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect.
+ * Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those
+ * APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
- *+ *
* ENABLED - This prevents user existence-related errors.
- * LEGACY - This represents the old behavior of Cognito where user
- * existence related errors are not prevented.
+ * LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.
After February 15th 2020, the value of PreventUserExistenceErrors
- * will default to ENABLED for newly created user pool clients if no value
- * is provided.
Enables or disables token revocation. For more information - * about revoking tokens, see RevokeToken.
- *If you don't include this parameter, token revocation is automatically enabled for the new user pool client.
+ *Activates or deactivates token revocation. For more information about revoking tokens, + * see RevokeToken.
+ *If you don't include this parameter, token revocation is automatically activated for the new user pool client.
*/ EnableTokenRevocation?: boolean; } @@ -5951,26 +5536,22 @@ export interface UserPoolClientType { CreationDate?: Date; /** - *The time limit, in days, after which the refresh token is no longer valid and cannot - * be used.
+ *The time limit, in days, after which the refresh token is no longer valid and can't be used.
*/ RefreshTokenValidity?: number; /** - *The time limit, specified by tokenValidityUnits, defaulting to hours, after which the - * access token is no longer valid and cannot be used.
+ *The time limit, specified by tokenValidityUnits, defaulting to hours, after which the access token is no longer valid and can't be used.
*/ AccessTokenValidity?: number; /** - *The time limit, specified by tokenValidityUnits, defaulting to hours, after which the - * refresh token is no longer valid and cannot be used.
+ *The time limit specified by tokenValidityUnits, defaulting to hours, after which the refresh token is no longer valid and can't be used.
*/ IdTokenValidity?: number; /** - *The time units used to specify the token validity times of their respective - * token.
+ *The time units used to specify the token validity times of their respective token.
*/ TokenValidityUnits?: TokenValidityUnitsType; @@ -5985,68 +5566,60 @@ export interface UserPoolClientType { WriteAttributes?: string[]; /** - *The authentication flows that are supported by the user pool clients. Flow names
- * without the ALLOW_ prefix are deprecated in favor of new names with the
- * ALLOW_ prefix. Note that values with ALLOW_ prefix cannot
- * be used along with values without ALLOW_ prefix.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the
+ * ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values including the ALLOW_ prefix.
Valid values include:
- *
- * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password
- * authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces
- * the ADMIN_NO_SRP_AUTH setting. With this authentication flow,
- * Cognito receives the password in the request instead of using the SRP (Secure
- * Remote Password protocol) protocol to verify passwords.
+ * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the
+ * ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to
+ * verify passwords.
- * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based
- * authentication.
+ * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
- * ALLOW_USER_PASSWORD_AUTH: Enable user password-based
- * authentication. In this flow, Cognito receives the password in the request
- * instead of using the SRP protocol to verify passwords.
+ * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP
+ * protocol to verify passwords.
- * ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
+ * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
- * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh
- * tokens.
+ * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this - * client.
+ *A list of provider names for the identity providers that are supported on this client.
*/ SupportedIdentityProviders?: string[]; /** *A list of allowed redirect (callback) URLs for the identity providers.
*A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*App callback URLs such as myapp://example are also supported.
*/ CallbackURLs?: string[]; @@ -6059,97 +5632,77 @@ export interface UserPoolClientType { /** *The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
*App callback URLs such as myapp://example are also supported.
*/ DefaultRedirectURI?: string; /** *The allowed OAuth flows.
- *Set to code to initiate a code grant flow, which provides an
- * authorization code as the response. This code can be exchanged for access tokens with
- * the token endpoint.
Set to implicit to specify that the client should get the access token
- * (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the
- * access token (and, optionally, ID token, based on scopes) from the token endpoint using
- * a combination of client and client_secret.
Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination
+ * of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,
- * email, openid, and profile. Possible values
- * provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created
- * in Resource Servers are also supported.
The allowed OAuth scopes. Possible values provided by OAuth are:
+ * phone, email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin.
+ * Custom scopes created in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting - * with Cognito user pools.
+ *Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
*/ AllowedOAuthFlowsUserPoolClient?: boolean; /** *The Amazon Pinpoint analytics configuration for the user pool client.
- *Cognito User Pools only supports sending events to Amazon Pinpoint projects in the - * US East (N. Virginia) us-east-1 Region, regardless of the region in which the user - * pool resides.
- *Amazon Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the Region in which the user pool resides.
+ *Use this setting to choose which errors and responses are returned by Cognito APIs
- * during authentication, account confirmation, and password recovery when the user does
- * not exist in the user pool. When set to ENABLED and the user does not
- * exist, authentication returns an error indicating either the username or password was
- * incorrect, and account confirmation and password recovery return a response indicating a
- * code was sent to a simulated destination. When set to LEGACY, those APIs
- * will return a UserNotFoundException exception if the user does not exist in
- * the user pool.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist
+ * in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password
+ * was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to
+ * LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
- *+ *
* ENABLED - This prevents user existence-related errors.
- * LEGACY - This represents the old behavior of Cognito where user
- * existence related errors are not prevented.
+ * LEGACY - This
+ * represents the old behavior of Cognito where user existence related errors aren't prevented.
After February 15th 2020, the value of PreventUserExistenceErrors
- * will default to ENABLED for newly created user pool clients if no value
- * is provided.
Indicates whether token revocation is enabled for the user pool client. When you - * create a new user pool client, token revocation is enabled by default. For more information - * about revoking tokens, see RevokeToken.
+ *Indicates whether token revocation is activated for the user pool client. When you create a new user pool client, token revocation is activated by default. For more information about + * revoking tokens, see RevokeToken.
*/ EnableTokenRevocation?: boolean; } @@ -6186,7 +5739,7 @@ export namespace CreateUserPoolClientResponse { } /** - *This exception is thrown when the specified OAuth flow is invalid.
+ *This exception is thrown when the specified OAuth flow is not valid.
*/ export interface InvalidOAuthFlowException extends __SmithyException, $MetadataBearer { name: "InvalidOAuthFlowException"; @@ -6195,7 +5748,7 @@ export interface InvalidOAuthFlowException extends __SmithyException, $MetadataB } /** - *This exception is thrown when the specified scope does not exist.
+ *This exception is thrown when the specified scope doesn't exist.
*/ export interface ScopeDoesNotExistException extends __SmithyException, $MetadataBearer { name: "ScopeDoesNotExistException"; @@ -6204,13 +5757,11 @@ export interface ScopeDoesNotExistException extends __SmithyException, $Metadata } /** - *The configuration for a custom domain that hosts the sign-up and sign-in webpages for - * your application.
+ *The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
*/ export interface CustomDomainConfigType { /** - *The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use - * this certificate for the subdomain of your custom domain.
+ *The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
*/ CertificateArn: string | undefined; } @@ -6226,7 +5777,8 @@ export namespace CustomDomainConfigType { export interface CreateUserPoolDomainRequest { /** - *The domain string.
+ *The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone,
+ * such as auth.
The configuration for a custom domain that hosts the sign-up and sign-in webpages for - * your application.
- *Provide this parameter only if you want to use a custom domain for your user pool. - * Otherwise, you can exclude this parameter and use the Amazon Cognito hosted domain - * instead.
- *For more information about the hosted domain and custom domains, see Configuring a User Pool Domain.
+ *The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
+ *Provide this parameter only if you want to use a custom domain for your user pool. Otherwise, you can exclude this parameter and use the Amazon Cognito hosted domain instead.
+ *For more information about the hosted domain and custom domains, + * see Configuring a User Pool Domain.
*/ CustomDomainConfig?: CustomDomainConfigType; } @@ -6257,8 +5807,7 @@ export namespace CreateUserPoolDomainRequest { export interface CreateUserPoolDomainResponse { /** - *The Amazon CloudFront endpoint that you use as the target of the alias that you set up - * with your Domain Name Service (DNS) provider.
+ *The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.
*/ CloudFrontDomain?: string; } @@ -6315,7 +5864,7 @@ export namespace DeleteIdentityProviderRequest { } /** - *This exception is thrown when the specified identifier is not supported.
+ *This exception is thrown when the specified identifier isn't supported.
*/ export interface UnsupportedIdentityProviderException extends __SmithyException, $MetadataBearer { name: "UnsupportedIdentityProviderException"; @@ -6369,9 +5918,8 @@ export namespace DeleteUserRequest { */ export interface DeleteUserAttributesRequest { /** - *An array of strings representing the user attribute names you wish to delete.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
An array of strings representing the user attribute names you want to delete.
+ *For custom attributes, you must prependattach the custom: prefix to the front of the attribute name.
The domain string.
+ *The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone,
+ * such as auth.
The compromised credentials actions type
+ *The compromised credentials actions type.
*/ export interface CompromisedCredentialsActionsType { /** @@ -6612,8 +6161,7 @@ export enum EventFilterType { */ export interface CompromisedCredentialsRiskConfigurationType { /** - *Perform the action for these events. The default is to perform all events if no event - * filter is specified.
+ *Perform the action for these events. The default is to perform all events if no event filter is specified.
*/ EventFilter?: (EventFilterType | string)[]; @@ -6637,15 +6185,12 @@ export namespace CompromisedCredentialsRiskConfigurationType { */ export interface RiskExceptionConfigurationType { /** - *Overrides the risk decision to always block the pre-authentication requests. The IP - * range is in CIDR notation: a compact representation of an IP address and its associated - * routing prefix.
+ *Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
*/ BlockedIPRangeList?: string[]; /** - *Risk detection is not performed on the IP addresses in the range list. The IP range is - * in CIDR notation.
+ *Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
*/ SkippedIPRangeList?: string[]; } @@ -6674,16 +6219,12 @@ export interface RiskConfigurationType { ClientId?: string; /** - *The compromised credentials risk configuration object including the
- * EventFilter and the EventAction
- *
The compromised credentials risk configuration object, including the EventFilter and the EventAction.
The account takeover risk configuration object including the
- * NotifyConfiguration object and Actions to take in the case
- * of an account takeover.
The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
Represents the response from the server to the request to describe the user import - * job.
+ *Represents the response from the server to the request to describe the user import job.
*/ export interface DescribeUserImportJobResponse { /** @@ -6835,8 +6375,7 @@ export namespace DescribeUserPoolClientRequest { } /** - *Represents the response from the server from a request to describe the user pool - * client.
+ *Represents the response from the server from a request to describe the user pool client.
*/ export interface DescribeUserPoolClientResponse { /** @@ -6857,7 +6396,8 @@ export namespace DescribeUserPoolClientResponse { export interface DescribeUserPoolDomainRequest { /** - *The domain string.
+ *The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone,
+ * such as auth.
The account ID for the user pool owner.
+ *The Amazon Web Services ID for the user pool owner.
*/ AWSAccountId?: string; /** - *The domain string.
+ *The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, such as auth.
The S3 bucket where the static files for this domain are stored.
+ *The Amazon S3 bucket where the static files for this domain are stored.
*/ S3Bucket?: string; /** - *The ARN of the CloudFront distribution.
+ *The Amazon Resource Name (ARN) of the Amazon CloudFront distribution.
*/ CloudFrontDistribution?: string; @@ -6919,8 +6459,7 @@ export interface DomainDescriptionType { Status?: DomainStatusType | string; /** - *The configuration for a custom domain that hosts the sign-up and sign-in webpages for - * your application.
+ *The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
*/ CustomDomainConfig?: CustomDomainConfigType; } @@ -6985,64 +6524,51 @@ export interface ForgotPasswordRequest { ClientId: string | undefined; /** - *A keyed-hash message authentication code (HMAC) calculated using the secret key of a - * user pool client and username plus the client ID in the message.
+ *A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
*/ SecretHash?: string; /** - *Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *The user name of the user for whom you want to enter a code to reset a forgotten - * password.
+ *The user name of the user for whom you want to enter a code to reset a forgotten password.
*/ Username: string | undefined; /** - *The Amazon Pinpoint analytics metadata for collecting metrics for
- * ForgotPassword calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ForgotPassword calls.
A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the ForgotPassword API action, Amazon Cognito invokes any functions that
- * are assigned to the following triggers: pre sign-up,
- * custom message, and user migration. When
- * Amazon Cognito invokes any of these functions, it passes a JSON payload, which the
- * function receives as input. This payload contains a clientMetadata
- * attribute, which provides the data that you assigned to the ClientMetadata parameter in
- * your ForgotPassword request. In your function code in Lambda, you can process the
- * clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ForgotPassword API action,
+ * Amazon Cognito invokes any functions that are assigned to the following triggers: pre sign-up, custom message,
+ * and user migration. When Amazon Cognito invokes any of these functions, it passes a JSON
+ * payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned
+ * to the ClientMetadata parameter in your ForgotPassword request. In your function code in Lambda, you can process the
+ * clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows + * with Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *Respresents the response from the server regarding the request to reset a - * password.
+ *Respresents the response from the server regarding the request to reset a password.
*/ export interface ForgotPasswordResponse { /** - *The code delivery details returned by the server in response to the request to reset a - * password.
+ *The code delivery details returned by the server in response to the request to reset a password.
*/ CodeDeliveryDetails?: CodeDeliveryDetailsType; } @@ -7110,8 +6634,7 @@ export namespace ForgotPasswordResponse { } /** - *Represents the request to get the header information for the .csv file for the user - * import job.
+ *Represents the request to get the header information of the CSV file for the user import job.
*/ export interface GetCSVHeaderRequest { /** @@ -7130,17 +6653,17 @@ export namespace GetCSVHeaderRequest { } /** - *Represents the response from the server to the request to get the header information - * for the .csv file for the user import job.
+ *Represents the response from the server to the request to get the header information of the CSV file for the user import job.
*/ export interface GetCSVHeaderResponse { /** - *The user pool ID for the user pool that the users are to be imported into.
+ *The user pool ID for the user pool that the users are to be imported + * into.
*/ UserPoolId?: string; /** - *The header information for the .csv file for the user import job.
+ *The header information of the CSV file for the user import job.
*/ CSVHeader?: string[]; } @@ -7274,7 +6797,7 @@ export namespace GetIdentityProviderByIdentifierResponse { } /** - *Request to get a signing certificate from Cognito.
+ *Request to get a signing certificate from Amazon Cognito.
*/ export interface GetSigningCertificateRequest { /** @@ -7293,7 +6816,7 @@ export namespace GetSigningCertificateRequest { } /** - *Response from Cognito for a signing certificate request.
+ *Response from Amazon Cognito for a signing certificate request.
*/ export interface GetSigningCertificateResponse { /** @@ -7334,8 +6857,7 @@ export namespace GetUICustomizationRequest { } /** - *A container for the UI customization information for a user pool's built-in app - * UI.
+ *A container for the UI customization information for a user pool's built-in app UI.
*/ export interface UICustomizationType { /** @@ -7406,8 +6928,7 @@ export namespace GetUICustomizationResponse { */ export interface GetUserRequest { /** - *The access token returned by the server response to get information about the - * user.
+ *The access token returned by the server response to get information about the user.
*/ AccessToken: string | undefined; } @@ -7423,28 +6944,24 @@ export namespace GetUserRequest { } /** - *Represents the response from the server from the request to get information about the - * user.
+ *Represents the response from the server from the request to get information about the user.
*/ export interface GetUserResponse { /** - *The user name of the user you wish to retrieve from the get user request.
+ *The user name of the user you want to retrieve from the get user request.
*/ Username: string | undefined; /** *An array of name-value pairs representing user attributes.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
For custom attributes, you must prepend the custom: prefix to the attribute name.
- * This response parameter is no longer supported. It provides - * information only about SMS MFA configurations. It doesn't provide information about TOTP - * software token MFA configurations. To look up information about either type of MFA - * configuration, use UserMFASettingList instead.
+ * This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about time-based one-time + * password (TOTP) software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead. */ MFAOptions?: MFAOptionType[]; @@ -7454,8 +6971,7 @@ export interface GetUserResponse { PreferredMfaSetting?: string; /** - *The MFA options that are enabled for the user. The possible values in this list are
- * SMS_MFA and SOFTWARE_TOKEN_MFA.
The MFA options that are activated for the user. The possible values in this list are SMS_MFA and SOFTWARE_TOKEN_MFA.
The access token returned by the server response to get the user attribute - * verification code.
+ *The access token returned by the server response to get the user attribute verification code.
*/ AccessToken: string | undefined; /** - *The attribute name returned by the server response to get the user attribute - * verification code.
+ *The attribute name returned by the server response to get the user attribute verification code.
*/ AttributeName: string | undefined; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the GetUserAttributeVerificationCode API action, Amazon Cognito invokes the
- * function that is assigned to the custom message trigger. When
- * Amazon Cognito invokes this function, it passes a JSON payload, which the function
- * receives as input. This payload contains a clientMetadata attribute, which
- * provides the data that you assigned to the ClientMetadata parameter in your
- * GetUserAttributeVerificationCode request. In your function code in Lambda, you can
- * process the clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ * + *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the GetUserAttributeVerificationCode
+ * API action, Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it
+ * passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data
+ * that you assigned to the ClientMetadata parameter in your GetUserAttributeVerificationCode request. In your function code in Lambda,
+ * you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The verification code response returned by the server response to get the user - * attribute verification code.
+ *The verification code response returned by the server response to get the user attribute verification code.
*/ export interface GetUserAttributeVerificationCodeResponse { /** - *The code delivery details returned by the server in response to the request to get the - * user attribute verification code.
+ *The code delivery details returned by the server in response to the request to get the user attribute verification code.
*/ CodeDeliveryDetails?: CodeDeliveryDetailsType; } @@ -7578,9 +7084,8 @@ export namespace GetUserPoolMfaConfigRequest { */ export interface SmsMfaConfigType { /** - *The SMS authentication message that will be sent to users with the code they need to - * sign in. The message must contain the ‘{####}’ placeholder, which will be replaced with - * the code. If the message is not included, and default message will be used.
+ *The SMS authentication message that will be sent to users with the code they must sign in. The message must contain the ‘{####}’ placeholder, which is replaced with the code. + * If the message isn't included, and default message will be used.
*/ SmsAuthenticationMessage?: string; @@ -7604,7 +7109,7 @@ export namespace SmsMfaConfigType { */ export interface SoftwareTokenMfaConfigType { /** - *Specifies whether software token MFA is enabled.
+ *Specifies whether software token MFA is activated.
*/ Enabled?: boolean; } @@ -7631,19 +7136,19 @@ export interface GetUserPoolMfaConfigResponse { /** *The multi-factor (MFA) configuration. Valid values include:
- *
- * OFF MFA will not be used for any users.
+ * OFF MFA won't be used for any users.
+ *
* ON MFA is required for all users to sign in.
- * OPTIONAL MFA will be required only for individual users who have
- * an MFA factor enabled.
+ * OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
The authentication flow for this call to execute. The API action will depend on this - * value. For example:
- *The authentication flow for this call to run. The API action will depend on this value. For example:
+ *
- * REFRESH_TOKEN_AUTH will take in a valid refresh token and return
- * new tokens.
+ * REFRESH_TOKEN_AUTH takes in a valid refresh token and returns new tokens.
- * USER_SRP_AUTH will take in USERNAME and
- * SRP_A and return the SRP variables to be used for next
- * challenge execution.
+ * USER_SRP_AUTH takes in USERNAME and SRP_A and returns the SRP variables to be used for next challenge execution.
- * USER_PASSWORD_AUTH will take in USERNAME and
- * PASSWORD and return the next challenge or tokens.
+ * USER_PASSWORD_AUTH takes in USERNAME and PASSWORD and returns the next challenge or tokens.
Valid values include:
- *
- * USER_SRP_AUTH: Authentication flow for the Secure Remote Password
- * (SRP) protocol.
+ * USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
- * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication
- * flow for refreshing the access token and ID token by supplying a valid refresh
- * token.
+ * REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
+ *
* CUSTOM_AUTH: Custom authentication flow.
- * USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and
- * PASSWORD are passed directly. If a user migration Lambda trigger is set, this
- * flow will invoke the user migration Lambda if the USERNAME is not found in the
- * user pool.
- * ADMIN_USER_PASSWORD_AUTH: Admin-based user password
- * authentication. This replaces the ADMIN_NO_SRP_AUTH authentication
- * flow. In this flow, Cognito receives the password in the request instead of
- * using the SRP process to verify passwords.
+ * USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and PASSWORD are passed directly. If a user migration Lambda trigger is set, this flow will invoke the user migration
+ * Lambda if it doesn't find the USERNAME in the user pool.
- * ADMIN_NO_SRP_AUTH is not a valid value.
ADMIN_NO_SRP_AUTH isn't a valid value.
*/
AuthFlow: AuthFlowType | string | undefined;
/**
- * The authentication parameters. These are inputs corresponding to the
- * AuthFlow that you are invoking. The required values depend on the value
- * of AuthFlow:
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required),
- * SRP_A (required), SECRET_HASH (required if the app
- * client is configured with a client secret), DEVICE_KEY.
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret),
+ * DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN
- * (required), SECRET_HASH (required if the app client is configured
- * with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret),
+ * DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required),
- * SECRET_HASH (if app client is configured with client secret),
- * DEVICE_KEY. To start the authentication flow with password
- * verification, include ChallengeName: SRP_A and SRP_A: (The
- * SRP_A Value).
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the
+ * authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
A map of custom key-value pairs that you can provide as input for certain custom - * workflows that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers. - * When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda - * functions that are specified for various triggers. The ClientMetadata value is passed as - * input to the functions for only the following triggers:
- *A map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various + * triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
+ *Pre signup
+ *Pre signup
*Pre authentication
+ *Pre authentication
*User migration
+ *User migration
*When Amazon Cognito invokes the functions for these triggers, it passes a JSON
- * payload, which the function receives as input. This payload contains a
- * validationData attribute, which provides the data that you assigned to
- * the ClientMetadata parameter in your InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow
- * for your specific needs.
When you use the InitiateAuth API action, Amazon Cognito also invokes the functions - * for the following triggers, but it does not provide the ClientMetadata value as - * input:
- *validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your
+ * InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
+ * When you use the InitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
+ *Post authentication
+ *Post authentication
*Custom message
+ *Custom message
*Pre token generation
+ *Pre token generation
*Create auth challenge
+ *Create auth challenge
*Define auth challenge
+ *Define auth challenge
*Verify auth challenge
+ *Verify auth challenge
*For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
+ *For more information, see Customizing User Pool Workflows with + * Lambda Triggers in the Amazon Cognito Developer Guide.
+ * *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration + * doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The Amazon Pinpoint analytics metadata for collecting metrics for
- * InitiateAuth calls.
The Amazon Pinpoint analytics metadata for collecting metrics for InitiateAuth calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; } @@ -7886,88 +7356,66 @@ export namespace InitiateAuthRequest { */ export interface InitiateAuthResponse { /** - *The name of the challenge which you are responding to with this call. This is returned
- * to you in the AdminInitiateAuth response if you need to pass another
- * challenge.
The name of the challenge that you're responding to with this call. This name is returned in the AdminInitiateAuth response if you must pass another challenge.
Valid values include the following. Note that all of these challenges require
- * USERNAME and SECRET_HASH (if applicable) in the
- * parameters.
USERNAME and SECRET_HASH (if applicable) in the parameters.
+ *
+ *
- * SMS_MFA: Next challenge is to supply an
- * SMS_MFA_CODE, delivered via SMS.
+ * SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
- * PASSWORD_VERIFIER: Next challenge is to supply
- * PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after
- * the client-side SRP calculations.
+ * PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the
+ * client-side SRP calculations.
- * CUSTOM_CHALLENGE: This is returned if your custom authentication
- * flow determines that the user should pass another challenge before tokens are
- * issued.
+ * CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
- * DEVICE_SRP_AUTH: If device tracking was enabled on your user pool
- * and the previous challenges were passed, this challenge is returned so that
- * Amazon Cognito can start tracking this device.
+ * DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking
+ * this device.
- * DEVICE_PASSWORD_VERIFIER: Similar to
- * PASSWORD_VERIFIER, but for devices only.
+ * DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
- * NEW_PASSWORD_REQUIRED: For users who are required to change their
- * passwords after successful first login. This challenge should be passed with
- * NEW_PASSWORD and any other required attributes.
+ * NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. This challenge should be passed with NEW_PASSWORD
+ * and any other required attributes.
- * MFA_SETUP: For users who are required to setup an MFA factor
- * before they can sign-in. The MFA types enabled for the user pool will be listed
- * in the challenge parameters MFA_CAN_SETUP value.
To setup software token MFA, use the session returned here from
- * InitiateAuth as an input to
- * AssociateSoftwareToken, and use the session returned by
- * VerifySoftwareToken as an input to
- * RespondToAuthChallenge with challenge name
- * MFA_SETUP to complete sign-in. To setup SMS MFA, users will
- * need help from an administrator to add a phone number to their account and then
- * call InitiateAuth again to restart sign-in.
+ * MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters
+ * MFA_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken. Use the session returned by
+ * VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, an
+ * administrator should help the user to add a phone number to their account, and then the user should call InitiateAuth again to restart sign-in.
The session which should be passed both ways in challenge-response calls to the
- * service. If the caller needs to go through another challenge, they return a session with
- * other challenge parameters. This session should be passed as it is to the next
- * RespondToAuthChallenge API call.
The session that should pass both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. This session
+ * should be passed as it is to the next RespondToAuthChallenge API call.
The challenge parameters. These are returned to you in the InitiateAuth
- * response if you need to pass another challenge. The responses in this parameter should
- * be used to compute inputs to the next call (RespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if
- * applicable).
The challenge parameters. These are returned in the InitiateAuth response if you must pass another challenge. The responses in this parameter should be used to compute inputs to
+ * the next call (RespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if applicable).
The result of the authentication response. This is only returned if the caller does
- * not need to pass another challenge. If the caller does need to pass another challenge
- * before it gets tokens, ChallengeName, ChallengeParameters, and
- * Session are returned.
The result of the authentication response. This result is only returned if the caller doesn't need to pass another challenge. If the caller does need to pass another challenge before it gets
+ * tokens, ChallengeName, ChallengeParameters, and Session are returned.
An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8072,8 +7519,7 @@ export interface ListGroupsResponse { Groups?: GroupType[]; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8262,9 +7708,7 @@ export interface ListUserImportJobsRequest { MaxResults: number | undefined; /** - *An identifier that was returned from the previous call to
- * ListUserImportJobs, which can be used to return the next set of import
- * jobs in the list.
An identifier that was returned from the previous call to ListUserImportJobs, which can be used to return the next set of import jobs in the list.
Represents the response from the server to the request to list the user import - * jobs.
+ *Represents the response from the server to the request to list the user import jobs.
*/ export interface ListUserImportJobsResponse { /** @@ -8289,8 +7732,7 @@ export interface ListUserImportJobsResponse { UserImportJobs?: UserImportJobType[]; /** - *An identifier that can be used to return the next set of user import jobs in the - * list.
+ *An identifier that can be used to return the next set of user import jobs in the list.
*/ PaginationToken?: string; } @@ -8314,14 +7756,12 @@ export interface ListUserPoolClientsRequest { UserPoolId: string | undefined; /** - *The maximum number of results you want the request to return when listing the user - * pool clients.
+ *The maximum number of results you want the request to return when listing the user pool clients.
*/ MaxResults?: number; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8345,8 +7785,7 @@ export interface UserPoolClientDescription { ClientId?: string; /** - *The user pool ID for the user pool where you want to describe the user pool - * client.
+ *The user pool ID for the user pool where you want to describe the user pool client.
*/ UserPoolId?: string; @@ -8376,8 +7815,7 @@ export interface ListUserPoolClientsResponse { UserPoolClients?: UserPoolClientDescription[]; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8399,14 +7837,12 @@ export namespace ListUserPoolClientsResponse { */ export interface ListUserPoolsRequest { /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; /** - *The maximum number of results you want the request to return when listing the user - * pools.
+ *The maximum number of results you want the request to return when listing the user pools.
*/ MaxResults: number | undefined; } @@ -8474,8 +7910,7 @@ export interface ListUserPoolsResponse { UserPools?: UserPoolDescriptionType[]; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8499,9 +7934,7 @@ export interface ListUsersRequest { UserPoolId: string | undefined; /** - *An array of strings, where each string is the name of a user attribute to be returned - * for each user in the search results. If the array is null, all attributes are - * returned.
+ *An array of strings, where each string is the name of a user attribute to be returned for each user in the search results. If the array is null, all attributes are returned.
*/ AttributesToGet?: string[]; @@ -8511,91 +7944,99 @@ export interface ListUsersRequest { Limit?: number; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ PaginationToken?: string; /** *A filter string of the form "AttributeName
- * Filter-Type "AttributeValue"". Quotation marks
- * within the filter string must be escaped using the backslash (\) character. For example,
- * "family_name = \"Reddy\"".
family_name = \"Reddy\"".
+ * - * AttributeName: The name of the attribute to search for. - * You can only search for one attribute at a time.
+ *+ * AttributeName: The name of the attribute to search for. You can only search for one attribute at a time.
*
- * Filter-Type: For an exact match, use =, for example,
- * "given_name = \"Jon\"". For a prefix ("starts with") match, use
- * ^=, for example, "given_name ^= \"Jon\"".
+ * Filter-Type: For an exact match, use =, for example, "given_name = \"Jon\"". For a prefix ("starts with") match, use ^=, for example,
+ * "given_name ^= \"Jon\"".
- * AttributeValue: The attribute value that must be matched - * for each user.
+ *+ * AttributeValue: The attribute value that must be matched for each user.
*If the filter string is empty, ListUsers returns all users in the user
- * pool.
If the filter string is empty, ListUsers returns all users in the user pool.
You can only search for the following standard attributes:
- *+ *
* username (case-sensitive)
- * email
- *
+ * email
+ *
- * phone_number
- *
+ * phone_number
+ *
- * name
- *
+ * name
+ *
- * given_name
- *
+ * given_name
+ *
- * family_name
- *
+ * family_name
+ *
- * preferred_username
- *
+ * preferred_username
+ *
+ *
* cognito:user_status (called Status in the Console) (case-insensitive)
- * status (called Enabled in the Console)
- * (case-sensitive)
+ *
+ * status (called Enabled in the Console) (case-sensitive)
*
+ *
* sub
*
Custom attributes are not searchable.
- *For more information, see Searching for Users Using the ListUsers API and Examples of Using the ListUsers API in the Amazon Cognito - * Developer Guide.
+ *Custom attributes aren't searchable.
+ *You can also list users with a client-side filter. The server-side filter matches no more than 1 attribute. For an advanced search,
+ * use a client-side filter with the --query parameter of the list-users action in the CLI. When you use a
+ * client-side filter, ListUsers returns a paginated list of zero or more users. You can receive multiple pages in a row with zero
+ * results. Repeat the query with each pagination token that is returned until you receive a null pagination token value, and then
+ * review the combined result.
+ *
For more information about server-side and client-side filtering, + * see FilteringCLI output + * in the Command Line Interface User Guide. + *
+ *For more information, + * see Searching for Users + * Using the ListUsers API + * and Examples of Using + * the ListUsers API in the Amazon Cognito Developer Guide.
*/ Filter?: string; } @@ -8619,8 +8060,7 @@ export interface ListUsersResponse { Users?: UserType[]; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ PaginationToken?: string; } @@ -8652,8 +8092,7 @@ export interface ListUsersInGroupRequest { Limit?: number; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8674,8 +8113,7 @@ export interface ListUsersInGroupResponse { Users?: UserType[]; /** - *An identifier that was returned from the previous call to this operation, which can be - * used to return the next set of items in the list.
+ *An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
*/ NextToken?: string; } @@ -8700,62 +8138,52 @@ export interface ResendConfirmationCodeRequest { ClientId: string | undefined; /** - *A keyed-hash message authentication code (HMAC) calculated using the secret key of a - * user pool client and username plus the client ID in the message.
+ *A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
*/ SecretHash?: string; /** - *Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *The user name of the user to whom you wish to resend a confirmation code.
+ *The username attribute of the user to whom you want to resend a confirmation code.
The Amazon Pinpoint analytics metadata for collecting metrics for
- * ResendConfirmationCode calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ResendConfirmationCode calls.
A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the ResendConfirmationCode API action, Amazon Cognito invokes the function
- * that is assigned to the custom message trigger. When Amazon Cognito
- * invokes this function, it passes a JSON payload, which the function receives as input.
- * This payload contains a clientMetadata attribute, which provides the data
- * that you assigned to the ClientMetadata parameter in your ResendConfirmationCode
- * request. In your function code in Lambda, you can process the
- * clientMetadata value to enhance your workflow for your specific
- * needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the ResendConfirmationCode API action, Amazon Cognito
+ * invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a
+ * JSON
+ * payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned
+ * to the ClientMetadata parameter in your ResendConfirmationCode request. In your function code in Lambda, you can process the clientMetadata
+ * value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The response from the server when the Amazon Cognito Your User Pools service makes the - * request to resend a confirmation code.
+ *The response from the server when Amazon Cognito makes the request to resend a confirmation code.
*/ export interface ResendConfirmationCodeResponse { /** - *The code delivery details returned by the server in response to the request to resend - * the confirmation code.
+ *The code delivery details returned by the server in response to the request to resend the confirmation code.
*/ CodeDeliveryDetails?: CodeDeliveryDetailsType; } @@ -8805,117 +8231,96 @@ export interface RespondToAuthChallengeRequest { /** *The challenge name. For more information, see InitiateAuth.
*
- * ADMIN_NO_SRP_AUTH is not a valid value.
ADMIN_NO_SRP_AUTH isn't a valid value.
*/
ChallengeName: ChallengeNameType | string | undefined;
/**
- * The session which should be passed both ways in challenge-response calls to the
- * service. If InitiateAuth or RespondToAuthChallenge API call
- * determines that the caller needs to go through another challenge, they return a session
- * with other challenge parameters. This session should be passed as it is to the next
- * RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If InitiateAuth or RespondToAuthChallenge API call determines
+ * that the caller must pass another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge
+ * API call.
The challenge responses. These are inputs corresponding to the value of
- * ChallengeName, for example:
The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
- * SECRET_HASH (if app client is configured with client secret) applies
- * to all inputs below (including SOFTWARE_TOKEN_MFA).
SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that follow (including SOFTWARE_TOKEN_MFA).
+ * + *
* SMS_MFA: SMS_MFA_CODE, USERNAME.
- * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,
- * PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,
- * USERNAME.
+ * PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME.
+ * PASSWORD_VERIFIER requires DEVICE_KEY when signing in with a remembered device.
- * NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other
- * required attributes, USERNAME.
+ * NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other required attributes, USERNAME.
- * SOFTWARE_TOKEN_MFA: USERNAME and
- * SOFTWARE_TOKEN_MFA_CODE are required attributes.
+ * SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required attributes.
- * DEVICE_SRP_AUTH requires USERNAME,
- * DEVICE_KEY, SRP_A (and
- * SECRET_HASH).
+ * DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and SECRET_HASH).
- * DEVICE_PASSWORD_VERIFIER requires everything that
- * PASSWORD_VERIFIER requires plus DEVICE_KEY.
+ * DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus DEVICE_KEY.
- * MFA_SETUP requires USERNAME, plus you need to use
- * the session value returned by VerifySoftwareToken in the
- * Session parameter.
+ * MFA_SETUP requires USERNAME, plus you must use the session value returned by VerifySoftwareToken in the Session parameter.
The Amazon Pinpoint analytics metadata for collecting metrics for
- * RespondToAuthChallenge calls.
The Amazon Pinpoint analytics metadata for collecting metrics for RespondToAuthChallenge calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the RespondToAuthChallenge API action, Amazon Cognito invokes any functions
- * that are assigned to the following triggers: post authentication,
- * pre token generation, define auth
- * challenge, create auth challenge, and
- * verify auth challenge. When Amazon Cognito invokes any of these
- * functions, it passes a JSON payload, which the function receives as input. This payload
- * contains a clientMetadata attribute, which provides the data that you
- * assigned to the ClientMetadata parameter in your RespondToAuthChallenge request. In your
- * function code in Lambda, you can process the clientMetadata value to
- * enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the RespondToAuthChallenge API action, Amazon Cognito
+ * invokes any functions that are assigned to the following triggers: post authentication, pre token generation,
+ * define auth challenge, create auth challenge, and verify auth challenge. When Amazon Cognito
+ * invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata
+ * attribute, which provides the data that you assigned to the ClientMetadata parameter in your RespondToAuthChallenge request. In your function code in
+ * Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing + * User Pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration + * doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *The session which should be passed both ways in challenge-response calls to the
- * service. If the caller needs to go through another challenge, they return a session with
- * other challenge parameters. This session should be passed as it is to the next
- * RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters.
+ * This session should be passed as it is to the next RespondToAuthChallenge API call.
The result returned by the server in response to the request to respond to the - * authentication challenge.
+ *The result returned by the server in response to the request to respond to the authentication challenge.
*/ AuthenticationResult?: AuthenticationResultType; } @@ -8973,7 +8375,7 @@ export namespace RespondToAuthChallengeResponse { export interface RevokeTokenRequest { /** - *The token that you want to revoke.
+ *The refresh token that you want to revoke.
*/ Token: string | undefined; @@ -9012,7 +8414,7 @@ export namespace RevokeTokenResponse { } /** - *This exception is thrown when the request is not authorized. This can happen due to an invalid access token in the request.
+ *Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.
*/ export interface UnauthorizedException extends __SmithyException, $MetadataBearer { name: "UnauthorizedException"; @@ -9021,7 +8423,7 @@ export interface UnauthorizedException extends __SmithyException, $MetadataBeare } /** - *This exception is thrown when you attempt to perform an operation that is not enabled for the user pool client.
+ *Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.
*/ export interface UnsupportedOperationException extends __SmithyException, $MetadataBearer { name: "UnsupportedOperationException"; @@ -9030,7 +8432,7 @@ export interface UnsupportedOperationException extends __SmithyException, $Metad } /** - *This exception is thrown when an unsupported token is passed to an operation.
+ *Exception that is thrown when an unsupported token is passed to an operation.
*/ export interface UnsupportedTokenTypeException extends __SmithyException, $MetadataBearer { name: "UnsupportedTokenTypeException"; @@ -9045,12 +8447,9 @@ export interface SetRiskConfigurationRequest { UserPoolId: string | undefined; /** - *The app client ID. If ClientId is null, then the risk configuration is
- * mapped to userPoolId. When the client ID is null, the same risk
- * configuration is applied to all the clients in the userPool.
Otherwise, ClientId is mapped to the client. When the client ID is not
- * null, the user pool configuration is overridden and the risk configuration for the
- * client is used instead.
The app client ID. If ClientId is null, then the risk configuration is mapped to userPoolId. When the client ID is null, the same risk configuration is applied
+ * to all the clients in the userPool.
Otherwise, ClientId is mapped to the client. When the client ID isn't null, the user pool configuration is overridden and the risk configuration for the client is used instead.
The MFA configuration. Users who don't have an MFA factor set up won't be able to - * sign-in if you set the MfaConfiguration value to ‘ON’. See Adding Multi-Factor - * Authentication (MFA) to a User Pool to learn more. Valid values - * include:
- *The MFA configuration. If you set the MfaConfiguration value to ‘ON’, only users with an MFA factor set up can sign in. To learn more, + * see Adding Multi-Factor Authentication (MFA) to a User Pool. Valid values include:
+ * + *
- * OFF MFA will not be used for any users.
+ * OFF MFA won't be used for any users.
+ *
* ON MFA is required for all users to sign in.
- * OPTIONAL MFA will be required only for individual users who have
- * an MFA factor enabled.
+ * OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
The MFA configuration. Valid values include:
- *
- * OFF MFA will not be used for any users.
+ * OFF MFA won't be used for any users.
+ *
* ON MFA is required for all users to sign in.
- * OPTIONAL MFA will be required only for individual users who have
- * an MFA factor enabled.
+ * OPTIONAL MFA will be required only for individual users who have an MFA factor enabled.
You can use this parameter only to set an SMS configuration that uses SMS for - * delivery.
+ *You can use this parameter only to set an SMS configuration that uses SMS for delivery.
*/ MFAOptions: MFAOptionType[] | undefined; } @@ -9326,25 +8722,23 @@ export interface SignUpRequest { ClientId: string | undefined; /** - *A keyed-hash message authentication code (HMAC) calculated using the secret key of a - * user pool client and username plus the client ID in the message.
+ *A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
*/ SecretHash?: string; /** - *The user name of the user you wish to register.
+ *The user name of the user you want to register.
*/ Username: string | undefined; /** - *The password of the user you wish to register.
+ *The password of the user you want to register.
*/ Password: string | undefined; /** *An array of name-value pairs representing user attributes.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
For custom attributes, you must prepend the custom: prefix to the attribute name.
The Amazon Pinpoint analytics metadata for collecting metrics for SignUp
- * calls.
The Amazon Pinpoint analytics metadata for collecting metrics for SignUp calls.
Contextual data such as the user's device fingerprint, IP address, or location used - * for evaluating the risk of an unexpected event by Amazon Cognito advanced - * security.
+ *Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
*/ UserContextData?: UserContextDataType; /** - *A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the SignUp API action, Amazon Cognito invokes any functions that are
- * assigned to the following triggers: pre sign-up, custom
- * message, and post confirmation. When Amazon Cognito
- * invokes any of these functions, it passes a JSON payload, which the function receives as
- * input. This payload contains a clientMetadata attribute, which provides the
- * data that you assigned to the ClientMetadata parameter in your SignUp request. In your
- * function code in Lambda, you can process the clientMetadata value to
- * enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
+ *A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the SignUp API action, Amazon Cognito
+ * invokes any functions that are assigned to the following triggers: pre sign-up, custom message,
+ * and post confirmation. When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function
+ * receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the
+ * ClientMetadata parameter in your SignUp request. In your function code in Lambda, you can process the clientMetadata
+ * value to enhance your workflow for your specific needs.
For more information, + * see Customizing User Pool Workflows with Lambda Triggers + * in the Amazon Cognito Developer Guide.
+ * *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *A response from the server indicating that a user registration has been - * confirmed.
+ *A response from the server indicating that a user registration has been confirmed.
*/ UserConfirmed: boolean | undefined; /** - *The code delivery details returned by the server response to the user registration - * request.
+ *The code delivery details returned by the server response to the user registration request.
*/ CodeDeliveryDetails?: CodeDeliveryDetailsType; /** - *The UUID of the authenticated user. This is not the same as
- * username.
The UUID of the authenticated user. This isn't the same as username.
Represents the response from the server to the request to start the user import - * job.
+ *Represents the response from the server to the request to start the user import job.
*/ export interface StartUserImportJobResponse { /** @@ -56,7 +55,8 @@ export namespace StartUserImportJobResponse { */ export interface StopUserImportJobRequest { /** - *The user pool ID for the user pool that the users are being imported into.
+ *The user pool ID for the user pool that the users are being imported + * into.
*/ UserPoolId: string | undefined; @@ -76,8 +76,7 @@ export namespace StopUserImportJobRequest { } /** - *Represents the response from the server to the request to stop the user import - * job.
+ *Represents the response from the server to the request to stop the user import job.
*/ export interface StopUserImportJobResponse { /** @@ -269,15 +268,13 @@ export interface UpdateGroupRequest { Description?: string; /** - *The new role ARN for the group. This is used for setting the
- * cognito:roles and cognito:preferred_role claims in the
- * token.
The new role Amazon Resource Name (ARN) for the group. This is used for setting the cognito:roles and cognito:preferred_role claims in the token.
The new precedence value for the group. For more information about this parameter, see - * CreateGroup.
+ *The new precedence value for the group. For more information about this parameter, + * see CreateGroup.
*/ Precedence?: number; } @@ -319,8 +316,7 @@ export interface UpdateIdentityProviderRequest { ProviderName: string | undefined; /** - *The identity provider details to be updated, such as MetadataURL and
- * MetadataFile.
The identity provider details to be updated, such as MetadataURL and MetadataFile.
An array of name-value pairs representing user attributes.
- *For custom attributes, you must prepend the custom: prefix to the
- * attribute name.
For custom attributes, you must prepend the custom: prefix to the attribute name.
A map of custom key-value pairs that you can provide as input for any custom workflows - * that this action triggers.
- *You create custom workflows by assigning Lambda functions to user pool triggers.
- * When you use the UpdateUserAttributes API action, Amazon Cognito invokes the function
- * that is assigned to the custom message trigger. When Amazon Cognito
- * invokes this function, it passes a JSON payload, which the function receives as input.
- * This payload contains a clientMetadata attribute, which provides the data
- * that you assigned to the ClientMetadata parameter in your UpdateUserAttributes request.
- * In your function code in Lambda, you can process the clientMetadata
+ *
A map of custom key-value pairs that you can provide as input for any custom workflows that this action initiates.
+ *You create custom workflows by assigning Lambda functions to user pool triggers. When you use the UpdateUserAttributes API action, Amazon Cognito invokes the
+ * function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a
+ * JSON
+ * payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you
+ * assigned to the ClientMetadata parameter in your UpdateUserAttributes request. In your function code in Lambda, you can process the clientMetadata
* value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the - * Amazon Cognito Developer Guide.
- *Take the following limitations into consideration when you use the ClientMetadata - * parameter:
+ *For more information, see Customizing User Pool + * Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
+ * + *When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
*Amazon Cognito does not store the ClientMetadata value. This data is - * available only to Lambda triggers that are assigned to a user pool to - * support custom workflows. If your user pool configuration does not include - * triggers, the ClientMetadata parameter serves no purpose.
- *Store the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool + * configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
+ * *Amazon Cognito does not validate the ClientMetadata value.
- *Validate the ClientMetadata value.
+ * *Amazon Cognito does not encrypt the the ClientMetadata value, so don't use - * it to provide sensitive information.
- *Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
+ * *Represents the response from the server for the request to update user - * attributes.
+ *Represents the response from the server for the request to update user attributes.
*/ export interface UpdateUserAttributesResponse { /** - *The code delivery details list from the server for the request to update user - * attributes.
+ *The code delivery details list from the server for the request to update user attributes.
*/ CodeDeliveryDetailsList?: CodeDeliveryDetailsType[]; } @@ -503,19 +490,17 @@ export interface UpdateUserPoolRequest { UserPoolId: string | undefined; /** - *A container with the policies you wish to update in a user pool.
+ *A container with the policies you want to update in a user pool.
*/ Policies?: UserPoolPolicyType; /** - *The Lambda configuration information from the request to update the user - * pool.
+ *The Lambda configuration information from the request to update the user pool.
*/ LambdaConfig?: LambdaConfigType; /** - *The attributes that are automatically verified when the Amazon Cognito service makes a - * request to update user pools.
+ *The attributes that are automatically verified when Amazon Cognito requests to update user pools.
*/ AutoVerifiedAttributes?: (VerifiedAttributeType | string)[]; @@ -546,23 +531,21 @@ export interface UpdateUserPoolRequest { /** *Can be one of the following values:
- *
- * OFF - MFA tokens are not required and cannot be specified during
- * user registration.
+ * OFF - MFA tokens aren't required and can't be specified during user registration.
- * ON - MFA tokens are required for all user registrations. You can
- * only specify ON when you are initially creating a user pool. You can use the
- * SetUserPoolMfaConfig API operation to turn MFA "ON" for existing
- * user pools.
+ * ON - MFA tokens are required for all user registrations. You can only specify ON when you're initially creating a user pool. You can
+ * use the SetUserPoolMfaConfig API operation
+ * to turn MFA "ON" for existing user pools.
- * OPTIONAL - Users have the option when registering to create an MFA
- * token.
+ * OPTIONAL - Users have the option when registering to create an MFA token.
The tag keys and values to assign to the user pool. A tag is a label that you can use - * to categorize and manage user pools in different ways, such as by purpose, owner, - * environment, or other criteria.
+ *The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, + * or other criteria.
*/ UserPoolTags?: { [key: string]: string }; @@ -596,18 +578,15 @@ export interface UpdateUserPoolRequest { AdminCreateUserConfig?: AdminCreateUserConfigType; /** - *Used to enable advanced security risk detection. Set the key
- * AdvancedSecurityMode to the value "AUDIT".
Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value "AUDIT".
Use this setting to define which verified available method a user can use to recover
- * their password when they call ForgotPassword. It allows you to define a
- * preferred method when a user has more than one method available. With this setting, SMS
- * does not qualify for a valid password recovery mechanism if the user also has SMS MFA
- * enabled. In the absence of this setting, Cognito uses the legacy behavior to determine
- * the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a
+ * preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user
+ * also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method
+ * where SMS is preferred through email.
Represents the response from the server when you make a request to update the user - * pool.
+ *Represents the response from the server when you make a request to update the user pool.
*/ export interface UpdateUserPoolResponse {} @@ -641,8 +619,7 @@ export namespace UpdateUserPoolResponse { */ export interface UpdateUserPoolClientRequest { /** - *The user pool ID for the user pool where you want to update the user pool - * client.
+ *The user pool ID for the user pool where you want to update the user pool client.
*/ UserPoolId: string | undefined; @@ -657,25 +634,22 @@ export interface UpdateUserPoolClientRequest { ClientName?: string; /** - *The time limit, in days, after which the refresh token is no longer valid and cannot - * be used.
+ *The time limit, in days, after which the refresh token is no longer valid and can't be used.
*/ RefreshTokenValidity?: number; /** - *The time limit, after which the access token is no longer valid and cannot be - * used.
+ *The time limit after which the access token is no longer valid and can't be used.
*/ AccessTokenValidity?: number; /** - *The time limit, after which the ID token is no longer valid and cannot be used.
+ *The time limit after which the ID token is no longer valid and can't be used.
*/ IdTokenValidity?: number; /** - *The units in which the validity times are represented in. Default for RefreshToken is - * days, and default for ID and access tokens are hours.
+ *The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens is hours.
*/ TokenValidityUnits?: TokenValidityUnitsType; @@ -690,69 +664,60 @@ export interface UpdateUserPoolClientRequest { WriteAttributes?: string[]; /** - *The authentication flows that are supported by the user pool clients. Flow names
- * without the ALLOW_ prefix are deprecated in favor of new names with the
- * ALLOW_ prefix. Note that values with ALLOW_ prefix cannot
- * be used along with values without ALLOW_ prefix.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the
+ * ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values with the ALLOW_ prefix.
Valid values include:
- *
- * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password
- * authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces
- * the ADMIN_NO_SRP_AUTH setting. With this authentication flow,
- * Cognito receives the password in the request instead of using the SRP (Secure
- * Remote Password protocol) protocol to verify passwords.
+ * ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the
+ * ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to
+ * verify passwords.
- * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based
- * authentication.
+ * ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
- * ALLOW_USER_PASSWORD_AUTH: Enable user password-based
- * authentication. In this flow, Cognito receives the password in the request
- * instead of using the SRP protocol to verify passwords.
+ * ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP
+ * protocol to verify passwords.
- * ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
+ * ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
- * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh
- * tokens.
+ * ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this - * client.
+ *A list of provider names for the identity providers that are supported on this client.
*/ SupportedIdentityProviders?: string[]; /** *A list of allowed redirect (callback) URLs for the identity providers.
*A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
- *App callback URLs such as myapp://example are also supported.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
+ *App callback URLs such as myapp://example are also supported.
The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
- *Be an absolute URI.
+ *Be an absolute URI.
*Be registered with the authorization server.
+ *Be registered with the authorization server.
*Not include a fragment component.
+ *Not include a + * fragment component.
*See OAuth 2.0 - - * Redirection Endpoint.
- *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing - * purposes only.
- *App callback URLs such as myapp://example are also supported.
+ *See OAuth 2.0 - Redirection Endpoint.
+ *Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
App callback URLs such as myapp://example are also supported.
The allowed OAuth flows.
- *Set to code to initiate a code grant flow, which provides an
- * authorization code as the response. This code can be exchanged for access tokens with
- * the token endpoint.
Set to implicit to specify that the client should get the access token
- * (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the
- * access token (and, optionally, ID token, based on scopes) from the token endpoint using
- * a combination of client and client_secret.
Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination
+ * of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,
- * email, openid, and profile. Possible values
- * provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created
+ * email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created
* in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting - * with Cognito user pools.
+ *Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
*/ AllowedOAuthFlowsUserPoolClient?: boolean; /** - *The Amazon Pinpoint analytics configuration for collecting metrics for this user - * pool.
- *In regions where Pinpoint is not available, Cognito User Pools only supports - * sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint - * is available, Cognito User Pools will support sending events to Amazon Pinpoint - * projects within that same region.
- *The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.
+ *In Amazon Web Services Regions where isn't available, User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In Regions where Pinpoint is available, User Pools will support + * sending events to Amazon Pinpoint projects within that same Region.
+ *Use this setting to choose which errors and responses are returned by Cognito APIs
- * during authentication, account confirmation, and password recovery when the user does
- * not exist in the user pool. When set to ENABLED and the user does not
- * exist, authentication returns an error indicating either the username or password was
- * incorrect, and account confirmation and password recovery return a response indicating a
- * code was sent to a simulated destination. When set to LEGACY, those APIs
- * will return a UserNotFoundException exception if the user does not exist in
- * the user pool.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the
+ * user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect.
+ * Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs
+ * return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
- *+ *
* ENABLED - This prevents user existence-related errors.
- * LEGACY - This represents the old behavior of Cognito where user
- * existence related errors are not prevented.
+ * LEGACY - This represents the early
+ * behavior of Amazon Cognito where user existence related errors aren't prevented.
After February 15th 2020, the value of PreventUserExistenceErrors
- * will default to ENABLED for newly created user pool clients if no value
- * is provided.
Enables or disables token revocation. For more information - * about revoking tokens, see RevokeToken.
+ *Activates or deactivates token revocation. For more information about revoking tokens, + * see RevokeToken.
*/ EnableTokenRevocation?: boolean; } @@ -871,13 +815,11 @@ export namespace UpdateUserPoolClientRequest { } /** - *Represents the response from the server to the request to update the user pool - * client.
+ *Represents the response from the server to the request to update the user pool client.
*/ export interface UpdateUserPoolClientResponse { /** - *The user pool client value from the response from the server when an update user pool - * client request is made.
+ *The user pool client value from the response from the server when you request to update the user pool client.
*/ UserPoolClient?: UserPoolClientType; } @@ -897,23 +839,18 @@ export namespace UpdateUserPoolClientResponse { */ export interface UpdateUserPoolDomainRequest { /** - *The domain name for the custom domain that hosts the sign-up and sign-in pages for
- * your application. For example: auth.example.com.
This string can include only lowercase letters, numbers, and hyphens. Do not use a - * hyphen for the first or last character. Use periods to separate subdomain names.
+ *The domain name for the custom domain that hosts the sign-up and sign-in pages for your application. One example might be auth.example.com.
This string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names.
*/ Domain: string | undefined; /** - *The ID of the user pool that is associated with the custom domain that you are - * updating the certificate for.
+ *The ID of the user pool that is associated with the custom domain whose certificate you're updating.
*/ UserPoolId: string | undefined; /** - *The configuration for a custom domain that hosts the sign-up and sign-in pages for - * your application. Use this object to specify an SSL certificate that is managed by - * ACM.
+ *The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.
*/ CustomDomainConfig: CustomDomainConfigType | undefined; } @@ -932,8 +869,7 @@ export namespace UpdateUserPoolDomainRequest { */ export interface UpdateUserPoolDomainResponse { /** - *The Amazon CloudFront endpoint that Amazon Cognito set up when you added the custom - * domain to your user pool.
+ *The Amazon CloudFront endpoint that Amazon Cognito set up when you added the custom domain to your user pool.
*/ CloudFrontDomain?: string; } @@ -948,8 +884,7 @@ export namespace UpdateUserPoolDomainResponse { } /** - *This exception is thrown when there is a code mismatch and the service fails to - * configure the software token TOTP multi-factor authentication (MFA).
+ *This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).
*/ export interface EnableSoftwareTokenMFAException extends __SmithyException, $MetadataBearer { name: "EnableSoftwareTokenMFAException"; @@ -964,13 +899,13 @@ export interface VerifySoftwareTokenRequest { AccessToken?: string; /** - *The session which should be passed both ways in challenge-response calls to the - * service.
+ *The session that should be passed both ways in challenge-response calls to the service.
*/ Session?: string; /** - *The one time password computed using the secret code returned by AssociateSoftwareToken".
+ *The one- time password computed using the secret code returned by + * AssociateSoftwareToken.
*/ UserCode: string | undefined; @@ -1002,8 +937,7 @@ export interface VerifySoftwareTokenResponse { Status?: VerifySoftwareTokenResponseType | string; /** - *The session which should be passed both ways in challenge-response calls to the - * service.
+ *The session that should be passed both ways in challenge-response calls to the service.
*/ Session?: string; } @@ -1022,7 +956,7 @@ export namespace VerifySoftwareTokenResponse { */ export interface VerifyUserAttributeRequest { /** - *Represents the access token of the request to verify user attributes.
+ *The access token of the request to verify user attributes.
*/ AccessToken: string | undefined; @@ -1048,8 +982,7 @@ export namespace VerifyUserAttributeRequest { } /** - *A container representing the response from the server from the request to verify user - * attributes.
+ *A container representing the response from the server from the request to verify user attributes.
*/ export interface VerifyUserAttributeResponse {} diff --git a/clients/client-connect/README.md b/clients/client-connect/README.md index 5a061497dac9..0d1c5109c832 100644 --- a/clients/client-connect/README.md +++ b/clients/client-connect/README.md @@ -15,9 +15,8 @@ appropriate agents.There are limits to the number of Amazon Connect resources that you can create. There are also limits to the number of requests that you can make per second. For more information, see Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
-You can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect -endpoints, see Amazon Connect -Endpoints.
+You can connect programmatically to an Amazon Web Services service by using an endpoint. For +a list of Amazon Connect endpoints, see Amazon Connect Endpoints.
Working with contact flows? Check out the Amazon Connect Flow language.
There are limits to the number of Amazon Connect resources that you can create. There are also limits * to the number of requests that you can make per second. For more information, see Amazon Connect * Service Quotas in the Amazon Connect Administrator Guide.
- *You can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect - * endpoints, see Amazon Connect - * Endpoints.
+ *You can connect programmatically to an Amazon Web Services service by using an endpoint. For + * a list of Amazon Connect endpoints, see Amazon Connect Endpoints.
*Working with contact flows? Check out the Amazon Connect Flow language.
*Associates an existing vocabulary as the default. Contact Lens for Amazon Connect uses the vocabulary in post-call and real-time analysis sessions for the given language.
+ */ + public associateDefaultVocabulary( + args: AssociateDefaultVocabularyCommandInput, + options?: __HttpHandlerOptions + ): PromiseThis API is in preview release for Amazon Connect and is subject to change.
*Associates a storage resource type for the first time. You can only associate one type of @@ -1302,6 +1363,40 @@ export class Connect extends ConnectClient { } } + /** + *
Creates a custom vocabulary associated with your Amazon Connect instance. You can set a custom + * vocabulary to be your default vocabulary for a given language. Contact Lens for Amazon Connect uses the default + * vocabulary in post-call and real-time contact analysis sessions for that language.
+ */ + public createVocabulary( + args: CreateVocabularyCommandInput, + options?: __HttpHandlerOptions + ): PromiseDeletes a contact flow for the specified Amazon Connect instance.
*/ @@ -1436,8 +1531,8 @@ export class Connect extends ConnectClient { } /** - *Deletes an Amazon Web Services resource association from an Amazon Connect instance. The association must not have - * any use cases associated with it.
+ *Deletes an Amazon Web Services resource association from an Amazon Connect instance. The association + * must not have any use cases associated with it.
*/ public deleteIntegrationAssociation( args: DeleteIntegrationAssociationCommandInput, @@ -1627,6 +1722,38 @@ export class Connect extends ConnectClient { } } + /** + *Deletes the vocabulary that has the given identifier.
+ */ + public deleteVocabulary( + args: DeleteVocabularyCommandInput, + options?: __HttpHandlerOptions + ): PromiseThis API is in preview release for Amazon Connect and is subject to change.
*Describes an agent status.
@@ -2125,6 +2252,38 @@ export class Connect extends ConnectClient { } } + /** + *Describes the specified vocabulary.
+ */ + public describeVocabulary( + args: DescribeVocabularyCommandInput, + options?: __HttpHandlerOptions + ): PromiseThis API is in preview release for Amazon Connect and is subject to change.
*Revokes access to integrated applications from Amazon Connect.
@@ -2600,8 +2759,8 @@ export class Connect extends ConnectClient { /** *This API is in preview release for Amazon Connect and is subject to change.
- *For the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the - * instance.
+ *For the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently + * associated with the instance.
*/ public listBots(args: ListBotsCommandInput, options?: __HttpHandlerOptions): PromiseLists the default vocabularies for the specified Amazon Connect instance.
+ */ + public listDefaultVocabularies( + args: ListDefaultVocabulariesCommandInput, + options?: __HttpHandlerOptions + ): PromiseProvides information about the hours of operation for the specified Amazon Connect instance.
*For more information about hours of operation, see Set the Hours of Operation for a
@@ -2866,8 +3057,8 @@ export class Connect extends ConnectClient {
}
/**
- * Provides summary information about the Amazon Web Services resource associations for the specified Amazon Connect
- * instance. Provides summary information about the Amazon Web Services resource associations for the
+ * specified Amazon Connect instance. Searches for vocabularies within a specific Amazon Connect instance using Initiates a contact flow to start a new chat for the customer. Response of this API provides
* a token required to obtain credentials from the CreateParticipantConnection API in the Amazon Connect Participant Service. When a new chat contact is successfully created, clients must subscribe to the participant’s
* connection for the created chat within 5 minutes. This is achieved by invoking CreateParticipantConnection with WEBSOCKET and CONNECTION_CREDENTIALS. A 429 error occurs in two situations: A 429 error occurs in the following situations: API rate limit is exceeded. API TPS throttling returns a If you use the For more information about chat, see Chat in the Amazon Connect Administrator
* Guide. Initiates real-time message streaming for a new chat contact. For more information about message streaming, see Enable real-time chat message
- * streaming in the Amazon Connect Administrator Guide.State, NameStartsWith, and LanguageCode.
*
+ * TooManyRequests
@@ -3463,6 +3686,9 @@ export class Connect extends ConnectClient {
* LimitExceededException.ChatDurationInMinutes parameter and receive a 400 error, your account may
+ * not support the ability to configure custom chat durations. For more information, contact Amazon Web Services Support.
+ *
Campaign calls are not allowed by default. Before you can make a call with
- * TrafficType = CAMPAIGN, you must submit a service quota increase request. For more information, see
- * Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
TrafficType = CAMPAIGN, you must submit a service quota increase
+ * request. For more information, see Amazon Connect Service Quotas
+ * in the Amazon Connect Administrator Guide.
* Adds the specified tags to the specified resource.
- *The supported resource types are users, routing profiles, queues, quick connects, - * contact flows, agent status, and hours of operation.
+ *The supported resource types are users, routing profiles, queues, quick connects, contact + * flows, agent status, and hours of operation.
*For sample policies that use tags, see Amazon Connect Identity-Based * Policy Examples in the Amazon Connect Administrator Guide.
*/ diff --git a/clients/client-connect/src/ConnectClient.ts b/clients/client-connect/src/ConnectClient.ts index 55c935fb5011..fb72a42f1187 100644 --- a/clients/client-connect/src/ConnectClient.ts +++ b/clients/client-connect/src/ConnectClient.ts @@ -55,6 +55,10 @@ import { AssociateApprovedOriginCommandOutput, } from "./commands/AssociateApprovedOriginCommand"; import { AssociateBotCommandInput, AssociateBotCommandOutput } from "./commands/AssociateBotCommand"; +import { + AssociateDefaultVocabularyCommandInput, + AssociateDefaultVocabularyCommandOutput, +} from "./commands/AssociateDefaultVocabularyCommand"; import { AssociateInstanceStorageConfigCommandInput, AssociateInstanceStorageConfigCommandOutput, @@ -107,6 +111,7 @@ import { CreateUserHierarchyGroupCommandInput, CreateUserHierarchyGroupCommandOutput, } from "./commands/CreateUserHierarchyGroupCommand"; +import { CreateVocabularyCommandInput, CreateVocabularyCommandOutput } from "./commands/CreateVocabularyCommand"; import { DeleteContactFlowCommandInput, DeleteContactFlowCommandOutput } from "./commands/DeleteContactFlowCommand"; import { DeleteContactFlowModuleCommandInput, @@ -132,6 +137,7 @@ import { DeleteUserHierarchyGroupCommandInput, DeleteUserHierarchyGroupCommandOutput, } from "./commands/DeleteUserHierarchyGroupCommand"; +import { DeleteVocabularyCommandInput, DeleteVocabularyCommandOutput } from "./commands/DeleteVocabularyCommand"; import { DescribeAgentStatusCommandInput, DescribeAgentStatusCommandOutput, @@ -180,6 +186,7 @@ import { DescribeUserHierarchyStructureCommandInput, DescribeUserHierarchyStructureCommandOutput, } from "./commands/DescribeUserHierarchyStructureCommand"; +import { DescribeVocabularyCommandInput, DescribeVocabularyCommandOutput } from "./commands/DescribeVocabularyCommand"; import { DisassociateApprovedOriginCommandInput, DisassociateApprovedOriginCommandOutput, @@ -231,6 +238,10 @@ import { ListContactReferencesCommandInput, ListContactReferencesCommandOutput, } from "./commands/ListContactReferencesCommand"; +import { + ListDefaultVocabulariesCommandInput, + ListDefaultVocabulariesCommandOutput, +} from "./commands/ListDefaultVocabulariesCommand"; import { ListHoursOfOperationsCommandInput, ListHoursOfOperationsCommandOutput, @@ -292,6 +303,7 @@ import { ResumeContactRecordingCommandInput, ResumeContactRecordingCommandOutput, } from "./commands/ResumeContactRecordingCommand"; +import { SearchVocabulariesCommandInput, SearchVocabulariesCommandOutput } from "./commands/SearchVocabulariesCommand"; import { StartChatContactCommandInput, StartChatContactCommandOutput } from "./commands/StartChatContactCommand"; import { StartContactRecordingCommandInput, @@ -438,6 +450,7 @@ import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig"; export type ServiceInputTypes = | AssociateApprovedOriginCommandInput | AssociateBotCommandInput + | AssociateDefaultVocabularyCommandInput | AssociateInstanceStorageConfigCommandInput | AssociateLambdaFunctionCommandInput | AssociateLexBotCommandInput @@ -457,6 +470,7 @@ export type ServiceInputTypes = | CreateUseCaseCommandInput | CreateUserCommandInput | CreateUserHierarchyGroupCommandInput + | CreateVocabularyCommandInput | DeleteContactFlowCommandInput | DeleteContactFlowModuleCommandInput | DeleteHoursOfOperationCommandInput @@ -467,6 +481,7 @@ export type ServiceInputTypes = | DeleteUseCaseCommandInput | DeleteUserCommandInput | DeleteUserHierarchyGroupCommandInput + | DeleteVocabularyCommandInput | DescribeAgentStatusCommandInput | DescribeContactCommandInput | DescribeContactFlowCommandInput @@ -482,6 +497,7 @@ export type ServiceInputTypes = | DescribeUserCommandInput | DescribeUserHierarchyGroupCommandInput | DescribeUserHierarchyStructureCommandInput + | DescribeVocabularyCommandInput | DisassociateApprovedOriginCommandInput | DisassociateBotCommandInput | DisassociateInstanceStorageConfigCommandInput @@ -500,6 +516,7 @@ export type ServiceInputTypes = | ListContactFlowModulesCommandInput | ListContactFlowsCommandInput | ListContactReferencesCommandInput + | ListDefaultVocabulariesCommandInput | ListHoursOfOperationsCommandInput | ListInstanceAttributesCommandInput | ListInstanceStorageConfigsCommandInput @@ -522,6 +539,7 @@ export type ServiceInputTypes = | ListUserHierarchyGroupsCommandInput | ListUsersCommandInput | ResumeContactRecordingCommandInput + | SearchVocabulariesCommandInput | StartChatContactCommandInput | StartContactRecordingCommandInput | StartContactStreamingCommandInput @@ -568,6 +586,7 @@ export type ServiceInputTypes = export type ServiceOutputTypes = | AssociateApprovedOriginCommandOutput | AssociateBotCommandOutput + | AssociateDefaultVocabularyCommandOutput | AssociateInstanceStorageConfigCommandOutput | AssociateLambdaFunctionCommandOutput | AssociateLexBotCommandOutput @@ -587,6 +606,7 @@ export type ServiceOutputTypes = | CreateUseCaseCommandOutput | CreateUserCommandOutput | CreateUserHierarchyGroupCommandOutput + | CreateVocabularyCommandOutput | DeleteContactFlowCommandOutput | DeleteContactFlowModuleCommandOutput | DeleteHoursOfOperationCommandOutput @@ -597,6 +617,7 @@ export type ServiceOutputTypes = | DeleteUseCaseCommandOutput | DeleteUserCommandOutput | DeleteUserHierarchyGroupCommandOutput + | DeleteVocabularyCommandOutput | DescribeAgentStatusCommandOutput | DescribeContactCommandOutput | DescribeContactFlowCommandOutput @@ -612,6 +633,7 @@ export type ServiceOutputTypes = | DescribeUserCommandOutput | DescribeUserHierarchyGroupCommandOutput | DescribeUserHierarchyStructureCommandOutput + | DescribeVocabularyCommandOutput | DisassociateApprovedOriginCommandOutput | DisassociateBotCommandOutput | DisassociateInstanceStorageConfigCommandOutput @@ -630,6 +652,7 @@ export type ServiceOutputTypes = | ListContactFlowModulesCommandOutput | ListContactFlowsCommandOutput | ListContactReferencesCommandOutput + | ListDefaultVocabulariesCommandOutput | ListHoursOfOperationsCommandOutput | ListInstanceAttributesCommandOutput | ListInstanceStorageConfigsCommandOutput @@ -652,6 +675,7 @@ export type ServiceOutputTypes = | ListUserHierarchyGroupsCommandOutput | ListUsersCommandOutput | ResumeContactRecordingCommandOutput + | SearchVocabulariesCommandOutput | StartChatContactCommandOutput | StartContactRecordingCommandOutput | StartContactStreamingCommandOutput @@ -857,9 +881,8 @@ export interface ConnectClientResolvedConfig extends ConnectClientResolvedConfig *There are limits to the number of Amazon Connect resources that you can create. There are also limits * to the number of requests that you can make per second. For more information, see Amazon Connect * Service Quotas in the Amazon Connect Administrator Guide.
- *You can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect - * endpoints, see Amazon Connect - * Endpoints.
+ *You can connect programmatically to an Amazon Web Services service by using an endpoint. For + * a list of Amazon Connect endpoints, see Amazon Connect Endpoints.
*Working with contact flows? Check out the Amazon Connect Flow language.
*Associates an existing vocabulary as the default. Contact Lens for Amazon Connect uses the vocabulary in post-call and real-time analysis sessions for the given language.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConnectClient, AssociateDefaultVocabularyCommand } from "@aws-sdk/client-connect"; // ES Modules import + * // const { ConnectClient, AssociateDefaultVocabularyCommand } = require("@aws-sdk/client-connect"); // CommonJS import + * const client = new ConnectClient(config); + * const command = new AssociateDefaultVocabularyCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link AssociateDefaultVocabularyCommandInput} for command's `input` shape. + * @see {@link AssociateDefaultVocabularyCommandOutput} for command's `response` shape. + * @see {@link ConnectClientResolvedConfig | config} for ConnectClient's `config` shape. + * + */ +export class AssociateDefaultVocabularyCommand extends $Command< + AssociateDefaultVocabularyCommandInput, + AssociateDefaultVocabularyCommandOutput, + ConnectClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: AssociateDefaultVocabularyCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackCreates a custom vocabulary associated with your Amazon Connect instance. You can set a custom + * vocabulary to be your default vocabulary for a given language. Contact Lens for Amazon Connect uses the default + * vocabulary in post-call and real-time contact analysis sessions for that language.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConnectClient, CreateVocabularyCommand } from "@aws-sdk/client-connect"; // ES Modules import + * // const { ConnectClient, CreateVocabularyCommand } = require("@aws-sdk/client-connect"); // CommonJS import + * const client = new ConnectClient(config); + * const command = new CreateVocabularyCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateVocabularyCommandInput} for command's `input` shape. + * @see {@link CreateVocabularyCommandOutput} for command's `response` shape. + * @see {@link ConnectClientResolvedConfig | config} for ConnectClient's `config` shape. + * + */ +export class CreateVocabularyCommand extends $Command< + CreateVocabularyCommandInput, + CreateVocabularyCommandOutput, + ConnectClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateVocabularyCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackDeletes an Amazon Web Services resource association from an Amazon Connect instance. The association must not have - * any use cases associated with it.
+ *Deletes an Amazon Web Services resource association from an Amazon Connect instance. The association + * must not have any use cases associated with it.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-connect/src/commands/DeleteVocabularyCommand.ts b/clients/client-connect/src/commands/DeleteVocabularyCommand.ts new file mode 100644 index 000000000000..be6c425129f8 --- /dev/null +++ b/clients/client-connect/src/commands/DeleteVocabularyCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { ConnectClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ConnectClient"; +import { DeleteVocabularyRequest, DeleteVocabularyResponse } from "../models/models_0"; +import { + deserializeAws_restJson1DeleteVocabularyCommand, + serializeAws_restJson1DeleteVocabularyCommand, +} from "../protocols/Aws_restJson1"; + +export interface DeleteVocabularyCommandInput extends DeleteVocabularyRequest {} +export interface DeleteVocabularyCommandOutput extends DeleteVocabularyResponse, __MetadataBearer {} + +/** + *Deletes the vocabulary that has the given identifier.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConnectClient, DeleteVocabularyCommand } from "@aws-sdk/client-connect"; // ES Modules import + * // const { ConnectClient, DeleteVocabularyCommand } = require("@aws-sdk/client-connect"); // CommonJS import + * const client = new ConnectClient(config); + * const command = new DeleteVocabularyCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DeleteVocabularyCommandInput} for command's `input` shape. + * @see {@link DeleteVocabularyCommandOutput} for command's `response` shape. + * @see {@link ConnectClientResolvedConfig | config} for ConnectClient's `config` shape. + * + */ +export class DeleteVocabularyCommand extends $Command< + DeleteVocabularyCommandInput, + DeleteVocabularyCommandOutput, + ConnectClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DeleteVocabularyCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackDescribes the specified vocabulary.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConnectClient, DescribeVocabularyCommand } from "@aws-sdk/client-connect"; // ES Modules import + * // const { ConnectClient, DescribeVocabularyCommand } = require("@aws-sdk/client-connect"); // CommonJS import + * const client = new ConnectClient(config); + * const command = new DescribeVocabularyCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeVocabularyCommandInput} for command's `input` shape. + * @see {@link DescribeVocabularyCommandOutput} for command's `response` shape. + * @see {@link ConnectClientResolvedConfig | config} for ConnectClient's `config` shape. + * + */ +export class DescribeVocabularyCommand extends $Command< + DescribeVocabularyCommandInput, + DescribeVocabularyCommandOutput, + ConnectClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeVocabularyCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackThis API is in preview release for Amazon Connect and is subject to change.
- *For the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the - * instance.
+ *For the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently + * associated with the instance.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-connect/src/commands/ListDefaultVocabulariesCommand.ts b/clients/client-connect/src/commands/ListDefaultVocabulariesCommand.ts new file mode 100644 index 000000000000..2dfe31f1b470 --- /dev/null +++ b/clients/client-connect/src/commands/ListDefaultVocabulariesCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { ConnectClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ConnectClient"; +import { ListDefaultVocabulariesRequest, ListDefaultVocabulariesResponse } from "../models/models_0"; +import { + deserializeAws_restJson1ListDefaultVocabulariesCommand, + serializeAws_restJson1ListDefaultVocabulariesCommand, +} from "../protocols/Aws_restJson1"; + +export interface ListDefaultVocabulariesCommandInput extends ListDefaultVocabulariesRequest {} +export interface ListDefaultVocabulariesCommandOutput extends ListDefaultVocabulariesResponse, __MetadataBearer {} + +/** + *Lists the default vocabularies for the specified Amazon Connect instance.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { ConnectClient, ListDefaultVocabulariesCommand } from "@aws-sdk/client-connect"; // ES Modules import + * // const { ConnectClient, ListDefaultVocabulariesCommand } = require("@aws-sdk/client-connect"); // CommonJS import + * const client = new ConnectClient(config); + * const command = new ListDefaultVocabulariesCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link ListDefaultVocabulariesCommandInput} for command's `input` shape. + * @see {@link ListDefaultVocabulariesCommandOutput} for command's `response` shape. + * @see {@link ConnectClientResolvedConfig | config} for ConnectClient's `config` shape. + * + */ +export class ListDefaultVocabulariesCommand extends $Command< + ListDefaultVocabulariesCommandInput, + ListDefaultVocabulariesCommandOutput, + ConnectClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: ListDefaultVocabulariesCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackProvides summary information about the Amazon Web Services resource associations for the specified Amazon Connect - * instance.
+ *Provides summary information about the Amazon Web Services resource associations for the + * specified Amazon Connect instance.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-connect/src/commands/SearchVocabulariesCommand.ts b/clients/client-connect/src/commands/SearchVocabulariesCommand.ts new file mode 100644 index 000000000000..49d4c1f7fa2f --- /dev/null +++ b/clients/client-connect/src/commands/SearchVocabulariesCommand.ts @@ -0,0 +1,95 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { ConnectClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ConnectClient"; +import { SearchVocabulariesRequest, SearchVocabulariesResponse } from "../models/models_0"; +import { + deserializeAws_restJson1SearchVocabulariesCommand, + serializeAws_restJson1SearchVocabulariesCommand, +} from "../protocols/Aws_restJson1"; + +export interface SearchVocabulariesCommandInput extends SearchVocabulariesRequest {} +export interface SearchVocabulariesCommandOutput extends SearchVocabulariesResponse, __MetadataBearer {} + +/** + *Searches for vocabularies within a specific Amazon Connect instance using State, NameStartsWith, and LanguageCode.
When a new chat contact is successfully created, clients must subscribe to the participant’s * connection for the created chat within 5 minutes. This is achieved by invoking CreateParticipantConnection with WEBSOCKET and CONNECTION_CREDENTIALS.
* - *A 429 error occurs in two situations:
+ *A 429 error occurs in the following situations:
*API rate limit is exceeded. API TPS throttling returns a TooManyRequests
@@ -40,6 +40,9 @@ export interface StartChatContactCommandOutput extends StartChatContactResponse,
* LimitExceededException.
If you use the ChatDurationInMinutes parameter and receive a 400 error, your account may
+ * not support the ability to configure custom chat durations. For more information, contact Amazon Web Services Support.
+ *
For more information about chat, see Chat in the Amazon Connect Administrator * Guide.
diff --git a/clients/client-connect/src/commands/StartContactStreamingCommand.ts b/clients/client-connect/src/commands/StartContactStreamingCommand.ts index 5b5ac9c46134..16e22efaeac7 100644 --- a/clients/client-connect/src/commands/StartContactStreamingCommand.ts +++ b/clients/client-connect/src/commands/StartContactStreamingCommand.ts @@ -24,7 +24,7 @@ export interface StartContactStreamingCommandOutput extends StartContactStreamin /** *Initiates real-time message streaming for a new chat contact.
*For more information about message streaming, see Enable real-time chat message - * streaming in the Amazon Connect Administrator Guide.
+ * streaming in the Amazon Connect Administrator Guide. * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-connect/src/commands/StartOutboundVoiceContactCommand.ts b/clients/client-connect/src/commands/StartOutboundVoiceContactCommand.ts index 19ee523292e5..0185b3b1439c 100644 --- a/clients/client-connect/src/commands/StartOutboundVoiceContactCommand.ts +++ b/clients/client-connect/src/commands/StartOutboundVoiceContactCommand.ts @@ -12,7 +12,7 @@ import { } from "@aws-sdk/types"; import { ConnectClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ConnectClient"; -import { StartOutboundVoiceContactRequest, StartOutboundVoiceContactResponse } from "../models/models_0"; +import { StartOutboundVoiceContactRequest, StartOutboundVoiceContactResponse } from "../models/models_1"; import { deserializeAws_restJson1StartOutboundVoiceContactCommand, serializeAws_restJson1StartOutboundVoiceContactCommand, @@ -38,8 +38,9 @@ export interface StartOutboundVoiceContactCommandOutput extends StartOutboundVoi * *Campaign calls are not allowed by default. Before you can make a call with
- * TrafficType = CAMPAIGN, you must submit a service quota increase request. For more information, see
- * Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
TrafficType = CAMPAIGN, you must submit a service quota increase
+ * request. For more information, see Amazon Connect Service Quotas
+ * in the Amazon Connect Administrator Guide.
* Adds the specified tags to the specified resource.
- *The supported resource types are users, routing profiles, queues, quick connects, - * contact flows, agent status, and hours of operation.
+ *The supported resource types are users, routing profiles, queues, quick connects, contact + * flows, agent status, and hours of operation.
*For sample policies that use tags, see Amazon Connect Identity-Based * Policy Examples in the Amazon Connect Administrator Guide.
* @example diff --git a/clients/client-connect/src/commands/index.ts b/clients/client-connect/src/commands/index.ts index be7f372ac27a..4e527a6650a5 100644 --- a/clients/client-connect/src/commands/index.ts +++ b/clients/client-connect/src/commands/index.ts @@ -1,5 +1,6 @@ export * from "./AssociateApprovedOriginCommand"; export * from "./AssociateBotCommand"; +export * from "./AssociateDefaultVocabularyCommand"; export * from "./AssociateInstanceStorageConfigCommand"; export * from "./AssociateLambdaFunctionCommand"; export * from "./AssociateLexBotCommand"; @@ -19,6 +20,7 @@ export * from "./CreateSecurityProfileCommand"; export * from "./CreateUseCaseCommand"; export * from "./CreateUserCommand"; export * from "./CreateUserHierarchyGroupCommand"; +export * from "./CreateVocabularyCommand"; export * from "./DeleteContactFlowCommand"; export * from "./DeleteContactFlowModuleCommand"; export * from "./DeleteHoursOfOperationCommand"; @@ -29,6 +31,7 @@ export * from "./DeleteSecurityProfileCommand"; export * from "./DeleteUseCaseCommand"; export * from "./DeleteUserCommand"; export * from "./DeleteUserHierarchyGroupCommand"; +export * from "./DeleteVocabularyCommand"; export * from "./DescribeAgentStatusCommand"; export * from "./DescribeContactCommand"; export * from "./DescribeContactFlowCommand"; @@ -44,6 +47,7 @@ export * from "./DescribeSecurityProfileCommand"; export * from "./DescribeUserCommand"; export * from "./DescribeUserHierarchyGroupCommand"; export * from "./DescribeUserHierarchyStructureCommand"; +export * from "./DescribeVocabularyCommand"; export * from "./DisassociateApprovedOriginCommand"; export * from "./DisassociateBotCommand"; export * from "./DisassociateInstanceStorageConfigCommand"; @@ -62,6 +66,7 @@ export * from "./ListBotsCommand"; export * from "./ListContactFlowModulesCommand"; export * from "./ListContactFlowsCommand"; export * from "./ListContactReferencesCommand"; +export * from "./ListDefaultVocabulariesCommand"; export * from "./ListHoursOfOperationsCommand"; export * from "./ListInstanceAttributesCommand"; export * from "./ListInstanceStorageConfigsCommand"; @@ -84,6 +89,7 @@ export * from "./ListUseCasesCommand"; export * from "./ListUserHierarchyGroupsCommand"; export * from "./ListUsersCommand"; export * from "./ResumeContactRecordingCommand"; +export * from "./SearchVocabulariesCommand"; export * from "./StartChatContactCommand"; export * from "./StartContactRecordingCommand"; export * from "./StartContactStreamingCommand"; diff --git a/clients/client-connect/src/models/models_0.ts b/clients/client-connect/src/models/models_0.ts index 907f2c80e5fb..32b3f38263b6 100644 --- a/clients/client-connect/src/models/models_0.ts +++ b/clients/client-connect/src/models/models_0.ts @@ -310,6 +310,69 @@ export interface LimitExceededException extends __SmithyException, $MetadataBear Message?: string; } +export enum VocabularyLanguageCode { + AR_AE = "ar-AE", + DE_CH = "de-CH", + DE_DE = "de-DE", + EN_AB = "en-AB", + EN_AU = "en-AU", + EN_GB = "en-GB", + EN_IE = "en-IE", + EN_IN = "en-IN", + EN_US = "en-US", + EN_WL = "en-WL", + ES_ES = "es-ES", + ES_US = "es-US", + FR_CA = "fr-CA", + FR_FR = "fr-FR", + HI_IN = "hi-IN", + IT_IT = "it-IT", + JA_JP = "ja-JP", + KO_KR = "ko-KR", + PT_BR = "pt-BR", + PT_PT = "pt-PT", + ZH_CN = "zh-CN", +} + +export interface AssociateDefaultVocabularyRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
+ */ + LanguageCode: VocabularyLanguageCode | string | undefined; + + /** + *The identifier of the custom vocabulary. If this is empty, the default is set to none.
+ */ + VocabularyId?: string; +} + +export namespace AssociateDefaultVocabularyRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AssociateDefaultVocabularyRequest): any => ({ + ...obj, + }); +} + +export interface AssociateDefaultVocabularyResponse {} + +export namespace AssociateDefaultVocabularyResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AssociateDefaultVocabularyResponse): any => ({ + ...obj, + }); +} + export enum InstanceStorageResourceType { AGENT_EVENTS = "AGENT_EVENTS", CALL_RECORDINGS = "CALL_RECORDINGS", @@ -1525,8 +1588,7 @@ export interface CreateQuickConnectResponse { QuickConnectARN?: string; /** - *The identifier for the quick connect. - *
+ *The identifier for the quick connect.
*/ QuickConnectId?: string; } @@ -1967,6 +2029,88 @@ export namespace CreateUserHierarchyGroupResponse { }); } +export interface CreateVocabularyRequest { + /** + *A unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. If a create request is received more than once with same client token, + * subsequent requests return the previous response without creating a vocabulary again.
+ */ + ClientToken?: string; + + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *A unique name of the custom vocabulary.
+ */ + VocabularyName: string | undefined; + + /** + *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
+ */ + LanguageCode: VocabularyLanguageCode | string | undefined; + + /** + *The content of the custom vocabulary in plain-text format with a table of values. Each row
+ * in the table represents a word or a phrase, described with Phrase, IPA,
+ * SoundsLike, and DisplayAs fields. Separate the fields with TAB
+ * characters. The size limit is 50KB. For more information, see Create a custom
+ * vocabulary using a table.
The tags used to organize, track, or control access for this resource.
+ */ + Tags?: { [key: string]: string }; +} + +export namespace CreateVocabularyRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVocabularyRequest): any => ({ + ...obj, + }); +} + +export enum VocabularyState { + ACTIVE = "ACTIVE", + CREATION_FAILED = "CREATION_FAILED", + CREATION_IN_PROGRESS = "CREATION_IN_PROGRESS", + DELETE_IN_PROGRESS = "DELETE_IN_PROGRESS", +} + +export interface CreateVocabularyResponse { + /** + *The Amazon Resource Name (ARN) of the custom vocabulary.
+ */ + VocabularyArn: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + VocabularyId: string | undefined; + + /** + *The current state of the custom vocabulary.
+ */ + State: VocabularyState | string | undefined; +} + +export namespace CreateVocabularyResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateVocabularyResponse): any => ({ + ...obj, + }); +} + export interface DeleteContactFlowRequest { /** *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
@@ -2216,6 +2360,53 @@ export namespace DeleteUserHierarchyGroupRequest { }); } +export interface DeleteVocabularyRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + VocabularyId: string | undefined; +} + +export namespace DeleteVocabularyRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteVocabularyRequest): any => ({ + ...obj, + }); +} + +export interface DeleteVocabularyResponse { + /** + *The Amazon Resource Name (ARN) of the custom vocabulary.
+ */ + VocabularyArn: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + VocabularyId: string | undefined; + + /** + *The current state of the custom vocabulary.
+ */ + State: VocabularyState | string | undefined; +} + +export namespace DeleteVocabularyResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteVocabularyResponse): any => ({ + ...obj, + }); +} + export interface DescribeAgentStatusRequest { /** *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
@@ -2362,10 +2553,11 @@ export interface Contact { AgentInfo?: AgentInfo; /** - *The date and time this contact was initiated, in UTC time. For INBOUND, this is when the
- * contact arrived. For OUTBOUND, this is when the agent began dialing. For CALLBACK, this is when
- * the callback contact was created. For TRANSFER and QUEUE_TRANSFER, this is when the transfer was
- * initiated. For API, this is when the request arrived.
The date and time this contact was initiated, in UTC time. For INBOUND, this is
+ * when the contact arrived. For OUTBOUND, this is when the agent began dialing. For
+ * CALLBACK, this is when the callback contact was created. For TRANSFER
+ * and QUEUE_TRANSFER, this is when the transfer was initiated. For API,
+ * this is when the request arrived.
The timestamp, in Unix epoch time format, at which to start running the inbound flow.
+ *The timestamp, in Unix epoch time format, at which to start running the inbound flow. + *
*/ ScheduledTimestamp?: Date; } @@ -3649,6 +3842,110 @@ export namespace DescribeUserHierarchyStructureResponse { }); } +export interface DescribeVocabularyRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + VocabularyId: string | undefined; +} + +export namespace DescribeVocabularyRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeVocabularyRequest): any => ({ + ...obj, + }); +} + +/** + *Contains information about a custom vocabulary.
+ */ +export interface Vocabulary { + /** + *A unique name of the custom vocabulary.
+ */ + Name: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + Id: string | undefined; + + /** + *The Amazon Resource Name (ARN) of the custom vocabulary.
+ */ + Arn: string | undefined; + + /** + *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
+ */ + LanguageCode: VocabularyLanguageCode | string | undefined; + + /** + *The current state of the custom vocabulary.
+ */ + State: VocabularyState | string | undefined; + + /** + *The timestamp when the custom vocabulary was last modified.
+ */ + LastModifiedTime: Date | undefined; + + /** + *The reason why the custom vocabulary was not created.
+ */ + FailureReason?: string; + + /** + *The content of the custom vocabulary in plain-text format with a table of values. Each row
+ * in the table represents a word or a phrase, described with Phrase, IPA,
+ * SoundsLike, and DisplayAs fields. Separate the fields with TAB
+ * characters. For more information, see Create a custom
+ * vocabulary using a table.
The tags used to organize, track, or control access for this resource.
+ */ + Tags?: { [key: string]: string }; +} + +export namespace Vocabulary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Vocabulary): any => ({ + ...obj, + }); +} + +export interface DescribeVocabularyResponse { + /** + *A list of specific words that you want Contact Lens for Amazon Connect to recognize in your audio input. They + * are generally domain-specific words and phrases, words that Contact Lens is not recognizing, or + * proper nouns.
+ */ + Vocabulary: Vocabulary | undefined; +} + +export namespace DescribeVocabularyResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeVocabularyResponse): any => ({ + ...obj, + }); +} + export interface DisassociateApprovedOriginRequest { /** *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
@@ -3931,8 +4228,9 @@ export namespace CurrentMetric { */ export interface Filters { /** - *The queues to use to filter the metrics. You should specify at least one queue, and can specify up to 100 queues per
- * request. The GetCurrentMetricsData API in particular requires a queue when you include a Filter in your request.
The queues to use to filter the metrics. You should specify at least one queue, and can
+ * specify up to 100 queues per request. The GetCurrentMetricsData API in particular
+ * requires a queue when you include a Filter in your request.
Unit: SECONDS
*When you use groupings, Unit says SECONDS and the Value is returned in SECONDS.
- *When you do not use groupings, Unit says SECONDS but the Value is returned in MILLISECONDS. For - * example, if you get a response like this:
+ *When you do not use groupings, Unit says SECONDS but the Value is returned in + * MILLISECONDS. For example, if you get a response like this:
*
* { "Metric": { "Name": "OLDEST_CONTACT_AGE", "Unit": "SECONDS" }, "Value": 24113.0
- * }
The actual OLDEST_CONTACT_AGE is 24 seconds.
* *Name in real-time metrics report: Oldest @@ -5092,7 +5390,8 @@ export enum ReferenceStatus { } /** - *
Information about the attachment reference if the referenceType is ATTACHMENT. Otherwise, null.
Information about the attachment reference if the referenceType is
+ * ATTACHMENT. Otherwise, null.
Contains summary information about a reference. ReferenceSummary contains only one non null field between the URL and attachment based on the reference type.
Contains summary information about a reference. ReferenceSummary contains only
+ * one non null field between the URL and attachment based on the reference type.
Information about the attachment reference if the referenceType is ATTACHMENT. Otherwise, null.
Information about the attachment reference if the referenceType is
+ * ATTACHMENT. Otherwise, null.
The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
*/ InstanceId: string | undefined; /** - *The token for the next set of results. Use the value returned in the previous - * response in the next request to retrieve the next set of results.
+ *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
*/ - NextToken?: string; + LanguageCode?: VocabularyLanguageCode | string; /** *The maximum number of results to return per page.
*/ MaxResults?: number; + + /** + *The token for the next set of results. Use the value returned in the previous + * response in the next request to retrieve the next set of results.
+ */ + NextToken?: string; } -export namespace ListHoursOfOperationsRequest { +export namespace ListDefaultVocabulariesRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ListHoursOfOperationsRequest): any => ({ + export const filterSensitiveLog = (obj: ListDefaultVocabulariesRequest): any => ({ ...obj, }); } /** - *Contains summary information about hours of operation for a contact center.
+ *Contains information about a default vocabulary.
*/ -export interface HoursOfOperationSummary { +export interface DefaultVocabulary { /** - *The identifier of the hours of operation.
+ *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
*/ - Id?: string; + InstanceId: string | undefined; /** - *The Amazon Resource Name (ARN) of the hours of operation.
+ *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
*/ - Arn?: string; + LanguageCode: VocabularyLanguageCode | string | undefined; /** - *The name of the hours of operation.
+ *The identifier of the custom vocabulary.
*/ - Name?: string; + VocabularyId: string | undefined; + + /** + *A unique name of the custom vocabulary.
+ */ + VocabularyName: string | undefined; } -export namespace HoursOfOperationSummary { +export namespace DefaultVocabulary { /** * @internal */ - export const filterSensitiveLog = (obj: HoursOfOperationSummary): any => ({ + export const filterSensitiveLog = (obj: DefaultVocabulary): any => ({ ...obj, }); } -export interface ListHoursOfOperationsResponse { +export interface ListDefaultVocabulariesResponse { /** - *Information about the hours of operation.
+ *A list of default vocabularies.
*/ - HoursOfOperationSummaryList?: HoursOfOperationSummary[]; + DefaultVocabularyList: DefaultVocabulary[] | undefined; /** *If there are additional results, this is the token for the next set of results.
@@ -5295,16 +5610,16 @@ export interface ListHoursOfOperationsResponse { NextToken?: string; } -export namespace ListHoursOfOperationsResponse { +export namespace ListDefaultVocabulariesResponse { /** * @internal */ - export const filterSensitiveLog = (obj: ListHoursOfOperationsResponse): any => ({ + export const filterSensitiveLog = (obj: ListDefaultVocabulariesResponse): any => ({ ...obj, }); } -export interface ListInstanceAttributesRequest { +export interface ListHoursOfOperationsRequest { /** *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
*/ @@ -5322,42 +5637,119 @@ export interface ListInstanceAttributesRequest { MaxResults?: number; } -export namespace ListInstanceAttributesRequest { +export namespace ListHoursOfOperationsRequest { /** * @internal */ - export const filterSensitiveLog = (obj: ListInstanceAttributesRequest): any => ({ + export const filterSensitiveLog = (obj: ListHoursOfOperationsRequest): any => ({ ...obj, }); } -export interface ListInstanceAttributesResponse { +/** + *Contains summary information about hours of operation for a contact center.
+ */ +export interface HoursOfOperationSummary { /** - *The attribute types.
+ *The identifier of the hours of operation.
*/ - Attributes?: Attribute[]; + Id?: string; /** - *If there are additional results, this is the token for the next set of results.
+ *The Amazon Resource Name (ARN) of the hours of operation.
*/ - NextToken?: string; + Arn?: string; + + /** + *The name of the hours of operation.
+ */ + Name?: string; } -export namespace ListInstanceAttributesResponse { +export namespace HoursOfOperationSummary { /** * @internal */ - export const filterSensitiveLog = (obj: ListInstanceAttributesResponse): any => ({ + export const filterSensitiveLog = (obj: HoursOfOperationSummary): any => ({ ...obj, }); } -export interface ListInstancesRequest { +export interface ListHoursOfOperationsResponse { /** - *The token for the next set of results. Use the value returned in the previous - * response in the next request to retrieve the next set of results.
+ *Information about the hours of operation.
*/ - NextToken?: string; + HoursOfOperationSummaryList?: HoursOfOperationSummary[]; + + /** + *If there are additional results, this is the token for the next set of results.
+ */ + NextToken?: string; +} + +export namespace ListHoursOfOperationsResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListHoursOfOperationsResponse): any => ({ + ...obj, + }); +} + +export interface ListInstanceAttributesRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The token for the next set of results. Use the value returned in the previous + * response in the next request to retrieve the next set of results.
+ */ + NextToken?: string; + + /** + *The maximum number of results to return per page.
+ */ + MaxResults?: number; +} + +export namespace ListInstanceAttributesRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListInstanceAttributesRequest): any => ({ + ...obj, + }); +} + +export interface ListInstanceAttributesResponse { + /** + *The attribute types.
+ */ + Attributes?: Attribute[]; + + /** + *If there are additional results, this is the token for the next set of results.
+ */ + NextToken?: string; +} + +export namespace ListInstanceAttributesResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListInstanceAttributesResponse): any => ({ + ...obj, + }); +} + +export interface ListInstancesRequest { + /** + *The token for the next set of results. Use the value returned in the previous + * response in the next request to retrieve the next set of results.
+ */ + NextToken?: string; /** *The maximum number of results to return per page.
@@ -5679,7 +6071,8 @@ export interface ListLexBotsRequest { NextToken?: string; /** - *The maximum number of results to return per page. If no value is specified, the default is 10.
+ *The maximum number of results to return per page. If no value is specified, the default is 10. + *
*/ MaxResults?: number; } @@ -7036,6 +7429,122 @@ export namespace ResumeContactRecordingResponse { }); } +export interface SearchVocabulariesRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The maximum number of results to return per page.
+ */ + MaxResults?: number; + + /** + *The token for the next set of results. Use the value returned in the previous + * response in the next request to retrieve the next set of results.
+ */ + NextToken?: string; + + /** + *The current state of the custom vocabulary.
+ */ + State?: VocabularyState | string; + + /** + *The starting pattern of the name of the vocabulary.
+ */ + NameStartsWith?: string; + + /** + *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
+ */ + LanguageCode?: VocabularyLanguageCode | string; +} + +export namespace SearchVocabulariesRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SearchVocabulariesRequest): any => ({ + ...obj, + }); +} + +/** + *Contains summary information about the custom vocabulary.
+ */ +export interface VocabularySummary { + /** + *A unique name of the custom vocabulary.
+ */ + Name: string | undefined; + + /** + *The identifier of the custom vocabulary.
+ */ + Id: string | undefined; + + /** + *The Amazon Resource Name (ARN) of the custom vocabulary.
+ */ + Arn: string | undefined; + + /** + *The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see + * What is Amazon Transcribe? + *
+ */ + LanguageCode: VocabularyLanguageCode | string | undefined; + + /** + *The current state of the custom vocabulary.
+ */ + State: VocabularyState | string | undefined; + + /** + *The timestamp when the custom vocabulary was last modified.
+ */ + LastModifiedTime: Date | undefined; + + /** + *The reason why the custom vocabulary was not created.
+ */ + FailureReason?: string; +} + +export namespace VocabularySummary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VocabularySummary): any => ({ + ...obj, + }); +} + +export interface SearchVocabulariesResponse { + /** + *The list of the available custom vocabularies.
+ */ + VocabularySummaryList?: VocabularySummary[]; + + /** + *If there are additional results, this is the token for the next set of results.
+ */ + NextToken?: string; +} + +export namespace SearchVocabulariesResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SearchVocabulariesResponse): any => ({ + ...obj, + }); +} + /** *A chat message.
*/ @@ -7119,6 +7628,12 @@ export interface StartChatContactRequest { * request. */ ClientToken?: string; + + /** + *The total duration of the newly started chat session. If not specified, the chat session duration defaults to 25 hour. + * The minumum configurable time is 60 minutes. The maximum configurable time is 10,080 minutes (7 days).
+ */ + ChatDurationInMinutes?: number; } export namespace StartChatContactRequest { @@ -7306,409 +7821,3 @@ export interface DestinationNotAllowedException extends __SmithyException, $Meta */ Message?: string; } - -/** - *The contact is not permitted.
- */ -export interface OutboundContactNotPermittedException extends __SmithyException, $MetadataBearer { - name: "OutboundContactNotPermittedException"; - $fault: "client"; - /** - *The message about the contact.
- */ - Message?: string; -} - -/** - *Configuration of the answering machine detection.
- */ -export interface AnswerMachineDetectionConfig { - /** - *The flag to indicate if answer machine detection analysis needs to be performed for a voice
- * call. If set to true, TrafficType must be set as CAMPAIGN.
- *
Wait for the answering machine prompt.
- */ - AwaitAnswerMachinePrompt?: boolean; -} - -export namespace AnswerMachineDetectionConfig { - /** - * @internal - */ - export const filterSensitiveLog = (obj: AnswerMachineDetectionConfig): any => ({ - ...obj, - }); -} - -export enum TrafficType { - CAMPAIGN = "CAMPAIGN", - GENERAL = "GENERAL", -} - -export interface StartOutboundVoiceContactRequest { - /** - *The phone number of the customer, in E.164 format.
- */ - DestinationPhoneNumber: string | undefined; - - /** - *The - * identifier of the contact flow for the outbound call. To see the ContactFlowId in the Amazon Connect - * console user interface, on the navigation menu go to Routing, - * Contact Flows. Choose the contact flow. On the contact flow - * page, under the name of the contact flow, choose Show additional flow - * information. The ContactFlowId is the last part of the ARN, shown here in bold:
- *arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx - *
- */ - ContactFlowId: string | undefined; - - /** - *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; - - /** - *A unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request. The token is valid for 7 days after creation. If a contact is already started, the - * contact ID is returned. - *
- */ - ClientToken?: string; - - /** - *The phone number associated with the Amazon Connect instance, in E.164 format. If you do not specify - * a source phone number, you must specify a queue.
- */ - SourcePhoneNumber?: string; - - /** - *The queue for the call. If you specify a queue, the phone displayed for caller ID is the - * phone number specified in the queue. If you do not specify a queue, the queue defined in the - * contact flow is used. If you do not specify a queue, you must specify a source phone - * number.
- */ - QueueId?: string; - - /** - *A custom key-value pair using an attribute map. The attributes are standard Amazon Connect - * attributes, and can be accessed in contact flows just like any other contact attributes.
- *There can be up to 32,768 UTF-8 bytes across all key-value pairs per contact. Attribute keys - * can include only alphanumeric, dash, and underscore characters.
- */ - Attributes?: { [key: string]: string }; - - /** - *Configuration of the answering machine detection for this outbound call.
- */ - AnswerMachineDetectionConfig?: AnswerMachineDetectionConfig; - - /** - *The campaign identifier of the outbound communication.
- */ - CampaignId?: string; - - /** - *Denotes the class of traffic. Calls with different traffic types are handled differently by
- * Amazon Connect. The default value is GENERAL. Use CAMPAIGN if
- * EnableAnswerMachineDetection is set to true. For all other cases, use
- * GENERAL.
The identifier of this contact within the Amazon Connect instance.
- */ - ContactId?: string; -} - -export namespace StartOutboundVoiceContactResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StartOutboundVoiceContactResponse): any => ({ - ...obj, - }); -} - -/** - *A link that an agent selects to complete a given task. You can have up to 4,096 UTF-8 bytes - * across all references for a contact.
- */ -export interface Reference { - /** - *A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).
- */ - Value: string | undefined; - - /** - *The type of the reference. Only URL type can be added or updated on a contact.
The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; - - /** - *The identifier of the previous chat, voice, or task contact.
- */ - PreviousContactId?: string; - - /** - *The identifier of the contact flow for initiating the tasks. To see the ContactFlowId in the - * Amazon Connect console user interface, on the navigation menu go to Routing, Contact Flows. Choose the contact flow. On - * the contact flow page, under the name of the contact flow, choose Show - * additional flow information. The ContactFlowId is the last part of the ARN, shown - * here in bold:
- *arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx - *
- */ - ContactFlowId: string | undefined; - - /** - *A custom key-value pair using an attribute map. The attributes are standard Amazon Connect - * attributes, and can be accessed in contact flows just like any other contact attributes.
- *There can be up to 32,768 UTF-8 bytes across all key-value pairs per contact. Attribute keys - * can include only alphanumeric, dash, and underscore characters.
- */ - Attributes?: { [key: string]: string }; - - /** - *The name of a task that is shown to an agent in the Contact Control Panel (CCP).
- */ - Name: string | undefined; - - /** - *A formatted URL that is shown to an agent in the Contact Control Panel (CCP).
- */ - References?: { [key: string]: Reference }; - - /** - *A description of the task that is shown to an agent in the Contact Control Panel - * (CCP).
- */ - Description?: string; - - /** - *A unique, case-sensitive identifier that you provide to ensure the idempotency of the - * request.
- */ - ClientToken?: string; - - /** - *The timestamp, in Unix Epoch seconds format, at which to start running the inbound contact flow. The scheduled time cannot be in the past. It must be within up to 6 days in future.
- */ - ScheduledTime?: Date; -} - -export namespace StartTaskContactRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StartTaskContactRequest): any => ({ - ...obj, - }); -} - -export interface StartTaskContactResponse { - /** - *The identifier of this contact within the Amazon Connect instance.
- */ - ContactId?: string; -} - -export namespace StartTaskContactResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StartTaskContactResponse): any => ({ - ...obj, - }); -} - -/** - *The contact with the specified ID is not active or does not exist.
- */ -export interface ContactNotFoundException extends __SmithyException, $MetadataBearer { - name: "ContactNotFoundException"; - $fault: "client"; - /** - *The message.
- */ - Message?: string; -} - -export interface StopContactRequest { - /** - *The ID of the contact.
- */ - ContactId: string | undefined; - - /** - *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; -} - -export namespace StopContactRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactRequest): any => ({ - ...obj, - }); -} - -export interface StopContactResponse {} - -export namespace StopContactResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactResponse): any => ({ - ...obj, - }); -} - -export interface StopContactRecordingRequest { - /** - *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; - - /** - *The identifier of the contact.
- */ - ContactId: string | undefined; - - /** - *The identifier of the contact. This is the identifier of the contact associated with the - * first interaction with the contact center.
- */ - InitialContactId: string | undefined; -} - -export namespace StopContactRecordingRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactRecordingRequest): any => ({ - ...obj, - }); -} - -export interface StopContactRecordingResponse {} - -export namespace StopContactRecordingResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactRecordingResponse): any => ({ - ...obj, - }); -} - -export interface StopContactStreamingRequest { - /** - *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; - - /** - *The identifier of the contact. This is the identifier of the contact that is associated with - * the first interaction with the contact center.
- */ - ContactId: string | undefined; - - /** - *The identifier of the streaming configuration enabled.
- */ - StreamingId: string | undefined; -} - -export namespace StopContactStreamingRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactStreamingRequest): any => ({ - ...obj, - }); -} - -export interface StopContactStreamingResponse {} - -export namespace StopContactStreamingResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: StopContactStreamingResponse): any => ({ - ...obj, - }); -} - -export interface SuspendContactRecordingRequest { - /** - *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
- */ - InstanceId: string | undefined; - - /** - *The identifier of the contact.
- */ - ContactId: string | undefined; - - /** - *The identifier of the contact. This is the identifier of the contact associated with the - * first interaction with the contact center.
- */ - InitialContactId: string | undefined; -} - -export namespace SuspendContactRecordingRequest { - /** - * @internal - */ - export const filterSensitiveLog = (obj: SuspendContactRecordingRequest): any => ({ - ...obj, - }); -} - -export interface SuspendContactRecordingResponse {} - -export namespace SuspendContactRecordingResponse { - /** - * @internal - */ - export const filterSensitiveLog = (obj: SuspendContactRecordingResponse): any => ({ - ...obj, - }); -} diff --git a/clients/client-connect/src/models/models_1.ts b/clients/client-connect/src/models/models_1.ts index 9c217b6079cc..3cec78f742df 100644 --- a/clients/client-connect/src/models/models_1.ts +++ b/clients/client-connect/src/models/models_1.ts @@ -1,3 +1,5 @@ +import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types"; + import { AgentStatusState, ContactFlowModuleState, @@ -10,12 +12,420 @@ import { OutboundCallerConfig, QueueStatus, QuickConnectConfig, - Reference, + ReferenceType, RoutingProfileQueueConfig, UserIdentityInfo, UserPhoneConfig, } from "./models_0"; +/** + *The contact is not permitted.
+ */ +export interface OutboundContactNotPermittedException extends __SmithyException, $MetadataBearer { + name: "OutboundContactNotPermittedException"; + $fault: "client"; + /** + *The message about the contact.
+ */ + Message?: string; +} + +/** + *Configuration of the answering machine detection.
+ */ +export interface AnswerMachineDetectionConfig { + /** + *The flag to indicate if answer machine detection analysis needs to be performed for a voice
+ * call. If set to true, TrafficType must be set as CAMPAIGN.
+ *
Wait for the answering machine prompt.
+ */ + AwaitAnswerMachinePrompt?: boolean; +} + +export namespace AnswerMachineDetectionConfig { + /** + * @internal + */ + export const filterSensitiveLog = (obj: AnswerMachineDetectionConfig): any => ({ + ...obj, + }); +} + +export enum TrafficType { + CAMPAIGN = "CAMPAIGN", + GENERAL = "GENERAL", +} + +export interface StartOutboundVoiceContactRequest { + /** + *The phone number of the customer, in E.164 format.
+ */ + DestinationPhoneNumber: string | undefined; + + /** + *The + * identifier of the contact flow for the outbound call. To see the ContactFlowId in the Amazon Connect + * console user interface, on the navigation menu go to Routing, + * Contact Flows. Choose the contact flow. On the contact flow + * page, under the name of the contact flow, choose Show additional flow + * information. The ContactFlowId is the last part of the ARN, shown here in bold:
+ *arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx + *
+ */ + ContactFlowId: string | undefined; + + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *A unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request. The token is valid for 7 days after creation. If a contact is already started, the + * contact ID is returned. + *
+ */ + ClientToken?: string; + + /** + *The phone number associated with the Amazon Connect instance, in E.164 format. If you do not specify + * a source phone number, you must specify a queue.
+ */ + SourcePhoneNumber?: string; + + /** + *The queue for the call. If you specify a queue, the phone displayed for caller ID is the + * phone number specified in the queue. If you do not specify a queue, the queue defined in the + * contact flow is used. If you do not specify a queue, you must specify a source phone + * number.
+ */ + QueueId?: string; + + /** + *A custom key-value pair using an attribute map. The attributes are standard Amazon Connect + * attributes, and can be accessed in contact flows just like any other contact attributes.
+ *There can be up to 32,768 UTF-8 bytes across all key-value pairs per contact. Attribute keys + * can include only alphanumeric, dash, and underscore characters.
+ */ + Attributes?: { [key: string]: string }; + + /** + *Configuration of the answering machine detection for this outbound call.
+ */ + AnswerMachineDetectionConfig?: AnswerMachineDetectionConfig; + + /** + *The campaign identifier of the outbound communication.
+ */ + CampaignId?: string; + + /** + *Denotes the class of traffic. Calls with different traffic types are handled differently by
+ * Amazon Connect. The default value is GENERAL. Use CAMPAIGN if
+ * EnableAnswerMachineDetection is set to true. For all other cases, use
+ * GENERAL.
The identifier of this contact within the Amazon Connect instance.
+ */ + ContactId?: string; +} + +export namespace StartOutboundVoiceContactResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StartOutboundVoiceContactResponse): any => ({ + ...obj, + }); +} + +/** + *A link that an agent selects to complete a given task. You can have up to 4,096 UTF-8 bytes + * across all references for a contact.
+ */ +export interface Reference { + /** + *A valid value for the reference. For example, for a URL reference, a formatted URL that is + * displayed to an agent in the Contact Control Panel (CCP).
+ */ + Value: string | undefined; + + /** + *The type of the reference. Only URL type can be added or updated on a
+ * contact.
The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the previous chat, voice, or task contact.
+ */ + PreviousContactId?: string; + + /** + *The identifier of the contact flow for initiating the tasks. To see the ContactFlowId in the + * Amazon Connect console user interface, on the navigation menu go to Routing, Contact Flows. Choose the contact flow. On + * the contact flow page, under the name of the contact flow, choose Show + * additional flow information. The ContactFlowId is the last part of the ARN, shown + * here in bold:
+ *arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx + *
+ */ + ContactFlowId: string | undefined; + + /** + *A custom key-value pair using an attribute map. The attributes are standard Amazon Connect + * attributes, and can be accessed in contact flows just like any other contact attributes.
+ *There can be up to 32,768 UTF-8 bytes across all key-value pairs per contact. Attribute keys + * can include only alphanumeric, dash, and underscore characters.
+ */ + Attributes?: { [key: string]: string }; + + /** + *The name of a task that is shown to an agent in the Contact Control Panel (CCP).
+ */ + Name: string | undefined; + + /** + *A formatted URL that is shown to an agent in the Contact Control Panel (CCP).
+ */ + References?: { [key: string]: Reference }; + + /** + *A description of the task that is shown to an agent in the Contact Control Panel + * (CCP).
+ */ + Description?: string; + + /** + *A unique, case-sensitive identifier that you provide to ensure the idempotency of the + * request.
+ */ + ClientToken?: string; + + /** + *The timestamp, in Unix Epoch seconds format, at which to start running the inbound contact flow. The scheduled time cannot be in the past. It must be within up to 6 days in future.
+ */ + ScheduledTime?: Date; +} + +export namespace StartTaskContactRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StartTaskContactRequest): any => ({ + ...obj, + }); +} + +export interface StartTaskContactResponse { + /** + *The identifier of this contact within the Amazon Connect instance.
+ */ + ContactId?: string; +} + +export namespace StartTaskContactResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StartTaskContactResponse): any => ({ + ...obj, + }); +} + +/** + *The contact with the specified ID is not active or does not exist.
+ */ +export interface ContactNotFoundException extends __SmithyException, $MetadataBearer { + name: "ContactNotFoundException"; + $fault: "client"; + /** + *The message.
+ */ + Message?: string; +} + +export interface StopContactRequest { + /** + *The ID of the contact.
+ */ + ContactId: string | undefined; + + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; +} + +export namespace StopContactRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactRequest): any => ({ + ...obj, + }); +} + +export interface StopContactResponse {} + +export namespace StopContactResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactResponse): any => ({ + ...obj, + }); +} + +export interface StopContactRecordingRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the contact.
+ */ + ContactId: string | undefined; + + /** + *The identifier of the contact. This is the identifier of the contact associated with the + * first interaction with the contact center.
+ */ + InitialContactId: string | undefined; +} + +export namespace StopContactRecordingRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactRecordingRequest): any => ({ + ...obj, + }); +} + +export interface StopContactRecordingResponse {} + +export namespace StopContactRecordingResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactRecordingResponse): any => ({ + ...obj, + }); +} + +export interface StopContactStreamingRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the contact. This is the identifier of the contact that is associated with + * the first interaction with the contact center.
+ */ + ContactId: string | undefined; + + /** + *The identifier of the streaming configuration enabled.
+ */ + StreamingId: string | undefined; +} + +export namespace StopContactStreamingRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactStreamingRequest): any => ({ + ...obj, + }); +} + +export interface StopContactStreamingResponse {} + +export namespace StopContactStreamingResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: StopContactStreamingResponse): any => ({ + ...obj, + }); +} + +export interface SuspendContactRecordingRequest { + /** + *The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
+ */ + InstanceId: string | undefined; + + /** + *The identifier of the contact.
+ */ + ContactId: string | undefined; + + /** + *The identifier of the contact. This is the identifier of the contact associated with the + * first interaction with the contact center.
+ */ + InitialContactId: string | undefined; +} + +export namespace SuspendContactRecordingRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SuspendContactRecordingRequest): any => ({ + ...obj, + }); +} + +export interface SuspendContactRecordingResponse {} + +export namespace SuspendContactRecordingResponse { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SuspendContactRecordingResponse): any => ({ + ...obj, + }); +} + export interface TagResourceRequest { /** *The Amazon Resource Name (ARN) of the resource.
@@ -459,7 +869,8 @@ export interface UpdateInstanceAttributeRequest { /** *The type of attribute.
*Only allowlisted customers can consume USE_CUSTOM_TTS_VOICES. To access this feature, contact Amazon Web Services Support for allowlisting.
+ *Only allowlisted customers can consume USE_CUSTOM_TTS_VOICES. To access this feature, + * contact Amazon Web Services Support for allowlisting.
*The token to request the next page of results.
+ *If you specify NextToken, then + * StartingBlockIndex is ignored.
*/ NextToken?: string; /** - *The number of results to return.
+ *The maximum number of blocks to be returned by the request.
+ *Even if additional blocks can be retrieved from the snapshot, the request can + * return less blocks than MaxResults or an empty + * array of blocks.
+ *To retrieve the next set of blocks from the snapshot, make another request with
+ * the returned NextToken value. The value of
+ * NextToken is null when there are no
+ * more blocks to return.
The block index from which the comparison should start.
*The list in the response will start from this block index or the next valid block * index in the snapshots.
+ *If you specify NextToken, then + * StartingBlockIndex is ignored.
*/ StartingBlockIndex?: number; } @@ -419,17 +430,28 @@ export interface ListSnapshotBlocksRequest { /** *The token to request the next page of results.
+ *If you specify NextToken, then + * StartingBlockIndex is ignored.
*/ NextToken?: string; /** - *The number of results to return.
+ *The maximum number of blocks to be returned by the request.
+ *Even if additional blocks can be retrieved from the snapshot, the request can + * return less blocks than MaxResults or an empty + * array of blocks.
+ *To retrieve the next set of blocks from the snapshot, make another request with
+ * the returned NextToken value. The value of
+ * NextToken is null when there are no
+ * more blocks to return.
The block index from which the list should start. The list in the response will start * from this block index or the next valid block index in the snapshot.
+ *If you specify NextToken, then + * StartingBlockIndex is ignored.
*/ StartingBlockIndex?: number; } diff --git a/clients/client-ec2/src/models/models_0.ts b/clients/client-ec2/src/models/models_0.ts index f1cf7bfaaec9..452a737bb57c 100644 --- a/clients/client-ec2/src/models/models_0.ts +++ b/clients/client-ec2/src/models/models_0.ts @@ -7052,6 +7052,12 @@ export type _InstanceType = | "x2gd.medium" | "x2gd.metal" | "x2gd.xlarge" + | "x2iezn.12xlarge" + | "x2iezn.2xlarge" + | "x2iezn.4xlarge" + | "x2iezn.6xlarge" + | "x2iezn.8xlarge" + | "x2iezn.metal" | "z1d.12xlarge" | "z1d.2xlarge" | "z1d.3xlarge" diff --git a/clients/client-efs/README.md b/clients/client-efs/README.md index 73d5704a536f..aceb4018fcb5 100644 --- a/clients/client-efs/README.md +++ b/clients/client-efs/README.md @@ -10,7 +10,7 @@ AWS SDK for JavaScript EFS Client for Node.js, Browser and React Native.Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use -with Amazon EC2 instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, +with Amazon EC2 Linux and Mac instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it. For more information, see the Amazon Elastic File System API Reference and the Amazon Elastic File System User Guide.
diff --git a/clients/client-efs/src/EFS.ts b/clients/client-efs/src/EFS.ts index b63c5e6da010..689e909530c4 100644 --- a/clients/client-efs/src/EFS.ts +++ b/clients/client-efs/src/EFS.ts @@ -15,6 +15,11 @@ import { CreateMountTargetCommandInput, CreateMountTargetCommandOutput, } from "./commands/CreateMountTargetCommand"; +import { + CreateReplicationConfigurationCommand, + CreateReplicationConfigurationCommandInput, + CreateReplicationConfigurationCommandOutput, +} from "./commands/CreateReplicationConfigurationCommand"; import { CreateTagsCommand, CreateTagsCommandInput, CreateTagsCommandOutput } from "./commands/CreateTagsCommand"; import { DeleteAccessPointCommand, @@ -36,6 +41,11 @@ import { DeleteMountTargetCommandInput, DeleteMountTargetCommandOutput, } from "./commands/DeleteMountTargetCommand"; +import { + DeleteReplicationConfigurationCommand, + DeleteReplicationConfigurationCommandInput, + DeleteReplicationConfigurationCommandOutput, +} from "./commands/DeleteReplicationConfigurationCommand"; import { DeleteTagsCommand, DeleteTagsCommandInput, DeleteTagsCommandOutput } from "./commands/DeleteTagsCommand"; import { DescribeAccessPointsCommand, @@ -77,6 +87,11 @@ import { DescribeMountTargetSecurityGroupsCommandInput, DescribeMountTargetSecurityGroupsCommandOutput, } from "./commands/DescribeMountTargetSecurityGroupsCommand"; +import { + DescribeReplicationConfigurationsCommand, + DescribeReplicationConfigurationsCommandInput, + DescribeReplicationConfigurationsCommandOutput, +} from "./commands/DescribeReplicationConfigurationsCommand"; import { DescribeTagsCommand, DescribeTagsCommandInput, @@ -128,7 +143,7 @@ import { EFSClient } from "./EFSClient"; /** *Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use - * with Amazon EC2 instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, + * with Amazon EC2 Linux and Mac instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, * growing and shrinking automatically as you add and remove files, so your applications have the * storage they need, when they need it. For more information, see the Amazon Elastic File System API Reference and the Amazon Elastic File System User Guide.
*/ @@ -430,6 +445,113 @@ export class EFS extends EFSClient { } } + /** + *Creates a replication configuration that replicates an existing EFS file + * system to a new, read-only file system. For more information, see + * Amazon EFS replication. + * The replication configuration specifies the following:
+ *+ * Source file system - an existing + * EFS file system that you want replicated. The source file system cannot be a destination file system + * in an existing replication configuration.
+ *+ * Destination file system configuration + * - the configuration of the destination file system to which the source file system + * will be replicated. There can only be one destination file system in a replication + * configuration.
+ *+ * Amazon Web Services Region - The Amazon Web Services Region in which the destination + * file system is created. EFS Replication is available in all Amazon Web Services Region that Amazon EFS is available in, except the following regions: + * Asia Pacific (Hong Kong) Europe (Milan), Middle East (Bahrain), Africa (Cape Town), and Asia Pacific (Jakarta).
+ *+ * Availability zone - If you want the destination file system to use + * One Zone availability and durability, you must specify the Availability Zone to create the file system in. + * For more information about EFS storage classes, see + * Amazon EFS storage classes in the Amazon EFS User Guide.
+ *+ * Encryption - All destination file systems are + * created with encryption at rest enabled. You can specify the + * KMS key that is used to encrypt the destination file system. + * Your service-managed KMS key for Amazon EFS is used if you don't specify a KMS key. + * You cannot change this after the file system is created.
+ *The following properties are set by default:
+ *+ * Performance mode - The destination file system's + * performance mode will match that of the source file system, unless the destination file + * system uses One Zone storage. In that case, the General Purpose + * performance mode is used. The Performance mode cannot be changed.
+ *+ * Throughput mode - The destination file system + * use the Bursting throughput mode by default. You can modify the throughput mode once the file system + * is created.
+ *The following properties are turned off by default:
+ *+ * Lifecycle management - EFS lifecycle + * management and intelligent tiering are not enabled on the destination file system. You can enable + * EFS lifecycle management and intelligent tiering after the destination file system is created.
+ *+ * Automatic backups - Automatic daily backups + * not enabled on the destination file system. You can change this setting after the file system is created.
+ *For more information, see Amazon EFS replication.
+ */ + public createReplicationConfiguration( + args: CreateReplicationConfigurationCommandInput, + options?: __HttpHandlerOptions + ): PromiseDeletes an existing replication configuration. To delete a replication
+ * configuration, you must make the request from the Amazon Web Services Region
+ * in which the destination file system is located. Deleting a replication
+ * configuration ends the replication process. You can write to the destination file
+ * system once it's status becomes Writeable.
Retrieves the replication configurations for either a specific file system, or all configurations for the + * Amazon Web Services account in an Amazon Web Services Region if a file system is not specified.
+ */ + public describeReplicationConfigurations( + args: DescribeReplicationConfigurationsCommandInput, + options?: __HttpHandlerOptions + ): PromiseUse this operation to set the account preference in the current Amazon Web Services Region to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for - * new EFS file system and mount target resources. All existing resource IDs are not affected by any changes you make. You can set the ID preference during the + *
Use this operation to set the account preference in the current Amazon Web Services Region + * to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for + * new EFS file system and mount target resources. All existing resource IDs are not affected + * by any changes you make. You can set the ID preference during the * opt-in period as EFS transitions to long resource IDs. For more information, * see Managing Amazon EFS resource IDs.
*Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use - * with Amazon EC2 instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, + * with Amazon EC2 Linux and Mac instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic, * growing and shrinking automatically as you add and remove files, so your applications have the * storage they need, when they need it. For more information, see the Amazon Elastic File System API Reference and the Amazon Elastic File System User Guide.
*/ diff --git a/clients/client-efs/src/commands/CreateReplicationConfigurationCommand.ts b/clients/client-efs/src/commands/CreateReplicationConfigurationCommand.ts new file mode 100644 index 000000000000..faad9e1ff239 --- /dev/null +++ b/clients/client-efs/src/commands/CreateReplicationConfigurationCommand.ts @@ -0,0 +1,178 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { EFSClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../EFSClient"; +import { CreateReplicationConfigurationRequest, ReplicationConfigurationDescription } from "../models/models_0"; +import { + deserializeAws_restJson1CreateReplicationConfigurationCommand, + serializeAws_restJson1CreateReplicationConfigurationCommand, +} from "../protocols/Aws_restJson1"; + +export interface CreateReplicationConfigurationCommandInput extends CreateReplicationConfigurationRequest {} +export interface CreateReplicationConfigurationCommandOutput + extends ReplicationConfigurationDescription, + __MetadataBearer {} + +/** + *Creates a replication configuration that replicates an existing EFS file + * system to a new, read-only file system. For more information, see + * Amazon EFS replication. + * The replication configuration specifies the following:
+ *+ * Source file system - an existing + * EFS file system that you want replicated. The source file system cannot be a destination file system + * in an existing replication configuration.
+ *+ * Destination file system configuration + * - the configuration of the destination file system to which the source file system + * will be replicated. There can only be one destination file system in a replication + * configuration.
+ *+ * Amazon Web Services Region - The Amazon Web Services Region in which the destination + * file system is created. EFS Replication is available in all Amazon Web Services Region that Amazon EFS is available in, except the following regions: + * Asia Pacific (Hong Kong) Europe (Milan), Middle East (Bahrain), Africa (Cape Town), and Asia Pacific (Jakarta).
+ *+ * Availability zone - If you want the destination file system to use + * One Zone availability and durability, you must specify the Availability Zone to create the file system in. + * For more information about EFS storage classes, see + * Amazon EFS storage classes in the Amazon EFS User Guide.
+ *+ * Encryption - All destination file systems are + * created with encryption at rest enabled. You can specify the + * KMS key that is used to encrypt the destination file system. + * Your service-managed KMS key for Amazon EFS is used if you don't specify a KMS key. + * You cannot change this after the file system is created.
+ *The following properties are set by default:
+ *+ * Performance mode - The destination file system's + * performance mode will match that of the source file system, unless the destination file + * system uses One Zone storage. In that case, the General Purpose + * performance mode is used. The Performance mode cannot be changed.
+ *+ * Throughput mode - The destination file system + * use the Bursting throughput mode by default. You can modify the throughput mode once the file system + * is created.
+ *The following properties are turned off by default:
+ *+ * Lifecycle management - EFS lifecycle + * management and intelligent tiering are not enabled on the destination file system. You can enable + * EFS lifecycle management and intelligent tiering after the destination file system is created.
+ *+ * Automatic backups - Automatic daily backups + * not enabled on the destination file system. You can change this setting after the file system is created.
+ *For more information, see Amazon EFS replication.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EFSClient, CreateReplicationConfigurationCommand } from "@aws-sdk/client-efs"; // ES Modules import + * // const { EFSClient, CreateReplicationConfigurationCommand } = require("@aws-sdk/client-efs"); // CommonJS import + * const client = new EFSClient(config); + * const command = new CreateReplicationConfigurationCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link CreateReplicationConfigurationCommandInput} for command's `input` shape. + * @see {@link CreateReplicationConfigurationCommandOutput} for command's `response` shape. + * @see {@link EFSClientResolvedConfig | config} for EFSClient's `config` shape. + * + */ +export class CreateReplicationConfigurationCommand extends $Command< + CreateReplicationConfigurationCommandInput, + CreateReplicationConfigurationCommandOutput, + EFSClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: CreateReplicationConfigurationCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackDeletes an existing replication configuration. To delete a replication
+ * configuration, you must make the request from the Amazon Web Services Region
+ * in which the destination file system is located. Deleting a replication
+ * configuration ends the replication process. You can write to the destination file
+ * system once it's status becomes Writeable.
Retrieves the replication configurations for either a specific file system, or all configurations for the + * Amazon Web Services account in an Amazon Web Services Region if a file system is not specified.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { EFSClient, DescribeReplicationConfigurationsCommand } from "@aws-sdk/client-efs"; // ES Modules import + * // const { EFSClient, DescribeReplicationConfigurationsCommand } = require("@aws-sdk/client-efs"); // CommonJS import + * const client = new EFSClient(config); + * const command = new DescribeReplicationConfigurationsCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeReplicationConfigurationsCommandInput} for command's `input` shape. + * @see {@link DescribeReplicationConfigurationsCommandOutput} for command's `response` shape. + * @see {@link EFSClientResolvedConfig | config} for EFSClient's `config` shape. + * + */ +export class DescribeReplicationConfigurationsCommand extends $Command< + DescribeReplicationConfigurationsCommandInput, + DescribeReplicationConfigurationsCommandOutput, + EFSClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeReplicationConfigurationsCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackUse this operation to set the account preference in the current Amazon Web Services Region to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for - * new EFS file system and mount target resources. All existing resource IDs are not affected by any changes you make. You can set the ID preference during the + *
Use this operation to set the account preference in the current Amazon Web Services Region + * to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for + * new EFS file system and mount target resources. All existing resource IDs are not affected + * by any changes you make. You can set the ID preference during the * opt-in period as EFS transitions to long resource IDs. For more information, * see Managing Amazon EFS resource IDs.
*The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; + AccessPointId: string | undefined; } @@ -225,7 +238,19 @@ export namespace AccessPointDescription { export interface AccessPointLimitExceeded extends __SmithyException, $MetadataBearer { name: "AccessPointLimitExceeded"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -236,7 +261,19 @@ export interface AccessPointLimitExceeded extends __SmithyException, $MetadataBe export interface AccessPointNotFound extends __SmithyException, $MetadataBearer { name: "AccessPointNotFound"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -247,7 +284,19 @@ export interface AccessPointNotFound extends __SmithyException, $MetadataBearer export interface AvailabilityZonesMismatch extends __SmithyException, $MetadataBearer { name: "AvailabilityZonesMismatch"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode?: string; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -327,7 +376,19 @@ export namespace BackupPolicyDescription { export interface BadRequest extends __SmithyException, $MetadataBearer { name: "BadRequest"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -386,7 +447,19 @@ export namespace CreateAccessPointRequest { export interface FileSystemNotFound extends __SmithyException, $MetadataBearer { name: "FileSystemNotFound"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -396,7 +469,19 @@ export interface FileSystemNotFound extends __SmithyException, $MetadataBearer { export interface IncorrectFileSystemLifeCycleState extends __SmithyException, $MetadataBearer { name: "IncorrectFileSystemLifeCycleState"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -406,7 +491,19 @@ export interface IncorrectFileSystemLifeCycleState extends __SmithyException, $M export interface InternalServerError extends __SmithyException, $MetadataBearer { name: "InternalServerError"; $fault: "server"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -441,18 +538,18 @@ export interface CreateFileSystemRequest { /** *A Boolean value that, if true, creates an encrypted file system. When creating an
- * encrypted file system, you have the option of specifying CreateFileSystemRequest$KmsKeyId for an existing Key Management Service (KMS
- * customer master key (CMK). If you don't specify a CMK, then the default CMK for
+ * encrypted file system, you have the option of specifying an existing Key Management Service key (KMS key).
+ * If you don't specify a KMS key, then the default KMS key for
* Amazon EFS, /aws/elasticfilesystem, is used to protect the encrypted file system.
*
The ID of the KMS CMK that you want to use to protect the encrypted file system. This + *
The ID of the KMS key that you want to use to protect the encrypted file system. This * parameter is only required if you want to use a non-default KMS key. If this parameter is not - * specified, the default CMK for Amazon EFS is used. This ID can be in one of the following - * formats:
+ * specified, the default KMS key for Amazon EFS is used. You can specify a KMS key + * ID using the following formats: *Key ID - A unique identifier of the key, for example
@@ -471,9 +568,11 @@ export interface CreateFileSystemRequest {
* arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
If KmsKeyId is specified, the CreateFileSystemRequest$Encrypted parameter must be set to true.
If you use KmsKeyId, you must set the CreateFileSystemRequest$Encrypted
+ * parameter to true.
EFS accepts only symmetric KMS keys. You cannot use asymmetric KMS keys with EFS file systems.
+ *EFS accepts only symmetric KMS keys. You cannot use asymmetric + * KMS keys with Amazon EFS file systems.
*Default is false. However, if you specify an AvailabilityZoneName,
* the default is true.
Backup is not available in all Amazon Web Services Regionswhere Amazon EFS is available.
+ *Backup is not available in all Amazon Web Services Regions where Amazon EFS is available.
*The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; + FileSystemId: string | undefined; } @@ -676,8 +788,7 @@ export interface FileSystemDescription { Encrypted?: boolean; /** - *The ID of an Key Management Service customer master key (CMK) that was - * used to protect the encrypted file system.
+ *The ID of an KMS key used to protect the encrypted file system.
*/ KmsKeyId?: string; @@ -732,7 +843,19 @@ export namespace FileSystemDescription { export interface FileSystemLimitExceeded extends __SmithyException, $MetadataBearer { name: "FileSystemLimitExceeded"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -746,7 +869,19 @@ export interface FileSystemLimitExceeded extends __SmithyException, $MetadataBea export interface InsufficientThroughputCapacity extends __SmithyException, $MetadataBearer { name: "InsufficientThroughputCapacity"; $fault: "server"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -757,7 +892,19 @@ export interface InsufficientThroughputCapacity extends __SmithyException, $Meta export interface ThroughputLimitExceeded extends __SmithyException, $MetadataBearer { name: "ThroughputLimitExceeded"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -767,7 +914,19 @@ export interface ThroughputLimitExceeded extends __SmithyException, $MetadataBea export interface UnsupportedAvailabilityZone extends __SmithyException, $MetadataBearer { name: "UnsupportedAvailabilityZone"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -814,7 +973,19 @@ export namespace CreateMountTargetRequest { export interface IpAddressInUse extends __SmithyException, $MetadataBearer { name: "IpAddressInUse"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -825,7 +996,19 @@ export interface IpAddressInUse extends __SmithyException, $MetadataBearer { export interface MountTargetConflict extends __SmithyException, $MetadataBearer { name: "MountTargetConflict"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -907,7 +1090,19 @@ export namespace MountTargetDescription { export interface NetworkInterfaceLimitExceeded extends __SmithyException, $MetadataBearer { name: "NetworkInterfaceLimitExceeded"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -918,7 +1113,19 @@ export interface NetworkInterfaceLimitExceeded extends __SmithyException, $Metad export interface NoFreeAddressesInSubnet extends __SmithyException, $MetadataBearer { name: "NoFreeAddressesInSubnet"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -929,7 +1136,19 @@ export interface NoFreeAddressesInSubnet extends __SmithyException, $MetadataBea export interface SecurityGroupLimitExceeded extends __SmithyException, $MetadataBearer { name: "SecurityGroupLimitExceeded"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -940,7 +1159,19 @@ export interface SecurityGroupLimitExceeded extends __SmithyException, $Metadata export interface SecurityGroupNotFound extends __SmithyException, $MetadataBearer { name: "SecurityGroupNotFound"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -951,7 +1182,221 @@ export interface SecurityGroupNotFound extends __SmithyException, $MetadataBeare export interface SubnetNotFound extends __SmithyException, $MetadataBearer { name: "SubnetNotFound"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ + ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ + Message?: string; +} + +/** + *Describes the destination file system to create in the replication configuration.
+ */ +export interface DestinationToCreate { + /** + *To create a file system that uses regional storage, specify the Amazon Web Services Region + * in which to create the destination file system.
+ */ + Region?: string; + + /** + *To create a file system that uses One Zone storage, specify the name of the + * Availability Zone in which to create the destination file system.
+ */ + AvailabilityZoneName?: string; + + /** + *Specifies the KMS key you want to use to encrypt the destination file system. If you do not
+ * specify a KMS key, EFS uses your default KMS key for Amazon EFS,
+ * /aws/elasticfilesystem. This ID can be in one of the following
+ * formats:
Key ID - A unique identifier of the key, for example
+ * 1234abcd-12ab-34cd-56ef-1234567890ab.
ARN - An Amazon Resource Name (ARN) for the key, for example
+ * arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
Key alias - A previously created display name for a key, for example
+ * alias/projectKey1.
Key alias ARN - An ARN for a key alias, for example
+ * arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
Specifies the Amazon EFS file system that you want to replicate. This file system cannot already be + * a source or destination file system in another replication configuration.
+ */ + SourceFileSystemId: string | undefined; + + /** + *An array of destination configuration objects. Only one destination configuration object is supported.
+ */ + Destinations: DestinationToCreate[] | undefined; +} + +export namespace CreateReplicationConfigurationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: CreateReplicationConfigurationRequest): any => ({ + ...obj, + }); +} + +export enum ReplicationStatus { + DELETING = "DELETING", + ENABLED = "ENABLED", + ENABLING = "ENABLING", + ERROR = "ERROR", +} + +/** + *Describes the destination file system in the replication configuration.
+ */ +export interface Destination { + /** + *Describes the status of the destination Amazon EFS file system.
+ */ + Status: ReplicationStatus | string | undefined; + + /** + *The ID of the destination Amazon EFS file system.
+ */ + FileSystemId: string | undefined; + + /** + *The Amazon Web Services Region in which the destination file system is located.
+ */ + Region: string | undefined; + + /** + *The time when the most recent sync successfully completed on the destination file system. + * Any changes to data on the source file system that occurred prior to this time were successfully + * replicated to the destination file system. Any changes that occurred after this time might not be + * fully replicated.
+ */ + LastReplicatedTimestamp?: Date; +} + +export namespace Destination { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Destination): any => ({ + ...obj, + }); +} + +export interface ReplicationConfigurationDescription { + /** + *The ID of the source Amazon EFS file system that is being replicated.
+ */ + SourceFileSystemId: string | undefined; + + /** + *The Amazon Web Services Region in which the source Amazon EFS file system is located.
+ */ + SourceFileSystemRegion: string | undefined; + + /** + *The ARN of the current source file system in the replication configuration.
+ */ + SourceFileSystemArn: string | undefined; + + /** + *The Amazon Resource Name (ARN) of the original source Amazon EFS file system in the replication configuration.
+ */ + OriginalSourceFileSystemArn: string | undefined; + + /** + *Describes when the replication configuration was created.
+ */ + CreationTime: Date | undefined; + + /** + *Array of destination objects. Only one destination object is supported.
+ */ + Destinations: Destination[] | undefined; +} + +export namespace ReplicationConfigurationDescription { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ReplicationConfigurationDescription): any => ({ + ...obj, + }); +} + +/** + *Returned if the specified file system did not have a replication configuration.
+ */ +export interface ReplicationNotFound extends __SmithyException, $MetadataBearer { + name: "ReplicationNotFound"; + $fault: "client"; + /** + *ReplicationNotFound
+ */ + ErrorCode?: string; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ + Message?: string; +} + +/** + *Returned if the Backup service is not available in the Amazon Web Services Region in which the request was made.
+ */ +export interface ValidationException extends __SmithyException, $MetadataBearer { + name: "ValidationException"; + $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -1022,7 +1467,19 @@ export namespace DeleteFileSystemRequest { export interface FileSystemInUse extends __SmithyException, $MetadataBearer { name: "FileSystemInUse"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -1068,7 +1525,19 @@ export namespace DeleteMountTargetRequest { export interface DependencyTimeout extends __SmithyException, $MetadataBearer { name: "DependencyTimeout"; $fault: "server"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -1079,10 +1548,38 @@ export interface DependencyTimeout extends __SmithyException, $MetadataBearer { export interface MountTargetNotFound extends __SmithyException, $MetadataBearer { name: "MountTargetNotFound"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } +export interface DeleteReplicationConfigurationRequest { + /** + *The ID of the source file system in the replication configuration.
+ */ + SourceFileSystemId: string | undefined; +} + +export namespace DeleteReplicationConfigurationRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DeleteReplicationConfigurationRequest): any => ({ + ...obj, + }); +} + /** * */ @@ -1117,7 +1614,8 @@ export interface DescribeAccessPointsRequest { /** *
- * NextToken is present if the response is paginated. You can use NextMarker in the subsequent request to fetch the next page of access point descriptions.
NextToken is present if the response is paginated. You can use
+ * NextMarker in the subsequent request to fetch the next page of access point descriptions.
*/
NextToken?: string;
@@ -1265,17 +1763,19 @@ export namespace DescribeBackupPolicyRequest {
export interface PolicyNotFound extends __SmithyException, $MetadataBearer {
name: "PolicyNotFound";
$fault: "client";
+ /**
+ * The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode?: string; - Message?: string; -} -/** - *Returned if the Backup service is not available in the Amazon Web Services Region in which the request was made.
- */ -export interface ValidationException extends __SmithyException, $MetadataBearer { - name: "ValidationException"; - $fault: "client"; - ErrorCode: string | undefined; + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -1588,10 +2088,73 @@ export namespace DescribeMountTargetSecurityGroupsResponse { export interface IncorrectMountTargetState extends __SmithyException, $MetadataBearer { name: "IncorrectMountTargetState"; $fault: "client"; + /** + *The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } +export interface DescribeReplicationConfigurationsRequest { + /** + *You can retrieve replication configurations for a specific file system by providing a file system ID.
+ */ + FileSystemId?: string; + + /** + *
+ * NextToken is present if the response is paginated. You can use
+ * NextMarker in a subsequent request to fetch the next page of output.
(Optional) You can optionally specify the MaxItems parameter
+ * to limit the number of objects returned in a response. The default value is 100.
The collection of replication configurations returned.
+ */ + Replications?: ReplicationConfigurationDescription[]; + + /** + *You can use the NextToken from the previous response in a subsequent
+ * request to fetch the additional descriptions.
The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode?: string; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } @@ -1743,11 +2318,13 @@ export namespace ModifyMountTargetSecurityGroupsRequest { export interface PutAccountPreferencesRequest { /** - *Specifies the EFS resource ID preference to set for the user's Amazon Web Services account, in the current Amazon Web Services Region,
- * either LONG_ID (17 characters), or SHORT_ID (8 characters).
Specifies the EFS resource ID preference to set for the user's Amazon Web Services account,
+ * in the current Amazon Web Services Region, either LONG_ID (17 characters), or
+ * SHORT_ID (8 characters).
Starting in October, 2021, you will receive an error when setting the account preference to SHORT_ID.
- * Contact Amazon Web Services support if you receive an error and need to use short IDs for file system and mount target resources.
Starting in October, 2021, you will receive an error when setting the account
+ * preference to SHORT_ID. Contact Amazon Web Services support if you receive an
+ * error and need to use short IDs for file system and mount target resources.
The error code is a string that uniquely identifies an error condition. + * It is meant to be read and understood by programs that detect and handle errors by type.
+ */ ErrorCode: string | undefined; + + /** + *The error message contains a generic description of the error + * condition in English. It is intended for a human audience. Simple programs display the message directly + * to the end user if they encounter an error condition they don't know how or don't care to handle. + * Sophisticated programs with more exhaustive error handling and proper internationalization are + * more likely to ignore the error message.
+ */ Message?: string; } diff --git a/clients/client-efs/src/protocols/Aws_restJson1.ts b/clients/client-efs/src/protocols/Aws_restJson1.ts index 9d978588f08c..550c4d22b912 100644 --- a/clients/client-efs/src/protocols/Aws_restJson1.ts +++ b/clients/client-efs/src/protocols/Aws_restJson1.ts @@ -24,6 +24,10 @@ import { v4 as generateIdempotencyToken } from "uuid"; import { CreateAccessPointCommandInput, CreateAccessPointCommandOutput } from "../commands/CreateAccessPointCommand"; import { CreateFileSystemCommandInput, CreateFileSystemCommandOutput } from "../commands/CreateFileSystemCommand"; import { CreateMountTargetCommandInput, CreateMountTargetCommandOutput } from "../commands/CreateMountTargetCommand"; +import { + CreateReplicationConfigurationCommandInput, + CreateReplicationConfigurationCommandOutput, +} from "../commands/CreateReplicationConfigurationCommand"; import { CreateTagsCommandInput, CreateTagsCommandOutput } from "../commands/CreateTagsCommand"; import { DeleteAccessPointCommandInput, DeleteAccessPointCommandOutput } from "../commands/DeleteAccessPointCommand"; import { DeleteFileSystemCommandInput, DeleteFileSystemCommandOutput } from "../commands/DeleteFileSystemCommand"; @@ -32,6 +36,10 @@ import { DeleteFileSystemPolicyCommandOutput, } from "../commands/DeleteFileSystemPolicyCommand"; import { DeleteMountTargetCommandInput, DeleteMountTargetCommandOutput } from "../commands/DeleteMountTargetCommand"; +import { + DeleteReplicationConfigurationCommandInput, + DeleteReplicationConfigurationCommandOutput, +} from "../commands/DeleteReplicationConfigurationCommand"; import { DeleteTagsCommandInput, DeleteTagsCommandOutput } from "../commands/DeleteTagsCommand"; import { DescribeAccessPointsCommandInput, @@ -65,6 +73,10 @@ import { DescribeMountTargetSecurityGroupsCommandInput, DescribeMountTargetSecurityGroupsCommandOutput, } from "../commands/DescribeMountTargetSecurityGroupsCommand"; +import { + DescribeReplicationConfigurationsCommandInput, + DescribeReplicationConfigurationsCommandOutput, +} from "../commands/DescribeReplicationConfigurationsCommand"; import { DescribeTagsCommandInput, DescribeTagsCommandOutput } from "../commands/DescribeTagsCommand"; import { ListTagsForResourceCommandInput, @@ -100,6 +112,8 @@ import { BadRequest, CreationInfo, DependencyTimeout, + Destination, + DestinationToCreate, FileSystemAlreadyExists, FileSystemDescription, FileSystemInUse, @@ -120,6 +134,8 @@ import { NoFreeAddressesInSubnet, PolicyNotFound, PosixUser, + ReplicationConfigurationDescription, + ReplicationNotFound, Resource, ResourceIdPreference, RootDirectory, @@ -236,6 +252,44 @@ export const serializeAws_restJson1CreateMountTargetCommand = async ( }); }; +export const serializeAws_restJson1CreateReplicationConfigurationCommand = async ( + input: CreateReplicationConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = { + "content-type": "application/json", + }; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/2015-02-01/file-systems/{SourceFileSystemId}/replication-configuration"; + if (input.SourceFileSystemId !== undefined) { + const labelValue: string = input.SourceFileSystemId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: SourceFileSystemId."); + } + resolvedPath = resolvedPath.replace("{SourceFileSystemId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: SourceFileSystemId."); + } + let body: any; + body = JSON.stringify({ + ...(input.Destinations !== undefined && + input.Destinations !== null && { + Destinations: serializeAws_restJson1DestinationsToCreate(input.Destinations, context), + }), + }); + return new __HttpRequest({ + protocol, + hostname, + port, + method: "POST", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1CreateTagsCommand = async ( input: CreateTagsCommandInput, context: __SerdeContext @@ -387,6 +441,36 @@ export const serializeAws_restJson1DeleteMountTargetCommand = async ( }); }; +export const serializeAws_restJson1DeleteReplicationConfigurationCommand = async ( + input: DeleteReplicationConfigurationCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/2015-02-01/file-systems/{SourceFileSystemId}/replication-configuration"; + if (input.SourceFileSystemId !== undefined) { + const labelValue: string = input.SourceFileSystemId; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: SourceFileSystemId."); + } + resolvedPath = resolvedPath.replace("{SourceFileSystemId}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: SourceFileSystemId."); + } + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "DELETE", + headers, + path: resolvedPath, + body, + }); +}; + export const serializeAws_restJson1DeleteTagsCommand = async ( input: DeleteTagsCommandInput, context: __SerdeContext @@ -650,6 +734,33 @@ export const serializeAws_restJson1DescribeMountTargetSecurityGroupsCommand = as }); }; +export const serializeAws_restJson1DescribeReplicationConfigurationsCommand = async ( + input: DescribeReplicationConfigurationsCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + const resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/2015-02-01/file-systems/replication-configurations"; + const query: any = { + ...(input.FileSystemId !== undefined && { FileSystemId: input.FileSystemId }), + ...(input.NextToken !== undefined && { NextToken: input.NextToken }), + ...(input.MaxResults !== undefined && { MaxResults: input.MaxResults.toString() }), + }; + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + query, + body, + }); +}; + export const serializeAws_restJson1DescribeTagsCommand = async ( input: DescribeTagsCommandInput, context: __SerdeContext @@ -1486,6 +1597,153 @@ const deserializeAws_restJson1CreateMountTargetCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_restJson1CreateReplicationConfigurationCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): Promise+ * Gets details of the past fraud predictions for the specified event ID, event type, detector ID, and detector version ID that was generated in the specified time period. + *
+ */ + public getEventPredictionMetadata( + args: GetEventPredictionMetadataCommandInput, + options?: __HttpHandlerOptions + ): PromiseGets all event types or a specific event type if name is provided. This is a paginated API. If you
* provide a null maxResults, this action retrieves a maximum of 10 records
@@ -1706,6 +1750,51 @@ export class FraudDetector extends FraudDetectorClient {
}
}
+ /**
+ *
Gets a list of past predictions. The list can be filtered by detector ID, detector version ID, event ID, event type, or by specifying a time period. + * If filter is not specified, the most recent prediction is returned.
+ * + *For example, the following filter lists all past predictions for xyz event type -
+ * {
+ * "eventType":{
+ * "value": "xyz" }”
+ * }
+ *
This is a paginated API. If you provide a null maxResults, this action will retrieve a maximum of 10 records per page.
+ * If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide
+ * the nextToken from the response as part of your request. A null nextToken fetches the records from the beginning.
+ *
Lists all tags associated with the resource. This is a paginated API. To get the next page results, provide the pagination token from the * response as part of your request. A null pagination token diff --git a/clients/client-frauddetector/src/FraudDetectorClient.ts b/clients/client-frauddetector/src/FraudDetectorClient.ts index e33ec7bf5842..530bf2ffd9ef 100644 --- a/clients/client-frauddetector/src/FraudDetectorClient.ts +++ b/clients/client-frauddetector/src/FraudDetectorClient.ts @@ -128,6 +128,10 @@ import { GetDetectorVersionCommandInput, GetDetectorVersionCommandOutput } from import { GetEntityTypesCommandInput, GetEntityTypesCommandOutput } from "./commands/GetEntityTypesCommand"; import { GetEventCommandInput, GetEventCommandOutput } from "./commands/GetEventCommand"; import { GetEventPredictionCommandInput, GetEventPredictionCommandOutput } from "./commands/GetEventPredictionCommand"; +import { + GetEventPredictionMetadataCommandInput, + GetEventPredictionMetadataCommandOutput, +} from "./commands/GetEventPredictionMetadataCommand"; import { GetEventTypesCommandInput, GetEventTypesCommandOutput } from "./commands/GetEventTypesCommand"; import { GetExternalModelsCommandInput, GetExternalModelsCommandOutput } from "./commands/GetExternalModelsCommand"; import { @@ -140,6 +144,10 @@ import { GetModelVersionCommandInput, GetModelVersionCommandOutput } from "./com import { GetOutcomesCommandInput, GetOutcomesCommandOutput } from "./commands/GetOutcomesCommand"; import { GetRulesCommandInput, GetRulesCommandOutput } from "./commands/GetRulesCommand"; import { GetVariablesCommandInput, GetVariablesCommandOutput } from "./commands/GetVariablesCommand"; +import { + ListEventPredictionsCommandInput, + ListEventPredictionsCommandOutput, +} from "./commands/ListEventPredictionsCommand"; import { ListTagsForResourceCommandInput, ListTagsForResourceCommandOutput, @@ -218,6 +226,7 @@ export type ServiceInputTypes = | GetEntityTypesCommandInput | GetEventCommandInput | GetEventPredictionCommandInput + | GetEventPredictionMetadataCommandInput | GetEventTypesCommandInput | GetExternalModelsCommandInput | GetKMSEncryptionKeyCommandInput @@ -227,6 +236,7 @@ export type ServiceInputTypes = | GetOutcomesCommandInput | GetRulesCommandInput | GetVariablesCommandInput + | ListEventPredictionsCommandInput | ListTagsForResourceCommandInput | PutDetectorCommandInput | PutEntityTypeCommandInput @@ -286,6 +296,7 @@ export type ServiceOutputTypes = | GetEntityTypesCommandOutput | GetEventCommandOutput | GetEventPredictionCommandOutput + | GetEventPredictionMetadataCommandOutput | GetEventTypesCommandOutput | GetExternalModelsCommandOutput | GetKMSEncryptionKeyCommandOutput @@ -295,6 +306,7 @@ export type ServiceOutputTypes = | GetOutcomesCommandOutput | GetRulesCommandOutput | GetVariablesCommandOutput + | ListEventPredictionsCommandOutput | ListTagsForResourceCommandOutput | PutDetectorCommandOutput | PutEntityTypeCommandOutput diff --git a/clients/client-frauddetector/src/commands/GetEventPredictionMetadataCommand.ts b/clients/client-frauddetector/src/commands/GetEventPredictionMetadataCommand.ts new file mode 100644 index 000000000000..f21ef7c44ea6 --- /dev/null +++ b/clients/client-frauddetector/src/commands/GetEventPredictionMetadataCommand.ts @@ -0,0 +1,100 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { FraudDetectorClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../FraudDetectorClient"; +import { GetEventPredictionMetadataRequest, GetEventPredictionMetadataResult } from "../models/models_0"; +import { + deserializeAws_json1_1GetEventPredictionMetadataCommand, + serializeAws_json1_1GetEventPredictionMetadataCommand, +} from "../protocols/Aws_json1_1"; + +export interface GetEventPredictionMetadataCommandInput extends GetEventPredictionMetadataRequest {} +export interface GetEventPredictionMetadataCommandOutput extends GetEventPredictionMetadataResult, __MetadataBearer {} + +/** + *
+ * Gets details of the past fraud predictions for the specified event ID, event type, detector ID, and detector version ID that was generated in the specified time period. + *
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { FraudDetectorClient, GetEventPredictionMetadataCommand } from "@aws-sdk/client-frauddetector"; // ES Modules import + * // const { FraudDetectorClient, GetEventPredictionMetadataCommand } = require("@aws-sdk/client-frauddetector"); // CommonJS import + * const client = new FraudDetectorClient(config); + * const command = new GetEventPredictionMetadataCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link GetEventPredictionMetadataCommandInput} for command's `input` shape. + * @see {@link GetEventPredictionMetadataCommandOutput} for command's `response` shape. + * @see {@link FraudDetectorClientResolvedConfig | config} for FraudDetectorClient's `config` shape. + * + */ +export class GetEventPredictionMetadataCommand extends $Command< + GetEventPredictionMetadataCommandInput, + GetEventPredictionMetadataCommandOutput, + FraudDetectorClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: GetEventPredictionMetadataCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackGets a list of past predictions. The list can be filtered by detector ID, detector version ID, event ID, event type, or by specifying a time period. + * If filter is not specified, the most recent prediction is returned.
+ * + *For example, the following filter lists all past predictions for xyz event type -
+ * {
+ * "eventType":{
+ * "value": "xyz" }”
+ * }
+ *
This is a paginated API. If you provide a null maxResults, this action will retrieve a maximum of 10 records per page.
+ * If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide
+ * the nextToken from the response as part of your request. A null nextToken fetches the records from the beginning.
+ *
+ * The event ID. + *
+ */ + eventId: string | undefined; + + /** + *+ * The event type associated with the detector specified for the prediction. + *
+ */ + eventTypeName: string | undefined; + + /** + *+ * The detector ID. + *
+ */ + detectorId: string | undefined; + + /** + *+ * The detector version ID. + *
+ */ + detectorVersionId: string | undefined; + + /** + *+ * The timestamp that defines when the prediction was generated. + *
+ */ + predictionTimestamp: string | undefined; +} + +export namespace GetEventPredictionMetadataRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetEventPredictionMetadataRequest): any => ({ + ...obj, + }); +} + +/** + *+ * The details of the external (Amazon Sagemaker) model evaluated for generating predictions. + *
+ */ +export interface EvaluatedExternalModel { + /** + *+ * The endpoint of the external (Amazon Sagemaker) model. + *
+ */ + modelEndpoint?: string; + + /** + *+ * Indicates whether event variables were used to generate predictions. + *
+ */ + useEventVariables?: boolean; + + /** + *+ * Input variables use for generating predictions. + *
+ */ + inputVariables?: { [key: string]: string }; + + /** + *+ * Output variables. + *
+ */ + outputVariables?: { [key: string]: string }; +} + +export namespace EvaluatedExternalModel { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EvaluatedExternalModel): any => ({ + ...obj, + ...(obj.inputVariables && { inputVariables: SENSITIVE_STRING }), + ...(obj.outputVariables && { outputVariables: SENSITIVE_STRING }), + }); +} + +/** + *+ * The details of the event variable's impact on the prediction score. + *
+ */ +export interface VariableImpactExplanation { + /** + *+ * The event variable name. + *
+ */ + eventVariableName?: string; + + /** + *+ * The event variable's relative impact in terms of magnitude on the prediction scores. + * The relative impact values consist of a numerical rating (0-5, 5 being the highest) and direction (increased/decreased) impact of the fraud risk. + *
+ */ + relativeImpact?: string; + + /** + *+ * The raw, uninterpreted value represented as log-odds of the fraud. These values are usually between -10 to +10, but range from - infinity to + infinity.
+ *A positive value indicates that the variable drove the risk score up.
+ *A negative value indicates that the variable drove the risk score down.
+ *+ * The prediction explanations that provide insight into how each event variable impacted the model version's fraud prediction score. + *
+ */ +export interface PredictionExplanations { + /** + *+ * The details of the event variable's impact on the prediction score. + *
+ */ + variableImpactExplanations?: VariableImpactExplanation[]; +} + +export namespace PredictionExplanations { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PredictionExplanations): any => ({ + ...obj, + }); +} + +/** + *+ * The model version evalutions. + *
+ */ +export interface ModelVersionEvaluation { + /** + *+ * The output variable name. + *
+ */ + outputVariableName?: string; + + /** + *+ * The evaluation score generated for the model version. + *
+ */ + evaluationScore?: string; + + /** + *+ * The prediction explanations generated for the model version. + *
+ */ + predictionExplanations?: PredictionExplanations; +} + +export namespace ModelVersionEvaluation { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ModelVersionEvaluation): any => ({ + ...obj, + }); +} + +/** + *+ * The model version evaluated for generating prediction. + *
+ */ +export interface EvaluatedModelVersion { + /** + *+ * The model ID. + *
+ */ + modelId?: string; + + /** + *+ * The model version. + *
+ */ + modelVersion?: string; + + /** + *The model type.
+ *Valid values: ONLINE_FRAUD_INSIGHTS | TRANSACTION_FRAUD_INSIGHTS
+ *
+ * Evaluations generated for the model version. + *
+ */ + evaluations?: ModelVersionEvaluation[]; +} + +export namespace EvaluatedModelVersion { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EvaluatedModelVersion): any => ({ + ...obj, + }); +} + +/** + *+ * Information about the summary of an event variable that was evaluated for generating prediction. + *
+ */ +export interface EventVariableSummary { + /** + *+ * The event variable name. + *
+ */ + name?: string; + + /** + *+ * The value of the event variable. + *
+ */ + value?: string; + + /** + *+ * The event variable source. + *
+ */ + source?: string; +} + +export namespace EventVariableSummary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EventVariableSummary): any => ({ + ...obj, + ...(obj.name && { name: SENSITIVE_STRING }), + ...(obj.value && { value: SENSITIVE_STRING }), + ...(obj.source && { source: SENSITIVE_STRING }), + }); +} + +/** + *+ * The details of the rule used for evaluating variable values. + *
+ */ +export interface EvaluatedRule { + /** + *+ * The rule ID. + *
+ */ + ruleId?: string; + + /** + *+ * The rule version. + *
+ */ + ruleVersion?: string; + + /** + *+ * The rule expression. + *
+ */ + expression?: string; + + /** + *+ * The rule expression value. + *
+ */ + expressionWithValues?: string; + + /** + *+ * The rule outcome. + *
+ */ + outcomes?: string[]; + + /** + *+ * Indicates whether the rule was evaluated. + *
+ */ + evaluated?: boolean; + + /** + *+ * Indicates whether the rule matched. + *
+ */ + matched?: boolean; +} + +export namespace EvaluatedRule { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EvaluatedRule): any => ({ + ...obj, + ...(obj.expression && { expression: SENSITIVE_STRING }), + ...(obj.expressionWithValues && { expressionWithValues: SENSITIVE_STRING }), + }); +} + +export interface GetEventPredictionMetadataResult { + /** + *+ * The event ID. + *
+ */ + eventId?: string; + + /** + *+ * The event type associated with the detector specified for this prediction. + *
+ */ + eventTypeName?: string; + + /** + *+ * The entity ID. + *
+ */ + entityId?: string; + + /** + *+ * The entity type. + *
+ */ + entityType?: string; + + /** + *+ * The timestamp for when the prediction was generated for the associated event ID. + *
+ */ + eventTimestamp?: string; + + /** + *+ * The detector ID. + *
+ */ + detectorId?: string; + + /** + *+ * The detector version ID. + *
+ */ + detectorVersionId?: string; + + /** + *+ * The status of the detector version. + *
+ */ + detectorVersionStatus?: string; + + /** + *+ * A list of event variables that influenced the prediction scores. + *
+ */ + eventVariables?: EventVariableSummary[]; + + /** + *+ * List of rules associated with the detector version that were used for evaluating variable values. + *
+ */ + rules?: EvaluatedRule[]; + + /** + *+ * The execution mode of the rule used for evaluating variable values. + *
+ */ + ruleExecutionMode?: RuleExecutionMode | string; + + /** + *+ * The outcomes of the matched rule, based on the rule execution mode. + *
+ */ + outcomes?: string[]; + + /** + *+ * Model versions that were evaluated for generating predictions. + *
+ */ + evaluatedModelVersions?: EvaluatedModelVersion[]; + + /** + *+ * External (Amazon SageMaker) models that were evaluated for generating predictions. + *
+ */ + evaluatedExternalModels?: EvaluatedExternalModel[]; + + /** + *The timestamp that defines when the prediction was generated. + *
+ */ + predictionTimestamp?: string; +} + +export namespace GetEventPredictionMetadataResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: GetEventPredictionMetadataResult): any => ({ + ...obj, + ...(obj.eventVariables && { + eventVariables: obj.eventVariables.map((item) => EventVariableSummary.filterSensitiveLog(item)), + }), + ...(obj.rules && { rules: obj.rules.map((item) => EvaluatedRule.filterSensitiveLog(item)) }), + ...(obj.evaluatedExternalModels && { + evaluatedExternalModels: obj.evaluatedExternalModels.map((item) => + EvaluatedExternalModel.filterSensitiveLog(item) + ), + }), + }); +} + export interface GetEventTypesRequest { /** *The name.
@@ -3811,6 +4283,202 @@ export namespace GetVariablesResult { }); } +/** + *+ * A conditional statement for filtering a list of past predictions. + *
+ */ +export interface FilterCondition { + /** + *+ * A statement containing a resource property and a value to specify filter condition. + *
+ */ + value?: string; +} + +export namespace FilterCondition { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FilterCondition): any => ({ + ...obj, + }); +} + +/** + *+ * The time period for when the predictions were generated. + *
+ */ +export interface PredictionTimeRange { + /** + *+ * The start time of the time period for when the predictions were generated. + *
+ */ + startTime: string | undefined; + + /** + *+ * The end time of the time period for when the predictions were generated. + *
+ */ + endTime: string | undefined; +} + +export namespace PredictionTimeRange { + /** + * @internal + */ + export const filterSensitiveLog = (obj: PredictionTimeRange): any => ({ + ...obj, + }); +} + +export interface ListEventPredictionsRequest { + /** + *+ * The event ID. + *
+ */ + eventId?: FilterCondition; + + /** + *+ * The event type associated with the detector. + *
+ */ + eventType?: FilterCondition; + + /** + *+ * The detector ID. + *
+ */ + detectorId?: FilterCondition; + + /** + *+ * The detector version ID. + *
+ */ + detectorVersionId?: FilterCondition; + + /** + *+ * The time period for when the predictions were generated. + *
+ */ + predictionTimeRange?: PredictionTimeRange; + + /** + *+ * Identifies the next page of results to return. Use the token to make the call again to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. + *
+ */ + nextToken?: string; + + /** + *+ * The maximum number of predictions to return for the request. + *
+ */ + maxResults?: number; +} + +export namespace ListEventPredictionsRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListEventPredictionsRequest): any => ({ + ...obj, + }); +} + +/** + *+ * Information about the summary of an event prediction. + *
+ */ +export interface EventPredictionSummary { + /** + *+ * The event ID. + *
+ */ + eventId?: string; + + /** + *+ * The event type. + *
+ */ + eventTypeName?: string; + + /** + *+ * The timestamp of the event. + *
+ */ + eventTimestamp?: string; + + /** + *+ * The timestamp when the prediction was generated. + *
+ */ + predictionTimestamp?: string; + + /** + *+ * The detector ID. + *
+ */ + detectorId?: string; + + /** + *+ * The detector version ID. + *
+ */ + detectorVersionId?: string; +} + +export namespace EventPredictionSummary { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EventPredictionSummary): any => ({ + ...obj, + }); +} + +export interface ListEventPredictionsResult { + /** + *+ * The summary of the past predictions. + *
+ */ + eventPredictionSummaries?: EventPredictionSummary[]; + + /** + *+ * Identifies the next page of results to return. Use the token to make the call again to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours. + *
+ */ + nextToken?: string; +} + +export namespace ListEventPredictionsResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ListEventPredictionsResult): any => ({ + ...obj, + }); +} + export interface ListTagsForResourceRequest { /** *The ARN that specifies the resource whose tags you want to list.
diff --git a/clients/client-frauddetector/src/pagination/ListEventPredictionsPaginator.ts b/clients/client-frauddetector/src/pagination/ListEventPredictionsPaginator.ts new file mode 100644 index 000000000000..2380d8262286 --- /dev/null +++ b/clients/client-frauddetector/src/pagination/ListEventPredictionsPaginator.ts @@ -0,0 +1,59 @@ +import { Paginator } from "@aws-sdk/types"; + +import { + ListEventPredictionsCommand, + ListEventPredictionsCommandInput, + ListEventPredictionsCommandOutput, +} from "../commands/ListEventPredictionsCommand"; +import { FraudDetector } from "../FraudDetector"; +import { FraudDetectorClient } from "../FraudDetectorClient"; +import { FraudDetectorPaginationConfiguration } from "./Interfaces"; + +/** + * @private + */ +const makePagedClientRequest = async ( + client: FraudDetectorClient, + input: ListEventPredictionsCommandInput, + ...args: any +): PromiseAmazon FSx for NetApp ONTAP
* *Amazon FSx for OpenZFS
+ *Amazon FSx for Windows File Server
*For FSx for Lustre file systems, you can update the following + *
For Amazon FSx for Lustre file systems, you can update the following * properties:
*For FSx for ONTAP file systems, you can update the following + *
For Amazon FSx for NetApp ONTAP file systems, you can update the following * properties:
*
+ * DiskIopsConfiguration
+ *
* FsxAdminPassword
*
+ * StorageCapacity
+ *
* WeeklyMaintenanceStartTime
*
- * DiskIopsConfiguration
- *
* ThroughputCapacity
*
Amazon FSx for NetApp ONTAP
* *Amazon FSx for OpenZFS
+ *Amazon FSx for Windows File Server
*For FSx for Lustre file systems, you can update the following + *
For Amazon FSx for Lustre file systems, you can update the following * properties:
*For FSx for ONTAP file systems, you can update the following + *
For Amazon FSx for NetApp ONTAP file systems, you can update the following * properties:
*
+ * DiskIopsConfiguration
+ *
* FsxAdminPassword
*
+ * StorageCapacity
+ *
* WeeklyMaintenanceStartTime
*
- * DiskIopsConfiguration
- *
* ThroughputCapacity
*
Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent * tiering automatically transitions a volume's data between the file system's primary storage and capacity * pool storage based on your access patterns.
+ *Valid tiering policies are the following:
+ *
+ * SNAPSHOT_ONLY - (Default value) moves cold snapshots to the capacity pool storage tier.
+ * AUTO - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.
+ * ALL - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.
+ * NONE - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.
SCRATCH_2 deployment type provides in-transit encryption of data and higher burst
* throughput capacity than SCRATCH_1.
* Choose PERSISTENT_1 for longer-term storage and for throughput-focused
- * workloads that aren’t latency-sensitive. a.
+ * workloads that aren’t latency-sensitive.
* PERSISTENT_1 supports encryption of data in transit, and is available in all
* Amazon Web Services Regions in which FSx for Lustre is available.
Choose PERSISTENT_2 for longer-term storage and for latency-sensitive workloads
@@ -3267,7 +3292,7 @@ export interface CreateFileSystemOntapConfiguration {
/**
*
Sets the throughput capacity for the file system that you're creating. - * Valid values are 512, 1024, and 2048 MBps.
+ * Valid values are 128, 256, 512, 1024, and 2048 MBps. */ ThroughputCapacity: number | undefined; @@ -3827,7 +3852,7 @@ export interface CreateFileSystemRequest { *Set to HDD to use hard disk drive storage.
* HDD is supported on SINGLE_AZ_2 and MULTI_AZ_1 Windows file system deployment types,
- * and on PERSISTENT Lustre file system deployment types.
+ * and on PERSISTENT_1 Lustre file system deployment types.
*
Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent * tiering automatically transitions a volume's data between the file system's primary storage and capacity * pool storage based on your access patterns.
+ *Valid tiering policies are the following:
+ *
+ * SNAPSHOT_ONLY - (Default value) moves cold snapshots to the capacity pool storage tier.
+ * AUTO - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.
+ * ALL - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.
+ * NONE - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.
To delete the volume's children and snapshots, use the string
- * DELETE_CHILD_VOLUMES_AND_SNAPSHOTS.
To delete the volume's child volumes, snapshots, and clones, use the string
+ * DELETE_CHILD_VOLUMES_AND_SNAPSHOTS.
For example, 1:05:00 specifies maintenance at 5 AM Monday.
The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP file system. The default is 3 IOPS per GB of storage capacity,
+ * but you can provision additional IOPS per GB of storage. The configuration consists
+ * of an IOPS mode (AUTOMATIC or USER_PROVISIONED), and in
+ * the case of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned.
The throughput of an Amazon FSx file system, measured in megabytes per second - * (MBps), in 2 to the nth increments, between 2^3 (8) and 2^11 (2048).
+ * (MBps), in 2 to the nth increments, between 2^3 (8) and 2^12 (4096). */ ThroughputCapacity?: number; @@ -6824,20 +6882,22 @@ export interface UpdateFileSystemRequest { /** *Use this parameter to increase the storage capacity of an Amazon FSx for Windows - * File Server or Amazon FSx for Lustre file system. Specifies the storage capacity - * target value, in GiB, to increase the storage capacity for the file system that you're - * updating.
+ * File Server, Amazon FSx for Lustre, or Amazon FSx for NetApp ONTAP file system. + * Specifies the storage capacity target value, in GiB, to increase the storage capacity for + * the file system that you're updating. *You can't make a storage capacity increase request if there is an existing storage * capacity increase request in progress.
*For Windows file systems, the storage capacity target value must be at least 10 percent * greater than the current storage capacity value. To increase storage capacity, the file system - * must have at least 16 MBps of throughput capacity.
+ * must have at least 16 MBps of throughput capacity. For more information, see Managing storage + * capacity in the Amazon FSx for Windows File Server User + * Guide. *For Lustre file systems, the storage capacity target value can be the following:
*For SCRATCH_2 and PERSISTENT_1 SSD deployment types, valid values
+ *
For SCRATCH_2, PERSISTENT_1, and PERSISTENT_2 SSD deployment types, valid values
* are in multiples of 2400 GiB. The value must be greater than the current storage capacity.
For SCRATCH_1 file systems, you can't increase the storage capacity.
For OpenZFS file systems, the input/output operations per second (IOPS) automatically - * scale with increases to the storage capacity if IOPS is configured for automatic scaling. If - * the storage capacity increase would result in less than 3 IOPS per GiB of storage, this - * operation returns an error.
- *For more information, see Managing storage - * capacity in the Amazon FSx for Windows File Server User - * Guide, Managing storage and throughput - * capacity in the Amazon FSx for Lustre User Guide, and - * Managing storage capacity in the Amazon FSx for OpenZFS User - * Guide.
+ *For more information, see Managing storage and throughput + * capacity in the Amazon FSx for Lustre User Guide.
+ *For ONTAP file systems, the storage capacity target value must be at least 10 percent + * greater than the current storage capacity value. For more information, see + * Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User + * Guide.
*/ StorageCapacity?: number; @@ -7178,17 +7234,13 @@ export interface AdministrativeAction { * successfully, aSTORAGE_OPTIMIZATION task starts.
* For Windows, storage optimization is the process of migrating the file system data - * to the new, larger disks.
+ *For Windows and ONTAP, storage optimization is the process of migrating the file system data + * to newer larger disks.
*For Lustre, storage optimization consists of rebalancing the data across the existing and * newly added file servers.
*For OpenZFS, storage optimization consists of migrating data from the - * older smaller disks to the newer larger disks.
- *You can track the storage-optimization progress using the
* ProgressPercent property. When
@@ -7198,8 +7250,9 @@ export interface AdministrativeAction {
* storage capacity in the Amazon FSx for Windows
* File Server User Guide, Managing storage
* and throughput capacity in the Amazon FSx for
- * Lustre User Guide, and Managing storage capacity in the
- * Amazon FSx for OpenZFS User Guide.
@@ -7471,7 +7524,7 @@ export interface FileSystem { OntapConfiguration?: OntapFileSystemConfiguration; /** - *
The Lustre version of the Amazon FSx for Lustrefile system, either + *
The Lustre version of the Amazon FSx for Lustre file system, either
* 2.10 or 2.12.
The remote IP information of the connection that initiated the Amazon Web Services API call.
*/ @@ -462,6 +463,55 @@ export namespace DnsRequestAction { }); } +/** + *Information about the Kubernetes API call action described in this finding.
+ */ +export interface KubernetesApiCallAction { + /** + *The Kubernetes API request URI.
+ */ + RequestUri?: string; + + /** + *The Kubernetes API request HTTP verb.
+ */ + Verb?: string; + + /** + *The IP of the Kubernetes API caller and the IPs of any proxies or load balancers between the caller and the API endpoint.
+ */ + SourceIps?: string[]; + + /** + *The user agent of the caller of the Kubernetes API.
+ */ + UserAgent?: string; + + /** + *Contains information about the remote IP address of the connection.
+ */ + RemoteIpDetails?: RemoteIpDetails; + + /** + *The resulting HTTP response code of the Kubernetes API call action.
+ */ + StatusCode?: number; + + /** + *Parameters related to the Kubernetes API call action.
+ */ + Parameters?: string; +} + +export namespace KubernetesApiCallAction { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesApiCallAction): any => ({ + ...obj, + }); +} + /** *Contains information about the local IP address of the connection.
*/ @@ -659,6 +709,11 @@ export interface Action { *Information about the PORT_PROBE action described in this finding.
*/ PortProbeAction?: PortProbeAction; + + /** + *Information about the Kubernetes API call action described in this finding.
+ */ + KubernetesApiCallAction?: KubernetesApiCallAction; } export namespace Action { @@ -913,6 +968,136 @@ export namespace Condition { }); } +/** + *Container security context.
+ */ +export interface SecurityContext { + /** + *Whether the container is privileged.
+ */ + Privileged?: boolean; +} + +export namespace SecurityContext { + /** + * @internal + */ + export const filterSensitiveLog = (obj: SecurityContext): any => ({ + ...obj, + }); +} + +/** + *Container volume mount.
+ */ +export interface VolumeMount { + /** + *Volume mount name.
+ */ + Name?: string; + + /** + *Volume mount path.
+ */ + MountPath?: string; +} + +export namespace VolumeMount { + /** + * @internal + */ + export const filterSensitiveLog = (obj: VolumeMount): any => ({ + ...obj, + }); +} + +/** + *Details of a container.
+ */ +export interface Container { + /** + *The container runtime (such as, Docker or containerd) used to run the container.
+ */ + ContainerRuntime?: string; + + /** + *Container ID.
+ */ + Id?: string; + + /** + *Container name.
+ */ + Name?: string; + + /** + *Container image.
+ */ + Image?: string; + + /** + *Part of the image name before the last slash. For example, imagePrefix for public.ecr.aws/amazonlinux/amazonlinux:latest would be public.ecr.aws/amazonlinux. If the image name is relative and does not have a slash, this field is empty.
+ */ + ImagePrefix?: string; + + /** + *Container volume mounts.
+ */ + VolumeMounts?: VolumeMount[]; + + /** + *Container security context.
+ */ + SecurityContext?: SecurityContext; +} + +export namespace Container { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Container): any => ({ + ...obj, + }); +} + +/** + *Describes whether Kubernetes audit logs are enabled as a data source.
+ */ +export interface KubernetesAuditLogsConfiguration { + /** + *The status of Kubernetes audit logs as a data source.
+ */ + Enable: boolean | undefined; +} + +export namespace KubernetesAuditLogsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesAuditLogsConfiguration): any => ({ + ...obj, + }); +} + +/** + *Describes whether any Kubernetes data sources are enabled.
+ */ +export interface KubernetesConfiguration { + /** + *The status of Kubernetes audit logs as a data source.
+ */ + AuditLogs: KubernetesAuditLogsConfiguration | undefined; +} + +export namespace KubernetesConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesConfiguration): any => ({ + ...obj, + }); +} + /** *Describes whether S3 data event logs will be enabled as a data source.
*/ @@ -940,6 +1125,11 @@ export interface DataSourceConfigurations { *Describes whether S3 data event logs are enabled as a data source.
*/ S3Logs?: S3LogsConfiguration; + + /** + *Describes whether any Kubernetes logs are enabled as data sources.
+ */ + Kubernetes?: KubernetesConfiguration; } export namespace DataSourceConfigurations { @@ -1608,6 +1798,7 @@ export enum DataSource { CLOUD_TRAIL = "CLOUD_TRAIL", DNS_LOGS = "DNS_LOGS", FLOW_LOGS = "FLOW_LOGS", + KUBERNETES_AUDIT_LOGS = "KUBERNETES_AUDIT_LOGS", S3_LOGS = "S3_LOGS", } @@ -1649,6 +1840,44 @@ export namespace FlowLogsConfigurationResult { }); } +/** + *Describes whether Kubernetes audit logs are enabled as a data source.
+ */ +export interface KubernetesAuditLogsConfigurationResult { + /** + *A value that describes whether Kubernetes audit logs are enabled as a data source.
+ */ + Status: DataSourceStatus | string | undefined; +} + +export namespace KubernetesAuditLogsConfigurationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesAuditLogsConfigurationResult): any => ({ + ...obj, + }); +} + +/** + *Describes whether any Kubernetes logs will be enabled as a data source.
+ */ +export interface KubernetesConfigurationResult { + /** + *Describes whether Kubernetes audit logs are enabled as a data source.
+ */ + AuditLogs: KubernetesAuditLogsConfigurationResult | undefined; +} + +export namespace KubernetesConfigurationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesConfigurationResult): any => ({ + ...obj, + }); +} + /** *Describes whether S3 data event logs will be enabled as a data source.
*/ @@ -1694,6 +1923,11 @@ export interface DataSourceConfigurationsResult { * source. */ S3Logs: S3LogsConfigurationResult | undefined; + + /** + *An object that contains information on the status of all Kubernetes data sources.
+ */ + Kubernetes?: KubernetesConfigurationResult; } export namespace DataSourceConfigurationsResult { @@ -2010,6 +2244,44 @@ export namespace DescribeOrganizationConfigurationRequest { }); } +/** + *The current configuration of Kubernetes audit logs as a data source for the organization.
+ */ +export interface OrganizationKubernetesAuditLogsConfigurationResult { + /** + *Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.
+ */ + AutoEnable: boolean | undefined; +} + +export namespace OrganizationKubernetesAuditLogsConfigurationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: OrganizationKubernetesAuditLogsConfigurationResult): any => ({ + ...obj, + }); +} + +/** + *The current configuration of all Kubernetes data sources for the organization.
+ */ +export interface OrganizationKubernetesConfigurationResult { + /** + *The current configuration of Kubernetes audit logs as a data source for the organization.
+ */ + AuditLogs: OrganizationKubernetesAuditLogsConfigurationResult | undefined; +} + +export namespace OrganizationKubernetesConfigurationResult { + /** + * @internal + */ + export const filterSensitiveLog = (obj: OrganizationKubernetesConfigurationResult): any => ({ + ...obj, + }); +} + /** *The current configuration of S3 data event logs as a data source for the * organization.
@@ -2040,6 +2312,11 @@ export interface OrganizationDataSourceConfigurationsResult { *Describes whether S3 data event logs are enabled as a data source.
*/ S3Logs: OrganizationS3LogsConfigurationResult | undefined; + + /** + *Describes the configuration of Kubernetes data sources.
+ */ + Kubernetes?: OrganizationKubernetesConfigurationResult; } export namespace OrganizationDataSourceConfigurationsResult { @@ -2279,6 +2556,74 @@ export namespace DisassociateMembersResponse { }); } +/** + *Contains information about a tag associated with the EC2 instance.
+ */ +export interface Tag { + /** + *The EC2 instance tag key.
+ */ + Key?: string; + + /** + *The EC2 instance tag value.
+ */ + Value?: string; +} + +export namespace Tag { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Tag): any => ({ + ...obj, + }); +} + +/** + *Details about the EKS cluster involved in a Kubernetes finding.
+ */ +export interface EksClusterDetails { + /** + *EKS cluster name.
+ */ + Name?: string; + + /** + *EKS cluster ARN.
+ */ + Arn?: string; + + /** + *The VPC ID to which the EKS cluster is attached.
+ */ + VpcId?: string; + + /** + *The EKS cluster status.
+ */ + Status?: string; + + /** + *The EKS cluster tags.
+ */ + Tags?: Tag[]; + + /** + *The timestamp when the EKS cluster was created.
+ */ + CreatedAt?: Date; +} + +export namespace EksClusterDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: EksClusterDetails): any => ({ + ...obj, + }); +} + export interface EnableOrganizationAdminAccountRequest { /** *The Amazon Web Services Account ID for the organization account to be enabled as a GuardDuty delegated @@ -2517,30 +2862,6 @@ export namespace ProductCode { }); } -/** - *
Contains information about a tag associated with the EC2 instance.
- */ -export interface Tag { - /** - *The EC2 instance tag key.
- */ - Key?: string; - - /** - *The EC2 instance tag value.
- */ - Value?: string; -} - -export namespace Tag { - /** - * @internal - */ - export const filterSensitiveLog = (obj: Tag): any => ({ - ...obj, - }); -} - /** *Contains information about the details of an instance.
*/ @@ -2621,6 +2942,151 @@ export namespace InstanceDetails { }); } +/** + *Details about the Kubernetes user involved in a Kubernetes finding.
+ */ +export interface KubernetesUserDetails { + /** + *The username of the user who called the Kubernetes API.
+ */ + Username?: string; + + /** + *The user ID of the user who called the Kubernetes API.
+ */ + Uid?: string; + + /** + *The groups that include the user who called the Kubernetes API.
+ */ + Groups?: string[]; +} + +export namespace KubernetesUserDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesUserDetails): any => ({ + ...obj, + }); +} + +/** + *Represents a pre-existing file or directory on the host machine that the volume maps to.
+ */ +export interface HostPath { + /** + *Path of the file or directory on the host that the volume maps to.
+ */ + Path?: string; +} + +export namespace HostPath { + /** + * @internal + */ + export const filterSensitiveLog = (obj: HostPath): any => ({ + ...obj, + }); +} + +/** + *Volume used by the Kubernetes workload.
+ */ +export interface Volume { + /** + *Volume name.
+ */ + Name?: string; + + /** + *Represents a pre-existing file or directory on the host machine that the volume maps to.
+ */ + HostPath?: HostPath; +} + +export namespace Volume { + /** + * @internal + */ + export const filterSensitiveLog = (obj: Volume): any => ({ + ...obj, + }); +} + +/** + *Details about the Kubernetes workload involved in a Kubernetes finding.
+ */ +export interface KubernetesWorkloadDetails { + /** + *Kubernetes workload name.
+ */ + Name?: string; + + /** + *Kubernetes workload type (e.g. Pod, Deployment, etc.).
+ */ + Type?: string; + + /** + *Kubernetes workload ID.
+ */ + Uid?: string; + + /** + *Kubernetes namespace that the workload is part of.
+ */ + Namespace?: string; + + /** + *Whether the hostNetwork flag is enabled for the pods included in the workload.
+ */ + HostNetwork?: boolean; + + /** + *Containers running as part of the Kubernetes workload.
+ */ + Containers?: Container[]; + + /** + *Volumes used by the Kubernetes workload.
+ */ + Volumes?: Volume[]; +} + +export namespace KubernetesWorkloadDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesWorkloadDetails): any => ({ + ...obj, + }); +} + +/** + *Details about Kubernetes resources such as a Kubernetes user or workload resource involved in a Kubernetes finding.
+ */ +export interface KubernetesDetails { + /** + *Details about the Kubernetes user involved in a Kubernetes finding.
+ */ + KubernetesUserDetails?: KubernetesUserDetails; + + /** + *Details about the Kubernetes workload involved in a Kubernetes finding.
+ */ + KubernetesWorkloadDetails?: KubernetesWorkloadDetails; +} + +export namespace KubernetesDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: KubernetesDetails): any => ({ + ...obj, + }); +} + /** *Contains information on the owner of the bucket.
*/ @@ -2768,6 +3234,16 @@ export interface Resource { */ InstanceDetails?: InstanceDetails; + /** + *Details about the EKS cluster involved in a Kubernetes finding.
+ */ + EksClusterDetails?: EksClusterDetails; + + /** + *Details about the Kubernetes user and workload involved in a Kubernetes finding.
+ */ + KubernetesDetails?: KubernetesDetails; + /** *The type of Amazon Web Services resource.
*/ @@ -4977,6 +5453,45 @@ export namespace UpdateMemberDetectorsResponse { }); } +/** + *Organization-wide Kubernetes audit logs configuration.
+ */ +export interface OrganizationKubernetesAuditLogsConfiguration { + /** + *A value that contains information on whether Kubernetes audit logs should be enabled + * automatically as a data source for the organization.
+ */ + AutoEnable: boolean | undefined; +} + +export namespace OrganizationKubernetesAuditLogsConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: OrganizationKubernetesAuditLogsConfiguration): any => ({ + ...obj, + }); +} + +/** + *Organization-wide Kubernetes data sources configurations.
+ */ +export interface OrganizationKubernetesConfiguration { + /** + *Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.
+ */ + AuditLogs: OrganizationKubernetesAuditLogsConfiguration | undefined; +} + +export namespace OrganizationKubernetesConfiguration { + /** + * @internal + */ + export const filterSensitiveLog = (obj: OrganizationKubernetesConfiguration): any => ({ + ...obj, + }); +} + /** *Describes whether S3 data event logs will be automatically enabled for new members of the * organization.
@@ -5008,6 +5523,11 @@ export interface OrganizationDataSourceConfigurations { * organization. */ S3Logs?: OrganizationS3LogsConfiguration; + + /** + *Describes the configuration of Kubernetes data sources for new members of the organization.
+ */ + Kubernetes?: OrganizationKubernetesConfiguration; } export namespace OrganizationDataSourceConfigurations { diff --git a/clients/client-guardduty/src/protocols/Aws_restJson1.ts b/clients/client-guardduty/src/protocols/Aws_restJson1.ts index 5a6a4f1c2bcd..674e8ddb1f46 100644 --- a/clients/client-guardduty/src/protocols/Aws_restJson1.ts +++ b/clients/client-guardduty/src/protocols/Aws_restJson1.ts @@ -165,6 +165,7 @@ import { City, CloudTrailConfigurationResult, Condition, + Container, Country, DataSource, DataSourceConfigurations, @@ -175,6 +176,7 @@ import { DNSLogsConfigurationResult, DnsRequestAction, DomainDetails, + EksClusterDetails, Evidence, Finding, FindingCriteria, @@ -182,10 +184,19 @@ import { FindingStatisticType, FlowLogsConfigurationResult, GeoLocation, + HostPath, IamInstanceProfile, InstanceDetails, InternalServerErrorException, Invitation, + KubernetesApiCallAction, + KubernetesAuditLogsConfiguration, + KubernetesAuditLogsConfigurationResult, + KubernetesConfiguration, + KubernetesConfigurationResult, + KubernetesDetails, + KubernetesUserDetails, + KubernetesWorkloadDetails, LocalIpDetails, LocalPortDetails, Master, @@ -196,6 +207,10 @@ import { Organization, OrganizationDataSourceConfigurations, OrganizationDataSourceConfigurationsResult, + OrganizationKubernetesAuditLogsConfiguration, + OrganizationKubernetesAuditLogsConfigurationResult, + OrganizationKubernetesConfiguration, + OrganizationKubernetesConfigurationResult, OrganizationS3LogsConfiguration, OrganizationS3LogsConfigurationResult, Owner, @@ -212,6 +227,7 @@ import { S3BucketDetail, S3LogsConfiguration, S3LogsConfigurationResult, + SecurityContext, SecurityGroup, Service, SortCriteria, @@ -224,6 +240,8 @@ import { UsageDataSourceResult, UsageResourceResult, UsageStatistics, + Volume, + VolumeMount, } from "../models/models_0"; export const serializeAws_restJson1AcceptInvitationCommand = async ( @@ -6101,6 +6119,10 @@ const serializeAws_restJson1DataSourceConfigurations = ( context: __SerdeContext ): any => { return { + ...(input.Kubernetes !== undefined && + input.Kubernetes !== null && { + kubernetes: serializeAws_restJson1KubernetesConfiguration(input.Kubernetes, context), + }), ...(input.S3Logs !== undefined && input.S3Logs !== null && { s3Logs: serializeAws_restJson1S3LogsConfiguration(input.S3Logs, context) }), }; @@ -6190,6 +6212,27 @@ const serializeAws_restJson1FindingTypes = (input: string[], context: __SerdeCon }); }; +const serializeAws_restJson1KubernetesAuditLogsConfiguration = ( + input: KubernetesAuditLogsConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.Enable !== undefined && input.Enable !== null && { enable: input.Enable }), + }; +}; + +const serializeAws_restJson1KubernetesConfiguration = ( + input: KubernetesConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.AuditLogs !== undefined && + input.AuditLogs !== null && { + auditLogs: serializeAws_restJson1KubernetesAuditLogsConfiguration(input.AuditLogs, context), + }), + }; +}; + const serializeAws_restJson1Neq = (input: string[], context: __SerdeContext): any => { return input .filter((e: any) => e != null) @@ -6217,6 +6260,10 @@ const serializeAws_restJson1OrganizationDataSourceConfigurations = ( context: __SerdeContext ): any => { return { + ...(input.Kubernetes !== undefined && + input.Kubernetes !== null && { + kubernetes: serializeAws_restJson1OrganizationKubernetesConfiguration(input.Kubernetes, context), + }), ...(input.S3Logs !== undefined && input.S3Logs !== null && { s3Logs: serializeAws_restJson1OrganizationS3LogsConfiguration(input.S3Logs, context), @@ -6224,6 +6271,27 @@ const serializeAws_restJson1OrganizationDataSourceConfigurations = ( }; }; +const serializeAws_restJson1OrganizationKubernetesAuditLogsConfiguration = ( + input: OrganizationKubernetesAuditLogsConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.AutoEnable !== undefined && input.AutoEnable !== null && { autoEnable: input.AutoEnable }), + }; +}; + +const serializeAws_restJson1OrganizationKubernetesConfiguration = ( + input: OrganizationKubernetesConfiguration, + context: __SerdeContext +): any => { + return { + ...(input.AuditLogs !== undefined && + input.AuditLogs !== null && { + auditLogs: serializeAws_restJson1OrganizationKubernetesAuditLogsConfiguration(input.AuditLogs, context), + }), + }; +}; + const serializeAws_restJson1OrganizationS3LogsConfiguration = ( input: OrganizationS3LogsConfiguration, context: __SerdeContext @@ -6319,6 +6387,10 @@ const deserializeAws_restJson1Action = (output: any, context: __SerdeContext): A output.dnsRequestAction !== undefined && output.dnsRequestAction !== null ? deserializeAws_restJson1DnsRequestAction(output.dnsRequestAction, context) : undefined, + KubernetesApiCallAction: + output.kubernetesApiCallAction !== undefined && output.kubernetesApiCallAction !== null + ? deserializeAws_restJson1KubernetesApiCallAction(output.kubernetesApiCallAction, context) + : undefined, NetworkConnectionAction: output.networkConnectionAction !== undefined && output.networkConnectionAction !== null ? deserializeAws_restJson1NetworkConnectionAction(output.networkConnectionAction, context) @@ -6366,6 +6438,7 @@ const deserializeAws_restJson1AwsApiCallAction = (output: any, context: __SerdeC ? deserializeAws_restJson1RemoteIpDetails(output.remoteIpDetails, context) : undefined, ServiceName: __expectString(output.serviceName), + UserAgent: __expectString(output.userAgent), } as any; }; @@ -6443,6 +6516,35 @@ const deserializeAws_restJson1Condition = (output: any, context: __SerdeContext) } as any; }; +const deserializeAws_restJson1Container = (output: any, context: __SerdeContext): Container => { + return { + ContainerRuntime: __expectString(output.containerRuntime), + Id: __expectString(output.id), + Image: __expectString(output.image), + ImagePrefix: __expectString(output.imagePrefix), + Name: __expectString(output.name), + SecurityContext: + output.securityContext !== undefined && output.securityContext !== null + ? deserializeAws_restJson1SecurityContext(output.securityContext, context) + : undefined, + VolumeMounts: + output.volumeMounts !== undefined && output.volumeMounts !== null + ? deserializeAws_restJson1VolumeMounts(output.volumeMounts, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1Containers = (output: any, context: __SerdeContext): Container[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1Container(entry, context); + }); +}; + const deserializeAws_restJson1CountBySeverity = (output: any, context: __SerdeContext): { [key: string]: number } => { return Object.entries(output).reduce((acc: { [key: string]: number }, [key, value]: [string, any]) => { if (value === null) { @@ -6491,6 +6593,10 @@ const deserializeAws_restJson1DataSourceConfigurationsResult = ( output.flowLogs !== undefined && output.flowLogs !== null ? deserializeAws_restJson1FlowLogsConfigurationResult(output.flowLogs, context) : undefined, + Kubernetes: + output.kubernetes !== undefined && output.kubernetes !== null + ? deserializeAws_restJson1KubernetesConfigurationResult(output.kubernetes, context) + : undefined, S3Logs: output.s3Logs !== undefined && output.s3Logs !== null ? deserializeAws_restJson1S3LogsConfigurationResult(output.s3Logs, context) @@ -6566,6 +6672,23 @@ const deserializeAws_restJson1DomainDetails = (output: any, context: __SerdeCont } as any; }; +const deserializeAws_restJson1EksClusterDetails = (output: any, context: __SerdeContext): EksClusterDetails => { + return { + Arn: __expectString(output.arn), + CreatedAt: + output.createdAt !== undefined && output.createdAt !== null + ? __expectNonNull(__parseEpochTimestamp(__expectNumber(output.createdAt))) + : undefined, + Name: __expectString(output.name), + Status: __expectString(output.status), + Tags: + output.tags !== undefined && output.tags !== null + ? deserializeAws_restJson1Tags(output.tags, context) + : undefined, + VpcId: __expectString(output.vpcId), + } as any; +}; + const deserializeAws_restJson1Eq = (output: any, context: __SerdeContext): string[] => { return (output || []) .filter((e: any) => e != null) @@ -6690,6 +6813,23 @@ const deserializeAws_restJson1GeoLocation = (output: any, context: __SerdeContex } as any; }; +const deserializeAws_restJson1Groups = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + +const deserializeAws_restJson1HostPath = (output: any, context: __SerdeContext): HostPath => { + return { + Path: __expectString(output.path), + } as any; +}; + const deserializeAws_restJson1IamInstanceProfile = (output: any, context: __SerdeContext): IamInstanceProfile => { return { Arn: __expectString(output.arn), @@ -6769,6 +6909,93 @@ const deserializeAws_restJson1Ipv6Addresses = (output: any, context: __SerdeCont }); }; +const deserializeAws_restJson1KubernetesApiCallAction = ( + output: any, + context: __SerdeContext +): KubernetesApiCallAction => { + return { + Parameters: __expectString(output.parameters), + RemoteIpDetails: + output.remoteIpDetails !== undefined && output.remoteIpDetails !== null + ? deserializeAws_restJson1RemoteIpDetails(output.remoteIpDetails, context) + : undefined, + RequestUri: __expectString(output.requestUri), + SourceIps: + output.sourceIps !== undefined && output.sourceIps !== null + ? deserializeAws_restJson1SourceIps(output.sourceIps, context) + : undefined, + StatusCode: __expectInt32(output.statusCode), + UserAgent: __expectString(output.userAgent), + Verb: __expectString(output.verb), + } as any; +}; + +const deserializeAws_restJson1KubernetesAuditLogsConfigurationResult = ( + output: any, + context: __SerdeContext +): KubernetesAuditLogsConfigurationResult => { + return { + Status: __expectString(output.status), + } as any; +}; + +const deserializeAws_restJson1KubernetesConfigurationResult = ( + output: any, + context: __SerdeContext +): KubernetesConfigurationResult => { + return { + AuditLogs: + output.auditLogs !== undefined && output.auditLogs !== null + ? deserializeAws_restJson1KubernetesAuditLogsConfigurationResult(output.auditLogs, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1KubernetesDetails = (output: any, context: __SerdeContext): KubernetesDetails => { + return { + KubernetesUserDetails: + output.kubernetesUserDetails !== undefined && output.kubernetesUserDetails !== null + ? deserializeAws_restJson1KubernetesUserDetails(output.kubernetesUserDetails, context) + : undefined, + KubernetesWorkloadDetails: + output.kubernetesWorkloadDetails !== undefined && output.kubernetesWorkloadDetails !== null + ? deserializeAws_restJson1KubernetesWorkloadDetails(output.kubernetesWorkloadDetails, context) + : undefined, + } as any; +}; + +const deserializeAws_restJson1KubernetesUserDetails = (output: any, context: __SerdeContext): KubernetesUserDetails => { + return { + Groups: + output.groups !== undefined && output.groups !== null + ? deserializeAws_restJson1Groups(output.groups, context) + : undefined, + Uid: __expectString(output.uid), + Username: __expectString(output.username), + } as any; +}; + +const deserializeAws_restJson1KubernetesWorkloadDetails = ( + output: any, + context: __SerdeContext +): KubernetesWorkloadDetails => { + return { + Containers: + output.containers !== undefined && output.containers !== null + ? deserializeAws_restJson1Containers(output.containers, context) + : undefined, + HostNetwork: __expectBoolean(output.hostNetwork), + Name: __expectString(output.name), + Namespace: __expectString(output.namespace), + Type: __expectString(output.type), + Uid: __expectString(output.uid), + Volumes: + output.volumes !== undefined && output.volumes !== null + ? deserializeAws_restJson1Volumes(output.volumes, context) + : undefined, + } as any; +}; + const deserializeAws_restJson1LocalIpDetails = (output: any, context: __SerdeContext): LocalIpDetails => { return { IpAddressV4: __expectString(output.ipAddressV4), @@ -6939,6 +7166,10 @@ const deserializeAws_restJson1OrganizationDataSourceConfigurationsResult = ( context: __SerdeContext ): OrganizationDataSourceConfigurationsResult => { return { + Kubernetes: + output.kubernetes !== undefined && output.kubernetes !== null + ? deserializeAws_restJson1OrganizationKubernetesConfigurationResult(output.kubernetes, context) + : undefined, S3Logs: output.s3Logs !== undefined && output.s3Logs !== null ? deserializeAws_restJson1OrganizationS3LogsConfigurationResult(output.s3Logs, context) @@ -6946,6 +7177,27 @@ const deserializeAws_restJson1OrganizationDataSourceConfigurationsResult = ( } as any; }; +const deserializeAws_restJson1OrganizationKubernetesAuditLogsConfigurationResult = ( + output: any, + context: __SerdeContext +): OrganizationKubernetesAuditLogsConfigurationResult => { + return { + AutoEnable: __expectBoolean(output.autoEnable), + } as any; +}; + +const deserializeAws_restJson1OrganizationKubernetesConfigurationResult = ( + output: any, + context: __SerdeContext +): OrganizationKubernetesConfigurationResult => { + return { + AuditLogs: + output.auditLogs !== undefined && output.auditLogs !== null + ? deserializeAws_restJson1OrganizationKubernetesAuditLogsConfigurationResult(output.auditLogs, context) + : undefined, + } as any; +}; + const deserializeAws_restJson1OrganizationS3LogsConfigurationResult = ( output: any, context: __SerdeContext @@ -7109,10 +7361,18 @@ const deserializeAws_restJson1Resource = (output: any, context: __SerdeContext): output.accessKeyDetails !== undefined && output.accessKeyDetails !== null ? deserializeAws_restJson1AccessKeyDetails(output.accessKeyDetails, context) : undefined, + EksClusterDetails: + output.eksClusterDetails !== undefined && output.eksClusterDetails !== null + ? deserializeAws_restJson1EksClusterDetails(output.eksClusterDetails, context) + : undefined, InstanceDetails: output.instanceDetails !== undefined && output.instanceDetails !== null ? deserializeAws_restJson1InstanceDetails(output.instanceDetails, context) : undefined, + KubernetesDetails: + output.kubernetesDetails !== undefined && output.kubernetesDetails !== null + ? deserializeAws_restJson1KubernetesDetails(output.kubernetesDetails, context) + : undefined, ResourceType: __expectString(output.resourceType), S3BucketDetails: output.s3BucketDetails !== undefined && output.s3BucketDetails !== null @@ -7169,6 +7429,12 @@ const deserializeAws_restJson1S3LogsConfigurationResult = ( } as any; }; +const deserializeAws_restJson1SecurityContext = (output: any, context: __SerdeContext): SecurityContext => { + return { + Privileged: __expectBoolean(output.privileged), + } as any; +}; + const deserializeAws_restJson1SecurityGroup = (output: any, context: __SerdeContext): SecurityGroup => { return { GroupId: __expectString(output.groupId), @@ -7208,6 +7474,17 @@ const deserializeAws_restJson1Service = (output: any, context: __SerdeContext): } as any; }; +const deserializeAws_restJson1SourceIps = (output: any, context: __SerdeContext): string[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return __expectString(entry) as any; + }); +}; + const deserializeAws_restJson1Tag = (output: any, context: __SerdeContext): Tag => { return { Key: __expectString(output.key), @@ -7402,6 +7679,45 @@ const deserializeAws_restJson1UsageStatistics = (output: any, context: __SerdeCo } as any; }; +const deserializeAws_restJson1Volume = (output: any, context: __SerdeContext): Volume => { + return { + HostPath: + output.hostPath !== undefined && output.hostPath !== null + ? deserializeAws_restJson1HostPath(output.hostPath, context) + : undefined, + Name: __expectString(output.name), + } as any; +}; + +const deserializeAws_restJson1VolumeMount = (output: any, context: __SerdeContext): VolumeMount => { + return { + MountPath: __expectString(output.mountPath), + Name: __expectString(output.name), + } as any; +}; + +const deserializeAws_restJson1VolumeMounts = (output: any, context: __SerdeContext): VolumeMount[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1VolumeMount(entry, context); + }); +}; + +const deserializeAws_restJson1Volumes = (output: any, context: __SerdeContext): Volume[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1Volume(entry, context); + }); +}; + const deserializeMetadata = (output: __HttpResponse): __ResponseMetadata => ({ httpStatusCode: output.statusCode, requestId: output.headers["x-amzn-requestid"] ?? output.headers["x-amzn-request-id"], diff --git a/clients/client-kafka/src/models/models_0.ts b/clients/client-kafka/src/models/models_0.ts index 58d04a08288b..16275ec42b85 100644 --- a/clients/client-kafka/src/models/models_0.ts +++ b/clients/client-kafka/src/models/models_0.ts @@ -1,5 +1,29 @@ import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types"; +/** + * Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes. + */ +export interface ProvisionedThroughput { + /** + * Provisioned throughput is enabled or not. + */ + Enabled?: boolean; + + /** + * Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second. + */ + VolumeThroughput?: number; +} + +export namespace ProvisionedThroughput { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ProvisionedThroughput): any => ({ + ...obj, + }); +} + /** *Specifies the EBS volume upgrade information. The broker identifier must be set to the keyword ALL. This means the changes apply to all the brokers in the cluster.
*/ @@ -9,10 +33,15 @@ export interface BrokerEBSVolumeInfo { */ KafkaBrokerNodeId: string | undefined; + /** + * EBS volume provisioned throughput information. + */ + ProvisionedThroughput?: ProvisionedThroughput; + /** *Size of the EBS volume to update.
*/ - VolumeSizeGB: number | undefined; + VolumeSizeGB?: number; } export namespace BrokerEBSVolumeInfo { @@ -75,6 +104,11 @@ export namespace ConnectivityInfo { *Contains information about the EBS storage volumes attached to Apache Kafka broker nodes.
*/ export interface EBSStorageInfo { + /** + * EBS volume provisioned throughput information. + */ + ProvisionedThroughput?: ProvisionedThroughput; + /** *The size in GiB of the EBS volume for the data drive on each broker node.
*/ diff --git a/clients/client-kafka/src/protocols/Aws_restJson1.ts b/clients/client-kafka/src/protocols/Aws_restJson1.ts index 60a902522bb2..b9b8285550c6 100644 --- a/clients/client-kafka/src/protocols/Aws_restJson1.ts +++ b/clients/client-kafka/src/protocols/Aws_restJson1.ts @@ -145,6 +145,7 @@ import { PrometheusInfo, Provisioned, ProvisionedRequest, + ProvisionedThroughput, PublicAccess, S3, Sasl, @@ -4921,6 +4922,10 @@ const serializeAws_restJson1BrokerEBSVolumeInfo = (input: BrokerEBSVolumeInfo, c return { ...(input.KafkaBrokerNodeId !== undefined && input.KafkaBrokerNodeId !== null && { kafkaBrokerNodeId: input.KafkaBrokerNodeId }), + ...(input.ProvisionedThroughput !== undefined && + input.ProvisionedThroughput !== null && { + provisionedThroughput: serializeAws_restJson1ProvisionedThroughput(input.ProvisionedThroughput, context), + }), ...(input.VolumeSizeGB !== undefined && input.VolumeSizeGB !== null && { volumeSizeGB: input.VolumeSizeGB }), }; }; @@ -4993,6 +4998,10 @@ const serializeAws_restJson1ConnectivityInfo = (input: ConnectivityInfo, context const serializeAws_restJson1EBSStorageInfo = (input: EBSStorageInfo, context: __SerdeContext): any => { return { + ...(input.ProvisionedThroughput !== undefined && + input.ProvisionedThroughput !== null && { + provisionedThroughput: serializeAws_restJson1ProvisionedThroughput(input.ProvisionedThroughput, context), + }), ...(input.VolumeSize !== undefined && input.VolumeSize !== null && { volumeSize: input.VolumeSize }), }; }; @@ -5109,6 +5118,14 @@ const serializeAws_restJson1ProvisionedRequest = (input: ProvisionedRequest, con }; }; +const serializeAws_restJson1ProvisionedThroughput = (input: ProvisionedThroughput, context: __SerdeContext): any => { + return { + ...(input.Enabled !== undefined && input.Enabled !== null && { enabled: input.Enabled }), + ...(input.VolumeThroughput !== undefined && + input.VolumeThroughput !== null && { volumeThroughput: input.VolumeThroughput }), + }; +}; + const serializeAws_restJson1PublicAccess = (input: PublicAccess, context: __SerdeContext): any => { return { ...(input.Type !== undefined && input.Type !== null && { type: input.Type }), @@ -5376,6 +5393,10 @@ const deserializeAws_restJson1__mapOf__string = (output: any, context: __SerdeCo const deserializeAws_restJson1BrokerEBSVolumeInfo = (output: any, context: __SerdeContext): BrokerEBSVolumeInfo => { return { KafkaBrokerNodeId: __expectString(output.kafkaBrokerNodeId), + ProvisionedThroughput: + output.provisionedThroughput !== undefined && output.provisionedThroughput !== null + ? deserializeAws_restJson1ProvisionedThroughput(output.provisionedThroughput, context) + : undefined, VolumeSizeGB: __expectInt32(output.volumeSizeGB), } as any; }; @@ -5660,6 +5681,10 @@ const deserializeAws_restJson1ConnectivityInfo = (output: any, context: __SerdeC const deserializeAws_restJson1EBSStorageInfo = (output: any, context: __SerdeContext): EBSStorageInfo => { return { + ProvisionedThroughput: + output.provisionedThroughput !== undefined && output.provisionedThroughput !== null + ? deserializeAws_restJson1ProvisionedThroughput(output.provisionedThroughput, context) + : undefined, VolumeSize: __expectInt32(output.volumeSize), } as any; }; @@ -5881,6 +5906,13 @@ const deserializeAws_restJson1Provisioned = (output: any, context: __SerdeContex } as any; }; +const deserializeAws_restJson1ProvisionedThroughput = (output: any, context: __SerdeContext): ProvisionedThroughput => { + return { + Enabled: __expectBoolean(output.enabled), + VolumeThroughput: __expectInt32(output.volumeThroughput), + } as any; +}; + const deserializeAws_restJson1PublicAccess = (output: any, context: __SerdeContext): PublicAccess => { return { Type: __expectString(output.type), diff --git a/clients/client-opensearch/src/OpenSearch.ts b/clients/client-opensearch/src/OpenSearch.ts index 011ee6279c60..2535fe4b0c89 100644 --- a/clients/client-opensearch/src/OpenSearch.ts +++ b/clients/client-opensearch/src/OpenSearch.ts @@ -56,6 +56,11 @@ import { DescribeDomainAutoTunesCommandInput, DescribeDomainAutoTunesCommandOutput, } from "./commands/DescribeDomainAutoTunesCommand"; +import { + DescribeDomainChangeProgressCommand, + DescribeDomainChangeProgressCommandInput, + DescribeDomainChangeProgressCommandOutput, +} from "./commands/DescribeDomainChangeProgressCommand"; import { DescribeDomainCommand, DescribeDomainCommandInput, @@ -619,6 +624,39 @@ export class OpenSearch extends OpenSearchClient { } } + /** + *Returns information about the current blue/green deployment happening on a domain, including + * a change ID, status, and progress stages.
+ */ + public describeDomainChangeProgress( + args: DescribeDomainChangeProgressCommandInput, + options?: __HttpHandlerOptions + ): PromiseProvides cluster configuration information about the specified domain, such as the state, creation * date, update version, and update date for cluster options. diff --git a/clients/client-opensearch/src/OpenSearchClient.ts b/clients/client-opensearch/src/OpenSearchClient.ts index 2d86be530761..86f54cf2b9ac 100644 --- a/clients/client-opensearch/src/OpenSearchClient.ts +++ b/clients/client-opensearch/src/OpenSearchClient.ts @@ -80,6 +80,10 @@ import { DescribeDomainAutoTunesCommandInput, DescribeDomainAutoTunesCommandOutput, } from "./commands/DescribeDomainAutoTunesCommand"; +import { + DescribeDomainChangeProgressCommandInput, + DescribeDomainChangeProgressCommandOutput, +} from "./commands/DescribeDomainChangeProgressCommand"; import { DescribeDomainCommandInput, DescribeDomainCommandOutput } from "./commands/DescribeDomainCommand"; import { DescribeDomainConfigCommandInput, @@ -164,6 +168,7 @@ export type ServiceInputTypes = | DeleteOutboundConnectionCommandInput | DeletePackageCommandInput | DescribeDomainAutoTunesCommandInput + | DescribeDomainChangeProgressCommandInput | DescribeDomainCommandInput | DescribeDomainConfigCommandInput | DescribeDomainsCommandInput @@ -205,6 +210,7 @@ export type ServiceOutputTypes = | DeleteOutboundConnectionCommandOutput | DeletePackageCommandOutput | DescribeDomainAutoTunesCommandOutput + | DescribeDomainChangeProgressCommandOutput | DescribeDomainCommandOutput | DescribeDomainConfigCommandOutput | DescribeDomainsCommandOutput diff --git a/clients/client-opensearch/src/commands/DescribeDomainChangeProgressCommand.ts b/clients/client-opensearch/src/commands/DescribeDomainChangeProgressCommand.ts new file mode 100644 index 000000000000..89461d951213 --- /dev/null +++ b/clients/client-opensearch/src/commands/DescribeDomainChangeProgressCommand.ts @@ -0,0 +1,101 @@ +import { getSerdePlugin } from "@aws-sdk/middleware-serde"; +import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http"; +import { Command as $Command } from "@aws-sdk/smithy-client"; +import { + FinalizeHandlerArguments, + Handler, + HandlerExecutionContext, + HttpHandlerOptions as __HttpHandlerOptions, + MetadataBearer as __MetadataBearer, + MiddlewareStack, + SerdeContext as __SerdeContext, +} from "@aws-sdk/types"; + +import { DescribeDomainChangeProgressRequest, DescribeDomainChangeProgressResponse } from "../models/models_0"; +import { OpenSearchClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../OpenSearchClient"; +import { + deserializeAws_restJson1DescribeDomainChangeProgressCommand, + serializeAws_restJson1DescribeDomainChangeProgressCommand, +} from "../protocols/Aws_restJson1"; + +export interface DescribeDomainChangeProgressCommandInput extends DescribeDomainChangeProgressRequest {} +export interface DescribeDomainChangeProgressCommandOutput + extends DescribeDomainChangeProgressResponse, + __MetadataBearer {} + +/** + *
Returns information about the current blue/green deployment happening on a domain, including + * a change ID, status, and progress stages.
+ * @example + * Use a bare-bones client and the command you need to make an API call. + * ```javascript + * import { OpenSearchClient, DescribeDomainChangeProgressCommand } from "@aws-sdk/client-opensearch"; // ES Modules import + * // const { OpenSearchClient, DescribeDomainChangeProgressCommand } = require("@aws-sdk/client-opensearch"); // CommonJS import + * const client = new OpenSearchClient(config); + * const command = new DescribeDomainChangeProgressCommand(input); + * const response = await client.send(command); + * ``` + * + * @see {@link DescribeDomainChangeProgressCommandInput} for command's `input` shape. + * @see {@link DescribeDomainChangeProgressCommandOutput} for command's `response` shape. + * @see {@link OpenSearchClientResolvedConfig | config} for OpenSearchClient's `config` shape. + * + */ +export class DescribeDomainChangeProgressCommand extends $Command< + DescribeDomainChangeProgressCommandInput, + DescribeDomainChangeProgressCommandOutput, + OpenSearchClientResolvedConfig +> { + // Start section: command_properties + // End section: command_properties + + constructor(readonly input: DescribeDomainChangeProgressCommandInput) { + // Start section: command_constructor + super(); + // End section: command_constructor + } + + /** + * @internal + */ + resolveMiddleware( + clientStack: MiddlewareStackSpecifies change details of the domain configuration change.
+ */ +export interface ChangeProgressDetails { + /** + *The unique change identifier associated with a specific domain configuration change.
+ */ + ChangeId?: string; + + /** + *Contains an optional message associated with the domain configuration change.
+ */ + Message?: string; +} + +export namespace ChangeProgressDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ChangeProgressDetails): any => ({ + ...obj, + }); +} + /** *Options to specify the subnets and security groups for the VPC endpoint. For more information, see * Launching your Amazon OpenSearch Service domains using a VPC. @@ -1958,6 +1982,11 @@ export interface DomainStatus { *
The current status of the domain's Auto-Tune options.
*/ AutoTuneOptions?: AutoTuneOptionsOutput; + + /** + *Specifies change details of the domain configuration change.
+ */ + ChangeProgressDetails?: ChangeProgressDetails; } export namespace DomainStatus { @@ -2790,6 +2819,146 @@ export namespace DescribeDomainAutoTunesResponse { }); } +/** + *Container for the parameters to the DescribeDomainChangeProgress operation. Specifies the
+ * domain name and optional change specific identity for which you want progress information.
+ *
The domain you want to get the progress information about.
+ */ + DomainName: string | undefined; + + /** + *The specific change ID for which you want to get progress information. This is an optional parameter. + * If omitted, the service returns information about the most recent configuration change. + *
+ */ + ChangeId?: string; +} + +export namespace DescribeDomainChangeProgressRequest { + /** + * @internal + */ + export const filterSensitiveLog = (obj: DescribeDomainChangeProgressRequest): any => ({ + ...obj, + }); +} + +/** + *A progress stage details of a specific domain configuration change.
+ */ +export interface ChangeProgressStage { + /** + *The name of the specific progress stage.
+ */ + Name?: string; + + /** + *The overall status of a specific progress stage.
+ */ + Status?: string; + + /** + *The description of the progress stage.
+ */ + Description?: string; + + /** + *The last updated timestamp of the progress stage.
+ */ + LastUpdated?: Date; +} + +export namespace ChangeProgressStage { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ChangeProgressStage): any => ({ + ...obj, + }); +} + +export enum OverallChangeStatus { + COMPLETED = "COMPLETED", + FAILED = "FAILED", + PENDING = "PENDING", + PROCESSING = "PROCESSING", +} + +/** + *The progress details of a specific domain configuration change.
+ */ +export interface ChangeProgressStatusDetails { + /** + *The unique change identifier associated with a specific domain configuration change.
+ */ + ChangeId?: string; + + /** + *The time at which the configuration change is made on the domain.
+ */ + StartTime?: Date; + + /** + *The overall status of the domain configuration change. This field can take the following values: PENDING, PROCESSING, COMPLETED and FAILED
The list of properties involved in the domain configuration change that are still in pending.
+ */ + PendingProperties?: string[]; + + /** + *The list of properties involved in the domain configuration change that are completed.
+ */ + CompletedProperties?: string[]; + + /** + *The total number of stages required for the configuration change.
+ */ + TotalNumberOfStages?: number; + + /** + *The specific stages that the domain is going through to perform the configuration change.
+ */ + ChangeProgressStages?: ChangeProgressStage[]; +} + +export namespace ChangeProgressStatusDetails { + /** + * @internal + */ + export const filterSensitiveLog = (obj: ChangeProgressStatusDetails): any => ({ + ...obj, + }); +} + +/** + *The result of a DescribeDomainChangeProgress request. Contains the progress information of
+ * the requested domain change.
+ *
Progress information for the configuration change that is requested in the DescribeDomainChangeProgress request.
+ *
Container for the parameters to the DescribeDomainConfig operation. Specifies the
* domain name for which you want configuration information.
@@ -3250,6 +3419,11 @@ export interface DomainConfig {
*
Specifies change details of the domain configuration change.
+ */ + ChangeProgressDetails?: ChangeProgressDetails; } export namespace DomainConfig { @@ -5678,6 +5852,11 @@ export interface UpgradeDomainResponse { * */ AdvancedOptions?: { [key: string]: string }; + + /** + *Specifies change details of the domain configuration change.
+ */ + ChangeProgressDetails?: ChangeProgressDetails; } export namespace UpgradeDomainResponse { diff --git a/clients/client-opensearch/src/protocols/Aws_restJson1.ts b/clients/client-opensearch/src/protocols/Aws_restJson1.ts index b9c69fd28f35..04690636c84c 100644 --- a/clients/client-opensearch/src/protocols/Aws_restJson1.ts +++ b/clients/client-opensearch/src/protocols/Aws_restJson1.ts @@ -49,6 +49,10 @@ import { DescribeDomainAutoTunesCommandInput, DescribeDomainAutoTunesCommandOutput, } from "../commands/DescribeDomainAutoTunesCommand"; +import { + DescribeDomainChangeProgressCommandInput, + DescribeDomainChangeProgressCommandOutput, +} from "../commands/DescribeDomainChangeProgressCommand"; import { DescribeDomainCommandInput, DescribeDomainCommandOutput } from "../commands/DescribeDomainCommand"; import { DescribeDomainConfigCommandInput, @@ -136,6 +140,9 @@ import { AutoTuneStatus, AWSDomainInformation, BaseException, + ChangeProgressDetails, + ChangeProgressStage, + ChangeProgressStatusDetails, ClusterConfig, ClusterConfigStatus, CognitoOptions, @@ -659,6 +666,40 @@ export const serializeAws_restJson1DescribeDomainAutoTunesCommand = async ( }); }; +export const serializeAws_restJson1DescribeDomainChangeProgressCommand = async ( + input: DescribeDomainChangeProgressCommandInput, + context: __SerdeContext +): Promise<__HttpRequest> => { + const { hostname, protocol = "https", port, path: basePath } = await context.endpoint(); + const headers: any = {}; + let resolvedPath = + `${basePath?.endsWith("/") ? basePath.slice(0, -1) : basePath || ""}` + + "/2021-01-01/opensearch/domain/{DomainName}/progress"; + if (input.DomainName !== undefined) { + const labelValue: string = input.DomainName; + if (labelValue.length <= 0) { + throw new Error("Empty value provided for input HTTP label: DomainName."); + } + resolvedPath = resolvedPath.replace("{DomainName}", __extendedEncodeURIComponent(labelValue)); + } else { + throw new Error("No value provided for input HTTP label: DomainName."); + } + const query: any = { + ...(input.ChangeId !== undefined && { changeid: input.ChangeId }), + }; + let body: any; + return new __HttpRequest({ + protocol, + hostname, + port, + method: "GET", + headers, + path: resolvedPath, + query, + body, + }); +}; + export const serializeAws_restJson1DescribeDomainConfigCommand = async ( input: DescribeDomainConfigCommandInput, context: __SerdeContext @@ -2584,6 +2625,88 @@ const deserializeAws_restJson1DescribeDomainAutoTunesCommandError = async ( return Promise.reject(Object.assign(new Error(message), response)); }; +export const deserializeAws_restJson1DescribeDomainChangeProgressCommand = async ( + output: __HttpResponse, + context: __SerdeContext +): PromiseRecovery readiness
## Installing diff --git a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadiness.ts b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadiness.ts index 0a395a1cc060..79993ed96226 100644 --- a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadiness.ts +++ b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadiness.ts @@ -135,11 +135,11 @@ import { import { Route53RecoveryReadinessClient } from "./Route53RecoveryReadinessClient"; /** - * AWS Route53 Recovery Readiness + *Recovery readiness
*/ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { /** - * Creates a new Cell. + *Creates a cell in an account.
*/ public createCell(args: CreateCellCommandInput, options?: __HttpHandlerOptions): PromiseCreates a cross-account readiness authorization. This lets you authorize another account to work with Route 53 Application Recovery Controller, for example, to check the readiness status of resources in a separate account.
*/ public createCrossAccountAuthorization( args: CreateCrossAccountAuthorizationCommandInput, @@ -197,7 +197,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Creates a new Readiness Check. + *Creates a readiness check in an account. A readiness check monitors a resource set in your application, such as a set of Amazon Aurora instances, that Application Recovery Controller is auditing recovery readiness for. The audits run once every minute on every resource that's associated with a readiness check.
*/ public createReadinessCheck( args: CreateReadinessCheckCommandInput, @@ -229,7 +229,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Creates a new Recovery Group. + *Creates a recovery group in an account. A recovery group corresponds to an application and includes a list of the cells that make up the application.
*/ public createRecoveryGroup( args: CreateRecoveryGroupCommandInput, @@ -261,7 +261,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Creates a new Resource Set. + *Creates a resource set. A resource set is a set of resources of one type that span multiple cells. You can associate a resource set with a readiness check to monitor the resources for failover readiness.
*/ public createResourceSet( args: CreateResourceSetCommandInput, @@ -293,7 +293,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Deletes an existing Cell. + *Delete a cell. When successful, the response code is 204, with no response body.
*/ public deleteCell(args: DeleteCellCommandInput, options?: __HttpHandlerOptions): PromiseDeletes cross account readiness authorization.
*/ public deleteCrossAccountAuthorization( args: DeleteCrossAccountAuthorizationCommandInput, @@ -351,7 +351,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Deletes an existing Readiness Check. + *Deletes a readiness check.
*/ public deleteReadinessCheck( args: DeleteReadinessCheckCommandInput, @@ -383,7 +383,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Deletes an existing Recovery Group. + *Deletes a recovery group.
*/ public deleteRecoveryGroup( args: DeleteRecoveryGroupCommandInput, @@ -415,7 +415,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Deletes an existing Resource Set. + *Deletes a resource set.
*/ public deleteResourceSet( args: DeleteResourceSetCommandInput, @@ -447,7 +447,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of recommendations to improve resilliance and readiness check quality for a Recovery Group. + *Gets recommendations about architecture designs for improving resiliency for an application, based on a recovery group.
*/ public getArchitectureRecommendations( args: GetArchitectureRecommendationsCommandInput, @@ -479,7 +479,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about a Cell. + *Gets information about a cell including cell name, cell Amazon Resource Name (ARN), ARNs of nested cells for this cell, and a list of those cell ARNs with their associated recovery group ARNs.
*/ public getCell(args: GetCellCommandInput, options?: __HttpHandlerOptions): PromiseGets readiness for a cell. Aggregates the readiness of all the resources that are associated with the cell into a single value.
*/ public getCellReadinessSummary( args: GetCellReadinessSummaryCommandInput, @@ -537,7 +537,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about a ReadinessCheck. + *Gets details about a readiness check.
*/ public getReadinessCheck( args: GetReadinessCheckCommandInput, @@ -569,7 +569,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns detailed information about the status of an individual resource within a Readiness Check's Resource Set. + *Gets individual readiness status for a readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in the recovery group, use GetRecoveryGroupReadinessSummary.
*/ public getReadinessCheckResourceStatus( args: GetReadinessCheckResourceStatusCommandInput, @@ -601,7 +601,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about the status of a Readiness Check. + *Gets the readiness status for an individual readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in a recovery group, use GetRecoveryGroupReadinessSummary.
*/ public getReadinessCheckStatus( args: GetReadinessCheckStatusCommandInput, @@ -633,7 +633,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about a Recovery Group. + *Gets details about a recovery group, including a list of the cells that are included in it.
*/ public getRecoveryGroup( args: GetRecoveryGroupCommandInput, @@ -665,7 +665,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about a Recovery Group. + *Displays a summary of information about a recovery group's readiness status. Includes the readiness checks for resources in the recovery group and the readiness status of each one.
*/ public getRecoveryGroupReadinessSummary( args: GetRecoveryGroupReadinessSummaryCommandInput, @@ -697,7 +697,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns information about a Resource Set. + *Displays the details about a resource set, including a list of the resources in the set.
*/ public getResourceSet( args: GetResourceSetCommandInput, @@ -729,7 +729,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of Cells. + *Lists the cells for an account.
*/ public listCells(args: ListCellsCommandInput, options?: __HttpHandlerOptions): PromiseLists the cross-account readiness authorizations that are in place for an account.
*/ public listCrossAccountAuthorizations( args: ListCrossAccountAuthorizationsCommandInput, @@ -787,7 +787,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of Readiness Checks. + *Lists the readiness checks for an account.
*/ public listReadinessChecks( args: ListReadinessChecksCommandInput, @@ -819,7 +819,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of Recovery Groups. + *Lists the recovery groups in an account.
*/ public listRecoveryGroups( args: ListRecoveryGroupsCommandInput, @@ -851,7 +851,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of Resource Sets. + *Lists the resource sets in an account.
*/ public listResourceSets( args: ListResourceSetsCommandInput, @@ -883,7 +883,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Returns a collection of rules that are applied as part of Readiness Checks. + *Lists all readiness rules, or lists the readiness rules for a specific resource type.
*/ public listRules(args: ListRulesCommandInput, options?: __HttpHandlerOptions): PromiseLists the tags for a resource.
*/ public listTagsForResources( args: ListTagsForResourcesCommandInput, @@ -941,7 +941,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Adds tags to the specified resource. You can specify one or more tags to add. + *Adds a tag to a resource.
*/ public tagResource(args: TagResourceCommandInput, options?: __HttpHandlerOptions): PromiseRemoves a tag from a resource.
*/ public untagResource( args: UntagResourceCommandInput, @@ -999,7 +999,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Updates an existing Cell. + *Updates a cell to replace the list of nested cells with a new list of nested cells.
*/ public updateCell(args: UpdateCellCommandInput, options?: __HttpHandlerOptions): PromiseUpdates a readiness check.
*/ public updateReadinessCheck( args: UpdateReadinessCheckCommandInput, @@ -1057,7 +1057,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Updates an existing Recovery Group. + *Updates a recovery group.
*/ public updateRecoveryGroup( args: UpdateRecoveryGroupCommandInput, @@ -1089,7 +1089,7 @@ export class Route53RecoveryReadiness extends Route53RecoveryReadinessClient { } /** - * Updates an existing Resource Set. + *Updates a resource set.
*/ public updateResourceSet( args: UpdateResourceSetCommandInput, diff --git a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts index 362dbb185868..99de49af3086 100644 --- a/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts +++ b/clients/client-route53-recovery-readiness/src/Route53RecoveryReadinessClient.ts @@ -355,7 +355,7 @@ export interface Route53RecoveryReadinessClientResolvedConfig extends Route53RecoveryReadinessClientResolvedConfigType {} /** - * AWS Route53 Recovery Readiness + *Recovery readiness
*/ export class Route53RecoveryReadinessClient extends __Client< __HttpHandlerOptions, diff --git a/clients/client-route53-recovery-readiness/src/commands/CreateCellCommand.ts b/clients/client-route53-recovery-readiness/src/commands/CreateCellCommand.ts index c51c839412e8..2dabe604a58b 100644 --- a/clients/client-route53-recovery-readiness/src/commands/CreateCellCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/CreateCellCommand.ts @@ -26,7 +26,7 @@ export interface CreateCellCommandInput extends CreateCellRequest {} export interface CreateCellCommandOutput extends CreateCellResponse, __MetadataBearer {} /** - * Creates a new Cell. + *Creates a cell in an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/CreateCrossAccountAuthorizationCommand.ts b/clients/client-route53-recovery-readiness/src/commands/CreateCrossAccountAuthorizationCommand.ts index 5cd22dbfc9e8..3f43b5e6b456 100644 --- a/clients/client-route53-recovery-readiness/src/commands/CreateCrossAccountAuthorizationCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/CreateCrossAccountAuthorizationCommand.ts @@ -28,7 +28,7 @@ export interface CreateCrossAccountAuthorizationCommandOutput __MetadataBearer {} /** - * Create a new cross account readiness authorization. + *Creates a cross-account readiness authorization. This lets you authorize another account to work with Route 53 Application Recovery Controller, for example, to check the readiness status of resources in a separate account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/CreateReadinessCheckCommand.ts b/clients/client-route53-recovery-readiness/src/commands/CreateReadinessCheckCommand.ts index 6c2ef0930678..85b3e918205a 100644 --- a/clients/client-route53-recovery-readiness/src/commands/CreateReadinessCheckCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/CreateReadinessCheckCommand.ts @@ -26,7 +26,7 @@ export interface CreateReadinessCheckCommandInput extends CreateReadinessCheckRe export interface CreateReadinessCheckCommandOutput extends CreateReadinessCheckResponse, __MetadataBearer {} /** - * Creates a new Readiness Check. + *Creates a readiness check in an account. A readiness check monitors a resource set in your application, such as a set of Amazon Aurora instances, that Application Recovery Controller is auditing recovery readiness for. The audits run once every minute on every resource that's associated with a readiness check.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/CreateRecoveryGroupCommand.ts b/clients/client-route53-recovery-readiness/src/commands/CreateRecoveryGroupCommand.ts index 267d0bedf43e..03b438338867 100644 --- a/clients/client-route53-recovery-readiness/src/commands/CreateRecoveryGroupCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/CreateRecoveryGroupCommand.ts @@ -26,7 +26,7 @@ export interface CreateRecoveryGroupCommandInput extends CreateRecoveryGroupRequ export interface CreateRecoveryGroupCommandOutput extends CreateRecoveryGroupResponse, __MetadataBearer {} /** - * Creates a new Recovery Group. + *Creates a recovery group in an account. A recovery group corresponds to an application and includes a list of the cells that make up the application.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/CreateResourceSetCommand.ts b/clients/client-route53-recovery-readiness/src/commands/CreateResourceSetCommand.ts index d8a14b4ac55e..dfae82db85b4 100644 --- a/clients/client-route53-recovery-readiness/src/commands/CreateResourceSetCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/CreateResourceSetCommand.ts @@ -26,7 +26,7 @@ export interface CreateResourceSetCommandInput extends CreateResourceSetRequest export interface CreateResourceSetCommandOutput extends CreateResourceSetResponse, __MetadataBearer {} /** - * Creates a new Resource Set. + *Creates a resource set. A resource set is a set of resources of one type that span multiple cells. You can associate a resource set with a readiness check to monitor the resources for failover readiness.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/DeleteCellCommand.ts b/clients/client-route53-recovery-readiness/src/commands/DeleteCellCommand.ts index ef88e34894d9..b1edbbe3cc85 100644 --- a/clients/client-route53-recovery-readiness/src/commands/DeleteCellCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/DeleteCellCommand.ts @@ -26,7 +26,7 @@ export interface DeleteCellCommandInput extends DeleteCellRequest {} export interface DeleteCellCommandOutput extends __MetadataBearer {} /** - * Deletes an existing Cell. + *Delete a cell. When successful, the response code is 204, with no response body.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/DeleteCrossAccountAuthorizationCommand.ts b/clients/client-route53-recovery-readiness/src/commands/DeleteCrossAccountAuthorizationCommand.ts index 266201ee93b9..ec06efc57e77 100644 --- a/clients/client-route53-recovery-readiness/src/commands/DeleteCrossAccountAuthorizationCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/DeleteCrossAccountAuthorizationCommand.ts @@ -28,7 +28,7 @@ export interface DeleteCrossAccountAuthorizationCommandOutput __MetadataBearer {} /** - * Delete cross account readiness authorization + *Deletes cross account readiness authorization.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/DeleteReadinessCheckCommand.ts b/clients/client-route53-recovery-readiness/src/commands/DeleteReadinessCheckCommand.ts index c420124efe39..08b37e03cad0 100644 --- a/clients/client-route53-recovery-readiness/src/commands/DeleteReadinessCheckCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/DeleteReadinessCheckCommand.ts @@ -26,7 +26,7 @@ export interface DeleteReadinessCheckCommandInput extends DeleteReadinessCheckRe export interface DeleteReadinessCheckCommandOutput extends __MetadataBearer {} /** - * Deletes an existing Readiness Check. + *Deletes a readiness check.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/DeleteRecoveryGroupCommand.ts b/clients/client-route53-recovery-readiness/src/commands/DeleteRecoveryGroupCommand.ts index b7add1c5058c..166cf6798d4d 100644 --- a/clients/client-route53-recovery-readiness/src/commands/DeleteRecoveryGroupCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/DeleteRecoveryGroupCommand.ts @@ -26,7 +26,7 @@ export interface DeleteRecoveryGroupCommandInput extends DeleteRecoveryGroupRequ export interface DeleteRecoveryGroupCommandOutput extends __MetadataBearer {} /** - * Deletes an existing Recovery Group. + *Deletes a recovery group.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/DeleteResourceSetCommand.ts b/clients/client-route53-recovery-readiness/src/commands/DeleteResourceSetCommand.ts index 6aed5de15e45..587fb3ca553c 100644 --- a/clients/client-route53-recovery-readiness/src/commands/DeleteResourceSetCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/DeleteResourceSetCommand.ts @@ -26,7 +26,7 @@ export interface DeleteResourceSetCommandInput extends DeleteResourceSetRequest export interface DeleteResourceSetCommandOutput extends __MetadataBearer {} /** - * Deletes an existing Resource Set. + *Deletes a resource set.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetArchitectureRecommendationsCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetArchitectureRecommendationsCommand.ts index 482f52d92416..7fe054c53a6c 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetArchitectureRecommendationsCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetArchitectureRecommendationsCommand.ts @@ -28,7 +28,7 @@ export interface GetArchitectureRecommendationsCommandOutput __MetadataBearer {} /** - * Returns a collection of recommendations to improve resilliance and readiness check quality for a Recovery Group. + *Gets recommendations about architecture designs for improving resiliency for an application, based on a recovery group.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetCellCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetCellCommand.ts index d8d3c4e441d7..a5770543620c 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetCellCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetCellCommand.ts @@ -26,7 +26,7 @@ export interface GetCellCommandInput extends GetCellRequest {} export interface GetCellCommandOutput extends GetCellResponse, __MetadataBearer {} /** - * Returns information about a Cell. + *Gets information about a cell including cell name, cell Amazon Resource Name (ARN), ARNs of nested cells for this cell, and a list of those cell ARNs with their associated recovery group ARNs.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetCellReadinessSummaryCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetCellReadinessSummaryCommand.ts index 2adfccf15c4a..278b09353d4c 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetCellReadinessSummaryCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetCellReadinessSummaryCommand.ts @@ -26,7 +26,7 @@ export interface GetCellReadinessSummaryCommandInput extends GetCellReadinessSum export interface GetCellReadinessSummaryCommandOutput extends GetCellReadinessSummaryResponse, __MetadataBearer {} /** - * Returns information about readiness of a Cell. + *Gets readiness for a cell. Aggregates the readiness of all the resources that are associated with the cell into a single value.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckCommand.ts index fd03b2f452d4..dd1527b2f055 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckCommand.ts @@ -26,7 +26,7 @@ export interface GetReadinessCheckCommandInput extends GetReadinessCheckRequest export interface GetReadinessCheckCommandOutput extends GetReadinessCheckResponse, __MetadataBearer {} /** - * Returns information about a ReadinessCheck. + *Gets details about a readiness check.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckResourceStatusCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckResourceStatusCommand.ts index 89e461002c84..2f84b7ad06a8 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckResourceStatusCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckResourceStatusCommand.ts @@ -28,7 +28,7 @@ export interface GetReadinessCheckResourceStatusCommandOutput __MetadataBearer {} /** - * Returns detailed information about the status of an individual resource within a Readiness Check's Resource Set. + *Gets individual readiness status for a readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in the recovery group, use GetRecoveryGroupReadinessSummary.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckStatusCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckStatusCommand.ts index e27b10fea529..b0948a9fec44 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckStatusCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetReadinessCheckStatusCommand.ts @@ -26,7 +26,7 @@ export interface GetReadinessCheckStatusCommandInput extends GetReadinessCheckSt export interface GetReadinessCheckStatusCommandOutput extends GetReadinessCheckStatusResponse, __MetadataBearer {} /** - * Returns information about the status of a Readiness Check. + *Gets the readiness status for an individual readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in a recovery group, use GetRecoveryGroupReadinessSummary.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupCommand.ts index b0ce8e3c268f..9a0a097406de 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupCommand.ts @@ -26,7 +26,7 @@ export interface GetRecoveryGroupCommandInput extends GetRecoveryGroupRequest {} export interface GetRecoveryGroupCommandOutput extends GetRecoveryGroupResponse, __MetadataBearer {} /** - * Returns information about a Recovery Group. + *Gets details about a recovery group, including a list of the cells that are included in it.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupReadinessSummaryCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupReadinessSummaryCommand.ts index 89bc66c51ccc..cc1a6ddafb9c 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupReadinessSummaryCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetRecoveryGroupReadinessSummaryCommand.ts @@ -28,7 +28,7 @@ export interface GetRecoveryGroupReadinessSummaryCommandOutput __MetadataBearer {} /** - * Returns information about a Recovery Group. + *Displays a summary of information about a recovery group's readiness status. Includes the readiness checks for resources in the recovery group and the readiness status of each one.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/GetResourceSetCommand.ts b/clients/client-route53-recovery-readiness/src/commands/GetResourceSetCommand.ts index e6539980473f..98dd6fa846db 100644 --- a/clients/client-route53-recovery-readiness/src/commands/GetResourceSetCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/GetResourceSetCommand.ts @@ -26,7 +26,7 @@ export interface GetResourceSetCommandInput extends GetResourceSetRequest {} export interface GetResourceSetCommandOutput extends GetResourceSetResponse, __MetadataBearer {} /** - * Returns information about a Resource Set. + *Displays the details about a resource set, including a list of the resources in the set.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListCellsCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListCellsCommand.ts index c610166ed713..3ef2c6bc7270 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListCellsCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListCellsCommand.ts @@ -26,7 +26,7 @@ export interface ListCellsCommandInput extends ListCellsRequest {} export interface ListCellsCommandOutput extends ListCellsResponse, __MetadataBearer {} /** - * Returns a collection of Cells. + *Lists the cells for an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListCrossAccountAuthorizationsCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListCrossAccountAuthorizationsCommand.ts index b335d62282cf..88a8465d5607 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListCrossAccountAuthorizationsCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListCrossAccountAuthorizationsCommand.ts @@ -28,7 +28,7 @@ export interface ListCrossAccountAuthorizationsCommandOutput __MetadataBearer {} /** - * Returns a collection of cross account readiness authorizations. + *Lists the cross-account readiness authorizations that are in place for an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListReadinessChecksCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListReadinessChecksCommand.ts index e7331aac1b3f..9c89160eb7c3 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListReadinessChecksCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListReadinessChecksCommand.ts @@ -26,7 +26,7 @@ export interface ListReadinessChecksCommandInput extends ListReadinessChecksRequ export interface ListReadinessChecksCommandOutput extends ListReadinessChecksResponse, __MetadataBearer {} /** - * Returns a collection of Readiness Checks. + *Lists the readiness checks for an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListRecoveryGroupsCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListRecoveryGroupsCommand.ts index 2474a68e8ddb..c466375adb77 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListRecoveryGroupsCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListRecoveryGroupsCommand.ts @@ -26,7 +26,7 @@ export interface ListRecoveryGroupsCommandInput extends ListRecoveryGroupsReques export interface ListRecoveryGroupsCommandOutput extends ListRecoveryGroupsResponse, __MetadataBearer {} /** - * Returns a collection of Recovery Groups. + *Lists the recovery groups in an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListResourceSetsCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListResourceSetsCommand.ts index 34b4ffdd667e..45bf7adcf417 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListResourceSetsCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListResourceSetsCommand.ts @@ -26,7 +26,7 @@ export interface ListResourceSetsCommandInput extends ListResourceSetsRequest {} export interface ListResourceSetsCommandOutput extends ListResourceSetsResponse, __MetadataBearer {} /** - * Returns a collection of Resource Sets. + *Lists the resource sets in an account.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListRulesCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListRulesCommand.ts index 0fb245e27f31..d5ced09b19ff 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListRulesCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListRulesCommand.ts @@ -26,7 +26,7 @@ export interface ListRulesCommandInput extends ListRulesRequest {} export interface ListRulesCommandOutput extends ListRulesResponse, __MetadataBearer {} /** - * Returns a collection of rules that are applied as part of Readiness Checks. + *Lists all readiness rules, or lists the readiness rules for a specific resource type.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/ListTagsForResourcesCommand.ts b/clients/client-route53-recovery-readiness/src/commands/ListTagsForResourcesCommand.ts index 457dfbdd8b6b..86e8abc415f6 100644 --- a/clients/client-route53-recovery-readiness/src/commands/ListTagsForResourcesCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/ListTagsForResourcesCommand.ts @@ -26,7 +26,7 @@ export interface ListTagsForResourcesCommandInput extends ListTagsForResourcesRe export interface ListTagsForResourcesCommandOutput extends ListTagsForResourcesResponse, __MetadataBearer {} /** - * Returns a list of the tags assigned to the specified resource. + *Lists the tags for a resource.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/TagResourceCommand.ts b/clients/client-route53-recovery-readiness/src/commands/TagResourceCommand.ts index 0b77e240499d..cb1f272a7ba9 100644 --- a/clients/client-route53-recovery-readiness/src/commands/TagResourceCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/TagResourceCommand.ts @@ -26,7 +26,7 @@ export interface TagResourceCommandInput extends TagResourceRequest {} export interface TagResourceCommandOutput extends TagResourceResponse, __MetadataBearer {} /** - * Adds tags to the specified resource. You can specify one or more tags to add. + *Adds a tag to a resource.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/UntagResourceCommand.ts b/clients/client-route53-recovery-readiness/src/commands/UntagResourceCommand.ts index 618316df1e83..e33dafa43a5a 100644 --- a/clients/client-route53-recovery-readiness/src/commands/UntagResourceCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/UntagResourceCommand.ts @@ -26,7 +26,7 @@ export interface UntagResourceCommandInput extends UntagResourceRequest {} export interface UntagResourceCommandOutput extends __MetadataBearer {} /** - * Removes tags from the specified resource. You can specify one or more tags to remove. + *Removes a tag from a resource.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/UpdateCellCommand.ts b/clients/client-route53-recovery-readiness/src/commands/UpdateCellCommand.ts index e413f69ade83..900b53928d5e 100644 --- a/clients/client-route53-recovery-readiness/src/commands/UpdateCellCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/UpdateCellCommand.ts @@ -26,7 +26,7 @@ export interface UpdateCellCommandInput extends UpdateCellRequest {} export interface UpdateCellCommandOutput extends UpdateCellResponse, __MetadataBearer {} /** - * Updates an existing Cell. + *Updates a cell to replace the list of nested cells with a new list of nested cells.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/UpdateReadinessCheckCommand.ts b/clients/client-route53-recovery-readiness/src/commands/UpdateReadinessCheckCommand.ts index 25be6982885f..8b2bbf6f94d5 100644 --- a/clients/client-route53-recovery-readiness/src/commands/UpdateReadinessCheckCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/UpdateReadinessCheckCommand.ts @@ -26,7 +26,7 @@ export interface UpdateReadinessCheckCommandInput extends UpdateReadinessCheckRe export interface UpdateReadinessCheckCommandOutput extends UpdateReadinessCheckResponse, __MetadataBearer {} /** - * Updates an exisiting Readiness Check. + *Updates a readiness check.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/UpdateRecoveryGroupCommand.ts b/clients/client-route53-recovery-readiness/src/commands/UpdateRecoveryGroupCommand.ts index 4ef1dad2f779..4bafadf1216f 100644 --- a/clients/client-route53-recovery-readiness/src/commands/UpdateRecoveryGroupCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/UpdateRecoveryGroupCommand.ts @@ -26,7 +26,7 @@ export interface UpdateRecoveryGroupCommandInput extends UpdateRecoveryGroupRequ export interface UpdateRecoveryGroupCommandOutput extends UpdateRecoveryGroupResponse, __MetadataBearer {} /** - * Updates an existing Recovery Group. + *Updates a recovery group.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/commands/UpdateResourceSetCommand.ts b/clients/client-route53-recovery-readiness/src/commands/UpdateResourceSetCommand.ts index 5edce639b272..89c0f97d697a 100644 --- a/clients/client-route53-recovery-readiness/src/commands/UpdateResourceSetCommand.ts +++ b/clients/client-route53-recovery-readiness/src/commands/UpdateResourceSetCommand.ts @@ -26,7 +26,7 @@ export interface UpdateResourceSetCommandInput extends UpdateResourceSetRequest export interface UpdateResourceSetCommandOutput extends UpdateResourceSetResponse, __MetadataBearer {} /** - * Updates an existing Resource Set. + *Updates a resource set.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53-recovery-readiness/src/models/models_0.ts b/clients/client-route53-recovery-readiness/src/models/models_0.ts index 8a9a4eb93c2f..b4356efe4535 100644 --- a/clients/client-route53-recovery-readiness/src/models/models_0.ts +++ b/clients/client-route53-recovery-readiness/src/models/models_0.ts @@ -1,31 +1,31 @@ import { MetadataBearer as $MetadataBearer, SmithyException as __SmithyException } from "@aws-sdk/types"; /** - * A Cell and its properties + *Information about a cell.
*/ export interface CellOutput { /** - * The arn for the Cell + *The Amazon Resource Name (ARN) for the cell.
*/ CellArn: string | undefined; /** - * The name of the Cell + *The name of the cell.
*/ CellName: string | undefined; /** - * A list of Cell arns + *A list of cell ARNs.
*/ Cells: string[] | undefined; /** - * A list of Cell ARNs and/or RecoveryGroup ARNs + *The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
*/ ParentReadinessScopes: string[] | undefined; /** - * A collection of tags associated with a resource + *Tags on the resources.
*/ Tags?: { [key: string]: string }; } @@ -40,21 +40,21 @@ export namespace CellOutput { } /** - * A collection of rules used in a readiness check + *Readiness rule information, including the resource type, rule ID, and rule description.
*/ export interface ListRulesOutput { /** - * The resource type the rule applies to. + *The resource type that the readiness rule applies to.
*/ ResourceType: string | undefined; /** - * A description of the rule + *The description of a readiness rule.
*/ RuleDescription: string | undefined; /** - * The Rule's ID. + *The ID for the readiness rule.
*/ RuleId: string | undefined; } @@ -69,11 +69,11 @@ export namespace ListRulesOutput { } /** - * Information relating to readiness check status + *Information relating to readiness check status.
*/ export interface Message { /** - * The text of a readiness check message + *The text of a readiness check message.
*/ MessageText?: string; } @@ -88,26 +88,26 @@ export namespace Message { } /** - * A resource used for checking the readiness of a Resource Set + *A readiness check.
*/ export interface ReadinessCheckOutput { /** - * Arn associated with ReadinessCheck + *The Amazon Resource Name (ARN) associated with a readiness check.
*/ ReadinessCheckArn: string | undefined; /** - * Name for a ReadinessCheck + *Name of a readiness check.
*/ ReadinessCheckName?: string; /** - * Name of the ResourceSet to be checked + *Name of the resource set to be checked.
*/ ResourceSet: string | undefined; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -129,16 +129,16 @@ export enum Readiness { } /** - * Summary of ReadinessCheck status, paginated in GetRecoveryGroupReadinessSummary and GetCellReadinessSummary + *Summary of all readiness check statuses in a recovery group, paginated in GetRecoveryGroupReadinessSummary and GetCellReadinessSummary.
*/ export interface ReadinessCheckSummary { /** - * The readiness of this ReadinessCheck + *The readiness status of this readiness check.
*/ Readiness?: Readiness | string; /** - * The name of a ReadinessCheck which is part of the given RecoveryGroup or Cell + *The name of a readiness check.
*/ ReadinessCheckName?: string; } @@ -153,11 +153,11 @@ export namespace ReadinessCheckSummary { } /** - * Guidance for improving Recovery Group resilliancy + *Recommendations that are provided to make an application more recovery resilient.
*/ export interface Recommendation { /** - * Guidance text for recommendation + *Text of the recommendations that are provided to make an application more recovery resilient.
*/ RecommendationText: string | undefined; } @@ -172,26 +172,26 @@ export namespace Recommendation { } /** - * A Recovery Group generally containing multiple Cells + *A representation of the application, typically containing multiple cells.
*/ export interface RecoveryGroupOutput { /** - * A list of Cell arns + *A list of a cell's Amazon Resource Names (ARNs).
*/ Cells: string[] | undefined; /** - * The arn for the RecoveryGroup + *The Amazon Resource Name (ARN) for the recovery group.
*/ RecoveryGroupArn: string | undefined; /** - * The name of the RecoveryGroup + *The name of the recovery group.
*/ RecoveryGroupName: string | undefined; /** - * A collection of tags associated with a resource + *The tags associated with the recovery group.
*/ Tags?: { [key: string]: string }; } @@ -206,11 +206,11 @@ export namespace RecoveryGroupOutput { } /** - * The NLB resource a DNS Target Resource points to + *The Network Load Balancer resource that a DNS target resource points to.
*/ export interface NLBResource { /** - * An NLB resource arn + *The Network Load Balancer resource Amazon Resource Name (ARN).
*/ Arn?: string; } @@ -225,16 +225,16 @@ export namespace NLBResource { } /** - * The Route 53 resource a DNS Target Resource record points to + *The Route 53 resource that a DNS target resource record points to.
*/ export interface R53ResourceRecord { /** - * The DNS target name + *The DNS target domain name.
*/ DomainName?: string; /** - * The Resource Record set id + *The Route 53 Resource Record Set ID.
*/ RecordSetId?: string; } @@ -249,16 +249,16 @@ export namespace R53ResourceRecord { } /** - * The target resource the R53 record points to + *The target resource that the Route 53 record points to.
*/ export interface TargetResource { /** - * The NLB resource a DNS Target Resource points to + *The Network Load Balancer Resource.
*/ NLBResource?: NLBResource; /** - * The Route 53 resource a DNS Target Resource record points to + *The Route 53 resource.
*/ R53Resource?: R53ResourceRecord; } @@ -273,31 +273,31 @@ export namespace TargetResource { } /** - * A component for DNS/Routing Control Readiness Checks + *A component for DNS/routing control readiness checks and architecture checks.
*/ export interface DNSTargetResource { /** - * The DNS Name that acts as ingress point to a portion of application + *The domain name that acts as an ingress point to a portion of the customer application.
*/ DomainName?: string; /** - * The Hosted Zone ARN that contains the DNS record with the provided name of target resource. + *The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.
*/ HostedZoneArn?: string; /** - * The R53 Set Id to uniquely identify a record given a Name and a Type + *The Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.
*/ RecordSetId?: string; /** - * The Type of DNS Record of target resource + *The type of DNS record of the target resource.
*/ RecordType?: string; /** - * The target resource the R53 record points to + *The target resource of the DNS target resource.
*/ TargetResource?: TargetResource; } @@ -312,26 +312,26 @@ export namespace DNSTargetResource { } /** - * The resource element of a ResourceSet + *The resource element of a resource set.
*/ export interface Resource { /** - * The component id of the resource, generated by the service when dnsTargetResource is used + *The component identifier of the resource, generated when DNS target resource is used.
*/ ComponentId?: string; /** - * A component for DNS/Routing Control Readiness Checks + *The DNS target resource.
*/ DnsTargetResource?: DNSTargetResource; /** - * A list of RecoveryGroup ARNs and/or Cell ARNs that this resource is contained within. + *A list of recovery group Amazon Resource Names (ARNs) and cell ARNs that this resource is contained within.
*/ ReadinessScopes?: string[]; /** - * The ARN of the AWS resource, can be skipped if dnsTargetResource is used + *The Amazon Resource Name (ARN) of the Amazon Web Services resource.
*/ ResourceArn?: string; } @@ -346,26 +346,26 @@ export namespace Resource { } /** - * Result with status for an individual resource. + *The result of a successful Resource request, with status for an individual resource.
*/ export interface ResourceResult { /** - * The component id of the resource + *The component id of the resource.
*/ ComponentId?: string; /** - * The time the resource was last checked for readiness, in ISO-8601 format, UTC. + *The time (UTC) that the resource was last checked for readiness, in ISO-8601 format.
*/ LastCheckedTimestamp: Date | undefined; /** - * The readiness of the resource. + *The readiness of a resource.
*/ Readiness: Readiness | string | undefined; /** - * The ARN of the resource + *The Amazon Resource Name (ARN) of the resource.
*/ ResourceArn?: string; } @@ -380,31 +380,31 @@ export namespace ResourceResult { } /** - * A collection of resources of the same type + *A collection of resources of the same type.
*/ export interface ResourceSetOutput { /** - * The arn for the ResourceSet + *The Amazon Resource Name (ARN) for the resource set.
*/ ResourceSetArn: string | undefined; /** - * The name of the ResourceSet + *The name of the resource set.
*/ ResourceSetName: string | undefined; /** - * AWS Resource Type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType: string | undefined; /** - * A list of Resource objects + *A list of resource objects.
*/ Resources: Resource[] | undefined; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -419,26 +419,26 @@ export namespace ResourceSetOutput { } /** - * Result with status for an individual rule.. + *The result of a successful Rule request, with status for an individual rule.
*/ export interface RuleResult { /** - * The time the resource was last checked for readiness, in ISO-8601 format, UTC. + *The time the resource was last checked for readiness, in ISO-8601 format, UTC.
*/ LastCheckedTimestamp: Date | undefined; /** - * Details about the resource's readiness + *Details about the resource's readiness.
*/ Messages: Message[] | undefined; /** - * The readiness at rule level. + *The readiness at rule level.
*/ Readiness: Readiness | string | undefined; /** - * The identifier of the rule. + *The identifier of the rule.
*/ RuleId: string | undefined; } @@ -470,22 +470,19 @@ export interface ConflictException extends __SmithyException, $MetadataBearer { Message?: string; } -/** - * The Cell to create - */ export interface CreateCellRequest { /** - * The name of the Cell to create + *The name of the cell to create.
*/ CellName: string | undefined; /** - * A list of Cell arns contained within this Cell (for use in nested Cells, e.g. regions within which AZs) + *A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific Amazon Web Services Regions.
*/ Cells?: string[]; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -501,27 +498,27 @@ export namespace CreateCellRequest { export interface CreateCellResponse { /** - * The arn for the Cell + *The Amazon Resource Name (ARN) for the cell.
*/ CellArn?: string; /** - * The name of the Cell + *The name of the cell.
*/ CellName?: string; /** - * A list of Cell arns + *A list of cell ARNs.
*/ Cells?: string[]; /** - * A list of Cell ARNs and/or RecoveryGroup ARNs + *The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
*/ ParentReadinessScopes?: string[]; /** - * A collection of tags associated with a resource + *Tags on the resources.
*/ Tags?: { [key: string]: string }; } @@ -562,12 +559,9 @@ export interface ValidationException extends __SmithyException, $MetadataBearer Message?: string; } -/** - * The cross account authorization - */ export interface CreateCrossAccountAuthorizationRequest { /** - * The cross account authorization + *The cross-account authorization.
*/ CrossAccountAuthorization: string | undefined; } @@ -583,7 +577,7 @@ export namespace CreateCrossAccountAuthorizationRequest { export interface CreateCrossAccountAuthorizationResponse { /** - * The cross account authorization + *The cross-account authorization.
*/ CrossAccountAuthorization?: string; } @@ -597,22 +591,19 @@ export namespace CreateCrossAccountAuthorizationResponse { }); } -/** - * The ReadinessCheck to create - */ export interface CreateReadinessCheckRequest { /** - * The name of the ReadinessCheck to create + *The name of the readiness check to create.
*/ ReadinessCheckName: string | undefined; /** - * The name of the ResourceSet to check + *The name of the resource set to check.
*/ ResourceSetName: string | undefined; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -628,22 +619,22 @@ export namespace CreateReadinessCheckRequest { export interface CreateReadinessCheckResponse { /** - * Arn associated with ReadinessCheck + *The Amazon Resource Name (ARN) associated with a readiness check.
*/ ReadinessCheckArn?: string; /** - * Name for a ReadinessCheck + *Name of a readiness check.
*/ ReadinessCheckName?: string; /** - * Name of the ResourceSet to be checked + *Name of the resource set to be checked.
*/ ResourceSet?: string; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -657,22 +648,19 @@ export namespace CreateReadinessCheckResponse { }); } -/** - * The RecoveryGroup to create - */ export interface CreateRecoveryGroupRequest { /** - * A list of Cell arns + *A list of the cell Amazon Resource Names (ARNs) in the recovery group.
*/ Cells?: string[]; /** - * The name of the RecoveryGroup to create + *The name of the recovery group to create.
*/ RecoveryGroupName: string | undefined; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -688,22 +676,22 @@ export namespace CreateRecoveryGroupRequest { export interface CreateRecoveryGroupResponse { /** - * A list of Cell arns + *A list of a cell's Amazon Resource Names (ARNs).
*/ Cells?: string[]; /** - * The arn for the RecoveryGroup + *The Amazon Resource Name (ARN) for the recovery group.
*/ RecoveryGroupArn?: string; /** - * The name of the RecoveryGroup + *The name of the recovery group.
*/ RecoveryGroupName?: string; /** - * A collection of tags associated with a resource + *The tags associated with the recovery group.
*/ Tags?: { [key: string]: string }; } @@ -717,27 +705,24 @@ export namespace CreateRecoveryGroupResponse { }); } -/** - * The ResourceSet to create - */ export interface CreateResourceSetRequest { /** - * The name of the ResourceSet to create + *The name of the resource set to create.
*/ ResourceSetName: string | undefined; /** - * AWS Resource type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType: string | undefined; /** - * A list of Resource objects + *A list of resource objects in the resource set.
*/ Resources: Resource[] | undefined; /** - * A collection of tags associated with a resource + *A tag to associate with the parameters for a resource set.
*/ Tags?: { [key: string]: string }; } @@ -753,27 +738,27 @@ export namespace CreateResourceSetRequest { export interface CreateResourceSetResponse { /** - * The arn for the ResourceSet + *The Amazon Resource Name (ARN) for the resource set.
*/ ResourceSetArn?: string; /** - * The name of the ResourceSet + *The name of the resource set.
*/ ResourceSetName?: string; /** - * AWS Resource Type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType?: string; /** - * A list of Resource objects + *A list of resource objects.
*/ Resources?: Resource[]; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -789,7 +774,7 @@ export namespace CreateResourceSetResponse { export interface DeleteCellRequest { /** - * The Cell to delete + *The name of the cell.
*/ CellName: string | undefined; } @@ -814,7 +799,7 @@ export interface ResourceNotFoundException extends __SmithyException, $MetadataB export interface DeleteCrossAccountAuthorizationRequest { /** - * The cross account authorization + *The cross-account authorization.
*/ CrossAccountAuthorization: string | undefined; } @@ -841,7 +826,7 @@ export namespace DeleteCrossAccountAuthorizationResponse { export interface DeleteReadinessCheckRequest { /** - * The ReadinessCheck to delete + *Name of a readiness check.
*/ ReadinessCheckName: string | undefined; } @@ -857,7 +842,7 @@ export namespace DeleteReadinessCheckRequest { export interface DeleteRecoveryGroupRequest { /** - * The RecoveryGroup to delete + *The name of a recovery group.
*/ RecoveryGroupName: string | undefined; } @@ -873,7 +858,7 @@ export namespace DeleteRecoveryGroupRequest { export interface DeleteResourceSetRequest { /** - * The ResourceSet to delete + *Name of a resource set.
*/ ResourceSetName: string | undefined; } @@ -889,17 +874,17 @@ export namespace DeleteResourceSetRequest { export interface GetArchitectureRecommendationsRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * Name of RecoveryGroup (top level resource) to be analyzed. + *The name of a recovery group.
*/ RecoveryGroupName: string | undefined; } @@ -915,17 +900,17 @@ export namespace GetArchitectureRecommendationsRequest { export interface GetArchitectureRecommendationsResponse { /** - * The time a Recovery Group was last assessed for recommendations in UTC ISO-8601 format. + *The time that a recovery group was last assessed for recommendations, in UTC ISO-8601 format.
*/ LastAuditTimestamp?: Date; /** - * A token that can be used to resume pagination from the end of the collection + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * A list of recommendations for the customer's application + *A list of the recommendations for the customer's application.
*/ Recommendations?: Recommendation[]; } @@ -941,7 +926,7 @@ export namespace GetArchitectureRecommendationsResponse { export interface GetCellRequest { /** - * The Cell to get + *The name of the cell.
*/ CellName: string | undefined; } @@ -957,27 +942,27 @@ export namespace GetCellRequest { export interface GetCellResponse { /** - * The arn for the Cell + *The Amazon Resource Name (ARN) for the cell.
*/ CellArn?: string; /** - * The name of the Cell + *The name of the cell.
*/ CellName?: string; /** - * A list of Cell arns + *A list of cell ARNs.
*/ Cells?: string[]; /** - * A list of Cell ARNs and/or RecoveryGroup ARNs + *The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
*/ ParentReadinessScopes?: string[]; /** - * A collection of tags associated with a resource + *Tags on the resources.
*/ Tags?: { [key: string]: string }; } @@ -993,17 +978,17 @@ export namespace GetCellResponse { export interface GetCellReadinessSummaryRequest { /** - * The name of the Cell + *The name of the cell.
*/ CellName: string | undefined; /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1019,17 +1004,17 @@ export namespace GetCellReadinessSummaryRequest { export interface GetCellReadinessSummaryResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The readiness at Cell level. + *The readiness at a cell level.
*/ Readiness?: Readiness | string; /** - * Summaries for the ReadinessChecks making up the Cell + *Summaries for the readiness checks that make up the cell.
*/ ReadinessChecks?: ReadinessCheckSummary[]; } @@ -1045,7 +1030,7 @@ export namespace GetCellReadinessSummaryResponse { export interface GetReadinessCheckRequest { /** - * The ReadinessCheck to get + *Name of a readiness check.
*/ ReadinessCheckName: string | undefined; } @@ -1061,22 +1046,22 @@ export namespace GetReadinessCheckRequest { export interface GetReadinessCheckResponse { /** - * Arn associated with ReadinessCheck + *The Amazon Resource Name (ARN) associated with a readiness check.
*/ ReadinessCheckArn?: string; /** - * Name for a ReadinessCheck + *Name of a readiness check.
*/ ReadinessCheckName?: string; /** - * Name of the ResourceSet to be checked + *Name of the resource set to be checked.
*/ ResourceSet?: string; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -1092,22 +1077,22 @@ export namespace GetReadinessCheckResponse { export interface GetReadinessCheckResourceStatusRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The ReadinessCheck to get + *Name of a readiness check.
*/ ReadinessCheckName: string | undefined; /** - * The resource ARN or component Id to get + *The resource identifier, which is the Amazon Resource Name (ARN) or the identifier generated for the resource by Application Recovery Controller (for example, for a DNS target resource).
*/ ResourceIdentifier: string | undefined; } @@ -1123,17 +1108,17 @@ export namespace GetReadinessCheckResourceStatusRequest { export interface GetReadinessCheckResourceStatusResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The readiness at rule level. + *The readiness at a rule level.
*/ Readiness?: Readiness | string; /** - * Details of the rules's results + *Details of the rule's results.
*/ Rules?: RuleResult[]; } @@ -1149,17 +1134,17 @@ export namespace GetReadinessCheckResourceStatusResponse { export interface GetReadinessCheckStatusRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The ReadinessCheck to get + *Name of a readiness check.
*/ ReadinessCheckName: string | undefined; } @@ -1175,22 +1160,22 @@ export namespace GetReadinessCheckStatusRequest { export interface GetReadinessCheckStatusResponse { /** - * Top level messages for readiness check status + *Top level messages for readiness check status
*/ Messages?: Message[]; /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The readiness at rule level. + *The readiness at rule level.
*/ Readiness?: Readiness | string; /** - * Summary of resources's readiness + *Summary of the readiness of resources.
*/ Resources?: ResourceResult[]; } @@ -1206,7 +1191,7 @@ export namespace GetReadinessCheckStatusResponse { export interface GetRecoveryGroupRequest { /** - * The RecoveryGroup to get + *The name of a recovery group.
*/ RecoveryGroupName: string | undefined; } @@ -1222,22 +1207,22 @@ export namespace GetRecoveryGroupRequest { export interface GetRecoveryGroupResponse { /** - * A list of Cell arns + *A list of a cell's Amazon Resource Names (ARNs).
*/ Cells?: string[]; /** - * The arn for the RecoveryGroup + *The Amazon Resource Name (ARN) for the recovery group.
*/ RecoveryGroupArn?: string; /** - * The name of the RecoveryGroup + *The name of the recovery group.
*/ RecoveryGroupName?: string; /** - * A collection of tags associated with a resource + *The tags associated with the recovery group.
*/ Tags?: { [key: string]: string }; } @@ -1253,17 +1238,17 @@ export namespace GetRecoveryGroupResponse { export interface GetRecoveryGroupReadinessSummaryRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The name of the RecoveryGroup + *The name of a recovery group.
*/ RecoveryGroupName: string | undefined; } @@ -1279,17 +1264,17 @@ export namespace GetRecoveryGroupReadinessSummaryRequest { export interface GetRecoveryGroupReadinessSummaryResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * The readiness at RecoveryGroup level. + *The readiness status at a recovery group level.
*/ Readiness?: Readiness | string; /** - * Summaries for the ReadinessChecks making up the RecoveryGroup + *Summaries of the readiness checks for the recovery group.
*/ ReadinessChecks?: ReadinessCheckSummary[]; } @@ -1305,7 +1290,7 @@ export namespace GetRecoveryGroupReadinessSummaryResponse { export interface GetResourceSetRequest { /** - * The ResourceSet to get + *Name of a resource set.
*/ ResourceSetName: string | undefined; } @@ -1321,27 +1306,27 @@ export namespace GetResourceSetRequest { export interface GetResourceSetResponse { /** - * The arn for the ResourceSet + *The Amazon Resource Name (ARN) for the resource set.
*/ ResourceSetArn?: string; /** - * The name of the ResourceSet + *The name of the resource set.
*/ ResourceSetName?: string; /** - * AWS Resource Type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType?: string; /** - * A list of Resource objects + *A list of resource objects.
*/ Resources?: Resource[]; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -1357,12 +1342,12 @@ export namespace GetResourceSetResponse { export interface ListCellsRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1378,12 +1363,12 @@ export namespace ListCellsRequest { export interface ListCellsResponse { /** - * A list of Cells + *A list of cells.
*/ Cells?: CellOutput[]; /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1399,12 +1384,12 @@ export namespace ListCellsResponse { export interface ListCrossAccountAuthorizationsRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1420,12 +1405,12 @@ export namespace ListCrossAccountAuthorizationsRequest { export interface ListCrossAccountAuthorizationsResponse { /** - * A list of CrossAccountAuthorizations + *A list of cross-account authorizations.
*/ CrossAccountAuthorizations?: string[]; /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1441,12 +1426,12 @@ export namespace ListCrossAccountAuthorizationsResponse { export interface ListReadinessChecksRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1462,12 +1447,12 @@ export namespace ListReadinessChecksRequest { export interface ListReadinessChecksResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * A list of ReadinessCheck associated with the account + *A list of readiness checks associated with the account.
*/ ReadinessChecks?: ReadinessCheckOutput[]; } @@ -1483,12 +1468,12 @@ export namespace ListReadinessChecksResponse { export interface ListRecoveryGroupsRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1504,12 +1489,12 @@ export namespace ListRecoveryGroupsRequest { export interface ListRecoveryGroupsResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * A list of RecoveryGroups + *A list of recovery groups.
*/ RecoveryGroups?: RecoveryGroupOutput[]; } @@ -1525,12 +1510,12 @@ export namespace ListRecoveryGroupsResponse { export interface ListResourceSetsRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; } @@ -1546,12 +1531,12 @@ export namespace ListResourceSetsRequest { export interface ListResourceSetsResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * A list of ResourceSets associated with the account + *A list of resource sets associated with the account.
*/ ResourceSets?: ResourceSetOutput[]; } @@ -1567,17 +1552,17 @@ export namespace ListResourceSetsResponse { export interface ListRulesRequest { /** - * Upper bound on number of records to return. + *The number of objects that you want to return with this call.
*/ MaxResults?: number; /** - * A token used to resume pagination from the end of a previous request. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * Filter parameter which specifies the rules to return given a resource type. + *The resource type that a readiness rule applies to.
*/ ResourceType?: string; } @@ -1593,12 +1578,12 @@ export namespace ListRulesRequest { export interface ListRulesResponse { /** - * A token that can be used to resume pagination from the end of the collection. + *The token that identifies which batch of results you want to see.
*/ NextToken?: string; /** - * A list of rules + *A list of readiness rules for a specific resource type.
*/ Rules?: ListRulesOutput[]; } @@ -1614,7 +1599,7 @@ export namespace ListRulesResponse { export interface ListTagsForResourcesRequest { /** - * The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource. + *The Amazon Resource Name (ARN) for a resource.
*/ ResourceArn: string | undefined; } @@ -1630,7 +1615,7 @@ export namespace ListTagsForResourcesRequest { export interface ListTagsForResourcesResponse { /** - * A collection of tags associated with a resource + * */ Tags?: { [key: string]: string }; } @@ -1646,12 +1631,12 @@ export namespace ListTagsForResourcesResponse { export interface TagResourceRequest { /** - * The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource. + *The Amazon Resource Name (ARN) for a resource.
*/ ResourceArn: string | undefined; /** - * A collection of tags associated with a resource + * */ Tags: { [key: string]: string } | undefined; } @@ -1678,12 +1663,12 @@ export namespace TagResourceResponse { export interface UntagResourceRequest { /** - * The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource. + *The Amazon Resource Name (ARN) for a resource.
*/ ResourceArn: string | undefined; /** - * A comma-separated list of the tag keys to remove from the resource. + *The keys for tags you add to resources.
*/ TagKeys: string[] | undefined; } @@ -1697,17 +1682,14 @@ export namespace UntagResourceRequest { }); } -/** - * Parameters to update for the Cell - */ export interface UpdateCellRequest { /** - * The Cell to update + *The name of the cell.
*/ CellName: string | undefined; /** - * A list of Cell arns, completely replaces previous list + *A list of cell Amazon Resource Names (ARNs), which completely replaces the previous list.
*/ Cells: string[] | undefined; } @@ -1723,27 +1705,27 @@ export namespace UpdateCellRequest { export interface UpdateCellResponse { /** - * The arn for the Cell + *The Amazon Resource Name (ARN) for the cell.
*/ CellArn?: string; /** - * The name of the Cell + *The name of the cell.
*/ CellName?: string; /** - * A list of Cell arns + *A list of cell ARNs.
*/ Cells?: string[]; /** - * A list of Cell ARNs and/or RecoveryGroup ARNs + *The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
*/ ParentReadinessScopes?: string[]; /** - * A collection of tags associated with a resource + *Tags on the resources.
*/ Tags?: { [key: string]: string }; } @@ -1758,16 +1740,16 @@ export namespace UpdateCellResponse { } /** - * The new Readiness Check values + *Name of a readiness check to describe.
*/ export interface UpdateReadinessCheckRequest { /** - * The ReadinessCheck to update + *Name of a readiness check.
*/ ReadinessCheckName: string | undefined; /** - * The name of the ResourceSet to check + *The name of the resource set to be checked.
*/ ResourceSetName: string | undefined; } @@ -1783,22 +1765,22 @@ export namespace UpdateReadinessCheckRequest { export interface UpdateReadinessCheckResponse { /** - * Arn associated with ReadinessCheck + *The Amazon Resource Name (ARN) associated with a readiness check.
*/ ReadinessCheckArn?: string; /** - * Name for a ReadinessCheck + *Name of a readiness check.
*/ ReadinessCheckName?: string; /** - * Name of the ResourceSet to be checked + *Name of the resource set to be checked.
*/ ResourceSet?: string; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } @@ -1813,16 +1795,16 @@ export namespace UpdateReadinessCheckResponse { } /** - * Parameters to update for the RecoveryGroup + *Name of a recovery group.
*/ export interface UpdateRecoveryGroupRequest { /** - * A list of Cell arns, completely replaces previous list + *A list of cell Amazon Resource Names (ARNs). This list completely replaces the previous list.
*/ Cells: string[] | undefined; /** - * The RecoveryGroup to update + *The name of a recovery group.
*/ RecoveryGroupName: string | undefined; } @@ -1838,22 +1820,22 @@ export namespace UpdateRecoveryGroupRequest { export interface UpdateRecoveryGroupResponse { /** - * A list of Cell arns + *A list of a cell's Amazon Resource Names (ARNs).
*/ Cells?: string[]; /** - * The arn for the RecoveryGroup + *The Amazon Resource Name (ARN) for the recovery group.
*/ RecoveryGroupArn?: string; /** - * The name of the RecoveryGroup + *The name of the recovery group.
*/ RecoveryGroupName?: string; /** - * A collection of tags associated with a resource + *The tags associated with the recovery group.
*/ Tags?: { [key: string]: string }; } @@ -1868,21 +1850,21 @@ export namespace UpdateRecoveryGroupResponse { } /** - * configuration for the desired + *Name of a resource set.
*/ export interface UpdateResourceSetRequest { /** - * The ResourceSet to update + *Name of a resource set.
*/ ResourceSetName: string | undefined; /** - * AWS Resource Type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType: string | undefined; /** - * A list of Resource objects + *A list of resource objects.
*/ Resources: Resource[] | undefined; } @@ -1898,27 +1880,27 @@ export namespace UpdateResourceSetRequest { export interface UpdateResourceSetResponse { /** - * The arn for the ResourceSet + *The Amazon Resource Name (ARN) for the resource set.
*/ ResourceSetArn?: string; /** - * The name of the ResourceSet + *The name of the resource set.
*/ ResourceSetName?: string; /** - * AWS Resource Type of the resources in the ResourceSet + *The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
*/ ResourceSetType?: string; /** - * A list of Resource objects + *A list of resource objects.
*/ Resources?: Resource[]; /** - * A collection of tags associated with a resource + *A collection of tags associated with a resource.
*/ Tags?: { [key: string]: string }; } diff --git a/clients/client-sagemaker/src/SageMaker.ts b/clients/client-sagemaker/src/SageMaker.ts index a15589b28d2b..cea6dfbdcdac 100644 --- a/clients/client-sagemaker/src/SageMaker.ts +++ b/clients/client-sagemaker/src/SageMaker.ts @@ -8994,14 +8994,14 @@ export class SageMaker extends SageMakerClient { * *A pipeline execution won't stop while a callback step is running.
* When you call StopPipelineExecution
- * on a pipeline execution with a running callback step, Amazon SageMaker Pipelines sends an
+ * on a pipeline execution with a running callback step, SageMaker Pipelines sends an
* additional Amazon SQS message to the specified SQS queue. The body of the SQS message
* contains a "Status" field which is set to "Stopping".
You should add logic to your Amazon SQS message consumer to take any needed action (for
* example, resource cleanup) upon receipt of the message followed by a call to
* SendPipelineExecutionStepSuccess or
* SendPipelineExecutionStepFailure.
Only when Amazon SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
+ *Only when SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
* ** Lambda Step diff --git a/clients/client-sagemaker/src/commands/ListTrainingJobsForHyperParameterTuningJobCommand.ts b/clients/client-sagemaker/src/commands/ListTrainingJobsForHyperParameterTuningJobCommand.ts index 6b5a82e37554..fa7bb55e4208 100644 --- a/clients/client-sagemaker/src/commands/ListTrainingJobsForHyperParameterTuningJobCommand.ts +++ b/clients/client-sagemaker/src/commands/ListTrainingJobsForHyperParameterTuningJobCommand.ts @@ -11,8 +11,10 @@ import { SerdeContext as __SerdeContext, } from "@aws-sdk/types"; -import { ListTrainingJobsForHyperParameterTuningJobRequest } from "../models/models_2"; -import { ListTrainingJobsForHyperParameterTuningJobResponse } from "../models/models_3"; +import { + ListTrainingJobsForHyperParameterTuningJobRequest, + ListTrainingJobsForHyperParameterTuningJobResponse, +} from "../models/models_3"; import { deserializeAws_json1_1ListTrainingJobsForHyperParameterTuningJobCommand, serializeAws_json1_1ListTrainingJobsForHyperParameterTuningJobCommand, diff --git a/clients/client-sagemaker/src/commands/StopPipelineExecutionCommand.ts b/clients/client-sagemaker/src/commands/StopPipelineExecutionCommand.ts index 4ac1ed30faa1..f5e11d1cb7cd 100644 --- a/clients/client-sagemaker/src/commands/StopPipelineExecutionCommand.ts +++ b/clients/client-sagemaker/src/commands/StopPipelineExecutionCommand.ts @@ -29,14 +29,14 @@ export interface StopPipelineExecutionCommandOutput extends StopPipelineExecutio *
*A pipeline execution won't stop while a callback step is running.
* When you call StopPipelineExecution
- * on a pipeline execution with a running callback step, Amazon SageMaker Pipelines sends an
+ * on a pipeline execution with a running callback step, SageMaker Pipelines sends an
* additional Amazon SQS message to the specified SQS queue. The body of the SQS message
* contains a "Status" field which is set to "Stopping".
You should add logic to your Amazon SQS message consumer to take any needed action (for
* example, resource cleanup) upon receipt of the message followed by a call to
* SendPipelineExecutionStepSuccess or
* SendPipelineExecutionStepFailure.
Only when Amazon SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
+ *Only when SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
* ** Lambda Step diff --git a/clients/client-sagemaker/src/models/models_0.ts b/clients/client-sagemaker/src/models/models_0.ts index 01adf11aa27a..d727efeb19db 100644 --- a/clients/client-sagemaker/src/models/models_0.ts +++ b/clients/client-sagemaker/src/models/models_0.ts @@ -5857,6 +5857,7 @@ export enum TargetDevice { export enum TargetPlatformAccelerator { INTEL_GRAPHICS = "INTEL_GRAPHICS", MALI = "MALI", + NNA = "NNA", NVIDIA = "NVIDIA", } @@ -9637,9 +9638,7 @@ export interface CreateEndpointConfigInput { /** *
Specifies configuration for how an endpoint performs asynchronous inference.
* This is a required field in order for your Endpoint to be invoked using
- *
- * InvokeEndpointAsync
- * .
The container for the metadata for Fail step.
+ */ +export interface FailStepMetadata { + /** + *A message that you define and then is processed and rendered by + * the Fail step when the error occurs.
+ */ + ErrorMessage?: string; +} + +export namespace FailStepMetadata { + /** + * @internal + */ + export const filterSensitiveLog = (obj: FailStepMetadata): any => ({ + ...obj, + }); +} + /** *Amazon SageMaker Feature Store stores features in a collection called Feature Group. * A Feature Group can be visualized as a table which has rows, @@ -8447,16 +8467,17 @@ export interface ListModelPackagesInput { ModelPackageGroupName?: string; /** - *
A filter that returns onlyl the model packages of the specified type. This can be one + *
A filter that returns only the model packages of the specified type. This can be one * of the following values.
*
- * VERSIONED - List only versioned models.
UNVERSIONED - List only unversioined models.
+ * This is the default value if no ModelPackageType is specified.
*
- * UNVERSIONED - List only unversioined models.
VERSIONED - List only versioned models.
* @@ -9478,6 +9499,11 @@ export interface PipelineExecutionSummary { *
The display name of the pipeline execution.
*/ PipelineExecutionDisplayName?: string; + + /** + *A message generated by SageMaker Pipelines describing why the pipeline execution failed.
+ */ + PipelineExecutionFailureReason?: string; } export namespace PipelineExecutionSummary { @@ -9850,6 +9876,11 @@ export interface PipelineExecutionStepMetadata { *The configurations and outcomes of an EMR step execution.
*/ EMR?: EMRStepMetadata; + + /** + *The configurations and outcomes of a Fail step execution.
+ */ + Fail?: FailStepMetadata; } export namespace PipelineExecutionStepMetadata { @@ -9910,7 +9941,7 @@ export interface PipelineExecutionStep { CacheHitResult?: CacheHitResult; /** - *The current attempt of the execution step. For more information, see Retry Policy for Amazon SageMaker Pipelines steps.
+ *The current attempt of the execution step. For more information, see Retry Policy for SageMaker Pipelines steps.
*/ AttemptCount?: number; @@ -10809,54 +10840,3 @@ export enum TrainingJobSortByOptions { Name = "Name", Status = "Status", } - -export interface ListTrainingJobsForHyperParameterTuningJobRequest { - /** - *The name of the tuning job whose training jobs you want to list.
- */ - HyperParameterTuningJobName: string | undefined; - - /** - *If the result of the previous ListTrainingJobsForHyperParameterTuningJob
- * request was truncated, the response includes a NextToken. To retrieve the
- * next set of training jobs, use the token in the next request.
The maximum number of training jobs to return. The default value is 10.
- */ - MaxResults?: number; - - /** - *A filter that returns only training jobs with the - * specified - * status.
- */ - StatusEquals?: TrainingJobStatus | string; - - /** - *The field to sort
- * results
- * by. The default is Name.
If the value of this field is FinalObjectiveMetricValue, any training
- * jobs that did not return an objective metric are not listed.
The sort order
- * for
- * results. The default is Ascending.
The name of the tuning job whose training jobs you want to list.
+ */ + HyperParameterTuningJobName: string | undefined; + + /** + *If the result of the previous ListTrainingJobsForHyperParameterTuningJob
+ * request was truncated, the response includes a NextToken. To retrieve the
+ * next set of training jobs, use the token in the next request.
The maximum number of training jobs to return. The default value is 10.
+ */ + MaxResults?: number; + + /** + *A filter that returns only training jobs with the + * specified + * status.
+ */ + StatusEquals?: TrainingJobStatus | string; + + /** + *The field to sort
+ * results
+ * by. The default is Name.
If the value of this field is FinalObjectiveMetricValue, any training
+ * jobs that did not return an objective metric are not listed.
The sort order
+ * for
+ * results. The default is Ascending.
A list of TrainingJobSummary objects that diff --git a/clients/client-sagemaker/src/protocols/Aws_json1_1.ts b/clients/client-sagemaker/src/protocols/Aws_json1_1.ts index da0a92774f46..57725c54be55 100644 --- a/clients/client-sagemaker/src/protocols/Aws_json1_1.ts +++ b/clients/client-sagemaker/src/protocols/Aws_json1_1.ts @@ -1215,6 +1215,7 @@ import { EndpointSummary, Experiment, ExperimentSummary, + FailStepMetadata, FeatureGroup, FeatureGroupSummary, Filter, @@ -1339,7 +1340,6 @@ import { ListSubscribedWorkteamsResponse, ListTagsInput, ListTagsOutput, - ListTrainingJobsForHyperParameterTuningJobRequest, ListTrainingJobsRequest, ListTrainingJobsResponse, MetricData, @@ -1390,6 +1390,7 @@ import { Workteam, } from "../models/models_2"; import { + ListTrainingJobsForHyperParameterTuningJobRequest, ListTrainingJobsForHyperParameterTuningJobResponse, ListTransformJobsRequest, ListTransformJobsResponse, @@ -30875,6 +30876,12 @@ const deserializeAws_json1_1Explainability = (output: any, context: __SerdeConte } as any; }; +const deserializeAws_json1_1FailStepMetadata = (output: any, context: __SerdeContext): FailStepMetadata => { + return { + ErrorMessage: __expectString(output.ErrorMessage), + } as any; +}; + const deserializeAws_json1_1FeatureDefinition = (output: any, context: __SerdeContext): FeatureDefinition => { return { FeatureName: __expectString(output.FeatureName), @@ -34534,6 +34541,10 @@ const deserializeAws_json1_1PipelineExecutionStepMetadata = ( output.EMR !== undefined && output.EMR !== null ? deserializeAws_json1_1EMRStepMetadata(output.EMR, context) : undefined, + Fail: + output.Fail !== undefined && output.Fail !== null + ? deserializeAws_json1_1FailStepMetadata(output.Fail, context) + : undefined, Lambda: output.Lambda !== undefined && output.Lambda !== null ? deserializeAws_json1_1LambdaStepMetadata(output.Lambda, context) @@ -34577,6 +34588,7 @@ const deserializeAws_json1_1PipelineExecutionSummary = ( PipelineExecutionArn: __expectString(output.PipelineExecutionArn), PipelineExecutionDescription: __expectString(output.PipelineExecutionDescription), PipelineExecutionDisplayName: __expectString(output.PipelineExecutionDisplayName), + PipelineExecutionFailureReason: __expectString(output.PipelineExecutionFailureReason), PipelineExecutionStatus: __expectString(output.PipelineExecutionStatus), StartTime: output.StartTime !== undefined && output.StartTime !== null diff --git a/clients/client-secrets-manager/README.md b/clients/client-secrets-manager/README.md index b5f20ece1eda..ed4fce3f8fa5 100644 --- a/clients/client-secrets-manager/README.md +++ b/clients/client-secrets-manager/README.md @@ -19,41 +19,14 @@ service, see the Tools for Amazon Web Services.
- -We recommend you use the Amazon Web Services SDKs to make programmatic API calls to Secrets Manager. However, you -also can use the Secrets Manager HTTP Query API to make direct calls to the Secrets Manager web service. To learn -more about the Secrets Manager HTTP Query API, see Making Query Requests in the -Amazon Web Services Secrets Manager User Guide.
-Secrets Manager API supports GET and POST requests for all actions, and doesn't require you to use -GET for some actions and POST for others. However, GET requests are subject to the limitation -size of a URL. Therefore, for operations that require larger sizes, use a POST request.
Support and Feedback for Amazon Web Services Secrets Manager
-We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more information about the Amazon Web Services Discussion Forums, see Forums Help.
--How examples are presented -
- -The JSON that Amazon Web Services Secrets Manager expects as your request parameters and the service returns as a -response to HTTP query requests contain single, long strings without line breaks or white -space formatting. The JSON shown in the examples displays the code formatted with both line -breaks and white space to improve readability. When example input parameters can also cause -long strings extending beyond the screen, you can insert line breaks to enhance readability. -You should always submit the input as a single JSON text string.
-Logging API Requests
diff --git a/clients/client-secrets-manager/src/SecretsManager.ts b/clients/client-secrets-manager/src/SecretsManager.ts index fc5d8c3590d3..d5dda6fb573e 100644 --- a/clients/client-secrets-manager/src/SecretsManager.ts +++ b/clients/client-secrets-manager/src/SecretsManager.ts @@ -116,21 +116,14 @@ import { SecretsManagerClient } from "./SecretsManagerClient"; * * *This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
- *As an alternative to using the API, you can use one of the Amazon Web Services SDKs, which consist of - * libraries and sample code for various programming languages and platforms such as Java, - * Ruby, .NET, iOS, and Android. The SDKs provide a convenient way to create programmatic - * access to Amazon Web Services Secrets Manager. For example, the SDKs provide cryptographically signing requests, - * managing errors, and retrying requests automatically. For more information about the Amazon Web Services - * SDKs, including downloading and installing them, see Tools for Amazon Web Services.
- *We recommend you use the Amazon Web Services SDKs to make programmatic API calls to Secrets Manager. However, you - * also can use the Secrets Manager HTTP Query API to make direct calls to the Secrets Manager web service. To learn - * more about the Secrets Manager HTTP Query API, see Making Query Requests in the - * Amazon Web Services Secrets Manager User Guide.
- *Secrets Manager API supports GET and POST requests for all actions, and doesn't require you to use - * GET for some actions and POST for others. However, GET requests are subject to the limitation - * size of a URL. Therefore, for operations that require larger sizes, use a POST request.
+ * + * + * + * + * + * + * + * * * * @@ -141,24 +134,11 @@ import { SecretsManagerClient } from "./SecretsManagerClient"; ** Support and Feedback for Amazon Web Services Secrets Manager *
- * *We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more * information about the Amazon Web Services Discussion Forums, see Forums * Help.
* *- * How examples are presented - *
- * - *The JSON that Amazon Web Services Secrets Manager expects as your request parameters and the service returns as a - * response to HTTP query requests contain single, long strings without line breaks or white - * space formatting. The JSON shown in the examples displays the code formatted with both line - * breaks and white space to improve readability. When example input parameters can also cause - * long strings extending beyond the screen, you can insert line breaks to enhance readability. - * You should always submit the input as a single JSON text string.
- * - * - ** Logging API Requests *
*Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services @@ -182,6 +162,12 @@ export class SecretsManager extends SecretsManagerClient { * new version to see if it should be deleted. You can delete a version by removing all staging labels * from it.
* + *
+ * Required permissions:
+ * secretsmanager:CancelRotateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then
* you can't use aws/secretsmanager to encrypt the secret, and you must create
* and use a customer managed KMS key.
+ * Required permissions:
+ * secretsmanager:CreateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Deletes the resource-based permission policy attached to the secret. To attach a policy to * a secret, use PutResourcePolicy.
+ *
+ * Required permissions:
+ * secretsmanager:DeleteResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
DeletionDate and cancel the deletion of the secret.
* In a secret scheduled for deletion, you cannot access the encrypted secret value. * To access that information, first cancel the deletion with RestoreSecret and then retrieve the information.
+ *
+ * Required permissions:
+ * secretsmanager:DeleteSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager * only returns fields that have a value in the response.
+ *
+ * Required permissions:
+ * secretsmanager:DescribeSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Generates a random password. We recommend that you specify the * maximum length and include every character type that the system you are generating a password * for can support.
+ *
+ * Required permissions:
+ * secretsmanager:GetRandomPassword.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:GetResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Retrieves the contents of the encrypted fields SecretString or
* SecretBinary from the specified version of a secret, whichever contains
* content.
For information about retrieving the secret value in the console, see Retrieve secrets.
- *To run this command, you must have secretsmanager:GetSecretValue permissions.
+ *
We recommend that you cache your secret values by using client-side caching. + * Caching secrets improves speed and reduces your costs. For more information, see Cache secrets for + * your applications.
+ * + *
+ * Required permissions:
+ * secretsmanager:GetSecretValue.
* If the secret is encrypted using a customer-managed key instead of the Amazon Web Services managed key
- * aws/secretsmanager, then you also need kms:Decrypt permissions for that key.
aws/secretsmanager, then you also need kms:Decrypt permissions for that key.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
*/
public getSecretValue(
args: GetSecretValueCommandInput,
@@ -482,10 +512,11 @@ export class SecretsManager extends SecretsManagerClient {
* For information about finding secrets in the console, see Enhanced search capabilities * for secrets in Secrets Manager.
*- * Minimum - * permissions - *
- *To run this command, you must have secretsmanager:ListSecrets permissions.
secretsmanager:ListSecrets.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
*/
public listSecrets(args: ListSecretsCommandInput, options?: __HttpHandlerOptions): PromiseTo list the secrets in the account, use ListSecrets.
*To get the secret value from SecretString or SecretBinary,
* call GetSecretValue.
- * Minimum - * permissions - *
- *To run this command, you must have secretsmanager:ListSecretVersionIds permissions.
secretsmanager:ListSecretVersionIds.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
*/
public listSecretVersionIds(
args: ListSecretVersionIdsCommandInput,
@@ -557,6 +588,12 @@ export class SecretsManager extends SecretsManagerClient {
*
* For information about attaching a policy in the console, see Attach a * permissions policy to a secret.
+ *
+ * Required permissions:
+ * secretsmanager:PutResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:PutSecretValue.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.
+ *
+ * Required permissions:
+ * secretsmanager:RemoveRegionsFromReplication.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Replicates the secret to a new Regions. See Multi-Region secrets.
+ *
+ * Required permissions:
+ * secretsmanager:ReplicateSecretToRegions.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Cancels the scheduled deletion of a secret by removing the DeletedDate time
* stamp. You can access a secret again after it has been restored.
+ * Required permissions:
+ * secretsmanager:RestoreSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the AWSPENDING staging label is present but not attached to the same version as
* AWSCURRENT, then any later invocation of RotateSecret assumes that a previous
* rotation request is still in progress and returns an error.
To run this command, you must have secretsmanager:RotateSecret permissions and
- * lambda:InvokeFunction permissions on the function specified in the secret's metadata.
+ * Required permissions:
+ * secretsmanager:RotateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager. You also need lambda:InvokeFunction permissions on the rotation function.
+ * For more information, see
+ * Permissions for rotation.
Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.
*You must call this operation from the Region in which you want to promote the replica to a primary secret.
+ *
+ * Required permissions:
+ * secretsmanager:StopReplicationToReplica.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:TagResource.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:UntagResource.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't
* use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed key.
To run this command, you must have secretsmanager:UpdateSecret permissions. If you use a
- * customer managed key, you must also have kms:GenerateDataKey and kms:Decrypt permissions .
+ * Required permissions:
+ * secretsmanager:UpdateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * If you use a customer managed key, you must also have kms:GenerateDataKey and
+ * kms:Decrypt permissions on the key. For more information, see
+ * Secret encryption and decryption.
If this action results in the last label being removed from a version, then the version is * considered to be 'deprecated' and can be deleted by Secrets Manager.
+ *
+ * Required permissions:
+ * secretsmanager:UpdateSecretVersionStage.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Verifies the policy does not lock out a caller.
*
+ * Required permissions:
+ * secretsmanager:ValidateResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
This version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
- *As an alternative to using the API, you can use one of the Amazon Web Services SDKs, which consist of - * libraries and sample code for various programming languages and platforms such as Java, - * Ruby, .NET, iOS, and Android. The SDKs provide a convenient way to create programmatic - * access to Amazon Web Services Secrets Manager. For example, the SDKs provide cryptographically signing requests, - * managing errors, and retrying requests automatically. For more information about the Amazon Web Services - * SDKs, including downloading and installing them, see Tools for Amazon Web Services.
- *We recommend you use the Amazon Web Services SDKs to make programmatic API calls to Secrets Manager. However, you - * also can use the Secrets Manager HTTP Query API to make direct calls to the Secrets Manager web service. To learn - * more about the Secrets Manager HTTP Query API, see Making Query Requests in the - * Amazon Web Services Secrets Manager User Guide.
- *Secrets Manager API supports GET and POST requests for all actions, and doesn't require you to use - * GET for some actions and POST for others. However, GET requests are subject to the limitation - * size of a URL. Therefore, for operations that require larger sizes, use a POST request.
+ * + * + * + * + * + * + * + * * * * @@ -333,24 +326,11 @@ export interface SecretsManagerClientResolvedConfig extends SecretsManagerClient ** Support and Feedback for Amazon Web Services Secrets Manager *
- * *We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more * information about the Amazon Web Services Discussion Forums, see Forums * Help.
* *- * How examples are presented - *
- * - *The JSON that Amazon Web Services Secrets Manager expects as your request parameters and the service returns as a - * response to HTTP query requests contain single, long strings without line breaks or white - * space formatting. The JSON shown in the examples displays the code formatted with both line - * breaks and white space to improve readability. When example input parameters can also cause - * long strings extending beyond the screen, you can insert line breaks to enhance readability. - * You should always submit the input as a single JSON text string.
- * - * - ** Logging API Requests *
*Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services diff --git a/clients/client-secrets-manager/src/commands/CancelRotateSecretCommand.ts b/clients/client-secrets-manager/src/commands/CancelRotateSecretCommand.ts index 4a00042939a2..196a25aae365 100644 --- a/clients/client-secrets-manager/src/commands/CancelRotateSecretCommand.ts +++ b/clients/client-secrets-manager/src/commands/CancelRotateSecretCommand.ts @@ -33,6 +33,12 @@ export interface CancelRotateSecretCommandOutput extends CancelRotateSecretRespo * new version to see if it should be deleted. You can delete a version by removing all staging labels * from it.
* + *
+ * Required permissions:
+ * secretsmanager:CancelRotateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then
* you can't use aws/secretsmanager to encrypt the secret, and you must create
* and use a customer managed KMS key.
+ * Required permissions:
+ * secretsmanager:CreateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Deletes the resource-based permission policy attached to the secret. To attach a policy to * a secret, use PutResourcePolicy.
+ *
+ * Required permissions:
+ * secretsmanager:DeleteResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
DeletionDate and cancel the deletion of the secret.
* In a secret scheduled for deletion, you cannot access the encrypted secret value. * To access that information, first cancel the deletion with RestoreSecret and then retrieve the information.
+ *
+ * Required permissions:
+ * secretsmanager:DeleteSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager * only returns fields that have a value in the response.
+ *
+ * Required permissions:
+ * secretsmanager:DescribeSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Generates a random password. We recommend that you specify the * maximum length and include every character type that the system you are generating a password * for can support.
+ *
+ * Required permissions:
+ * secretsmanager:GetRandomPassword.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:GetResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Retrieves the contents of the encrypted fields SecretString or
* SecretBinary from the specified version of a secret, whichever contains
* content.
For information about retrieving the secret value in the console, see Retrieve secrets.
- *To run this command, you must have secretsmanager:GetSecretValue permissions.
+ *
We recommend that you cache your secret values by using client-side caching. + * Caching secrets improves speed and reduces your costs. For more information, see Cache secrets for + * your applications.
+ * + *
+ * Required permissions:
+ * secretsmanager:GetSecretValue.
* If the secret is encrypted using a customer-managed key instead of the Amazon Web Services managed key
- * aws/secretsmanager, then you also need kms:Decrypt permissions for that key.
aws/secretsmanager, then you also need kms:Decrypt permissions for that key.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
diff --git a/clients/client-secrets-manager/src/commands/ListSecretVersionIdsCommand.ts b/clients/client-secrets-manager/src/commands/ListSecretVersionIdsCommand.ts
index 1eac9a10f58d..a84316ca2200 100644
--- a/clients/client-secrets-manager/src/commands/ListSecretVersionIdsCommand.ts
+++ b/clients/client-secrets-manager/src/commands/ListSecretVersionIdsCommand.ts
@@ -26,12 +26,12 @@ export interface ListSecretVersionIdsCommandOutput extends ListSecretVersionIdsR
* To list the secrets in the account, use ListSecrets.
*To get the secret value from SecretString or SecretBinary,
* call GetSecretValue.
- * Minimum - * permissions - *
- *To run this command, you must have secretsmanager:ListSecretVersionIds permissions.
secretsmanager:ListSecretVersionIds.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
diff --git a/clients/client-secrets-manager/src/commands/ListSecretsCommand.ts b/clients/client-secrets-manager/src/commands/ListSecretsCommand.ts
index 8c0445b82218..c6aa5213ee19 100644
--- a/clients/client-secrets-manager/src/commands/ListSecretsCommand.ts
+++ b/clients/client-secrets-manager/src/commands/ListSecretsCommand.ts
@@ -29,10 +29,11 @@ export interface ListSecretsCommandOutput extends ListSecretsResponse, __Metadat
* For information about finding secrets in the console, see Enhanced search capabilities * for secrets in Secrets Manager.
*- * Minimum - * permissions - *
- *To run this command, you must have secretsmanager:ListSecrets permissions.
secretsmanager:ListSecrets.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
diff --git a/clients/client-secrets-manager/src/commands/PutResourcePolicyCommand.ts b/clients/client-secrets-manager/src/commands/PutResourcePolicyCommand.ts
index b3b5d89646e8..683383a31d02 100644
--- a/clients/client-secrets-manager/src/commands/PutResourcePolicyCommand.ts
+++ b/clients/client-secrets-manager/src/commands/PutResourcePolicyCommand.ts
@@ -27,6 +27,12 @@ export interface PutResourcePolicyCommandOutput extends PutResourcePolicyRespons
*
* For information about attaching a policy in the console, see Attach a * permissions policy to a secret.
+ *
+ * Required permissions:
+ * secretsmanager:PutResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:PutSecretValue.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.
+ *
+ * Required permissions:
+ * secretsmanager:RemoveRegionsFromReplication.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Replicates the secret to a new Regions. See Multi-Region secrets.
+ *
+ * Required permissions:
+ * secretsmanager:ReplicateSecretToRegions.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Cancels the scheduled deletion of a secret by removing the DeletedDate time
* stamp. You can access a secret again after it has been restored.
+ * Required permissions:
+ * secretsmanager:RestoreSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the AWSPENDING staging label is present but not attached to the same version as
* AWSCURRENT, then any later invocation of RotateSecret assumes that a previous
* rotation request is still in progress and returns an error.
To run this command, you must have secretsmanager:RotateSecret permissions and
- * lambda:InvokeFunction permissions on the function specified in the secret's metadata.
+ * Required permissions:
+ * secretsmanager:RotateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager. You also need lambda:InvokeFunction permissions on the rotation function.
+ * For more information, see
+ * Permissions for rotation.
Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.
*You must call this operation from the Region in which you want to promote the replica to a primary secret.
+ *
+ * Required permissions:
+ * secretsmanager:StopReplicationToReplica.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:TagResource.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * Required permissions:
+ * secretsmanager:UntagResource.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't
* use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed key.
To run this command, you must have secretsmanager:UpdateSecret permissions. If you use a
- * customer managed key, you must also have kms:GenerateDataKey and kms:Decrypt permissions .
+ * Required permissions:
+ * secretsmanager:UpdateSecret.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
+ * If you use a customer managed key, you must also have kms:GenerateDataKey and
+ * kms:Decrypt permissions on the key. For more information, see
+ * Secret encryption and decryption.
If this action results in the last label being removed from a version, then the version is * considered to be 'deprecated' and can be deleted by Secrets Manager.
+ *
+ * Required permissions:
+ * secretsmanager:UpdateSecretVersionStage.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
Verifies the policy does not lock out a caller.
*
+ * Required permissions:
+ * secretsmanager:ValidateResourcePolicy.
+ * For more information, see
+ * IAM policy actions for Secrets Manager and Authentication
+ * and access control in Secrets Manager.
The parameter name is invalid value.
+ *The parameter name or value is invalid.
*/ export interface InvalidParameterException extends __SmithyException, $MetadataBearer { name: "InvalidParameterException"; @@ -396,6 +396,15 @@ export namespace CreateSecretResponse { }); } +/** + *Secrets Manager can't decrypt the protected secret text using the provided KMS key.
+ */ +export interface DecryptionFailure extends __SmithyException, $MetadataBearer { + name: "DecryptionFailure"; + $fault: "client"; + Message?: string; +} + /** *Secrets Manager can't encrypt the protected secret text using the provided KMS key. Check that the * KMS key is available, enabled, and not in an invalid state. For more @@ -443,15 +452,6 @@ export interface ResourceExistsException extends __SmithyException, $MetadataBea Message?: string; } -/** - *
Secrets Manager can't decrypt the protected secret text using the provided KMS key.
- */ -export interface DecryptionFailure extends __SmithyException, $MetadataBearer { - name: "DecryptionFailure"; - $fault: "client"; - Message?: string; -} - export interface DeleteResourcePolicyRequest { /** *The ARN or name of the secret to delete the attached resource-based policy for.
@@ -584,14 +584,45 @@ export namespace DescribeSecretRequest { */ export interface RotationRulesType { /** - *Specifies the number of days between automatic scheduled rotations of the secret.
- *Secrets Manager schedules the next rotation when the previous - * one is complete. Secrets Manager schedules the date by adding the rotation interval (number of days) to the - * actual date of the last rotation. The service chooses the hour within that 24-hour date window - * randomly. The minute is also chosen somewhat randomly, but weighted towards the top of the hour - * and influenced by a variety of factors that help distribute load.
+ *The number of days between automatic scheduled rotations of the secret. You can use this + * value to check that your secret meets your compliance guidelines for how often secrets must + * be rotated.
+ *In DescribeSecret and ListSecrets, this value is calculated from
+ * the rotation schedule after every successful rotation. In RotateSecret, you can
+ * set the rotation schedule in RotationRules with AutomaticallyAfterDays
+ * or ScheduleExpression, but not both.
The length of the rotation window in hours, for example 3h for a three hour window. Secrets Manager
+ * rotates your secret at any time during this window. The window must not go into the next UTC
+ * day. If you don't specify this value, the window automatically ends at the end of
+ * the UTC day. The window begins according to the ScheduleExpression. For more
+ * information, including examples, see Schedule expressions
+ * in Secrets Manager rotation.
A cron() or rate() expression that defines the schedule for
+ * rotating your secret. Secrets Manager rotation schedules use UTC time zone.
Secrets Manager rate() expressions
+ * represent the interval in days that you want to rotate your secret, for example
+ * rate(10 days). If you use a rate() expression, the rotation
+ * window opens at midnight, and Secrets Manager rotates your secret any time that day after midnight.
+ * You can set a Duration to shorten the rotation window.
You can use a cron() expression to create rotation schedules that are
+ * more detailed than a rotation interval. For more information, including examples, see
+ * Schedule expressions
+ * in Secrets Manager rotation. If you use a cron() expression, Secrets Manager rotates
+ * your secret any time during that day after the window opens. For example,
+ * cron(0 8 1 * ? *) represents a rotation window that occurs on the first
+ * day of every month beginning at 8:00 AM UTC. Secrets Manager rotates the secret any time that day
+ * after 8:00 AM. You can set a Duration to shorten
+ * the rotation window.
A structure that contains the details about a secret. It does not include the encrypted
- * SecretString and SecretBinary values. To get those values, use the
- * GetSecretValue operation.
SecretString and SecretBinary values. To get those values, use
+ * GetSecretValue
+ * .
*/
export interface SecretListEntry {
/**
@@ -1109,7 +1141,9 @@ export interface SecretListEntry {
/**
* The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the - * secret either automatically per the schedule or manually by a call to RotateSecret.
+ * secret either automatically per the schedule or manually by a call to + *RotateSecret
+ * .
*/
RotationLambdaARN?: string;
@@ -1137,13 +1171,20 @@ export interface SecretListEntry {
/**
* The date and time the deletion of the secret occurred. Not present on active secrets. The
* secret can be recovered until the number of days in the recovery window has passed, as
- * specified in the RecoveryWindowInDays parameter of the DeleteSecret operation.
RecoveryWindowInDays parameter of the
+ * DeleteSecret
+ * operation.
*/
DeletedDate?: Date;
/**
* The list of user-defined tags associated with the secret. To add tags to a - * secret, use TagResource. To remove tags, use UntagResource.
+ * secret, use + *TagResource
+ * .
+ * To remove tags, use
+ * UntagResource
+ * .
*/
Tags?: Tag[];
@@ -1663,6 +1704,17 @@ export interface RotateSecretRequest {
* A structure that defines the rotation configuration for this secret.
*/ RotationRules?: RotationRulesType; + + /** + *Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. + * The rotation schedule is defined in RotateSecretRequest$RotationRules.
+ *If you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the
+ *
+ * testSecret
+ * step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.
If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.
+ */ + RotateImmediately?: boolean; } export namespace RotateSecretRequest { diff --git a/clients/client-secrets-manager/src/protocols/Aws_json1_1.ts b/clients/client-secrets-manager/src/protocols/Aws_json1_1.ts index ca326aa369fe..23df88ca6884 100644 --- a/clients/client-secrets-manager/src/protocols/Aws_json1_1.ts +++ b/clients/client-secrets-manager/src/protocols/Aws_json1_1.ts @@ -518,6 +518,14 @@ const deserializeAws_json1_1CreateSecretCommandError = async ( let errorCode = "UnknownError"; errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "DecryptionFailure": + case "com.amazonaws.secretsmanager#DecryptionFailure": + response = { + ...(await deserializeAws_json1_1DecryptionFailureResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "EncryptionFailure": case "com.amazonaws.secretsmanager#EncryptionFailure": response = { @@ -1338,6 +1346,14 @@ const deserializeAws_json1_1PutSecretValueCommandError = async ( let errorCode = "UnknownError"; errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "DecryptionFailure": + case "com.amazonaws.secretsmanager#DecryptionFailure": + response = { + ...(await deserializeAws_json1_1DecryptionFailureResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "EncryptionFailure": case "com.amazonaws.secretsmanager#EncryptionFailure": response = { @@ -1980,6 +1996,14 @@ const deserializeAws_json1_1UpdateSecretCommandError = async ( let errorCode = "UnknownError"; errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "DecryptionFailure": + case "com.amazonaws.secretsmanager#DecryptionFailure": + response = { + ...(await deserializeAws_json1_1DecryptionFailureResponse(parsedOutput, context)), + name: errorCode, + $metadata: deserializeMetadata(output), + }; + break; case "EncryptionFailure": case "com.amazonaws.secretsmanager#EncryptionFailure": response = { @@ -2661,6 +2685,8 @@ const serializeAws_json1_1RestoreSecretRequest = (input: RestoreSecretRequest, c const serializeAws_json1_1RotateSecretRequest = (input: RotateSecretRequest, context: __SerdeContext): any => { return { ClientRequestToken: input.ClientRequestToken ?? generateIdempotencyToken(), + ...(input.RotateImmediately !== undefined && + input.RotateImmediately !== null && { RotateImmediately: input.RotateImmediately }), ...(input.RotationLambdaARN !== undefined && input.RotationLambdaARN !== null && { RotationLambdaARN: input.RotationLambdaARN }), ...(input.RotationRules !== undefined && @@ -2675,6 +2701,9 @@ const serializeAws_json1_1RotationRulesType = (input: RotationRulesType, context return { ...(input.AutomaticallyAfterDays !== undefined && input.AutomaticallyAfterDays !== null && { AutomaticallyAfterDays: input.AutomaticallyAfterDays }), + ...(input.Duration !== undefined && input.Duration !== null && { Duration: input.Duration }), + ...(input.ScheduleExpression !== undefined && + input.ScheduleExpression !== null && { ScheduleExpression: input.ScheduleExpression }), }; }; @@ -3136,6 +3165,8 @@ const deserializeAws_json1_1RotateSecretResponse = (output: any, context: __Serd const deserializeAws_json1_1RotationRulesType = (output: any, context: __SerdeContext): RotationRulesType => { return { AutomaticallyAfterDays: __expectLong(output.AutomaticallyAfterDays), + Duration: __expectString(output.Duration), + ScheduleExpression: __expectString(output.ScheduleExpression), } as any; }; diff --git a/clients/client-securityhub/src/models/models_1.ts b/clients/client-securityhub/src/models/models_1.ts index d39c8242cf7a..400bd2f7575d 100644 --- a/clients/client-securityhub/src/models/models_1.ts +++ b/clients/client-securityhub/src/models/models_1.ts @@ -5310,6 +5310,11 @@ export interface AwsSecurityFinding { *In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.
Indicates whether the finding is a sample finding.
+ */ + Sample?: boolean; } export namespace AwsSecurityFinding { @@ -5615,6 +5620,25 @@ export namespace MapFilter { }); } +/** + *Boolean filter for querying findings.
+ */ +export interface BooleanFilter { + /** + *The value of the boolean.
+ */ + Value?: boolean; +} + +export namespace BooleanFilter { + /** + * @internal + */ + export const filterSensitiveLog = (obj: BooleanFilter): any => ({ + ...obj, + }); +} + /** *A collection of attributes that are applied to all active Security Hub-aggregated findings and * that result in a subset of findings that are included in this insight.
@@ -6205,6 +6229,11 @@ export interface AwsSecurityFindingFilters { * Behaviors | Sensitive Data Identifications */ FindingProviderFieldsTypes?: StringFilter[]; + + /** + *Indicates whether or not sample findings are included in the filter results.
+ */ + Sample?: BooleanFilter[]; } export namespace AwsSecurityFindingFilters { diff --git a/clients/client-securityhub/src/protocols/Aws_restJson1.ts b/clients/client-securityhub/src/protocols/Aws_restJson1.ts index 0689232107ac..6eeba918a247 100644 --- a/clients/client-securityhub/src/protocols/Aws_restJson1.ts +++ b/clients/client-securityhub/src/protocols/Aws_restJson1.ts @@ -528,6 +528,7 @@ import { AwsWafWebAclRule, AwsXrayEncryptionConfigDetails, BatchUpdateFindingsUnprocessedFinding, + BooleanFilter, Cell, ClassificationResult, ClassificationStatus, @@ -14273,6 +14274,7 @@ const serializeAws_restJson1AwsSecurityFinding = (input: AwsSecurityFinding, con input.Remediation !== null && { Remediation: serializeAws_restJson1Remediation(input.Remediation, context) }), ...(input.Resources !== undefined && input.Resources !== null && { Resources: serializeAws_restJson1ResourceList(input.Resources, context) }), + ...(input.Sample !== undefined && input.Sample !== null && { Sample: input.Sample }), ...(input.SchemaVersion !== undefined && input.SchemaVersion !== null && { SchemaVersion: input.SchemaVersion }), ...(input.Severity !== undefined && input.Severity !== null && { Severity: serializeAws_restJson1Severity(input.Severity, context) }), @@ -14650,6 +14652,8 @@ const serializeAws_restJson1AwsSecurityFindingFilters = ( input.ResourceType !== null && { ResourceType: serializeAws_restJson1StringFilterList(input.ResourceType, context), }), + ...(input.Sample !== undefined && + input.Sample !== null && { Sample: serializeAws_restJson1BooleanFilterList(input.Sample, context) }), ...(input.SeverityLabel !== undefined && input.SeverityLabel !== null && { SeverityLabel: serializeAws_restJson1StringFilterList(input.SeverityLabel, context), @@ -15012,6 +15016,23 @@ const serializeAws_restJson1BatchImportFindingsRequestFindingList = ( }); }; +const serializeAws_restJson1BooleanFilter = (input: BooleanFilter, context: __SerdeContext): any => { + return { + ...(input.Value !== undefined && input.Value !== null && { Value: input.Value }), + }; +}; + +const serializeAws_restJson1BooleanFilterList = (input: BooleanFilter[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + if (entry === null) { + return null as any; + } + return serializeAws_restJson1BooleanFilter(entry, context); + }); +}; + const serializeAws_restJson1Cell = (input: Cell, context: __SerdeContext): any => { return { ...(input.CellReference !== undefined && input.CellReference !== null && { CellReference: input.CellReference }), @@ -23663,6 +23684,7 @@ const deserializeAws_restJson1AwsSecurityFinding = (output: any, context: __Serd output.Resources !== undefined && output.Resources !== null ? deserializeAws_restJson1ResourceList(output.Resources, context) : undefined, + Sample: __expectBoolean(output.Sample), SchemaVersion: __expectString(output.SchemaVersion), Severity: output.Severity !== undefined && output.Severity !== null @@ -24013,6 +24035,10 @@ const deserializeAws_restJson1AwsSecurityFindingFilters = ( output.ResourceType !== undefined && output.ResourceType !== null ? deserializeAws_restJson1StringFilterList(output.ResourceType, context) : undefined, + Sample: + output.Sample !== undefined && output.Sample !== null + ? deserializeAws_restJson1BooleanFilterList(output.Sample, context) + : undefined, SeverityLabel: output.SeverityLabel !== undefined && output.SeverityLabel !== null ? deserializeAws_restJson1StringFilterList(output.SeverityLabel, context) @@ -24377,6 +24403,23 @@ const deserializeAws_restJson1BatchUpdateFindingsUnprocessedFindingsList = ( }); }; +const deserializeAws_restJson1BooleanFilter = (output: any, context: __SerdeContext): BooleanFilter => { + return { + Value: __expectBoolean(output.Value), + } as any; +}; + +const deserializeAws_restJson1BooleanFilterList = (output: any, context: __SerdeContext): BooleanFilter[] => { + return (output || []) + .filter((e: any) => e != null) + .map((entry: any) => { + if (entry === null) { + return null as any; + } + return deserializeAws_restJson1BooleanFilter(entry, context); + }); +}; + const deserializeAws_restJson1CategoryList = (output: any, context: __SerdeContext): string[] => { return (output || []) .filter((e: any) => e != null) diff --git a/codegen/sdk-codegen/aws-models/amplify.json b/codegen/sdk-codegen/aws-models/amplify.json index 2e8109188fc2..d0e2e115335c 100644 --- a/codegen/sdk-codegen/aws-models/amplify.json +++ b/codegen/sdk-codegen/aws-models/amplify.json @@ -50,6 +50,24 @@ }, "com.amazonaws.amplify#Amplify": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "Amplify", + "arnNamespace": "amplify", + "cloudFormationName": "Amplify", + "cloudTrailEventSource": "amplify.amazonaws.com", + "endpointPrefix": "amplify" + }, + "aws.auth#sigv4": { + "name": "amplify" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "Amplify enables developers to develop and deploy cloud-powered mobile and web apps.\n The Amplify Console provides a continuous delivery and hosting service for web\n applications. For more information, see the Amplify Console User Guide. The\n Amplify Framework is a comprehensive set of SDKs, libraries, tools, and documentation\n for client app development. For more information, see the Amplify Framework.\n
", + "smithy.api#title": "AWS Amplify", + "smithy.api#xmlNamespace": { + "uri": "http://amplify.amazonaws.com" + } + }, "version": "2017-07-25", "operations": [ { @@ -163,25 +181,7 @@ { "target": "com.amazonaws.amplify#UpdateWebhook" } - ], - "traits": { - "aws.api#service": { - "sdkId": "Amplify", - "arnNamespace": "amplify", - "cloudFormationName": "Amplify", - "cloudTrailEventSource": "amplify.amazonaws.com", - "endpointPrefix": "amplify" - }, - "aws.auth#sigv4": { - "name": "amplify" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amplify enables developers to develop and deploy cloud-powered mobile and web apps.\n The Amplify Console provides a continuous delivery and hosting service for web\n applications. For more information, see the Amplify Console User Guide. The\n Amplify Framework is a comprehensive set of SDKs, libraries, tools, and documentation\n for client app development. For more information, see the Amplify Framework.\n
", - "smithy.api#title": "AWS Amplify", - "smithy.api#xmlNamespace": { - "uri": "http://amplify.amazonaws.com" - } - } + ] }, "com.amazonaws.amplify#App": { "type": "structure", @@ -291,7 +291,7 @@ "basicAuthCredentials": { "target": "com.amazonaws.amplify#BasicAuthCredentials", "traits": { - "smithy.api#documentation": "The basic authorization credentials for branches for the Amplify app.
" + "smithy.api#documentation": " The basic authorization credentials for branches for the Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for the autocreated branch.
" + "smithy.api#documentation": " The basic authorization credentials for the autocreated branch. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for a branch of an Amplify app.
" + "smithy.api#documentation": " The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The credentials for basic authorization for an Amplify app.
" + "smithy.api#documentation": " The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for the branch.
" + "smithy.api#documentation": " The basic authorization credentials for the branch. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for an Amplify app.
" + "smithy.api#documentation": " The basic authorization credentials for an Amplify app. You must base64-encode the authorization credentials and provide them in the format user:password.
The basic authorization credentials for the branch.
" + "smithy.api#documentation": " The basic authorization credentials for the branch. You must base64-encode the authorization credentials and provide them in the format user:password.
Use AppConfig, a capability of Amazon Web Services Systems Manager, to create, manage, and quickly deploy\n application configurations. AppConfig supports controlled deployments to applications of\n any size and includes built-in validation checks and monitoring. You can use AppConfig with\n applications hosted on Amazon EC2 instances, Lambda, containers, mobile applications, or IoT\n devices.
\nTo prevent errors when deploying application configurations, especially for production\n systems where a simple typo could cause an unexpected outage, AppConfig includes\n validators. A validator provides a syntactic or semantic check to ensure that the\n configuration you want to deploy works as intended. To validate your application\n configuration data, you provide a schema or a Lambda function that runs against the\n configuration. The configuration deployment or update can only proceed when the\n configuration data is valid.
\nDuring a configuration deployment, AppConfig monitors the application to ensure that the\n deployment is successful. If the system encounters an error, AppConfig rolls back the\n change to minimize impact for your application users. You can configure a deployment\n strategy for each application or environment that includes deployment criteria, including\n velocity, bake time, and alarms to monitor. Similar to error monitoring, if a deployment\n triggers an alarm, AppConfig automatically rolls back to the previous version.
\nAppConfig supports multiple use cases. Here are some examples:
\n\n Application tuning: Use AppConfig to carefully\n introduce changes to your application that can only be tested with production\n traffic.
\n\n Feature toggle: Use AppConfig to turn on new\n features that require a timely deployment, such as a product launch or announcement.\n
\n\n Allow list: Use AppConfig to allow premium\n subscribers to access paid content.
\n\n Operational issues: Use AppConfig to reduce\n stress on your application when a dependency or other external factor impacts the\n system.
\nThis reference is intended to be used with the AppConfig User Guide.
", + "smithy.api#documentation": "Use AppConfig, a capability of Amazon Web Services Systems Manager, to create, manage, and quickly deploy\n application configurations. AppConfig supports controlled deployments to applications of\n any size and includes built-in validation checks and monitoring. You can use AppConfig with\n applications hosted on Amazon EC2 instances, Lambda, containers, mobile applications, or IoT\n devices.
\nTo prevent errors when deploying application configurations, especially for production\n systems where a simple typo could cause an unexpected outage, AppConfig includes\n validators. A validator provides a syntactic or semantic check to ensure that the\n configuration you want to deploy works as intended. To validate your application\n configuration data, you provide a schema or an Amazon Web Services Lambda function that runs against\n the configuration. The configuration deployment or update can only proceed when the\n configuration data is valid.
\nDuring a configuration deployment, AppConfig monitors the application to ensure that the\n deployment is successful. If the system encounters an error, AppConfig rolls back the\n change to minimize impact for your application users. You can configure a deployment\n strategy for each application or environment that includes deployment criteria, including\n velocity, bake time, and alarms to monitor. Similar to error monitoring, if a deployment\n triggers an alarm, AppConfig automatically rolls back to the previous version.
\nAppConfig supports multiple use cases. Here are some examples:
\n\n Feature flags: Use AppConfig to turn on new\n features that require a timely deployment, such as a product launch or announcement.\n
\n\n Application tuning: Use AppConfig to carefully\n introduce changes to your application that can only be tested with production\n traffic.
\n\n Allow list: Use AppConfig to allow premium\n subscribers to access paid content.
\n\n Operational issues: Use AppConfig to reduce\n stress on your application when a dependency or other external factor impacts the\n system.
\nThis reference is intended to be used with the AppConfig User Guide.
", "smithy.api#title": "Amazon AppConfig" }, "version": "2019-10-09", @@ -211,12 +211,12 @@ "InvalidConfiguration": { "target": "com.amazonaws.appconfig#InvalidConfigurationDetailList", "traits": { - "smithy.api#documentation": "Detailed information about the bad request exception error when creating a hosted configuration version.
" + "smithy.api#documentation": "Detailed information about the bad request exception error when creating a hosted\n configuration version.
" } } }, "traits": { - "smithy.api#documentation": "Detailed information about the input that failed to satisfy the constraints specified by an AWS service.
" + "smithy.api#documentation": "Detailed information about the input that failed to satisfy the constraints specified by\n a call.
" } }, "com.amazonaws.appconfig#BadRequestException": { @@ -272,7 +272,7 @@ "Content": { "target": "com.amazonaws.appconfig#Blob", "traits": { - "smithy.api#documentation": "The content of the configuration or the configuration data.
\nCompare the configuration version numbers of the configuration cached locally on your\n machine and the configuration number in the the header. If the configuration numbers are\n the same, the content can be ignored. The Content section only appears if\n the system finds new or updated configuration data. If the system doesn't find new or\n updated configuration data, then the Content section is not\n returned.
The content of the configuration or the configuration data.
\nThe Content attribute only contains data if the system finds new or\n updated configuration data. If there is no new or updated data and\n ClientConfigurationVersion matches the version of the current\n configuration, AppConfig returns a 204 No Content HTTP response code and\n the Content value will be empty.
The type of configurations that the configuration profile contains. A configuration can\n be a feature flag used for enabling or disabling new features or a free-form configuration\n used for distributing configurations to your application.
" + "smithy.api#documentation": "The type of configurations contained in the profile. AppConfig supports feature\n flags and freeform configurations. We recommend you create feature\n flag configurations to enable or disable new features and freeform configurations to\n distribute configurations to an application. When calling this API, enter one of the\n following values for Type:
\n AWS.AppConfig.FeatureFlags\n
\n AWS.Freeform\n
The type of configurations that the configuration profile contains. A configuration can\n be a feature flag used for enabling or disabling new features or a free-form configuration\n used to introduce changes to your application.
" + "smithy.api#documentation": "The type of configurations contained in the profile. AppConfig supports feature\n flags and freeform configurations. We recommend you create feature\n flag configurations to enable or disable new features and freeform configurations to\n distribute configurations to an application. When calling this API, enter one of the\n following values for Type:
\n AWS.AppConfig.FeatureFlags\n
\n AWS.Freeform\n
Creates a configuration profile, which is information that enables AppConfig to access\n the configuration source. Valid configuration sources include the AppConfig hosted\n configuration store, Amazon Web Services Systems Manager (SSM) documents, SSM Parameter Store parameters, Amazon S3\n objects, or any integration source\n action supported by CodePipeline. A configuration profile includes the following\n information:
\n \nThe URI location of the configuration data.
\nThe Identity and Access Management (IAM) role that provides access to the configuration data.
\nA validator for the configuration data. Available validators include either a JSON\n Schema or an Lambda function.
\nFor more information, see Create a\n Configuration and a Configuration Profile in the AppConfig User\n Guide.
", + "smithy.api#documentation": "Creates a configuration profile, which is information that enables AppConfig to access\n the configuration source. Valid configuration sources include the AppConfig hosted\n configuration store, Amazon Web Services Systems Manager (SSM) documents, SSM Parameter Store parameters, Amazon S3\n objects, or any integration source\n action supported by CodePipeline. A configuration profile includes the following\n information:
\n \nThe URI location of the configuration data.
\nThe Identity and Access Management (IAM) role that provides access to the configuration data.
\nA validator for the configuration data. Available validators include either a JSON\n Schema or an Amazon Web Services Lambda function.
\nFor more information, see Create a\n Configuration and a Configuration Profile in the AppConfig User\n Guide.
", "smithy.api#http": { "method": "POST", "uri": "/applications/{ApplicationId}/configurationprofiles", @@ -560,7 +560,7 @@ "Type": { "target": "com.amazonaws.appconfig#ConfigurationProfileType", "traits": { - "smithy.api#documentation": "The type of configurations that the configuration profile contains. A configuration can\n be a feature flag used for enabling or disabling new features or a free-form configuration\n used for distributing configurations to your application.
" + "smithy.api#documentation": "The type of configurations contained in the profile. AppConfig supports feature\n flags and freeform configurations. We recommend you create feature\n flag configurations to enable or disable new features and freeform configurations to\n distribute configurations to an application. When calling this API, enter one of the\n following values for Type:
\n AWS.AppConfig.FeatureFlags\n
\n AWS.Freeform\n
Retrieves information about a configuration.
\nAppConfig uses the value of the ClientConfigurationVersion parameter to\n identify the configuration version on your clients. If you don’t send\n ClientConfigurationVersion with each call to\n GetConfiguration, your clients receive the current configuration. You\n are charged each time your clients receive a configuration.
To avoid excess charges, we recommend that you include the\n ClientConfigurationVersion value with every call to\n GetConfiguration. This value must be saved on your client. Subsequent\n calls to GetConfiguration must pass this value by using the\n ClientConfigurationVersion parameter.
Retrieves the latest deployed configuration.
\n\nNote the following important information.
\nThis API action has been deprecated. Calls to receive configuration data should\n use the StartConfigurationSession and GetLatestConfiguration APIs instead.
\n\n GetConfiguration is a priced call. For more information, see\n Pricing.
AppConfig uses the value of the ClientConfigurationVersion\n parameter to identify the configuration version on your clients. If you don’t send\n ClientConfigurationVersion with each call to\n GetConfiguration, your clients receive the current configuration.\n You are charged each time your clients receive a configuration.
To avoid excess charges, we recommend you use the StartConfigurationSession and GetLatestConfiguration APIs, which track the client configuration\n version on your behalf. If you choose to continue using\n GetConfiguration, we recommend that you include the\n ClientConfigurationVersion value with every call to\n GetConfiguration. The value to use for\n ClientConfigurationVersion comes from the\n ConfigurationVersion attribute returned by\n GetConfiguration when there is new or updated data, and should be\n saved for subsequent calls to GetConfiguration.
The invalid or out-of-range validation constraint in your JSON schema that failed validation.
" + "smithy.api#documentation": "The invalid or out-of-range validation constraint in your JSON schema that failed\n validation.
" } }, "Location": { "target": "com.amazonaws.appconfig#String", "traits": { - "smithy.api#documentation": "Location of the validation constraint in the configuration JSON schema that failed validation.
" + "smithy.api#documentation": "Location of the validation constraint in the configuration JSON schema that failed\n validation.
" } }, "Reason": { @@ -2073,7 +2076,7 @@ } }, "traits": { - "smithy.api#documentation": "Detailed information about the bad request exception error when creating a hosted configuration version.
" + "smithy.api#documentation": "Detailed information about the bad request exception error when creating a hosted\n configuration version.
" } }, "com.amazonaws.appconfig#InvalidConfigurationDetailList": { @@ -2200,7 +2203,7 @@ "Type": { "target": "com.amazonaws.appconfig#ConfigurationProfileType", "traits": { - "smithy.api#documentation": "A filter based on the type of configurations that the configuration profile contains. A\n configuration can be a feature flag or a free-form configuration.
", + "smithy.api#documentation": "A filter based on the type of configurations that the configuration profile contains. A\n configuration can be a feature flag or a freeform configuration.
", "smithy.api#httpQuery": "type" } } @@ -2276,7 +2279,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the deployments for an environment.
", + "smithy.api#documentation": "Lists the deployments for an environment in descending deployment number order.
", "smithy.api#http": { "method": "GET", "uri": "/applications/{ApplicationId}/environments/{EnvironmentId}/deployments", @@ -2312,14 +2315,14 @@ "target": "com.amazonaws.appconfig#MaxResults", "traits": { "smithy.api#box": {}, - "smithy.api#documentation": "The maximum number of items to return for this call. The call also returns a token that\n you can specify in a subsequent call to get the next set of results.
", + "smithy.api#documentation": "The maximum number of items that may be returned for this call. If there are items that\n have not yet been returned, the response will include a non-null NextToken\n that you can provide in a subsequent call to get the next set of results.
A token to start the list. Use this token to get the next set of results.
", + "smithy.api#documentation": "The token returned by a prior call to this operation indicating the next set of results\n to be returned. If not specified, the operation will return the first set of\n results.
", "smithy.api#httpQuery": "next_token" } } @@ -3352,7 +3355,7 @@ } }, "traits": { - "smithy.api#documentation": "A validator provides a syntactic or semantic check to ensure the configuration that you\n want to deploy functions as intended. To validate your application configuration data, you\n provide a schema or a Lambda function that runs against the configuration. The\n configuration deployment or update can only proceed when the configuration data is\n valid.
" + "smithy.api#documentation": "A validator provides a syntactic or semantic check to ensure the configuration that you\n want to deploy functions as intended. To validate your application configuration data, you\n provide a schema or an Amazon Web Services Lambda function that runs against the configuration. The\n configuration deployment or update can only proceed when the configuration data is\n valid.
" } }, "com.amazonaws.appconfig#ValidatorList": { diff --git a/codegen/sdk-codegen/aws-models/appconfigdata.json b/codegen/sdk-codegen/aws-models/appconfigdata.json index e1db5d6a7862..089b0d70944b 100644 --- a/codegen/sdk-codegen/aws-models/appconfigdata.json +++ b/codegen/sdk-codegen/aws-models/appconfigdata.json @@ -16,7 +16,7 @@ "name": "appconfig" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Use the AppConfigData API, a capability of AWS AppConfig, to retrieve deployed configuration.
", + "smithy.api#documentation": "AppConfig Data provides the data plane APIs your application uses to retrieve configuration data.\n Here's how it works:
\nYour application retrieves configuration data by first establishing a configuration\n session using the AppConfig Data StartConfigurationSession API action. Your session's\n client then makes periodic calls to GetLatestConfiguration to check for\n and retrieve the latest data available.
\nWhen calling StartConfigurationSession, your code sends the following\n information:
Identifiers (ID or name) of an AppConfig application, environment, and\n configuration profile that the session tracks.
\n(Optional) The minimum amount of time the session's client must wait between calls\n to GetLatestConfiguration.
In response, AppConfig provides an InitialConfigurationToken to be given to\n the session's client and used the first time it calls GetLatestConfiguration\n for that session.
When calling GetLatestConfiguration, your client code sends the most recent\n ConfigurationToken value it has and receives in response:
\n NextPollConfigurationToken: the ConfigurationToken value\n to use on the next call to GetLatestConfiguration.
\n NextPollIntervalInSeconds: the duration the client should wait before\n making its next call to GetLatestConfiguration. This duration may vary\n over the course of the session, so it should be used instead of the value sent on the\n StartConfigurationSession call.
The configuration: the latest data intended for the session. This may be empty if\n the client already has the latest version of the configuration.
\nFor more information and to view example CLI commands that show how to retrieve a\n configuration using the AppConfig Data StartConfigurationSession and\n GetLatestConfiguration API actions, see Receiving the\n configuration in the AppConfig User Guide.
Present if the Reason for the bad request was 'InvalidParameters'
" + "smithy.api#documentation": "One or more specified parameters are not valid for the call.
" } } }, "traits": { - "smithy.api#documentation": "Details describing why the request was invalid
" + "smithy.api#documentation": "Detailed information about the input that failed to satisfy the constraints specified by\n a call.
" } }, "com.amazonaws.appconfigdata#BadRequestException": { @@ -60,7 +60,7 @@ "Details": { "target": "com.amazonaws.appconfigdata#BadRequestDetails", "traits": { - "smithy.api#documentation": "Details describing why the request was invalid
" + "smithy.api#documentation": "Details describing why the request was invalid.
" } } }, @@ -119,7 +119,7 @@ } ], "traits": { - "smithy.api#documentation": "Retrieves the latest deployed configuration. This API may return empty Configuration data if the client already has the latest version. See StartConfigurationSession to obtain an InitialConfigurationToken to call this API.
\nEach call to GetLatestConfiguration returns a new ConfigurationToken (NextPollConfigurationToken\n in the response). This new token MUST be provided to the next call to GetLatestConfiguration when\n polling for configuration updates.
\nTo avoid excess charges, we recommend that you include the\n ClientConfigurationVersion value with every call to\n GetConfiguration. This value must be saved on your client. Subsequent\n calls to GetConfiguration must pass this value by using the\n ClientConfigurationVersion parameter.
Retrieves the latest deployed configuration. This API may return empty configuration\n data if the client already has the latest version. For more information about this API\n action and to view example CLI commands that show how to use it with the StartConfigurationSession API action, see Receiving the\n configuration in the AppConfig User Guide.
\nNote the following important information.
\nEach configuration token is only valid for one call to GetLatestConfiguration.\n The GetLatestConfiguration response includes a NextPollConfigurationToken that\n should always replace the token used for the just-completed call in preparation\n for the next one.
\n GetLatestConfiguration is a priced call. For more information, see\n Pricing.
Token describing the current state of the configuration session. To obtain a token, first call the StartConfigurationSession API. Note that every call to GetLatestConfiguration will return a new ConfigurationToken (NextPollConfigurationToken in the response) and MUST be provided to subsequent GetLatestConfiguration API calls.
", + "smithy.api#documentation": "Token describing the current state of the configuration session. To obtain a token,\n first call the StartConfigurationSession API. Note that every call to\n GetLatestConfiguration will return a new ConfigurationToken\n (NextPollConfigurationToken in the response) and MUST be provided to\n subsequent GetLatestConfiguration API calls.
Request parameters for the GetLatestConfiguration API
" } }, "com.amazonaws.appconfigdata#GetLatestConfigurationResponse": { @@ -150,14 +147,14 @@ "NextPollConfigurationToken": { "target": "com.amazonaws.appconfigdata#Token", "traits": { - "smithy.api#documentation": "The latest token describing the current state of the configuration session. This MUST be provided to the next call to GetLatestConfiguration.
", + "smithy.api#documentation": "The latest token describing the current state of the configuration session. This MUST be\n provided to the next call to GetLatestConfiguration.\n
The amount of time the client should wait before polling for configuration updates again. See RequiredMinimumPollIntervalInSeconds to set the desired poll interval.
", + "smithy.api#documentation": "The amount of time the client should wait before polling for configuration updates\n again. Use RequiredMinimumPollIntervalInSeconds to set the desired poll\n interval.
The data of the configuration. Note that this may be empty if the client already has the latest version of configuration.
", + "smithy.api#documentation": "The data of the configuration. This may be empty if the client already has the latest\n version of configuration.
", "smithy.api#httpPayload": {}, "smithy.api#sensitive": {} } } - }, - "traits": { - "smithy.api#documentation": "Response parameters for the GetLatestConfiguration API
" } }, "com.amazonaws.appconfigdata#Id": { @@ -218,12 +212,12 @@ "Problem": { "target": "com.amazonaws.appconfigdata#InvalidParameterProblem", "traits": { - "smithy.api#documentation": "Detail describing why an individual parameter did not satisfy the constraints specified by the service
" + "smithy.api#documentation": "The reason the parameter is invalid.
" } } }, "traits": { - "smithy.api#documentation": "Contains details about an invalid parameter.
" + "smithy.api#documentation": "Information about an invalid parameter.
" } }, "com.amazonaws.appconfigdata#InvalidParameterMap": { @@ -347,7 +341,7 @@ } ], "traits": { - "smithy.api#documentation": "Starts a configuration session used to retrieve a deployed configuration. See the GetLatestConfiguration API for more details.
", + "smithy.api#documentation": "Starts a configuration session used to retrieve a deployed configuration. For more\n information about this API action and to view example CLI commands that show how to use\n it with the GetLatestConfiguration API action, see Receiving the\n configuration in the AppConfig User Guide.
", "smithy.api#http": { "method": "POST", "uri": "/configurationsessions", @@ -382,12 +376,9 @@ "RequiredMinimumPollIntervalInSeconds": { "target": "com.amazonaws.appconfigdata#OptionalPollSeconds", "traits": { - "smithy.api#documentation": "The interval at which your client will poll for configuration. If provided, the service\n will throw a BadRequestException if the client polls before the specified poll interval. By default,\n client poll intervals are not enforced.
" + "smithy.api#documentation": "Sets a constraint on a session. If you specify a value of, for example, 60 seconds, then\n the client that established the session can't call GetLatestConfiguration\n more frequently then every 60 seconds.
" } } - }, - "traits": { - "smithy.api#documentation": "Request parameters for the StartConfigurationSession API.
" } }, "com.amazonaws.appconfigdata#StartConfigurationSessionResponse": { @@ -396,12 +387,9 @@ "InitialConfigurationToken": { "target": "com.amazonaws.appconfigdata#Token", "traits": { - "smithy.api#documentation": "Token encapsulating state about the configuration session. Provide this token to the GetLatestConfiguration API to retrieve configuration data.
\nThis token should only be used once in your first call to GetLatestConfiguration. You MUST use the\n new token in the GetConfiguration response (NextPollConfigurationToken) in each subsequent call to\n GetLatestConfiguration.
\nToken encapsulating state about the configuration session. Provide this token to the\n GetLatestConfiguration API to retrieve configuration data.
This token should only be used once in your first call to\n GetLatestConfiguration. You MUST use the new token in the\n GetLatestConfiguration response\n (NextPollConfigurationToken) in each subsequent call to\n GetLatestConfiguration.
Response parameters for the StartConfigurationSession API.
" } }, "com.amazonaws.appconfigdata#String": { diff --git a/codegen/sdk-codegen/aws-models/athena.json b/codegen/sdk-codegen/aws-models/athena.json index c3f1cd7e42f9..604b62c72ba8 100644 --- a/codegen/sdk-codegen/aws-models/athena.json +++ b/codegen/sdk-codegen/aws-models/athena.json @@ -31,6 +31,21 @@ "shapes": { "com.amazonaws.athena#AmazonAthena": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "Athena", + "arnNamespace": "athena", + "cloudFormationName": "Athena", + "cloudTrailEventSource": "athena.amazonaws.com", + "endpointPrefix": "athena" + }, + "aws.auth#sigv4": { + "name": "athena" + }, + "aws.protocols#awsJson1_1": {}, + "smithy.api#documentation": "Amazon Athena is an interactive query service that lets you use standard SQL\n to analyze data directly in Amazon S3. You can point Athena at your\n data in Amazon S3 and run ad-hoc queries and get results in seconds. Athena is serverless, so there is no infrastructure to set up or manage. You pay\n only for the queries you run. Athena scales automatically—executing queries\n in parallel—so results are fast, even with large datasets and complex queries. For more\n information, see What is Amazon Athena in the Amazon Athena User\n Guide.
\nIf you connect to Athena using the JDBC driver, use version 1.1.0 of the\n driver or later with the Amazon Athena API. Earlier version drivers do not\n support the API. For more information and to download the driver, see Accessing\n Amazon Athena with JDBC.
\nFor code samples using the Amazon Web Services SDK for Java, see Examples and\n Code Samples in the Amazon Athena User\n Guide.
", + "smithy.api#title": "Amazon Athena" + }, "version": "2017-05-18", "operations": [ { @@ -135,22 +150,7 @@ { "target": "com.amazonaws.athena#UpdateWorkGroup" } - ], - "traits": { - "aws.api#service": { - "sdkId": "Athena", - "arnNamespace": "athena", - "cloudFormationName": "Athena", - "cloudTrailEventSource": "athena.amazonaws.com", - "endpointPrefix": "athena" - }, - "aws.auth#sigv4": { - "name": "athena" - }, - "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Amazon Athena is an interactive query service that lets you use standard SQL\n to analyze data directly in Amazon S3. You can point Athena at your\n data in Amazon S3 and run ad-hoc queries and get results in seconds. Athena is serverless, so there is no infrastructure to set up or manage. You pay\n only for the queries you run. Athena scales automatically—executing queries\n in parallel—so results are fast, even with large datasets and complex queries. For more\n information, see What is Amazon Athena in the Amazon Athena User\n Guide.
\nIf you connect to Athena using the JDBC driver, use version 1.1.0 of the\n driver or later with the Amazon Athena API. Earlier version drivers do not\n support the API. For more information and to download the driver, see Accessing\n Amazon Athena with JDBC.
\nFor code samples using the Amazon Web Services SDK for Java, see Examples and\n Code Samples in the Amazon Athena User\n Guide.
", - "smithy.api#title": "Amazon Athena" - } + ] }, "com.amazonaws.athena#AmazonResourceName": { "type": "string", @@ -161,6 +161,20 @@ } } }, + "com.amazonaws.athena#AthenaError": { + "type": "structure", + "members": { + "ErrorCategory": { + "target": "com.amazonaws.athena#ErrorCategory", + "traits": { + "smithy.api#documentation": "An integer value that specifies the category of a query failure error. The following\n list shows the category for each integer value.
\n\n 1 - System
\n\n 2 - User
\n\n 3 - Unknown
" + } + } + }, + "traits": { + "smithy.api#documentation": "Provides information about an Athena query error. The\n AthenaError feature provides standardized error information to help you\n understand failed queries and take steps after a query failure occurs.\n AthenaError includes an ErrorCategory field that specifies\n whether the cause of the failed query is due to system error, user error, or unknown\n error.
The name of the data catalog to create. The catalog name must be unique for the\n Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at\n sign, or hyphen characters.
", + "smithy.api#documentation": "The name of the data catalog to create. The catalog name must be unique for the\n Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at\n sign, or hyphen characters. The remainder of the length constraint of 256 is reserved\n for use by Athena.
", "smithy.api#required": {} } }, @@ -679,7 +693,7 @@ "Name": { "target": "com.amazonaws.athena#CatalogNameString", "traits": { - "smithy.api#documentation": "The name of the data catalog. The catalog name must be unique for the Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at sign,\n or hyphen characters.
", + "smithy.api#documentation": "The name of the data catalog. The catalog name must be unique for the Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at sign,\n or hyphen characters. The remainder of the length constraint of 256 is reserved for use\n by Athena.
", "smithy.api#required": {} } }, @@ -713,7 +727,7 @@ "CatalogName": { "target": "com.amazonaws.athena#CatalogNameString", "traits": { - "smithy.api#documentation": "The name of the data catalog.
" + "smithy.api#documentation": "The name of the data catalog. The catalog name is unique for the Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at sign,\n or hyphen characters. The remainder of the length constraint of 256 is reserved for use\n by Athena.
" } }, "Type": { @@ -1055,6 +1069,16 @@ } } }, + "com.amazonaws.athena#ErrorCategory": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 3 + } + } + }, "com.amazonaws.athena#ErrorCode": { "type": "string", "traits": { @@ -2478,7 +2502,7 @@ "Database": { "target": "com.amazonaws.athena#DatabaseString", "traits": { - "smithy.api#documentation": "The name of the database used in the query execution. The database must exist in the catalog.
" + "smithy.api#documentation": "The name of the database used in the query execution. The database must exist in the\n catalog.
" } }, "Catalog": { @@ -2616,6 +2640,12 @@ "traits": { "smithy.api#documentation": "The date and time that the query completed.
" } + }, + "AthenaError": { + "target": "com.amazonaws.athena#AthenaError", + "traits": { + "smithy.api#documentation": "Provides information about an Athena query error.
" + } } }, "traits": { @@ -3241,7 +3271,7 @@ "Name": { "target": "com.amazonaws.athena#CatalogNameString", "traits": { - "smithy.api#documentation": "The name of the data catalog to update. The catalog name must be unique for the\n Amazon Web Services account and can use a maximum of 128 alphanumeric, underscore, at\n sign, or hyphen characters.
", + "smithy.api#documentation": "The name of the data catalog to update. The catalog name must be unique for the\n Amazon Web Services account and can use a maximum of 127 alphanumeric, underscore, at\n sign, or hyphen characters. The remainder of the length constraint of 256 is reserved\n for use by Athena.
", "smithy.api#required": {} } }, @@ -3452,7 +3482,7 @@ "RequesterPaysEnabled": { "target": "com.amazonaws.athena#BoxedBoolean", "traits": { - "smithy.api#documentation": "If set to true, allows members assigned to a workgroup to reference\n Amazon S3 Requester Pays buckets in queries. If set to false,\n workgroup members cannot query data from Requester Pays buckets, and queries that\n retrieve data from Requester Pays buckets cause an error. The default is\n false. For more information about Requester Pays buckets, see Requester\n Pays Buckets in the Amazon Simple Storage Service Developer\n Guide.
If set to true, allows members assigned to a workgroup to reference\n Amazon S3 Requester Pays buckets in queries. If set to false,\n workgroup members cannot query data from Requester Pays buckets, and queries that\n retrieve data from Requester Pays buckets cause an error. The default is\n false. For more information about Requester Pays buckets, see Requester\n Pays Buckets in the Amazon Simple Storage Service Developer\n Guide.
This section provides documentation for the Amazon CodeGuru Reviewer API operations. CodeGuru Reviewer is a service\n that uses program analysis and machine learning to detect potential defects that are difficult for developers to find and recommends\n fixes in your Java and Python code.
\n \nBy proactively detecting and providing recommendations for addressing code defects and implementing best practices, CodeGuru Reviewer\n improves the overall quality and maintainability of your code base during the code review stage. For more information about CodeGuru Reviewer, see the \n \n Amazon CodeGuru Reviewer User Guide.\n
\n \n\n To improve the security of your CodeGuru Reviewer API calls, you can establish a private connection between your VPC and CodeGuru Reviewer by \n creating an interface VPC endpoint. For more information, see \n CodeGuru Reviewer and interface \n VPC endpoints (Amazon Web Services PrivateLink) in the Amazon CodeGuru Reviewer User Guide.\n
", + "smithy.api#title": "Amazon CodeGuru Reviewer" + }, "version": "2019-09-19", "operations": [ { @@ -75,22 +90,7 @@ { "target": "com.amazonaws.codegurureviewer#UntagResource" } - ], - "traits": { - "aws.api#service": { - "sdkId": "CodeGuru Reviewer", - "arnNamespace": "codeguru-reviewer", - "cloudFormationName": "CodeGuruReviewer", - "cloudTrailEventSource": "codegurureviewer.amazonaws.com", - "endpointPrefix": "codeguru-reviewer" - }, - "aws.auth#sigv4": { - "name": "codeguru-reviewer" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "This section provides documentation for the Amazon CodeGuru Reviewer API operations. CodeGuru Reviewer is a service\n that uses program analysis and machine learning to detect potential defects that are difficult for developers to find and recommends\n fixes in your Java and Python code.
\n \nBy proactively detecting and providing recommendations for addressing code defects and implementing best practices, CodeGuru Reviewer\n improves the overall quality and maintainability of your code base during the code review stage. For more information about CodeGuru Reviewer, see the \n \n Amazon CodeGuru Reviewer User Guide.\n
\n \n\n To improve the security of your CodeGuru Reviewer API calls, you can establish a private connection between your VPC and CodeGuru Reviewer by \n creating an interface VPC endpoint. For more information, see \n CodeGuru Reviewer and interface \n VPC endpoints (Amazon Web Services PrivateLink) in the Amazon CodeGuru Reviewer User Guide.\n
", - "smithy.api#title": "Amazon CodeGuru Reviewer" - } + ] }, "com.amazonaws.codegurureviewer#AccessDeniedException": { "type": "structure", @@ -718,6 +718,16 @@ } } }, + { + "state": "failure", + "matcher": { + "output": { + "path": "CodeReview.State", + "expected": "Failed", + "comparator": "stringEquals" + } + } + }, { "state": "retry", "matcher": { @@ -877,6 +887,16 @@ } } }, + { + "state": "failure", + "matcher": { + "output": { + "path": "RepositoryAssociation.State", + "expected": "Failed", + "comparator": "stringEquals" + } + } + }, { "state": "retry", "matcher": { @@ -1394,6 +1414,16 @@ } } }, + "com.amazonaws.codegurureviewer#ListRecommendationsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 1, + "max": 300 + } + } + }, "com.amazonaws.codegurureviewer#ListRecommendationsRequest": { "type": "structure", "members": { @@ -1405,7 +1435,7 @@ } }, "MaxResults": { - "target": "com.amazonaws.codegurureviewer#MaxResults", + "target": "com.amazonaws.codegurureviewer#ListRecommendationsMaxResults", "traits": { "smithy.api#documentation": "\n The maximum number of results that are returned per call. The default is 100.\n
", "smithy.api#httpQuery": "MaxResults" @@ -2729,7 +2759,7 @@ "traits": { "smithy.api#length": { "min": 1, - "max": 2048 + "max": 5000 } } }, diff --git a/codegen/sdk-codegen/aws-models/cognito-identity-provider.json b/codegen/sdk-codegen/aws-models/cognito-identity-provider.json index 55d0aeac14e1..92db8ffbf8db 100644 --- a/codegen/sdk-codegen/aws-models/cognito-identity-provider.json +++ b/codegen/sdk-codegen/aws-models/cognito-identity-provider.json @@ -34,6 +34,24 @@ }, "com.amazonaws.cognitoidentityprovider#AWSCognitoIdentityProviderService": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "Cognito Identity Provider", + "arnNamespace": "cognito-idp", + "cloudFormationName": "Cognito", + "cloudTrailEventSource": "cognitoidentityprovider.amazonaws.com", + "endpointPrefix": "cognito-idp" + }, + "aws.auth#sigv4": { + "name": "cognito-idp" + }, + "aws.protocols#awsJson1_1": {}, + "smithy.api#documentation": "Using the Amazon Cognito user pools API, you can create a user pool to manage directories and users. You can authenticate a user to obtain tokens related to user identity and access policies.
\nThis API reference provides information about user pools in Amazon Cognito user pools.
\nFor more information, see the Amazon Cognito Documentation.
", + "smithy.api#title": "Amazon Cognito Identity Provider", + "smithy.api#xmlNamespace": { + "uri": "http://cognito-idp.amazonaws.com/doc/2016-04-18/" + } + }, "version": "2016-04-18", "operations": [ { @@ -339,25 +357,7 @@ { "target": "com.amazonaws.cognitoidentityprovider#VerifyUserAttribute" } - ], - "traits": { - "aws.api#service": { - "sdkId": "Cognito Identity Provider", - "arnNamespace": "cognito-idp", - "cloudFormationName": "Cognito", - "cloudTrailEventSource": "cognitoidentityprovider.amazonaws.com", - "endpointPrefix": "cognito-idp" - }, - "aws.auth#sigv4": { - "name": "cognito-idp" - }, - "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "Using the Amazon Cognito User Pools API, you can create a user pool to manage\n directories and users. You can authenticate a user to obtain tokens related to user\n identity and access policies.
\nThis API reference provides information about user pools in Amazon Cognito User\n Pools.
\nFor more information, see the Amazon Cognito\n Documentation.
", - "smithy.api#title": "Amazon Cognito Identity Provider", - "smithy.api#xmlNamespace": { - "uri": "http://cognito-idp.amazonaws.com/doc/2016-04-18/" - } - } + ] }, "com.amazonaws.cognitoidentityprovider#AccessTokenValidityType": { "type": "integer", @@ -399,7 +399,7 @@ "EventAction": { "target": "com.amazonaws.cognitoidentityprovider#AccountTakeoverEventActionType", "traits": { - "smithy.api#documentation": "The event action.
\n\n BLOCK Choosing this action will block the request.
\n MFA_IF_CONFIGURED Throw MFA challenge if user has configured it,\n else allow the request.
\n MFA_REQUIRED Throw MFA challenge if user has configured it, else\n block the request.
\n NO_ACTION Allow the user sign-in.
The event action.
\n \n\n BLOCK Choosing this action will block the request.
\n MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
\n MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
\n NO_ACTION Allow the user to sign in.
Account takeover risk configuration actions
", + "smithy.api#documentation": "Account takeover risk configuration actions.
", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Configuration for mitigation actions and notification for different levels of risk\n detected for a potential account takeover.
" + "smithy.api#documentation": "Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.
" } }, "com.amazonaws.cognitoidentityprovider#AddCustomAttributes": { @@ -536,7 +536,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Represents the response from the server for the request to add custom\n attributes.
" + "smithy.api#documentation": "Represents the response from the server for the request to add custom attributes.
" } }, "com.amazonaws.cognitoidentityprovider#AdminAddUserToGroup": { @@ -638,7 +638,7 @@ } ], "traits": { - "smithy.api#documentation": "Confirms user registration as an admin without using a confirmation code. Works on any\n user.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Confirms user registration as an admin without using a confirmation code. Works on any user.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminConfirmSignUpRequest": { @@ -661,7 +661,7 @@ "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nIf your user pool configuration includes triggers, the AdminConfirmSignUp API action\n invokes the Lambda function that is specified for the post\n confirmation trigger. When Amazon Cognito invokes this function, it\n passes a JSON payload, which the function receives as input. In this payload, the\n clientMetadata attribute provides the data that you assigned to the\n ClientMetadata parameter in your AdminConfirmSignUp request. In your function code in\n Lambda, you can process the ClientMetadata value to enhance your workflow for your\n specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nIf your user pool configuration includes triggers, the AdminConfirmSignUp API action invokes the Lambda function that is specified \n for the post confirmation trigger. When Amazon Cognito invokes this function, it passes a \n JSON \n payload, which the function receives as input. In this payload, the clientMetadata attribute provides the data that you assigned \n to the ClientMetadata parameter in your AdminConfirmSignUp request. In your function code in Lambda, you can process the ClientMetadata value \n to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows \n with Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration \n doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nRepresents the response from the server for the request to confirm\n registration.
" + "smithy.api#documentation": "Represents the response from the server for the request to confirm registration.
" } }, "com.amazonaws.cognitoidentityprovider#AdminCreateUser": { @@ -735,7 +735,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new user in the specified user pool.
\nIf MessageAction is not set, the default is to send a welcome message via\n email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nThis message is based on a template that you configured in your call to create or\n update a user pool. This template includes your custom sign-up instructions and\n placeholders for user name and temporary password.
\nAlternatively, you can call AdminCreateUser with “SUPPRESS” for the\n MessageAction parameter, and Amazon Cognito will not send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until\n they sign in and change their password.
\n AdminCreateUser requires developer credentials.
Creates a new user in the specified user pool.
\nIf MessageAction isn't set, the default is to send a welcome message via email or phone (SMS).
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nThis message is based on a template that you configured in your call to create or update a user pool. This template includes your custom sign-up instructions and placeholders for \n user name and temporary password.
\nAlternatively, you can call AdminCreateUser with SUPPRESS for the MessageAction parameter, and Amazon Cognito won't send any email.
In either case, the user will be in the FORCE_CHANGE_PASSWORD state until they sign in and change their password.
\n AdminCreateUser requires developer credentials.
Set to True if only the administrator is allowed to create user profiles.\n Set to False if users can sign themselves up via an app.
Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app.
The user account expiration limit, in days, after which the account is no longer\n usable. To reset the account after that time limit, you must call\n AdminCreateUser again, specifying \"RESEND\" for the\n MessageAction parameter. The default value for this parameter is 7.
If you set a value for TemporaryPasswordValidityDays in\n PasswordPolicy, that value will be used and\n UnusedAccountValidityDays will be deprecated for that user pool.\n
The user account expiration limit, in days, after which the account is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, \n specifying \"RESEND\" for the MessageAction parameter. The default value for this parameter is 7.
If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that value will be used, and UnusedAccountValidityDays will be no longer \n be an available parameter for that user pool.
The username for the user. Must be unique within the user pool. Must be a UTF-8 string\n between 1 and 128 characters. After the user is created, the username cannot be\n changed.
", + "smithy.api#documentation": "The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username can't be changed.
", "smithy.api#required": {} } }, "UserAttributes": { "target": "com.amazonaws.cognitoidentityprovider#AttributeListType", "traits": { - "smithy.api#documentation": "An array of name-value pairs that contain user attributes and attribute values to be\n set for the user to be created. You can create a user without specifying any attributes\n other than Username. However, any attributes that you specify as required\n (when creating a user pool or in the Attributes tab of\n the console) must be supplied either by you (in your call to\n AdminCreateUser) or by the user (when he or she signs up in response to\n your welcome message).
For custom attributes, you must prepend the custom: prefix to the\n attribute name.
To send a message inviting the user to sign up, you must specify the user's email\n address or phone number. This can be done in your call to AdminCreateUser or in the\n Users tab of the Amazon Cognito console for\n managing your user pools.
\nIn your call to AdminCreateUser, you can set the\n email_verified attribute to True, and you can set the\n phone_number_verified attribute to True. (You can also do\n this by calling AdminUpdateUserAttributes.)
\n email: The email address of the user to whom\n the message that contains the code and username will be sent. Required if the\n email_verified attribute is set to True, or if\n \"EMAIL\" is specified in the DesiredDeliveryMediums\n parameter.
\n phone_number: The phone number of the user to\n whom the message that contains the code and username will be sent. Required if\n the phone_number_verified attribute is set to True, or\n if \"SMS\" is specified in the DesiredDeliveryMediums\n parameter.
An array of name-value pairs that contain user attributes and attribute values to be set for the user to be created. You can create a user without specifying any attributes \n other than Username. However, any attributes that you specify as required (when creating a user pool or in the Attributes tab \n of the console) either you should supply (in your call to AdminCreateUser) or the user should supply (when they sign up in response to your welcome message).
For custom attributes, you must prepend the custom: prefix to the attribute name.
To send a message inviting the user to sign up, you must specify the user's email address or phone number. You can do this in your call to AdminCreateUser or \n in the Users tab of the Amazon Cognito console for managing your user pools.
\nIn your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified \n attribute to True. You can also do this by calling \n AdminUpdateUserAttributes.
\n email: The email address of the user to whom the message that contains the code and username will be sent. Required if the \n email_verified attribute is set to True, or if \"EMAIL\" is specified in the DesiredDeliveryMediums parameter.
\n phone_number: The phone number of the user to whom the message that contains the code and username will be sent. Required if the \n phone_number_verified attribute is set to True, or if \"SMS\" is specified in the DesiredDeliveryMediums parameter.
The user's validation data. This is an array of name-value pairs that contain user\n attributes and attribute values that you can use for custom validation, such as\n restricting the types of user accounts that can be registered. For example, you might\n choose to allow or disallow user sign-up based on the user's domain.
\nTo configure custom validation, you must create a Pre Sign-up Lambda trigger for the\n user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger\n receives the validation data and uses it in the validation process.
\nThe user's validation data is not persisted.
" + "smithy.api#documentation": "The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the \n types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.
\nTo configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation \n data and uses it in the validation process.
\nThe user's validation data isn't persisted.
" } }, "TemporaryPassword": { "target": "com.amazonaws.cognitoidentityprovider#PasswordType", "traits": { - "smithy.api#documentation": "The user's temporary password. This password must conform to the password policy that\n you specified when you created the user pool.
\nThe temporary password is valid only once. To complete the Admin Create User flow, the\n user must enter the temporary password in the sign-in page along with a new password to\n be used in all future sign-ins.
\nThis parameter is not required. If you do not specify a value, Amazon Cognito\n generates one for you.
\nThe temporary password can only be used until the user account expiration limit that\n you specified when you created the user pool. To reset the account after that time\n limit, you must call AdminCreateUser again, specifying\n \"RESEND\" for the MessageAction parameter.
The user's temporary password. This password must conform to the password policy that you specified when you created the user pool.
\nThe temporary password is valid only once. To complete the Admin Create User flow, the user must enter the temporary password in the sign-in page, along with a new password to be used \n in all future sign-ins.
\nThis parameter isn't required. If you don't specify a value, Amazon Cognito generates one for you.
\nThe temporary password can only be used until the user account expiration limit that you specified when you created the user pool. To reset the account after that time limit, you must \n call AdminCreateUser again, specifying \"RESEND\" for the MessageAction parameter.
This parameter is only used if the phone_number_verified or\n email_verified attribute is set to True. Otherwise, it is\n ignored.
If this parameter is set to True and the phone number or email address\n specified in the UserAttributes parameter already exists as an alias with a different\n user, the API call will migrate the alias from the previous user to the newly created\n user. The previous user will no longer be able to log in using that alias.
If this parameter is set to False, the API throws an\n AliasExistsException error if the alias already exists. The default\n value is False.
This parameter is used only if the phone_number_verified or email_verified attribute is set to True. Otherwise, it is ignored.
If this parameter is set to True and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API \n call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.
If this parameter is set to False, the API throws an AliasExistsException error if the alias already exists. The default value is False.
Set to \"RESEND\" to resend the invitation message to a user that already\n exists and reset the expiration limit on the user's account. Set to\n \"SUPPRESS\" to suppress sending the message. Only one value can be\n specified.
Set to RESEND to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to SUPPRESS to suppress \n sending the message. You can specify only one value.
Specify \"EMAIL\" if email will be used to send the welcome message.\n Specify \"SMS\" if the phone number will be used. The default value is\n \"SMS\". More than one value can be specified.
Specify \"EMAIL\" if email will be used to send the welcome message. Specify \"SMS\" if the phone number will be used. The default value is \"SMS\". You \n can specify more than one value.
A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is\n assigned to the pre sign-up trigger. When Amazon Cognito invokes\n this function, it passes a JSON payload, which the function receives as input. This\n payload contains a clientMetadata attribute, which provides the data that\n you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your\n function code in Lambda, you can process the clientMetadata value to\n enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminCreateUser API action, \n Amazon Cognito invokes the function that is assigned to the pre sign-up trigger. When Amazon Cognito invokes this function, \n it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, \n which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code \n in Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nDeletes the user attributes in a user pool as an administrator. Works on any\n user.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Deletes the user attributes in a user pool as an administrator. Works on any user.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminDeleteUserAttributesRequest": { @@ -932,7 +932,7 @@ "UserAttributeNames": { "target": "com.amazonaws.cognitoidentityprovider#AttributeNameListType", "traits": { - "smithy.api#documentation": "An array of strings representing the user attribute names you wish to delete.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of strings representing the user attribute names you want to delete.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
Represents the response received from the server for a request to delete user\n attributes.
" + "smithy.api#documentation": "Represents the response received from the server for a request to delete user attributes.
" } }, "com.amazonaws.cognitoidentityprovider#AdminDeleteUserRequest": { @@ -961,7 +961,7 @@ "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user you wish to delete.
", + "smithy.api#documentation": "The user name of the user you want to delete.
", "smithy.api#required": {} } } @@ -1002,7 +1002,7 @@ } ], "traits": { - "smithy.api#documentation": "Disables the user from signing in with the specified external (SAML or social)\n identity provider. If the user to disable is a Cognito User Pools native username +\n password user, they are not permitted to use their password to sign-in. If the user to\n disable is a linked external IdP user, any link between that user and an existing user\n is removed. The next time the external user (no longer attached to the previously linked\n DestinationUser) signs in, they must create a new user account. See\n AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer\n credentials.
\nThe ProviderName must match the value specified when creating an IdP for\n the pool.
To disable a native username + password user, the ProviderName value must\n be Cognito and the ProviderAttributeName must be\n Cognito_Subject, with the ProviderAttributeValue being the\n name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for\n social identity providers. The ProviderAttributeValue must always be the\n exact subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has\n not yet been used to sign-in, the ProviderAttributeName and\n ProviderAttributeValue must be the same values that were used for the\n SourceUser when the identities were originally linked using \n AdminLinkProviderForUser call. (If the linking was done with\n ProviderAttributeName set to Cognito_Subject, the same\n applies here). However, if the user has already signed in, the\n ProviderAttributeName must be Cognito_Subject and\n ProviderAttributeValue must be the subject of the SAML\n assertion.
Disables the user from signing in with the specified external (SAML or social) identity provider. If the user to disable is a Amazon Cognito User Pools native username + password user, \n they aren't permitted to use their password to sign in. If the user to deactivate is a linked external identity provider (IdP) user, any link between that user and an existing \n user is removed. The next time the external user (no longer attached to the previously linked DestinationUser) signs in, they must create a new user account. \n See AdminLinkProviderForUser.
This action is enabled only for admin access and requires developer credentials.
\nThe ProviderName must match the value specified when creating an IdP for the pool.
To deactivate a native username + password user, the ProviderName value must be Cognito and the ProviderAttributeName must be Cognito_Subject. \n The ProviderAttributeValue must be the name that is used in the user pool for the user.
The ProviderAttributeName must always be Cognito_Subject for social identity providers. The ProviderAttributeValue must always be the exact \n subject that was used when the user was originally linked as a source user.
For de-linking a SAML identity, there are two scenarios. If the linked identity has not yet been used to sign in, the ProviderAttributeName and ProviderAttributeValue \n must be the same values that were used for the SourceUser when the identities were originally linked using AdminLinkProviderForUser call. (If the linking was done \n with ProviderAttributeName set to Cognito_Subject, the same applies here). However, if the user has already signed in, the ProviderAttributeName must \n be Cognito_Subject and ProviderAttributeValue must be the subject of the SAML assertion.
The user name of the user you wish to disable.
", + "smithy.api#documentation": "The user name of the user you want to disable.
", "smithy.api#required": {} } } @@ -1086,7 +1086,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Represents the response received from the server to disable the user as an\n administrator.
" + "smithy.api#documentation": "Represents the response received from the server to disable the user as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminEnableUser": { @@ -1134,7 +1134,7 @@ "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user you wish to enable.
", + "smithy.api#documentation": "The user name of the user you want to enable.
", "smithy.api#required": {} } } @@ -1147,7 +1147,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Represents the response from the server for the request to enable a user as an\n administrator.
" + "smithy.api#documentation": "Represents the response from the server for the request to enable a user as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminForgetDevice": { @@ -1316,7 +1316,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets the specified user by user name in a user pool as an administrator. Works on any\n user.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Gets the specified user by user name in a user pool as an administrator. Works on any user.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminGetUserRequest": { @@ -1325,14 +1325,14 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool where you want to get information about the\n user.
", + "smithy.api#documentation": "The user pool ID for the user pool where you want to get information about the user.
", "smithy.api#required": {} } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user you wish to retrieve.
", + "smithy.api#documentation": "The user name of the user you want to retrieve.
", "smithy.api#required": {} } } @@ -1347,7 +1347,7 @@ "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user about whom you are receiving information.
", + "smithy.api#documentation": "The user name of the user about whom you're receiving information.
", "smithy.api#required": {} } }, @@ -1372,19 +1372,19 @@ "Enabled": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "Indicates that the status is enabled.
" + "smithy.api#documentation": "Indicates that the status is enabled.
The user status. Can be one of the following:
\nUNCONFIRMED - User has been created but not confirmed.
\nCONFIRMED - User has been confirmed.
\nARCHIVED - User is no longer active.
\nCOMPROMISED - User is disabled due to a potential security threat.
\nUNKNOWN - User status is not known.
\nRESET_REQUIRED - User is confirmed, but the user must request a code and reset\n his or her password before he or she can sign in.
\nFORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a\n temporary password, but on first sign-in, the user must change his or her\n password to a new value before doing anything else.
\nThe user status. Can be one of the following:
\nUNCONFIRMED - User has been created but not confirmed.
\nCONFIRMED - User has been confirmed.
\nARCHIVED - User is no longer active.
\nCOMPROMISED - User is disabled due to a potential security threat.
\nUNKNOWN - User status isn't known.
\nRESET_REQUIRED - User is confirmed, but the user must request a code and reset their password before they can sign in.
\nFORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a temporary password, but on first sign-in, the user must change their password to a new value \n before doing anything else.
\n\n This response parameter is no longer supported. It provides\n information only about SMS MFA configurations. It doesn't provide information about TOTP\n software token MFA configurations. To look up information about either type of MFA\n configuration, use UserMFASettingList instead.
" + "smithy.api#documentation": "\n This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about time-based one-time \n password (TOTP) software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead.
" } }, "PreferredMfaSetting": { @@ -1396,12 +1396,12 @@ "UserMFASettingList": { "target": "com.amazonaws.cognitoidentityprovider#UserMFASettingListType", "traits": { - "smithy.api#documentation": "The MFA options that are enabled for the user. The possible values in this list are\n SMS_MFA and SOFTWARE_TOKEN_MFA.
The MFA options that are activated for the user. The possible values in this list are SMS_MFA and SOFTWARE_TOKEN_MFA.
Represents the response from the server from the request to get the specified user as\n an administrator.
" + "smithy.api#documentation": "Represents the response from the server from the request to get the specified user as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminInitiateAuth": { @@ -1460,7 +1460,7 @@ } ], "traits": { - "smithy.api#documentation": "Initiates the authentication flow, as an administrator.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Initiates the authentication flow, as an administrator.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminInitiateAuthRequest": { @@ -1483,32 +1483,32 @@ "AuthFlow": { "target": "com.amazonaws.cognitoidentityprovider#AuthFlowType", "traits": { - "smithy.api#documentation": "The authentication flow for this call to execute. The API action will depend on this\n value. For example:
\n\n REFRESH_TOKEN_AUTH will take in a valid refresh token and return\n new tokens.
\n USER_SRP_AUTH will take in USERNAME and\n SRP_A and return the SRP variables to be used for next\n challenge execution.
\n USER_PASSWORD_AUTH will take in USERNAME and\n PASSWORD and return the next challenge or tokens.
Valid values include:
\n\n USER_SRP_AUTH: Authentication flow for the Secure Remote Password\n (SRP) protocol.
\n REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication\n flow for refreshing the access token and ID token by supplying a valid refresh\n token.
\n CUSTOM_AUTH: Custom authentication flow.
\n ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in\n the USERNAME and PASSWORD directly if the flow is enabled for calling the app\n client.
\n USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and\n PASSWORD are passed directly. If a user migration Lambda trigger is set, this\n flow will invoke the user migration Lambda if the USERNAME is not found in the\n user pool.
\n ADMIN_USER_PASSWORD_AUTH: Admin-based user password\n authentication. This replaces the ADMIN_NO_SRP_AUTH authentication\n flow. In this flow, Cognito receives the password in the request instead of\n using the SRP process to verify passwords.
The authentication flow for this call to run. The API action will depend on this value. For example:
\n \n\n REFRESH_TOKEN_AUTH will take in a valid refresh token and return new tokens.
\n USER_SRP_AUTH will take in USERNAME and SRP_A and return the Secure Remote Password (SRP) protocol variables to be used for next \n challenge execution.
\n ADMIN_USER_PASSWORD_AUTH will take in USERNAME and PASSWORD and return the next challenge or tokens.
Valid values include:
\n\n USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
\n REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
\n CUSTOM_AUTH: Custom authentication flow.
\n ADMIN_NO_SRP_AUTH: Non-SRP authentication flow; you can pass in the USERNAME and PASSWORD directly if the flow is enabled for calling the app client.
\n ADMIN_USER_PASSWORD_AUTH: Admin-based user password authentication. This replaces the ADMIN_NO_SRP_AUTH authentication flow. In this flow, Amazon Cognito \n receives the password in the request instead of using the SRP process to verify passwords.
The authentication parameters. These are inputs corresponding to the\n AuthFlow that you are invoking. The required values depend on the value\n of AuthFlow:
For USER_SRP_AUTH: USERNAME (required),\n SRP_A (required), SECRET_HASH (required if the app\n client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN\n (required), SECRET_HASH (required if the app client is configured\n with a client secret), DEVICE_KEY.
For ADMIN_NO_SRP_AUTH: USERNAME (required),\n SECRET_HASH (if app client is configured with client secret),\n PASSWORD (required), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required),\n SECRET_HASH (if app client is configured with client secret),\n DEVICE_KEY. To start the authentication flow with password\n verification, include ChallengeName: SRP_A and SRP_A: (The\n SRP_A Value).
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client \n secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), \n DEVICE_KEY.
For ADMIN_NO_SRP_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), PASSWORD (required), \n DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the \n authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
A map of custom key-value pairs that you can provide as input for certain custom\n workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda\n functions that are specified for various triggers. The ClientMetadata value is passed as\n input to the functions for only the following triggers:
\nPre signup
\nPre authentication
\nUser migration
\nWhen Amazon Cognito invokes the functions for these triggers, it passes a JSON\n payload, which the function receives as input. This payload contains a\n validationData attribute, which provides the data that you assigned to\n the ClientMetadata parameter in your AdminInitiateAuth request. In your function code in\n Lambda, you can process the validationData value to enhance your\n workflow for your specific needs.
When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the\n functions for the following triggers, but it does not provide the ClientMetadata value\n as input:
\nPost authentication
\nCustom message
\nPre token generation
\nCreate auth challenge
\nDefine auth challenge
\nVerify auth challenge
\nFor more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminInitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for \n various triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
\nPre signup
\nPre authentication
\nUser migration
\nWhen Amazon Cognito invokes the functions for these triggers, it passes a JSON \n payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the \n ClientMetadata parameter in your AdminInitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance \n your workflow for your specific needs.
When you use the AdminInitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
\nPost authentication
\nCustom message
\nPre token generation
\nCreate auth challenge
\nDefine auth challenge
\nVerify auth challenge
\nFor more information, see Customizing User Pool Workflows with \n Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration \n doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe analytics metadata for collecting Amazon Pinpoint metrics for\n AdminInitiateAuth calls.
The analytics metadata for collecting Amazon Pinpoint metrics for AdminInitiateAuth calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } } }, @@ -1522,25 +1522,25 @@ "ChallengeName": { "target": "com.amazonaws.cognitoidentityprovider#ChallengeNameType", "traits": { - "smithy.api#documentation": "The name of the challenge which you are responding to with this call. This is returned\n to you in the AdminInitiateAuth response if you need to pass another\n challenge.
\n MFA_SETUP: If MFA is required, users who do not have at least one\n of the MFA methods set up are presented with an MFA_SETUP\n challenge. The user must set up at least one MFA type to continue to\n authenticate.
\n SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are\n SMS_MFA for text SMS MFA, and SOFTWARE_TOKEN_MFA\n for TOTP software token MFA.
\n SMS_MFA: Next challenge is to supply an\n SMS_MFA_CODE, delivered via SMS.
\n PASSWORD_VERIFIER: Next challenge is to supply\n PASSWORD_CLAIM_SIGNATURE,\n PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after\n the client-side SRP calculations.
\n CUSTOM_CHALLENGE: This is returned if your custom authentication\n flow determines that the user should pass another challenge before tokens are\n issued.
\n DEVICE_SRP_AUTH: If device tracking was enabled on your user pool\n and the previous challenges were passed, this challenge is returned so that\n Amazon Cognito can start tracking this device.
\n DEVICE_PASSWORD_VERIFIER: Similar to\n PASSWORD_VERIFIER, but for devices only.
\n ADMIN_NO_SRP_AUTH: This is returned if you need to authenticate\n with USERNAME and PASSWORD directly. An app client\n must be enabled to use this flow.
\n NEW_PASSWORD_REQUIRED: For users who are required to change their\n passwords after successful first login. This challenge should be passed with\n NEW_PASSWORD and any other required attributes.
\n MFA_SETUP: For users who are required to setup an MFA factor\n before they can sign-in. The MFA types enabled for the user pool will be listed\n in the challenge parameters MFA_CAN_SETUP value.
To setup software token MFA, use the session returned here from\n InitiateAuth as an input to\n AssociateSoftwareToken, and use the session returned by\n VerifySoftwareToken as an input to\n RespondToAuthChallenge with challenge name\n MFA_SETUP to complete sign-in. To setup SMS MFA, users will\n need help from an administrator to add a phone number to their account and then\n call InitiateAuth again to restart sign-in.
The name of the challenge that you're responding to with this call. This is returned in the AdminInitiateAuth response if you must pass another challenge.
\n MFA_SETUP: If MFA is required, users who don't have at least one of the MFA methods set up are presented with an MFA_SETUP challenge. The user must set up at \n least one MFA type to continue to authenticate.
\n SELECT_MFA_TYPE: Selects the MFA type. Valid MFA options are SMS_MFA for text SMS MFA, and SOFTWARE_TOKEN_MFA for time-based one-time password (TOTP) \n software token MFA.
\n SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
\n PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the \n client-side SRP calculations.
\n CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
\n DEVICE_SRP_AUTH: If device tracking was activated in your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking \n this device.
\n DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
\n ADMIN_NO_SRP_AUTH: This is returned if you must authenticate with USERNAME and PASSWORD directly. An app client must be enabled to use this flow.
\n NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. This challenge should be passed with NEW_PASSWORD \n and any other required attributes.
\n MFA_SETUP: For users who are required to set up an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge \n parameters MFA_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken, and use the session returned by \n VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, users will \n need help from an administrator to add a phone number to their account and then call InitiateAuth again to restart sign-in.
The session which should be passed both ways in challenge-response calls to the\n service. If AdminInitiateAuth or AdminRespondToAuthChallenge\n API call determines that the caller needs to go through another challenge, they return a\n session with other challenge parameters. This session should be passed as it is to the\n next AdminRespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If AdminInitiateAuth or AdminRespondToAuthChallenge API call determines \n that the caller must pass another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next AdminRespondToAuthChallenge \n API call.
The challenge parameters. These are returned to you in the\n AdminInitiateAuth response if you need to pass another challenge. The\n responses in this parameter should be used to compute inputs to the next call\n (AdminRespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if\n applicable).
The value of the USER_ID_FOR_SRP attribute will be the user's actual\n username, not an alias (such as email address or phone number), even if you specified an\n alias in your call to AdminInitiateAuth. This is because, in the\n AdminRespondToAuthChallenge API ChallengeResponses, the\n USERNAME attribute cannot be an alias.
The challenge parameters. These are returned to you in the AdminInitiateAuth response if you must pass another challenge. The responses in this parameter should be used to \n compute inputs to the next call (AdminRespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if applicable).
The value of the USER_ID_FOR_SRP attribute is the user's actual username, not an alias (such as email address or phone number), even if you specified an alias in your call \n to AdminInitiateAuth. This happens because, in the AdminRespondToAuthChallenge API ChallengeResponses, the USERNAME attribute can't be \n an alias.
The result of the authentication response. This is only returned if the caller does\n not need to pass another challenge. If the caller does need to pass another challenge\n before it gets tokens, ChallengeName, ChallengeParameters, and\n Session are returned.
The result of the authentication response. This is only returned if the caller doesn't need to pass another challenge. If the caller does need to pass another challenge before it gets tokens, \n ChallengeName, ChallengeParameters, and Session are returned.
Links an existing user account in a user pool (DestinationUser) to an\n identity from an external identity provider (SourceUser) based on a\n specified attribute name and value from the external identity provider. This allows you\n to create a link from the existing user account to an external federated user identity\n that has not yet been used to sign in, so that the federated user identity can be used\n to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API\n links that user to a federated user identity, so that when the federated user identity\n is used, the user signs in as the existing user account.
\nThe maximum number of federated identities linked to a user is 5.
\nBecause this API allows a user with an external federated identity to sign in as\n an existing user in the user pool, it is critical that it only be used with external\n identity providers and provider attributes that have been trusted by the application\n owner.
\nThis action is enabled only for admin access and requires developer\n credentials.
" + "smithy.api#documentation": "Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified \n attribute name and value from the external identity provider. This allows you to create a link from the existing user account to an external federated user identity that has not \n yet been used to sign in. You can then use the federated user identity to sign in as the existing user account.
For example, if there is an existing user with a username and password, this API links that user to a federated user identity. When the user signs in with a federated user \n identity, they sign in as the existing user account.
\nThe maximum number of federated identities linked to a user is 5.
\nBecause this API allows a user with an external federated identity to sign in as an existing user in the user pool, it is critical that it only be used with external \n identity providers and provider attributes that have been trusted by the application owner.
\nThis action is administrative and requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminLinkProviderForUserRequest": { @@ -1599,14 +1599,14 @@ "DestinationUser": { "target": "com.amazonaws.cognitoidentityprovider#ProviderUserIdentifierType", "traits": { - "smithy.api#documentation": "The existing user in the user pool to be linked to the external identity provider user\n account. Can be a native (Username + Password) Cognito User Pools user or a federated\n user (for example, a SAML or Facebook user). If the user doesn't exist, an exception is\n thrown. This is the user that is returned when the new user (with the linked identity\n provider attribute) signs in.
\nFor a native username + password user, the ProviderAttributeValue for the\n DestinationUser should be the username in the user pool. For a\n federated user, it should be the provider-specific user_id.
The ProviderAttributeName of the DestinationUser is\n ignored.
The ProviderName should be set to Cognito for users in\n Cognito user pools.
The existing user in the user pool to be linked to the external identity provider user account. Can be a native (Username + Password) Amazon Cognito User Pools user or a federated user \n (for example, a SAML or Facebook user). If the user doesn't exist, an exception is thrown. This is the user that is returned when the new user (with the linked identity provider \n attribute) signs in.
\nFor a native username + password user, the ProviderAttributeValue for the DestinationUser should be the username in the user pool. For a federated user, \n it should be the provider-specific user_id.
The ProviderAttributeName of the DestinationUser is ignored.
The ProviderName should be set to Cognito for users in Cognito user pools.
All attributes in the DestinationUser profile must be mutable. If you have assigned the user any immutable custom attributes, the operation won't succeed.
\nAn external identity provider account for a user who does not currently exist yet in\n the user pool. This user must be a federated user (for example, a SAML or Facebook\n user), not another native user.
\nIf the SourceUser is a federated social identity provider user (Facebook,\n Google, or Login with Amazon), you must set the ProviderAttributeName to\n Cognito_Subject. For social identity providers, the\n ProviderName will be Facebook, Google, or\n LoginWithAmazon, and Cognito will automatically parse the Facebook,\n Google, and Login with Amazon tokens for id, sub, and\n user_id, respectively. The ProviderAttributeValue for the\n user must be the same value as the id, sub, or\n user_id value found in the social identity provider token.
For SAML, the ProviderAttributeName can be any value that matches a claim\n in the SAML assertion. If you wish to link SAML users based on the subject of the SAML\n assertion, you should map the subject to a claim through the SAML identity provider and\n submit that claim name as the ProviderAttributeName. If you set\n ProviderAttributeName to Cognito_Subject, Cognito will\n automatically parse the default unique identifier found in the subject from the SAML\n token.
An external identity provider account for a user who doesn't exist yet in the user pool. This user must be a federated user (for example, a SAML or Facebook user), not another native user.
\nIf the SourceUser is using a federated social identity provider, such as Facebook, Google, or Login with Amazon, you must set the ProviderAttributeName \n to Cognito_Subject. For social identity providers, the ProviderName will be Facebook, Google, or LoginWithAmazon, \n and Amazon Cognito will automatically parse the Facebook, Google, and Login with Amazon tokens for id, sub, and user_id, respectively. The \n ProviderAttributeValue for the user must be the same value as the id, sub, or user_id value found in the social identity provider token.
For SAML, the ProviderAttributeName can be any value that matches a claim in the SAML assertion. If you want to link SAML users based on the subject of the SAML \n assertion, you should map the subject to a claim through the SAML identity provider and submit that claim name as the ProviderAttributeName. If you set \n ProviderAttributeName to Cognito_Subject, Amazon Cognito will automatically parse the default unique identifier found in the subject from the SAML token.
An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -1783,7 +1783,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -1820,7 +1820,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists a history of user activity and any risks detected as part of Amazon Cognito\n advanced security.
", + "smithy.api#documentation": "A history of user activity and any risks detected as part of Amazon Cognito advanced security.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -1866,7 +1866,7 @@ "AuthEvents": { "target": "com.amazonaws.cognitoidentityprovider#AuthEventsType", "traits": { - "smithy.api#documentation": "The response object. It includes the EventID, EventType,\n CreationDate, EventRisk, and\n EventResponse.
The response object. It includes the EventID, EventType, CreationDate, EventRisk, and EventResponse.
Resets the specified user's password in a user pool as an administrator. Works on any\n user.
\nWhen a developer calls this API, the current password is invalidated, so it must be\n changed. If a user tries to sign in after the API is called, the app will get a\n PasswordResetRequiredException exception back and should direct the user down the flow\n to reset the password, which is the same as the forgot password flow. In addition, if\n the user pool has phone verification selected and a verified phone number exists for the\n user, or if email verification is selected and a verified email exists for the user,\n calling this API will also result in sending a message to the end user with the code to\n change their password.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Resets the specified user's password in a user pool as an administrator. Works on any user.
\nWhen a developer calls this API, the current password is invalidated, so it must be changed. If a user tries to sign in after the API is called, \n the app will get a PasswordResetRequiredException exception back and should direct the user down the flow to reset the password, which is the same \n as the forgot password flow. In addition, if the user pool has phone verification selected and a verified phone number exists for the user, or if \n email verification is selected and a verified email exists for the user, calling this API will also result in sending a message to the end user \n with the code to change their password.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminResetUserPasswordRequest": { @@ -1998,14 +1998,14 @@ "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user whose password you wish to reset.
", + "smithy.api#documentation": "The user name of the user whose password you want to reset.
", "smithy.api#required": {} } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the AdminResetUserPassword API action, Amazon Cognito invokes the function\n that is assigned to the custom message trigger. When Amazon Cognito\n invokes this function, it passes a JSON payload, which the function receives as input.\n This payload contains a clientMetadata attribute, which provides the data\n that you assigned to the ClientMetadata parameter in your AdminResetUserPassword\n request. In your function code in Lambda, you can process the\n clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\n \nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminResetUserPassword API action, \n Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload, \n which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the \n ClientMetadata parameter in your AdminResetUserPassword request. In your function code in Lambda, you can process the clientMetadata \n value to enhance your workflow for your specific needs.\n
For more information, see Customizing User Pool \n Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nRepresents the response from the server to reset a user password as an\n administrator.
" + "smithy.api#documentation": "Represents the response from the server to reset a user password as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminRespondToAuthChallenge": { @@ -2091,7 +2091,7 @@ } ], "traits": { - "smithy.api#documentation": "Responds to an authentication challenge, as an administrator.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Responds to an authentication challenge, as an administrator.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminRespondToAuthChallengeRequest": { @@ -2121,31 +2121,31 @@ "ChallengeResponses": { "target": "com.amazonaws.cognitoidentityprovider#ChallengeResponsesType", "traits": { - "smithy.api#documentation": "The challenge responses. These are inputs corresponding to the value of\n ChallengeName, for example:
\n SMS_MFA: SMS_MFA_CODE, USERNAME,\n SECRET_HASH (if app client is configured with client\n secret).
\n PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,\n PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,\n USERNAME, SECRET_HASH (if app client is configured\n with client secret).
\n ADMIN_NO_SRP_AUTH: PASSWORD, USERNAME,\n SECRET_HASH (if app client is configured with client secret).\n
\n NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other\n required attributes, USERNAME, SECRET_HASH (if app\n client is configured with client secret).
\n MFA_SETUP requires USERNAME, plus you need to use\n the session value returned by VerifySoftwareToken in the\n Session parameter.
The value of the USERNAME attribute must be the user's actual username,\n not an alias (such as email address or phone number). To make this easier, the\n AdminInitiateAuth response includes the actual username value in the\n USERNAMEUSER_ID_FOR_SRP attribute, even if you specified an alias in\n your call to AdminInitiateAuth.
The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
\n SMS_MFA: SMS_MFA_CODE, USERNAME, SECRET_HASH (if app client is configured with client secret).
\n PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME, SECRET_HASH \n (if app client is configured with client secret).
\n PASSWORD_VERIFIER requires DEVICE_KEY when signing in with a remembered device.
\n ADMIN_NO_SRP_AUTH: PASSWORD, USERNAME, SECRET_HASH (if app client is configured with client secret).
\n NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other required attributes, USERNAME, SECRET_HASH (if app client is configured with \n client secret).
\n MFA_SETUP requires USERNAME, plus you must use the session value returned by VerifySoftwareToken in the Session parameter.
The value of the USERNAME attribute must be the user's actual username, not an alias (such as an email address or phone number). To make this simpler, the \n AdminInitiateAuth response includes the actual username value in the USERNAMEUSER_ID_FOR_SRP attribute. This happens even if you specified an \n alias in your call to AdminInitiateAuth.
The session which should be passed both ways in challenge-response calls to the\n service. If InitiateAuth or RespondToAuthChallenge API call\n determines that the caller needs to go through another challenge, they return a session\n with other challenge parameters. This session should be passed as it is to the next\n RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If an InitiateAuth or RespondToAuthChallenge API call determines \n that the caller must pass another challenge, it returns a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge \n API call.
The analytics metadata for collecting Amazon Pinpoint metrics for\n AdminRespondToAuthChallenge calls.
The analytics metadata for collecting Amazon Pinpoint metrics for AdminRespondToAuthChallenge calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the AdminRespondToAuthChallenge API action, Amazon Cognito invokes any\n functions that are assigned to the following triggers: pre sign-up,\n custom message, post authentication,\n user migration, pre token generation,\n define auth challenge, create auth\n challenge, and verify auth challenge response. When\n Amazon Cognito invokes any of these functions, it passes a JSON payload, which the\n function receives as input. This payload contains a clientMetadata\n attribute, which provides the data that you assigned to the ClientMetadata parameter in\n your AdminRespondToAuthChallenge request. In your function code in Lambda, you can\n process the clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminRespondToAuthChallenge API action, Amazon Cognito\n invokes any functions that are assigned to the \n following triggers: pre sign-up, custom message, post authentication, \n user migration, pre token generation, define auth challenge, create auth \n challenge, and verify auth challenge response. When Amazon Cognito invokes any of these functions, it passes a JSON \n payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned \n to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In your function code in Lambda, you can process the \n clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with \n Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration \n doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe session which should be passed both ways in challenge-response calls to the\n service. If the caller needs to go through another challenge, they return a session with\n other challenge parameters. This session should be passed as it is to the next\n RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. \n This session should be passed as it is to the next RespondToAuthChallenge API call.
Sets the user's multi-factor authentication (MFA) preference, including which MFA\n options are enabled and if any are preferred. Only one factor can be set as preferred.\n The preferred MFA factor will be used to authenticate a user if multiple factors are\n enabled. If multiple options are enabled and no preference is set, a challenge to choose\n an MFA option will be returned during sign in.
" + "smithy.api#documentation": "The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred. Only one factor can be set as preferred. The preferred \n MFA factor will be used to authenticate a user if multiple factors are activated. If multiple options are activated and no preference is set, a challenge to choose an MFA option will \n be returned during sign-in.
" } }, "com.amazonaws.cognitoidentityprovider#AdminSetUserMFAPreferenceRequest": { @@ -2287,7 +2287,7 @@ } ], "traits": { - "smithy.api#documentation": "Sets the specified user's password in a user pool as an administrator. Works on any\n user.
\nThe password can be temporary or permanent. If it is temporary, the user status will\n be placed into the FORCE_CHANGE_PASSWORD state. When the user next tries to\n sign in, the InitiateAuth/AdminInitiateAuth response will contain the\n NEW_PASSWORD_REQUIRED challenge. If the user does not sign in before it\n expires, the user will not be able to sign in and their password will need to be reset\n by an administrator.
Once the user has set a new password, or the password is permanent, the user status\n will be set to Confirmed.
Sets the specified user's password in a user pool as an administrator. Works on any user.
\nThe password can be temporary or permanent. If it is temporary, the user status enters the FORCE_CHANGE_PASSWORD state. When the user next tries to sign in, \n the InitiateAuth/AdminInitiateAuth response will contain the NEW_PASSWORD_REQUIRED challenge. If the user doesn't sign in before it expires, the user won't be \n able to sign in, and an administrator must reset their password.
Once the user has set a new password, or the password is permanent, the user status is set to Confirmed.
The user name of the user whose password you wish to set.
", + "smithy.api#documentation": "The user name of the user whose password you want to set.
", "smithy.api#required": {} } }, @@ -2317,7 +2317,7 @@ "Permanent": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "\n True if the password is permanent, False if it is\n temporary.
\n True if the password is permanent, False if it is temporary.
\n This action is no longer supported. You can use it to configure\n only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either\n type of MFA, use AdminSetUserMFAPreference instead.
" + "smithy.api#documentation": "\n This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) \n software token MFA. To configure either type of MFA, \n use AdminSetUserMFAPreference instead.
" } }, "com.amazonaws.cognitoidentityprovider#AdminSetUserSettingsRequest": { @@ -2361,34 +2361,34 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The ID of the user pool that contains the user that you are setting options\n for.
", + "smithy.api#documentation": "The ID of the user pool that contains the user whose options you're setting.
", "smithy.api#required": {} } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user that you are setting options for.
", + "smithy.api#documentation": "The user name of the user whose options you're setting.
", "smithy.api#required": {} } }, "MFAOptions": { "target": "com.amazonaws.cognitoidentityprovider#MFAOptionListType", "traits": { - "smithy.api#documentation": "You can use this parameter only to set an SMS configuration that uses SMS for\n delivery.
", + "smithy.api#documentation": "You can use this parameter only to set an SMS configuration that uses SMS for delivery.
", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "You can use this parameter to set an MFA configuration that uses the SMS delivery\n medium.
" + "smithy.api#documentation": "You can use this parameter to set an MFA configuration that uses the SMS delivery medium.
" } }, "com.amazonaws.cognitoidentityprovider#AdminSetUserSettingsResponse": { "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "Represents the response from the server to set user settings as an\n administrator.
" + "smithy.api#documentation": "Represents the response from the server to set user settings as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUpdateAuthEventFeedback": { @@ -2423,7 +2423,7 @@ } ], "traits": { - "smithy.api#documentation": "Provides feedback for an authentication event as to whether it was from a valid user.\n This feedback is used for improving the risk evaluation decision for the user pool as\n part of Amazon Cognito advanced security.
" + "smithy.api#documentation": "Provides feedback for an authentication event indicating if it was from a valid user. This feedback is used for improving the risk evaluation decision for the user pool \n as part of Amazon Cognito advanced security.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUpdateAuthEventFeedbackRequest": { @@ -2537,7 +2537,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "The status response from the request to update the device, as an administrator.
" + "smithy.api#documentation": "The status response to the request to update the device, as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUpdateUserAttributes": { @@ -2590,7 +2590,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the specified user's attributes, including developer attributes, as an\n administrator. Works on any user.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
In addition to updating user attributes, this API can also be used to mark phone and\n email as verified.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Updates the specified user's attributes, including developer attributes, as an administrator. Works on any user.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
In addition to updating user attributes, this API can also be used to mark phone and email as verified.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUpdateUserAttributesRequest": { @@ -2613,14 +2613,14 @@ "UserAttributes": { "target": "com.amazonaws.cognitoidentityprovider#AttributeListType", "traits": { - "smithy.api#documentation": "An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes the\n function that is assigned to the custom message trigger. When\n Amazon Cognito invokes this function, it passes a JSON payload, which the function\n receives as input. This payload contains a clientMetadata attribute, which\n provides the data that you assigned to the ClientMetadata parameter in your\n AdminUpdateUserAttributes request. In your function code in Lambda, you can process\n the clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\n \nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminUpdateUserAttributes API action, Amazon Cognito invokes \n the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives \n as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata parameter in your \n AdminUpdateUserAttributes request. In your function code in Lambda, you can process the clientMetadata value to enhance your workflow for \n your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nRepresents the response from the server for the request to update user attributes as\n an administrator.
" + "smithy.api#documentation": "Represents the response from the server for the request to update user attributes as an administrator.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUserGlobalSignOut": { @@ -2664,7 +2664,7 @@ } ], "traits": { - "smithy.api#documentation": "Signs out users from all devices, as an administrator. It also invalidates all refresh\n tokens issued to a user. The user's current access and Id tokens remain valid until\n their expiry. Access and Id tokens expire one hour after they are issued.
\nCalling this action requires developer credentials.
" + "smithy.api#documentation": "Signs out users from all devices, as an administrator. It also invalidates all refresh tokens issued to a user. The user's current access and Id tokens remain valid until their expiry. Access and \n Id tokens expire one hour after they're issued.
\nCalling this action requires developer credentials.
" } }, "com.amazonaws.cognitoidentityprovider#AdminUserGlobalSignOutRequest": { @@ -2751,7 +2751,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a user tries to confirm the account with an email or\n phone number that has already been supplied as an alias from a different account. This\n exception tells user that an account with this email or phone already exists.
", + "smithy.api#documentation": "This exception is thrown when a user tries to confirm the account with an email or phone number that has already been supplied as an alias from a different account. This exception \n tells user that an account with this email or phone already exists.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -2768,13 +2768,13 @@ "ApplicationArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon\n Pinpoint project for Pinpoint integration with the chosen User Pool Client. Amazon\n Cognito publishes events to the pinpoint project declared by the app ARN.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project for integration with the chosen User Pool Client. Amazon Cognito publishes events to the Amazon Pinpointproject \n declared by the app ARN.
" } }, "RoleArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon\n Pinpoint analytics.
" + "smithy.api#documentation": "The ARN of an Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.
" } }, "ExternalId": { @@ -2786,12 +2786,12 @@ "UserDataShared": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "If UserDataShared is true, Amazon Cognito will include user\n data in the events it publishes to Amazon Pinpoint analytics.
If UserDataShared is true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.
The Amazon Pinpoint analytics configuration for collecting metrics for a user\n pool.
\nIn regions where Pinpoint is not available, Cognito User Pools only supports\n sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint\n is available, Cognito User Pools will support sending events to Amazon Pinpoint\n projects within that same region.
\nThe Amazon Pinpoint analytics configuration for collecting metrics for a user pool.
\nIn Regions where Pinpoint isn't available, User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In Regions where Pinpoint is available, User Pools will support \n sending events to Amazon Pinpoint projects within that same Region.
\nAn Amazon Pinpoint analytics endpoint.
\nAn endpoint uniquely identifies a mobile device, email address, or phone number that\n can receive messages from Amazon Pinpoint analytics.
\nCognito User Pools only supports sending events to Amazon Pinpoint projects in the\n US East (N. Virginia) us-east-1 Region, regardless of the region in which the user\n pool resides.
\nAn Amazon Pinpoint analytics endpoint.
\nAn endpoint uniquely identifies a mobile device, email address, or phone number that can receive messages from Amazon Pinpoint analytics.
\nAmazon Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the Region in which the user pool resides.
\nReturns a unique generated shared secret key code for the user account. The request\n takes an access token or a session string, but not both.
\nCalling AssociateSoftwareToken immediately disassociates the existing software\n token from the user account. If the user doesn't subsequently verify the software\n token, their account is essentially set up to authenticate without MFA. If MFA\n config is set to Optional at the user pool level, the user can then login without\n MFA. However, if MFA is set to Required for the user pool, the user will be asked to\n setup a new software token MFA during sign in.
\nReturns a unique generated shared secret key code for the user account. The request takes an access token or a session string, but not both.
\nCalling AssociateSoftwareToken immediately disassociates the existing software token from the user account. If the user doesn't subsequently verify the software token, \n their account is set up to authenticate without MFA. If MFA config is set to Optional at the user pool level, the user can then log in without MFA. However, if MFA is \n set to Required for the user pool, the user is asked to set up a new software token MFA during sign-in.
\nThe session which should be passed both ways in challenge-response calls to the\n service. This allows authentication of the user as part of the MFA setup process.
" + "smithy.api#documentation": "The session that should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.
" } } } @@ -2873,13 +2873,13 @@ "SecretCode": { "target": "com.amazonaws.cognitoidentityprovider#SecretCodeType", "traits": { - "smithy.api#documentation": "A unique generated shared secret code that is used in the TOTP algorithm to generate a\n one time code.
" + "smithy.api#documentation": "A unique generated shared secret code that is used in the time-based one-time password (TOTP) algorithm to generate a one-time code.
" } }, "Session": { "target": "com.amazonaws.cognitoidentityprovider#SessionType", "traits": { - "smithy.api#documentation": "The session which should be passed both ways in challenge-response calls to the\n service. This allows authentication of the user as part of the MFA setup process.
" + "smithy.api#documentation": "The session that should be passed both ways in challenge-response calls to the service. This allows authentication of the user as part of the MFA setup process.
" } } } @@ -3020,13 +3020,13 @@ "EventContextData": { "target": "com.amazonaws.cognitoidentityprovider#EventContextDataType", "traits": { - "smithy.api#documentation": "The user context data captured at the time of an event request. It provides additional\n information about the client from which event the request is received.
" + "smithy.api#documentation": "The user context data captured at the time of an event request. This value provides additional information about the client from which event the request is received.
" } }, "EventFeedback": { "target": "com.amazonaws.cognitoidentityprovider#EventFeedbackType", "traits": { - "smithy.api#documentation": "A flag specifying the user feedback captured at the time of an event request is good\n or bad.
" + "smithy.api#documentation": "A flag specifying the user feedback captured at the time of an event request is good or bad.
" } } }, @@ -3262,7 +3262,7 @@ "ChallengeName": { "target": "com.amazonaws.cognitoidentityprovider#ChallengeName", "traits": { - "smithy.api#documentation": "The challenge name
" + "smithy.api#documentation": "The challenge name.
" } }, "ChallengeResponse": { @@ -3466,7 +3466,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a verification code fails to deliver\n successfully.
", + "smithy.api#documentation": "This exception is thrown when a verification code fails to deliver successfully.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -3482,7 +3482,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown if the provided code does not match what the server was\n expecting.
", + "smithy.api#documentation": "This exception is thrown if the provided code doesn't match what the server was expecting.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -3509,7 +3509,7 @@ } }, "traits": { - "smithy.api#documentation": "The compromised credentials actions type
" + "smithy.api#documentation": "The compromised credentials actions type.
" } }, "com.amazonaws.cognitoidentityprovider#CompromisedCredentialsEventActionType": { @@ -3533,7 +3533,7 @@ "EventFilter": { "target": "com.amazonaws.cognitoidentityprovider#EventFiltersType", "traits": { - "smithy.api#documentation": "Perform the action for these events. The default is to perform all events if no event\n filter is specified.
" + "smithy.api#documentation": "Perform the action for these events. The default is to perform all events if no event filter is specified.
" } }, "Actions": { @@ -3559,7 +3559,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown if two or more modifications are happening\n concurrently.
", + "smithy.api#documentation": "This exception is thrown if two or more modifications are happening concurrently.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -3611,7 +3611,7 @@ } ], "traits": { - "smithy.api#documentation": "Confirms tracking of the device. This API call is the call that begins device\n tracking.
" + "smithy.api#documentation": "Confirms tracking of the device. This API call is the call that begins device tracking.
" } }, "com.amazonaws.cognitoidentityprovider#ConfirmDeviceRequest": { @@ -3654,7 +3654,7 @@ "UserConfirmationNecessary": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "Indicates whether the user confirmation is necessary to confirm the device\n response.
" + "smithy.api#documentation": "Indicates whether the user confirmation must confirm the device response.
" } } }, @@ -3736,20 +3736,20 @@ "SecretHash": { "target": "com.amazonaws.cognitoidentityprovider#SecretHashType", "traits": { - "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a\n user pool client and username plus the client ID in the message.
" + "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
" } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user for whom you want to enter a code to retrieve a forgotten\n password.
", + "smithy.api#documentation": "The user name of the user for whom you want to enter a code to retrieve a forgotten password.
", "smithy.api#required": {} } }, "ConfirmationCode": { "target": "com.amazonaws.cognitoidentityprovider#ConfirmationCodeType", "traits": { - "smithy.api#documentation": "The confirmation code sent by a user's request to retrieve a forgotten password. For\n more information, see ForgotPassword.
", + "smithy.api#documentation": "The confirmation code sent by a user's request to retrieve a forgotten password. For more information, \n see ForgotPassword.
", "smithy.api#required": {} } }, @@ -3763,19 +3763,19 @@ "AnalyticsMetadata": { "target": "com.amazonaws.cognitoidentityprovider#AnalyticsMetadataType", "traits": { - "smithy.api#documentation": "The Amazon Pinpoint analytics metadata for collecting metrics for\n ConfirmForgotPassword calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmForgotPassword calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the ConfirmForgotPassword API action, Amazon Cognito invokes the function\n that is assigned to the post confirmation trigger. When Amazon\n Cognito invokes this function, it passes a JSON payload, which the function receives as\n input. This payload contains a clientMetadata attribute, which provides the\n data that you assigned to the ClientMetadata parameter in your ConfirmForgotPassword\n request. In your function code in Lambda, you can process the\n clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the ConfirmForgotPassword API action, Amazon Cognito \n invokes the function that is assigned to the post confirmation trigger. When Amazon Cognito invokes this function, it passes a \n JSON payload, \n which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned \n to the ClientMetadata parameter in your ConfirmForgotPassword request. In your function code in Lambda, you can process the \n clientMetadata value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe response from the server that results from a user's request to retrieve a\n forgotten password.
" + "smithy.api#documentation": "The response from the server that results from a user's request to retrieve a forgotten password.
" } }, "com.amazonaws.cognitoidentityprovider#ConfirmSignUp": { @@ -3844,7 +3844,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Confirms registration of a user and handles the existing alias from a previous\n user.
", + "smithy.api#documentation": "Confirms registration of a user and handles the existing alias from a previous user.
", "smithy.api#optionalAuth": {} } }, @@ -3861,13 +3861,13 @@ "SecretHash": { "target": "com.amazonaws.cognitoidentityprovider#SecretHashType", "traits": { - "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a\n user pool client and username plus the client ID in the message.
" + "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
" } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user whose registration you wish to confirm.
", + "smithy.api#documentation": "The user name of the user whose registration you want to confirm.
", "smithy.api#required": {} } }, @@ -3881,25 +3881,25 @@ "ForceAliasCreation": { "target": "com.amazonaws.cognitoidentityprovider#ForceAliasCreation", "traits": { - "smithy.api#documentation": "Boolean to be specified to force user confirmation irrespective of existing alias. By\n default set to False. If this parameter is set to True and the\n phone number/email used for sign up confirmation already exists as an alias with a\n different user, the API call will migrate the alias from the previous user to the newly\n created user being confirmed. If set to False, the API will throw an\n AliasExistsException error.
Boolean to be specified to force user confirmation irrespective of existing alias. By default set to False. If this parameter is set to \n True and the phone number/email used for sign up confirmation already exists as an alias with a different user, the API call will migrate \n the alias from the previous user to the newly created user being confirmed. If set to False, the API will throw an \n AliasExistsException error.
The Amazon Pinpoint analytics metadata for collecting metrics for\n ConfirmSignUp calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ConfirmSignUp calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the ConfirmSignUp API action, Amazon Cognito invokes the function that is\n assigned to the post confirmation trigger. When Amazon Cognito\n invokes this function, it passes a JSON payload, which the function receives as input.\n This payload contains a clientMetadata attribute, which provides the data\n that you assigned to the ClientMetadata parameter in your ConfirmSignUp request. In your\n function code in Lambda, you can process the clientMetadata value to\n enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\n \nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the ConfirmSignUp API action, \n Amazon Cognito invokes the function that is assigned to the post confirmation trigger. When Amazon Cognito invokes this \n function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which \n provides the data that you assigned to the ClientMetadata parameter in your ConfirmSignUp request. In your function code in Lambda, \n you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nYour server path where this API is invoked.
", + "smithy.api#documentation": "Your server path where this API is invoked.
", "smithy.api#required": {} } }, @@ -3958,12 +3958,12 @@ "EncodedData": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "Encoded data containing device fingerprinting details, collected using the Amazon\n Cognito context data collection library.
" + "smithy.api#documentation": "Encoded data containing device fingerprinting details collected using the Amazon Cognito context data collection library.
" } } }, "traits": { - "smithy.api#documentation": "Contextual user data type used for evaluating the risk of an unexpected event by\n Amazon Cognito advanced security.
" + "smithy.api#documentation": "Contextual user data type used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "com.amazonaws.cognitoidentityprovider#CreateGroup": { @@ -4027,13 +4027,13 @@ "RoleArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The role ARN for the group.
" + "smithy.api#documentation": "The role Amazon Resource Name (ARN) for the group.
" } }, "Precedence": { "target": "com.amazonaws.cognitoidentityprovider#PrecedenceType", "traits": { - "smithy.api#documentation": "A nonnegative integer value that specifies the precedence of this group relative to\n the other groups that a user can belong to in the user pool. Zero is the highest\n precedence value. Groups with lower Precedence values take precedence over\n groups with higher or null Precedence values. If a user belongs to two or\n more groups, it is the group with the lowest precedence value whose role ARN will be\n used in the cognito:roles and cognito:preferred_role claims in\n the user's tokens.
Two groups can have the same Precedence value. If this happens, neither\n group takes precedence over the other. If two groups with the same\n Precedence have the same role ARN, that role is used in the\n cognito:preferred_role claim in tokens for users in each group. If the\n two groups have different role ARNs, the cognito:preferred_role claim is\n not set in users' tokens.
The default Precedence value is null.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. \n Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher ornull Precedence \n values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the \n cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same \n Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If \n the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
The default Precedence value is null.
The identity provider details. The following list describes the provider detail keys\n for each identity provider type.
\nFor Google and Login with Amazon:
\nclient_id
\nclient_secret
\nauthorize_scopes
\nFor Facebook:
\nclient_id
\nclient_secret
\nauthorize_scopes
\napi_version
\nFor Sign in with Apple:
\nclient_id
\nteam_id
\nkey_id
\nprivate_key
\nauthorize_scopes
\nFor OIDC providers:
\nclient_id
\nclient_secret
\nattributes_request_method
\noidc_issuer
\nauthorize_scopes
\nauthorize_url if not available from discovery URL specified\n by oidc_issuer key\n
\ntoken_url if not available from discovery URL specified by\n oidc_issuer key\n
\nattributes_url if not available from discovery URL specified\n by oidc_issuer key\n
\njwks_uri if not available from discovery URL specified by\n oidc_issuer key\n
\nFor SAML providers:
\nMetadataFile OR MetadataURL
\nIDPSignout optional\n
\nThe identity provider details. The following list describes the provider detail keys for each identity provider type.
\nFor Google and Login with Amazon:
\nclient_id
\nclient_secret
\nauthorize_scopes
\nFor Facebook:
\nclient_id
\nclient_secret
\nauthorize_scopes
\napi_version
\nFor Sign in with Apple:
\nclient_id
\nteam_id
\nkey_id
\nprivate_key
\nauthorize_scopes
\nFor OpenID Connect (OIDC) providers:
\nclient_id
\nclient_secret
\nattributes_request_method
\noidc_issuer
\nauthorize_scopes
\nauthorize_url if not available from discovery URL specified by oidc_issuer key\n
\ntoken_url if not available from discovery URL specified by oidc_issuer key\n
\nattributes_url if not available from discovery URL specified by oidc_issuer key\n
\njwks_uri if not available from discovery URL specified by oidc_issuer key\n
\nattributes_url_add_attributes a read-only property that is set automatically\n
\nFor SAML providers:
\nMetadataFile OR MetadataURL
\nIDPSignout (optional)
\nA mapping of identity provider attributes to standard and custom user pool\n attributes.
" + "smithy.api#documentation": "A mapping of identity provider attributes to standard and custom user pool attributes.
" } }, "IdpIdentifiers": { @@ -4170,7 +4170,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new OAuth2.0 resource server and defines custom scopes in it.
" + "smithy.api#documentation": "Creates a new OAuth2.0 resource server and defines custom scopes within it.
" } }, "com.amazonaws.cognitoidentityprovider#CreateResourceServerRequest": { @@ -4186,7 +4186,7 @@ "Identifier": { "target": "com.amazonaws.cognitoidentityprovider#ResourceServerIdentifierType", "traits": { - "smithy.api#documentation": "A unique resource server identifier for the resource server. This could be an HTTPS\n endpoint where the resource server is located. For example,\n https://my-weather-api.example.com.
A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located, such as https://my-weather-api.example.com.
A list of scopes. Each scope is map, where the keys are name and\n description.
A list of scopes. Each scope is a key-value map with the keys name and description.
The user pool ID for the user pool that the users are being imported into.
", + "smithy.api#documentation": "The user pool ID for the user pool that the users are being imported\n into.
", "smithy.api#required": {} } }, "CloudWatchLogsRoleArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The role ARN for the Amazon CloudWatch Logging role for the user import job.
", + "smithy.api#documentation": "The role ARN for the Amazon CloudWatch Logs Logging role for the user import job.
", "smithy.api#required": {} } } @@ -4292,7 +4292,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to create the user import\n job.
" + "smithy.api#documentation": "Represents the response from the server to the request to create the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#CreateUserPool": { @@ -4333,7 +4333,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new Amazon Cognito user pool and sets the password policy for the\n pool.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCreates a new Amazon Cognito user pool and sets the password policy for the pool.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nCreates the user pool client.
\nWhen you create a new user pool client, token revocation is automatically enabled. For more information\n about revoking tokens, see RevokeToken.
" + "smithy.api#documentation": "Creates the user pool client.
\nWhen you create a new user pool client, token revocation is automatically activated. For more information about revoking tokens, \n see RevokeToken.
" } }, "com.amazonaws.cognitoidentityprovider#CreateUserPoolClientRequest": { @@ -4394,31 +4394,31 @@ "GenerateSecret": { "target": "com.amazonaws.cognitoidentityprovider#GenerateSecret", "traits": { - "smithy.api#documentation": "Boolean to specify whether you want to generate a secret for the user pool client\n being created.
" + "smithy.api#documentation": "Boolean to specify whether you want to generate a secret for the user pool client being created.
" } }, "RefreshTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#RefreshTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and cannot\n be used.
" + "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and can't be used.
" } }, "AccessTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#AccessTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, between 5 minutes and 1 day, after which the access token is no longer\n valid and cannot be used. This value will be overridden if you have entered a value in\n TokenValidityUnits.
" + "smithy.api#documentation": "The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override \n the default time unit.
" } }, "IdTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#IdTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, between 5 minutes and 1 day, after which the ID token is no longer\n valid and cannot be used. This value will be overridden if you have entered a value in\n TokenValidityUnits.
" + "smithy.api#documentation": "The time limit, between 5 minutes and 1 day, after which the access token is no longer valid and can't be used. If you supply a TokenValidityUnits value, you will override \n the default time unit.
" } }, "TokenValidityUnits": { "target": "com.amazonaws.cognitoidentityprovider#TokenValidityUnitsType", "traits": { - "smithy.api#documentation": "The units in which the validity times are represented in. Default for RefreshToken is\n days, and default for ID and access tokens are hours.
" + "smithy.api#documentation": "The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens are hours.
" } }, "ReadAttributes": { @@ -4430,25 +4430,25 @@ "WriteAttributes": { "target": "com.amazonaws.cognitoidentityprovider#ClientPermissionListType", "traits": { - "smithy.api#documentation": "The user pool attributes that the app client can write to.
\nIf your app client allows users to sign in through an identity provider, this array\n must include all attributes that are mapped to identity provider attributes. Amazon\n Cognito updates mapped attributes when users sign in to your application through an\n identity provider. If your app client lacks write access to a mapped attribute, Amazon\n Cognito throws an error when it attempts to update the attribute. For more information,\n see Specifying Identity Provider Attribute Mappings for Your User\n Pool.
" + "smithy.api#documentation": "The user pool attributes that the app client can write to.
\nIf your app client allows users to sign in through an identity provider, this array must include all attributes that are mapped to identity \n provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client \n lacks write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see \n Specifying Identity \n Provider Attribute Mappings for Your User Pool.
" } }, "ExplicitAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#ExplicitAuthFlowsListType", "traits": { - "smithy.api#documentation": "The authentication flows that are supported by the user pool clients. Flow names\n without the ALLOW_ prefix are deprecated in favor of new names with the\n ALLOW_ prefix. Note that values with ALLOW_ prefix cannot\n be used along with values without ALLOW_ prefix.
Valid values include:
\n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password\n authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces\n the ADMIN_NO_SRP_AUTH setting. With this authentication flow,\n Cognito receives the password in the request instead of using the SRP (Secure\n Remote Password protocol) protocol to verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based\n authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based\n authentication. In this flow, Cognito receives the password in the request\n instead of using the SRP protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh\n tokens.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported, \n in favor of new names with the ALLOW_ prefix. \n Note that values with ALLOW_ prefix must be used only along with the ALLOW_ prefix.
Valid values include:
\n \n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the \n ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to \n verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP \n protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this client.\n The following are supported: COGNITO, Facebook,\n Google and LoginWithAmazon.
A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google \n and LoginWithAmazon.
A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
\nApp callback URLs such as myapp://example are also supported.
" } }, "LogoutURLs": { @@ -4460,43 +4460,43 @@ "DefaultRedirectURI": { "target": "com.amazonaws.cognitoidentityprovider#RedirectUrlType", "traits": { - "smithy.api#documentation": "The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
\nApp callback URLs such as myapp://example are also supported.
" } }, "AllowedOAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#OAuthFlowsType", "traits": { - "smithy.api#documentation": "The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an\n authorization code as the response. This code can be exchanged for access tokens with\n the token endpoint.
Set to implicit to specify that the client should get the access token\n (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the\n access token (and, optionally, ID token, based on scopes) from the token endpoint using\n a combination of client and client_secret.
The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a \n combination of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,\n email, openid, and profile. Possible values\n provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created\n in Resource Servers are also supported.
The allowed OAuth scopes. Possible values provided by OAuth are: phone, email, openid, and profile. Possible values \n provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting\n with Cognito user pools.
" + "smithy.api#documentation": "Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
" } }, "AnalyticsConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#AnalyticsConfigurationType", "traits": { - "smithy.api#documentation": "The Amazon Pinpoint analytics configuration for collecting metrics for this user\n pool.
\nIn regions where Pinpoint is not available, Cognito User Pools only supports\n sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint\n is available, Cognito User Pools will support sending events to Amazon Pinpoint\n projects within that same region.
\nThe Amazon Pinpoint analytics configuration for collecting metrics for this user pool.
\nIn Amazon Web Services Regions where isn't available, User Pools only supports sending events to Amazon Pinpoint projects in Amazon Web Services Region us-east-1. In Regions where is available, User Pools will support \n sending events to Amazon Pinpoint projects within that same Region.
\nUse this setting to choose which errors and responses are returned by Cognito APIs\n during authentication, account confirmation, and password recovery when the user does\n not exist in the user pool. When set to ENABLED and the user does not\n exist, authentication returns an error indicating either the username or password was\n incorrect, and account confirmation and password recovery return a response indicating a\n code was sent to a simulated destination. When set to LEGACY, those APIs\n will return a UserNotFoundException exception if the user does not exist in\n the user pool.
Valid values include:
\n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This represents the old behavior of Cognito where user\n existence related errors are not prevented.
After February 15th 2020, the value of PreventUserExistenceErrors\n will default to ENABLED for newly created user pool clients if no value\n is provided.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the user \n pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. \n Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those \n APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
\n \n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This represents the early behavior of Amazon Cognito where user existence related errors aren't prevented.
Enables or disables token revocation. For more information\n about revoking tokens, see RevokeToken.
\nIf you don't include this parameter, token revocation is automatically enabled for the new user pool client.
" + "smithy.api#documentation": "Activates or deactivates token revocation. For more information about revoking tokens, \n see RevokeToken.
\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.
" } } }, @@ -4553,7 +4553,7 @@ "Domain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The domain string.
", + "smithy.api#documentation": "The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, \n such as auth.
The configuration for a custom domain that hosts the sign-up and sign-in webpages for\n your application.
\nProvide this parameter only if you want to use a custom domain for your user pool.\n Otherwise, you can exclude this parameter and use the Amazon Cognito hosted domain\n instead.
\nFor more information about the hosted domain and custom domains, see Configuring a User Pool Domain.
" + "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
\nProvide this parameter only if you want to use a custom domain for your user pool. Otherwise, you can exclude this parameter and use the Amazon Cognito hosted domain instead.
\nFor more information about the hosted domain and custom domains, \n see Configuring a User Pool Domain.
" } } } @@ -4578,7 +4578,7 @@ "CloudFrontDomain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The Amazon CloudFront endpoint that you use as the target of the alias that you set up\n with your Domain Name Service (DNS) provider.
" + "smithy.api#documentation": "The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider.
" } } } @@ -4602,7 +4602,7 @@ "LambdaConfig": { "target": "com.amazonaws.cognitoidentityprovider#LambdaConfigType", "traits": { - "smithy.api#documentation": "The Lambda trigger configuration information for the new user pool.
\nIn a push model, event sources (such as Amazon S3 and custom applications) need\n permission to invoke a function. So you will need to make an extra call to add\n permission for these event sources to invoke your Lambda function.
\n \nFor more information on using the Lambda API to add permission, see \n AddPermission .
\nFor adding permission using the CLI, see add-permission\n .
\nThe Lambda trigger configuration information for the new user pool.
\nIn a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an \n extra call to add permission for these event sources to invoke your Lambda function.
\n \nFor more information on using the Lambda API \n to add permission, see AddPermission .
\nFor adding permission using the CLI, see add-permission .
\nAttributes supported as an alias for this user pool. Possible values: phone_number, email, or\n preferred_username.
" + "smithy.api#documentation": "Attributes supported as an alias for this user pool. Possible values: phone_number, email, or \n preferred_username.
" } }, "UsernameAttributes": { "target": "com.amazonaws.cognitoidentityprovider#UsernameAttributesListType", "traits": { - "smithy.api#documentation": "Specifies whether email addresses or phone numbers can be specified as usernames when\n a user signs up.
" + "smithy.api#documentation": "Specifies whether a user can use an email address or phone number as a username when they sign up.
" } }, "SmsVerificationMessage": { @@ -4632,19 +4632,19 @@ "EmailVerificationMessage": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationMessageType", "traits": { - "smithy.api#documentation": "A string representing the email verification message. EmailVerificationMessage is\n allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "A string representing the email verification message. EmailVerificationMessage is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "EmailVerificationSubject": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationSubjectType", "traits": { - "smithy.api#documentation": "A string representing the email verification subject. EmailVerificationSubject is\n allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "A string representing the email verification subject. EmailVerificationSubject is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "VerificationMessageTemplate": { "target": "com.amazonaws.cognitoidentityprovider#VerificationMessageTemplateType", "traits": { - "smithy.api#documentation": "The template for the verification message that the user sees when the app requests\n permission to access the user's information.
" + "smithy.api#documentation": "The template for the verification message that the user sees when the app requests permission to access the user's information.
" } }, "SmsAuthenticationMessage": { @@ -4680,7 +4680,7 @@ "UserPoolTags": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolTagsType", "traits": { - "smithy.api#documentation": "The tag keys and values to assign to the user pool. A tag is a label that you can use\n to categorize and manage user pools in different ways, such as by purpose, owner,\n environment, or other criteria.
" + "smithy.api#documentation": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, \n or other criteria.
" } }, "AdminCreateUserConfig": { @@ -4692,25 +4692,25 @@ "Schema": { "target": "com.amazonaws.cognitoidentityprovider#SchemaAttributesListType", "traits": { - "smithy.api#documentation": "An array of schema attributes for the new user pool. These attributes can be standard\n or custom attributes.
" + "smithy.api#documentation": "An array of schema attributes for the new user pool. These attributes can be standard or custom attributes.
" } }, "UserPoolAddOns": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolAddOnsType", "traits": { - "smithy.api#documentation": "Used to enable advanced security risk detection. Set the key\n AdvancedSecurityMode to the value \"AUDIT\".
Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value \"AUDIT\".
You can choose to set case sensitivity on the username input for the selected sign-in\n option. For example, when this is set to False, users will be able to sign\n in using either \"username\" or \"Username\". This configuration is immutable once it has\n been set. For more information, see UsernameConfigurationType.
Case sensitivity on the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either \"username\" \n or \"Username\". This configuration is immutable once it has been set. For more information, \n see UsernameConfigurationType.
Use this setting to define which verified available method a user can use to recover\n their password when they call ForgotPassword. It allows you to define a\n preferred method when a user has more than one method available. With this setting, SMS\n does not qualify for a valid password recovery mechanism if the user also has SMS MFA\n enabled. In the absence of this setting, Cognito uses the legacy behavior to determine\n the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a \n preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the \n user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method \n where SMS is preferred through email.
The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use\n this certificate for the subdomain of your custom domain.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in webpages for\n your application.
" + "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
" } }, "com.amazonaws.cognitoidentityprovider#CustomEmailLambdaVersionConfigType": { @@ -4775,14 +4775,14 @@ "LambdaVersion": { "target": "com.amazonaws.cognitoidentityprovider#CustomEmailSenderLambdaVersionType", "traits": { - "smithy.api#documentation": "The Lambda version represents the signature of the \"request\" attribute in the \"event\"\n information Amazon Cognito passes to your custom email Lambda function. The only\n supported value is V1_0.
Signature of the \"request\" attribute in the \"event\" information Amazon Cognito passes to your custom email Lambda function. The only supported value is V1_0.
The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to\n send email notifications to users.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito activates to send email notifications to users.
", "smithy.api#required": {} } } @@ -4808,14 +4808,14 @@ "LambdaVersion": { "target": "com.amazonaws.cognitoidentityprovider#CustomSMSSenderLambdaVersionType", "traits": { - "smithy.api#documentation": "The Lambda version represents the signature of the \"request\" attribute in the \"event\"\n information Amazon Cognito passes to your custom SMS Lambda function. The only supported\n value is V1_0.
Signature of the \"request\" attribute in the \"event\" information that Amazon Cognito passes to your custom SMS Lambda function. The only supported value is V1_0.
The Lambda Amazon Resource Name of the Lambda function that Amazon Cognito triggers to\n send SMS notifications to users.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Lambda function that Amazon Cognito activates to send SMS notifications to users.
", "smithy.api#required": {} } } @@ -5074,7 +5074,7 @@ "UserAttributeNames": { "target": "com.amazonaws.cognitoidentityprovider#AttributeNameListType", "traits": { - "smithy.api#documentation": "An array of strings representing the user attribute names you wish to delete.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of strings representing the user attribute names you want to delete.
\nFor custom attributes, you must prependattach the custom: prefix to the front of the attribute name.
The domain string.
", + "smithy.api#documentation": "The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, \n such as auth.
Represents the response from the server to the request to describe the user import\n job.
" + "smithy.api#documentation": "Represents the response from the server to the request to describe the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#DescribeUserPool": { @@ -5579,7 +5579,7 @@ } ], "traits": { - "smithy.api#documentation": "Client method for returning the configuration information and metadata of the\n specified user pool app client.
" + "smithy.api#documentation": "Client method for returning the configuration information and metadata of the specified user pool app client.
" } }, "com.amazonaws.cognitoidentityprovider#DescribeUserPoolClientRequest": { @@ -5615,7 +5615,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents the response from the server from a request to describe the user pool\n client.
" + "smithy.api#documentation": "Represents the response from the server from a request to describe the user pool client.
" } }, "com.amazonaws.cognitoidentityprovider#DescribeUserPoolDomain": { @@ -5650,7 +5650,7 @@ "Domain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The domain string.
", + "smithy.api#documentation": "The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, \n such as auth.
Indicates whether a challenge is required on a new device. Only applicable to a new\n device.
" + "smithy.api#documentation": "When true, device authentication can replace SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).
\nUsers that sign in with devices that have not been confirmed or remembered will still have to provide a second factor, whether or not ChallengeRequiredOnNewDevice is true, when your user \n pool requires MFA.
\nIf true, a device is only remembered on user prompt.
" + "smithy.api#documentation": "When true, users can opt in to remembering their device. Your app code must use callback functions to return the user's choice.
" } } }, "traits": { - "smithy.api#documentation": "The configuration for the user pool's device tracking.
" + "smithy.api#documentation": "The device tracking configuration for a user pool. A user pool with device tracking deactivated returns a null value.
\nWhen you provide values for any DeviceConfiguration field, you activate device tracking.
\nThe device verifier against which it will be authenticated.
" + "smithy.api#documentation": "The device verifier against which it is authenticated.
" } }, "com.amazonaws.cognitoidentityprovider#DeviceType": { @@ -5815,7 +5815,7 @@ "DeviceLastAuthenticatedDate": { "target": "com.amazonaws.cognitoidentityprovider#DateType", "traits": { - "smithy.api#documentation": "The date in which the device was last authenticated.
" + "smithy.api#documentation": "The date when the device was last authenticated.
" } } }, @@ -5835,25 +5835,25 @@ "AWSAccountId": { "target": "com.amazonaws.cognitoidentityprovider#AWSAccountIdType", "traits": { - "smithy.api#documentation": "The account ID for the user pool owner.
" + "smithy.api#documentation": "The Amazon Web Services ID for the user pool owner.
" } }, "Domain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The domain string.
" + "smithy.api#documentation": "The domain string. For custom domains, this is the fully-qualified domain name, such as auth.example.com. For Amazon Cognito prefix domains, this is the prefix alone, such as auth.
The S3 bucket where the static files for this domain are stored.
" + "smithy.api#documentation": "The Amazon S3 bucket where the static files for this domain are stored.
" } }, "CloudFrontDistribution": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The ARN of the CloudFront distribution.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon CloudFront distribution.
" } }, "Version": { @@ -5871,7 +5871,7 @@ "CustomDomainConfig": { "target": "com.amazonaws.cognitoidentityprovider#CustomDomainConfigType", "traits": { - "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in webpages for\n your application.
" + "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.
" } } }, @@ -5933,7 +5933,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the provider is already supported by the user\n pool.
", + "smithy.api#documentation": "This exception is thrown when the provider is already supported by the user pool.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -5950,36 +5950,36 @@ "SourceArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of a verified email address in Amazon SES. This email\n address is used in one of the following ways, depending on the value that you specify\n for the EmailSendingAccount parameter:
If you specify COGNITO_DEFAULT, Amazon Cognito uses this address\n as the custom FROM address when it emails your users by using its built-in email\n account.
If you specify DEVELOPER, Amazon Cognito emails your users with\n this address by calling Amazon SES on your behalf.
The ARN of a verified email address in Amazon SES. Amazon Cognito uses this email address in one of the following ways, depending on the value that you specify for the EmailSendingAccount \n parameter:
If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.
If you specify DEVELOPER, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.
The destination to which the receiver of the email should reply to.
" + "smithy.api#documentation": "The destination to which the receiver of the email should reply.
" } }, "EmailSendingAccount": { "target": "com.amazonaws.cognitoidentityprovider#EmailSendingAccountType", "traits": { - "smithy.api#documentation": "Specifies whether Amazon Cognito emails your users by using its built-in email\n functionality or your Amazon SES email configuration. Specify one of the following\n values:
\nWhen Amazon Cognito emails your users, it uses its built-in email\n functionality. When you use the default option, Amazon Cognito allows only a\n limited number of emails each day for your user pool. For typical production\n environments, the default email limit is below the required delivery volume.\n To achieve a higher delivery volume, specify DEVELOPER to use your Amazon\n SES email configuration.
\nTo look up the email delivery limit for the default option, see Limits in Amazon Cognito in the Amazon Cognito\n Developer Guide.
\nThe default FROM address is no-reply@verificationemail.com. To customize\n the FROM address, provide the ARN of an Amazon SES verified email address\n for the SourceArn parameter.
If EmailSendingAccount is COGNITO_DEFAULT, the following parameters\n aren't allowed:
\nEmailVerificationMessage
\nEmailVerificationSubject
\nInviteMessageTemplate.EmailMessage
\nInviteMessageTemplate.EmailSubject
\nVerificationMessageTemplate.EmailMessage
\nVerificationMessageTemplate.EmailMessageByLink
\nVerificationMessageTemplate.EmailSubject,
\nVerificationMessageTemplate.EmailSubjectByLink
\nDEVELOPER EmailSendingAccount is required.
\nWhen Amazon Cognito emails your users, it uses your Amazon SES\n configuration. Amazon Cognito calls Amazon SES on your behalf to send email\n from your verified email address. When you use this option, the email\n delivery limits are the same limits that apply to your Amazon SES verified\n email address in your account.
\nIf you use this option, you must provide the ARN of an Amazon SES verified\n email address for the SourceArn parameter.
Before Amazon Cognito can email your users, it requires additional\n permissions to call Amazon SES on your behalf. When you update your user\n pool with this option, Amazon Cognito creates a service-linked\n role, which is a type of IAM role, in your account. This\n role contains the permissions that allow Amazon Cognito to access Amazon SES\n and send email messages with your address. For more information about the\n service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon\n Cognito in the Amazon Cognito Developer\n Guide.
\nSpecifies whether Amazon Cognito emails your users by using its built-in email functionality or your Amazon Simple Email Service email configuration. Specify one of the following values:
\nWhen Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. \n For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email \n configuration.
\nTo look up the email delivery limit for the default option, see Limits in in the \n Developer Guide.
\nThe default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address \n for the SourceArn parameter.
If EmailSendingAccount is COGNITO_DEFAULT, you can't use the following parameters:
\nEmailVerificationMessage
\nEmailVerificationSubject
\nInviteMessageTemplate.EmailMessage
\nInviteMessageTemplate.EmailSubject
\nVerificationMessageTemplate.EmailMessage
\nVerificationMessageTemplate.EmailMessageByLink
\nVerificationMessageTemplate.EmailSubject,
\nVerificationMessageTemplate.EmailSubjectByLink
\nDEVELOPER EmailSendingAccount is required.
\nWhen Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this \n option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your Amazon Web Services account.
\nIf you use this option, you must provide the ARN of an Amazon SES verified email address for the SourceArn parameter.
Before Amazon Cognito can email your users, it requires additional permissions to call\n Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito\n creates a service-linked role, which is a type of role,\n in your Amazon Web Services account. This role contains the permissions that\n allow to access Amazon SES and send email messages with your address. For more\n information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the\n Amazon Cognito Developer Guide.
\nIdentifies either the sender’s email address or the sender’s name with their email\n address. For example, testuser@example.com or Test User\n . This address will appear before the body of the\n email.
Either the sender’s email address or the sender’s name with their email address. For example, testuser@example.com or \n Test User . This address appears before the body of the email.
The set of configuration rules that can be applied to emails sent using Amazon SES. A\n configuration set is applied to an email by including a reference to the configuration\n set in the headers of the email. Once applied, all of the rules in that configuration\n set are applied to the email. Configuration sets can be used to apply the following\n types of rules to emails:
\nEvent publishing – Amazon SES can track the number of send, delivery, open,\n click, bounce, and complaint events for each email sent. Use event publishing to\n send information about these events to other Amazon Web Services services such as SNS and\n CloudWatch.
\nIP pool management – When leasing dedicated IP addresses with Amazon SES, you\n can create groups of IP addresses, called dedicated IP pools. You can then\n associate the dedicated IP pools with configuration sets.
\nThe set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration \n set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following \n types of rules to emails:
\n \nEvent publishing – Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing \n to send information about these events to other Amazon Web Services services such as and Amazon CloudWatch.
\nIP pool management – When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then \n associate the dedicated IP pools with configuration sets.
\nThe email configuration type.
\nAmazon Cognito has specific regions for use with Amazon SES. For more information\n on the supported regions, see Email Settings for Amazon Cognito User Pools.
\nThe email configuration type.
\nAmazon Cognito has specific Regions for use with Amazon Simple Email Service. For more information on the supported Regions, see Email \n settings for Amazon Cognito user pools.
\nThis exception is thrown when there is a code mismatch and the service fails to\n configure the software token TOTP multi-factor authentication (MFA).
", + "smithy.api#documentation": "This exception is thrown when there is a code mismatch and the service fails to configure the software token TOTP multi-factor authentication (MFA).
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -6204,7 +6204,7 @@ "CompromisedCredentialsDetected": { "target": "com.amazonaws.cognitoidentityprovider#WrappedBooleanType", "traits": { - "smithy.api#documentation": "Indicates whether compromised credentials were detected during an authentication\n event.
" + "smithy.api#documentation": "Indicates whether compromised credentials were detected during an authentication event.
" } } }, @@ -6426,7 +6426,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Calling this API causes a message to be sent to the end user with a confirmation code\n that is required to change the user's password. For the Username parameter,\n you can use the username or user alias. The method used to send the confirmation code is\n sent according to the specified AccountRecoverySetting. For more information, see Recovering\n User Accounts in the Amazon Cognito Developer Guide. If\n neither a verified phone number nor a verified email exists, an\n InvalidParameterException is thrown. To use the confirmation code for\n resetting the password, call ConfirmForgotPassword.
This action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nCalling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password. For the \n Username parameter, you can use the username or user alias. The method used to send the confirmation code is sent according to the \n specified AccountRecoverySetting. For more information, \n see Recovering User Accounts \n in the Amazon Cognito Developer Guide. If neither a verified phone number nor a verified email exists, \n an InvalidParameterException is thrown. To use the confirmation code for resetting the password, \n call ConfirmForgotPassword.\n
This action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nA keyed-hash message authentication code (HMAC) calculated using the secret key of a\n user pool client and username plus the client ID in the message.
" + "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
" } }, "UserContextData": { "target": "com.amazonaws.cognitoidentityprovider#UserContextDataType", "traits": { - "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user for whom you want to enter a code to reset a forgotten\n password.
", + "smithy.api#documentation": "The user name of the user for whom you want to enter a code to reset a forgotten password.
", "smithy.api#required": {} } }, "AnalyticsMetadata": { "target": "com.amazonaws.cognitoidentityprovider#AnalyticsMetadataType", "traits": { - "smithy.api#documentation": "The Amazon Pinpoint analytics metadata for collecting metrics for\n ForgotPassword calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ForgotPassword calls.
A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the ForgotPassword API action, Amazon Cognito invokes any functions that\n are assigned to the following triggers: pre sign-up,\n custom message, and user migration. When\n Amazon Cognito invokes any of these functions, it passes a JSON payload, which the\n function receives as input. This payload contains a clientMetadata\n attribute, which provides the data that you assigned to the ClientMetadata parameter in\n your ForgotPassword request. In your function code in Lambda, you can process the\n clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the ForgotPassword API action, \n Amazon Cognito invokes any functions that are assigned to the following triggers: pre sign-up, custom message, \n and user migration. When Amazon Cognito invokes any of these functions, it passes a JSON \n payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned \n to the ClientMetadata parameter in your ForgotPassword request. In your function code in Lambda, you can process the \n clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows \n with Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe code delivery details returned by the server in response to the request to reset a\n password.
" + "smithy.api#documentation": "The code delivery details returned by the server in response to the request to reset a password.
" } } }, "traits": { - "smithy.api#documentation": "Respresents the response from the server regarding the request to reset a\n password.
" + "smithy.api#documentation": "Respresents the response from the server regarding the request to reset a password.
" } }, "com.amazonaws.cognitoidentityprovider#GenerateSecret": { @@ -6519,7 +6519,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets the header information for the .csv file to be used as input for the user import\n job.
" + "smithy.api#documentation": "Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#GetCSVHeaderRequest": { @@ -6534,7 +6534,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents the request to get the header information for the .csv file for the user\n import job.
" + "smithy.api#documentation": "Represents the request to get the header information of the CSV file for the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#GetCSVHeaderResponse": { @@ -6543,18 +6543,18 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool that the users are to be imported into.
" + "smithy.api#documentation": "The user pool ID for the user pool that the users are to be imported\n into.
" } }, "CSVHeader": { "target": "com.amazonaws.cognitoidentityprovider#ListOfStringTypes", "traits": { - "smithy.api#documentation": "The header information for the .csv file for the user import job.
" + "smithy.api#documentation": "The header information of the CSV file for the user import job.
" } } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to get the header information\n for the .csv file for the user import job.
" + "smithy.api#documentation": "Represents the response from the server to the request to get the header information of the CSV file for the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#GetDevice": { @@ -6788,7 +6788,7 @@ } }, "traits": { - "smithy.api#documentation": "Request to get a signing certificate from Cognito.
" + "smithy.api#documentation": "Request to get a signing certificate from Amazon Cognito.
" } }, "com.amazonaws.cognitoidentityprovider#GetSigningCertificateResponse": { @@ -6802,7 +6802,7 @@ } }, "traits": { - "smithy.api#documentation": "Response from Cognito for a signing certificate request.
" + "smithy.api#documentation": "Response from Amazon Cognito for a signing certificate request.
" } }, "com.amazonaws.cognitoidentityprovider#GetUICustomization": { @@ -6831,7 +6831,7 @@ } ], "traits": { - "smithy.api#documentation": "Gets the UI Customization information for a particular app client's app UI, if there\n is something set. If nothing is set for the particular client, but there is an existing\n pool level customization (app clientId will be ALL), then that\n is returned. If nothing is present, then an empty shape is returned.
Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client. If nothing is set for the particular client, \n but there is an existing pool level customization (the app clientId is ALL), then that information is returned. If nothing is present, then an empty shape is returned.
Gets the user attribute verification code for the specified attribute name.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nGets the user attribute verification code for the specified attribute name.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nThe access token returned by the server response to get the user attribute\n verification code.
", + "smithy.api#documentation": "The access token returned by the server response to get the user attribute verification code.
", "smithy.api#required": {} } }, "AttributeName": { "target": "com.amazonaws.cognitoidentityprovider#AttributeNameType", "traits": { - "smithy.api#documentation": "The attribute name returned by the server response to get the user attribute\n verification code.
", + "smithy.api#documentation": "The attribute name returned by the server response to get the user attribute verification code.
", "smithy.api#required": {} } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the GetUserAttributeVerificationCode API action, Amazon Cognito invokes the\n function that is assigned to the custom message trigger. When\n Amazon Cognito invokes this function, it passes a JSON payload, which the function\n receives as input. This payload contains a clientMetadata attribute, which\n provides the data that you assigned to the ClientMetadata parameter in your\n GetUserAttributeVerificationCode request. In your function code in Lambda, you can\n process the clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\n \nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the GetUserAttributeVerificationCode \n API action, Amazon Cognito invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it \n passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data \n that you assigned to the ClientMetadata parameter in your GetUserAttributeVerificationCode request. In your function code in Lambda, \n you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe code delivery details returned by the server in response to the request to get the\n user attribute verification code.
" + "smithy.api#documentation": "The code delivery details returned by the server in response to the request to get the user attribute verification code.
" } } }, "traits": { - "smithy.api#documentation": "The verification code response returned by the server response to get the user\n attribute verification code.
" + "smithy.api#documentation": "The verification code response returned by the server response to get the user attribute verification code.
" } }, "com.amazonaws.cognitoidentityprovider#GetUserPoolMfaConfig": { @@ -7069,7 +7069,7 @@ "MfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolMfaType", "traits": { - "smithy.api#documentation": "The multi-factor (MFA) configuration. Valid values include:
\n\n OFF MFA will not be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have\n an MFA factor enabled.
The multi-factor (MFA) configuration. Valid values include:
\n \n\n OFF MFA won't be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
The access token returned by the server response to get information about the\n user.
", + "smithy.api#documentation": "The access token returned by the server response to get information about the user.
", "smithy.api#required": {} } } @@ -7095,21 +7095,21 @@ "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user you wish to retrieve from the get user request.
", + "smithy.api#documentation": "The user name of the user you want to retrieve from the get user request.
", "smithy.api#required": {} } }, "UserAttributes": { "target": "com.amazonaws.cognitoidentityprovider#AttributeListType", "traits": { - "smithy.api#documentation": "An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
\n This response parameter is no longer supported. It provides\n information only about SMS MFA configurations. It doesn't provide information about TOTP\n software token MFA configurations. To look up information about either type of MFA\n configuration, use UserMFASettingList instead.
" + "smithy.api#documentation": "\n This response parameter is no longer supported. It provides information only about SMS MFA configurations. It doesn't provide information about time-based one-time \n password (TOTP) software token MFA configurations. To look up information about either type of MFA configuration, use UserMFASettingList instead.
" } }, "PreferredMfaSetting": { @@ -7121,12 +7121,12 @@ "UserMFASettingList": { "target": "com.amazonaws.cognitoidentityprovider#UserMFASettingListType", "traits": { - "smithy.api#documentation": "The MFA options that are enabled for the user. The possible values in this list are\n SMS_MFA and SOFTWARE_TOKEN_MFA.
The MFA options that are activated for the user. The possible values in this list are SMS_MFA and SOFTWARE_TOKEN_MFA.
Represents the response from the server from the request to get information about the\n user.
" + "smithy.api#documentation": "Represents the response from the server from the request to get information about the user.
" } }, "com.amazonaws.cognitoidentityprovider#GlobalSignOut": { @@ -7161,7 +7161,7 @@ } ], "traits": { - "smithy.api#documentation": "Signs out users from all devices. It also invalidates all refresh tokens issued to a\n user. The user's current access and Id tokens remain valid until their expiry. Access\n and Id tokens expire one hour after they are issued.
" + "smithy.api#documentation": "Signs out users from all devices. It also invalidates all refresh tokens issued to a user. The user's current access and ID tokens remain valid until their expiry. Access and Id tokens expire \n one hour after they're issued.
" } }, "com.amazonaws.cognitoidentityprovider#GlobalSignOutRequest": { @@ -7194,7 +7194,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters a group that already exists in\n the user pool.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters a group that already exists in the user pool.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7239,13 +7239,13 @@ "RoleArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The role ARN for the group.
" + "smithy.api#documentation": "The role Amazon Resource Name (ARN) for the group.
" } }, "Precedence": { "target": "com.amazonaws.cognitoidentityprovider#PrecedenceType", "traits": { - "smithy.api#documentation": "A nonnegative integer value that specifies the precedence of this group relative to\n the other groups that a user can belong to in the user pool. If a user belongs to two or\n more groups, it is the group with the highest precedence whose role ARN will be used in\n the cognito:roles and cognito:preferred_role claims in the\n user's tokens. Groups with higher Precedence values take precedence over\n groups with lower Precedence values or with null Precedence\n values.
Two groups can have the same Precedence value. If this happens, neither\n group takes precedence over the other. If two groups with the same\n Precedence have the same role ARN, that role is used in the\n cognito:preferred_role claim in tokens for users in each group. If the\n two groups have different role ARNs, the cognito:preferred_role claim is\n not set in users' tokens.
The default Precedence value is null.
A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in \n the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with \n higher ornull Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence \n value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two \n groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim \n in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in \n users' tokens.
The default Precedence value is null.
The header name
" + "smithy.api#documentation": "The header name.
" } }, "headerValue": { @@ -7331,13 +7331,13 @@ "ProviderDetails": { "target": "com.amazonaws.cognitoidentityprovider#ProviderDetailsType", "traits": { - "smithy.api#documentation": "The identity provider details. The following list describes the provider detail keys\n for each identity provider type.
\nFor Google and Login with Amazon:
\nclient_id
\nclient_secret
\nauthorize_scopes
\nFor Facebook:
\nclient_id
\nclient_secret
\nauthorize_scopes
\napi_version
\nFor Sign in with Apple:
\nclient_id
\nteam_id
\nkey_id
\nprivate_key
\nauthorize_scopes
\nFor OIDC providers:
\nclient_id
\nclient_secret
\nattributes_request_method
\noidc_issuer
\nauthorize_scopes
\nauthorize_url if not available from discovery URL specified\n by oidc_issuer key\n
\ntoken_url if not available from discovery URL specified by\n oidc_issuer key\n
\nattributes_url if not available from discovery URL specified\n by oidc_issuer key\n
\njwks_uri if not available from discovery URL specified by\n oidc_issuer key\n
\nFor SAML providers:
\nMetadataFile OR MetadataURL
\nIDPSignOut optional\n
\nThe identity provider details. The following list describes the provider detail keys for each identity provider type.
\nFor Google and Login with Amazon:
\nclient_id
\nclient_secret
\nauthorize_scopes
\nFor Facebook:
\nclient_id
\nclient_secret
\nauthorize_scopes
\napi_version
\nFor Sign in with Apple:
\nclient_id
\nteam_id
\nkey_id
\nprivate_key
\nauthorize_scopes
\nFor OIDC providers:
\nclient_id
\nclient_secret
\nattributes_request_method
\noidc_issuer
\nauthorize_scopes
\nauthorize_url if not available from discovery URL specified by oidc_issuer key\n
\ntoken_url if not available from discovery URL specified by oidc_issuer key\n
\nattributes_url if not available from discovery URL specified by oidc_issuer key\n
\njwks_uri if not available from discovery URL specified by oidc_issuer key\n
\nattributes_url_add_attributes a read-only property that is set automatically\n
\nFor SAML providers:
\nMetadataFile or MetadataURL
\nIDPSignOut optional\n
\nA mapping of identity provider attributes to standard and custom user pool\n attributes.
" + "smithy.api#documentation": "A mapping of identity provider attributes to standard and custom user pool attributes.
" } }, "IdpIdentifiers": { @@ -7476,7 +7476,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Initiates the authentication flow.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nInitiates the authentication flow.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nThe authentication flow for this call to execute. The API action will depend on this\n value. For example:
\n\n REFRESH_TOKEN_AUTH will take in a valid refresh token and return\n new tokens.
\n USER_SRP_AUTH will take in USERNAME and\n SRP_A and return the SRP variables to be used for next\n challenge execution.
\n USER_PASSWORD_AUTH will take in USERNAME and\n PASSWORD and return the next challenge or tokens.
Valid values include:
\n\n USER_SRP_AUTH: Authentication flow for the Secure Remote Password\n (SRP) protocol.
\n REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication\n flow for refreshing the access token and ID token by supplying a valid refresh\n token.
\n CUSTOM_AUTH: Custom authentication flow.
\n USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and\n PASSWORD are passed directly. If a user migration Lambda trigger is set, this\n flow will invoke the user migration Lambda if the USERNAME is not found in the\n user pool.
\n ADMIN_USER_PASSWORD_AUTH: Admin-based user password\n authentication. This replaces the ADMIN_NO_SRP_AUTH authentication\n flow. In this flow, Cognito receives the password in the request instead of\n using the SRP process to verify passwords.
\n ADMIN_NO_SRP_AUTH is not a valid value.
The authentication flow for this call to run. The API action will depend on this value. For example:
\n\n REFRESH_TOKEN_AUTH takes in a valid refresh token and returns new tokens.
\n USER_SRP_AUTH takes in USERNAME and SRP_A and returns the SRP variables to be used for next challenge execution.
\n USER_PASSWORD_AUTH takes in USERNAME and PASSWORD and returns the next challenge or tokens.
Valid values include:
\n \n\n USER_SRP_AUTH: Authentication flow for the Secure Remote Password (SRP) protocol.
\n REFRESH_TOKEN_AUTH/REFRESH_TOKEN: Authentication flow for refreshing the access token and ID token by supplying a valid refresh token.
\n CUSTOM_AUTH: Custom authentication flow.
\n USER_PASSWORD_AUTH: Non-SRP authentication flow; USERNAME and PASSWORD are passed directly. If a user migration Lambda trigger is set, this flow will invoke the user migration \n Lambda if it doesn't find the USERNAME in the user pool.
\n ADMIN_NO_SRP_AUTH isn't a valid value.
The authentication parameters. These are inputs corresponding to the\n AuthFlow that you are invoking. The required values depend on the value\n of AuthFlow:
For USER_SRP_AUTH: USERNAME (required),\n SRP_A (required), SECRET_HASH (required if the app\n client is configured with a client secret), DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN\n (required), SECRET_HASH (required if the app client is configured\n with a client secret), DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required),\n SECRET_HASH (if app client is configured with client secret),\n DEVICE_KEY. To start the authentication flow with password\n verification, include ChallengeName: SRP_A and SRP_A: (The\n SRP_A Value).
The authentication parameters. These are inputs corresponding to the AuthFlow that you're invoking. The required values depend on the value of AuthFlow:
For USER_SRP_AUTH: USERNAME (required), SRP_A (required), SECRET_HASH (required if the app client is configured with a client secret), \n DEVICE_KEY.
For REFRESH_TOKEN_AUTH/REFRESH_TOKEN: REFRESH_TOKEN (required), SECRET_HASH (required if the app client is configured with a client secret), \n DEVICE_KEY.
For CUSTOM_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), DEVICE_KEY. To start the \n authentication flow with password verification, include ChallengeName: SRP_A and SRP_A: (The SRP_A Value).
A map of custom key-value pairs that you can provide as input for certain custom\n workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda\n functions that are specified for various triggers. The ClientMetadata value is passed as\n input to the functions for only the following triggers:
\nPre signup
\nPre authentication
\nUser migration
\nWhen Amazon Cognito invokes the functions for these triggers, it passes a JSON\n payload, which the function receives as input. This payload contains a\n validationData attribute, which provides the data that you assigned to\n the ClientMetadata parameter in your InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow\n for your specific needs.
When you use the InitiateAuth API action, Amazon Cognito also invokes the functions\n for the following triggers, but it does not provide the ClientMetadata value as\n input:
\nPost authentication
\nCustom message
\nPre token generation
\nCreate auth challenge
\nDefine auth challenge
\nVerify auth challenge
\nFor more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for certain custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the InitiateAuth API action, Amazon Cognito invokes the Lambda functions that are specified for various \n triggers. The ClientMetadata value is passed as input to the functions for only the following triggers:
\nPre signup
\nPre authentication
\nUser migration
\nWhen Amazon Cognito invokes the functions for these triggers, it passes a JSON \n payload, which the function receives as input. This payload contains a validationData attribute, which provides the data that you assigned to the ClientMetadata parameter in your \n InitiateAuth request. In your function code in Lambda, you can process the validationData value to enhance your workflow for your specific needs.
When you use the InitiateAuth API action, Amazon Cognito also invokes the functions for the following triggers, but it doesn't provide the ClientMetadata value as input:
\nPost authentication
\nCustom message
\nPre token generation
\nCreate auth challenge
\nDefine auth challenge
\nVerify auth challenge
\nFor more information, see Customizing User Pool Workflows with \n Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration \n doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe Amazon Pinpoint analytics metadata for collecting metrics for\n InitiateAuth calls.
The Amazon Pinpoint analytics metadata for collecting metrics for InitiateAuth calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } } }, @@ -7532,25 +7532,25 @@ "ChallengeName": { "target": "com.amazonaws.cognitoidentityprovider#ChallengeNameType", "traits": { - "smithy.api#documentation": "The name of the challenge which you are responding to with this call. This is returned\n to you in the AdminInitiateAuth response if you need to pass another\n challenge.
Valid values include the following. Note that all of these challenges require\n USERNAME and SECRET_HASH (if applicable) in the\n parameters.
\n SMS_MFA: Next challenge is to supply an\n SMS_MFA_CODE, delivered via SMS.
\n PASSWORD_VERIFIER: Next challenge is to supply\n PASSWORD_CLAIM_SIGNATURE,\n PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after\n the client-side SRP calculations.
\n CUSTOM_CHALLENGE: This is returned if your custom authentication\n flow determines that the user should pass another challenge before tokens are\n issued.
\n DEVICE_SRP_AUTH: If device tracking was enabled on your user pool\n and the previous challenges were passed, this challenge is returned so that\n Amazon Cognito can start tracking this device.
\n DEVICE_PASSWORD_VERIFIER: Similar to\n PASSWORD_VERIFIER, but for devices only.
\n NEW_PASSWORD_REQUIRED: For users who are required to change their\n passwords after successful first login. This challenge should be passed with\n NEW_PASSWORD and any other required attributes.
\n MFA_SETUP: For users who are required to setup an MFA factor\n before they can sign-in. The MFA types enabled for the user pool will be listed\n in the challenge parameters MFA_CAN_SETUP value.
To setup software token MFA, use the session returned here from\n InitiateAuth as an input to\n AssociateSoftwareToken, and use the session returned by\n VerifySoftwareToken as an input to\n RespondToAuthChallenge with challenge name\n MFA_SETUP to complete sign-in. To setup SMS MFA, users will\n need help from an administrator to add a phone number to their account and then\n call InitiateAuth again to restart sign-in.
The name of the challenge that you're responding to with this call. This name is returned in the AdminInitiateAuth response if you must pass another challenge.
Valid values include the following. Note that all of these challenges require \n USERNAME and SECRET_HASH (if applicable) in the parameters.
\n SMS_MFA: Next challenge is to supply an SMS_MFA_CODE, delivered via SMS.
\n PASSWORD_VERIFIER: Next challenge is to supply PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, and TIMESTAMP after the \n client-side SRP calculations.
\n CUSTOM_CHALLENGE: This is returned if your custom authentication flow determines that the user should pass another challenge before tokens are issued.
\n DEVICE_SRP_AUTH: If device tracking was activated on your user pool and the previous challenges were passed, this challenge is returned so that Amazon Cognito can start tracking \n this device.
\n DEVICE_PASSWORD_VERIFIER: Similar to PASSWORD_VERIFIER, but for devices only.
\n NEW_PASSWORD_REQUIRED: For users who are required to change their passwords after successful first login. This challenge should be passed with NEW_PASSWORD \n and any other required attributes.
\n MFA_SETUP: For users who are required to setup an MFA factor before they can sign in. The MFA types activated for the user pool will be listed in the challenge parameters \n MFA_CAN_SETUP value.
To set up software token MFA, use the session returned here from InitiateAuth as an input to AssociateSoftwareToken. Use the session returned by \n VerifySoftwareToken as an input to RespondToAuthChallenge with challenge name MFA_SETUP to complete sign-in. To set up SMS MFA, an \n administrator should help the user to add a phone number to their account, and then the user should call InitiateAuth again to restart sign-in.
The session which should be passed both ways in challenge-response calls to the\n service. If the caller needs to go through another challenge, they return a session with\n other challenge parameters. This session should be passed as it is to the next\n RespondToAuthChallenge API call.
The session that should pass both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. This session \n should be passed as it is to the next RespondToAuthChallenge API call.
The challenge parameters. These are returned to you in the InitiateAuth\n response if you need to pass another challenge. The responses in this parameter should\n be used to compute inputs to the next call (RespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if\n applicable).
The challenge parameters. These are returned in the InitiateAuth response if you must pass another challenge. The responses in this parameter should be used to compute inputs to \n the next call (RespondToAuthChallenge).
All challenges require USERNAME and SECRET_HASH (if applicable).
The result of the authentication response. This is only returned if the caller does\n not need to pass another challenge. If the caller does need to pass another challenge\n before it gets tokens, ChallengeName, ChallengeParameters, and\n Session are returned.
The result of the authentication response. This result is only returned if the caller doesn't need to pass another challenge. If the caller does need to pass another challenge before it gets \n tokens, ChallengeName, ChallengeParameters, and Session are returned.
The message returned when you have an unverified email address or the identity policy\n is not set on an email address that Amazon Cognito can access.
" + "smithy.api#documentation": "The message returned when you have an unverified email address or the identity policy isn't set on an email address that Amazon Cognito can access.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when Amazon Cognito is not allowed to use your email\n identity. HTTP status code: 400.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito isn't allowed to use your email identity. HTTP status code: 400.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7598,12 +7598,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service throws an invalid Lambda\n response exception.
" + "smithy.api#documentation": "The message returned when Amazon Cognito hrows an invalid Lambda response exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters an invalid Lambda response.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters an invalid Lambda response.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7616,7 +7616,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the specified OAuth flow is invalid.
", + "smithy.api#documentation": "This exception is thrown when the specified OAuth flow is not valid.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7627,12 +7627,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service throws an invalid parameter\n exception.
" + "smithy.api#documentation": "The message returned when the Amazon Cognito service throws an invalid parameter exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters an invalid\n parameter.
", + "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters an invalid parameter.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7643,12 +7643,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service throws an invalid user password\n exception.
" + "smithy.api#documentation": "The message returned when Amazon Cognito throws an invalid user password exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters an invalid\n password.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters an invalid password.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7659,12 +7659,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message retuned when the invalid SMS role access policy exception is\n thrown.
" + "smithy.api#documentation": "The message returned when the invalid SMS role access policy exception is thrown.
" } } }, "traits": { - "smithy.api#documentation": "This exception is returned when the role provided for SMS configuration does not have\n permission to publish using Amazon SNS.
", + "smithy.api#documentation": "This exception is returned when the role provided for SMS configuration doesn't have permission to publish using Amazon SNS.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7675,12 +7675,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the role trust relationship for the SMS message is\n invalid.
" + "smithy.api#documentation": "The message returned when the role trust relationship for the SMS message is not valid.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the trust relationship is invalid for the role provided\n for SMS configuration. This can happen if you do not trust cognito-idp.amazonaws.com or the external ID provided in the role does\n not match what is provided in the SMS configuration for the user pool.
This exception is thrown when the trust relationship is not valid for the role provided for SMS configuration. This can happen if you don't trust cognito-idp.amazonaws.com or the \n external ID provided in the role does not match what is provided in the SMS configuration for the user pool.
The message returned when the user pool configuration is invalid.
" + "smithy.api#documentation": "The message returned when the user pool configuration is not valid.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the user pool configuration is invalid.
", + "smithy.api#documentation": "This exception is thrown when the user pool configuration is not valid.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7779,7 +7779,7 @@ "KMSKeyID": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The Amazon Resource Name of Key Management Service Customer master\n keys . Amazon Cognito uses the key to encrypt codes and temporary passwords\n sent to CustomEmailSender and CustomSMSSender.
The Amazon Resource Name (ARN) of an KMS key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to \n CustomEmailSender and CustomSMSSender.
This exception is thrown when a user exceeds the limit for a requested Amazon Web Services\n resource.
", + "smithy.api#documentation": "This exception is thrown when a user exceeds the limit for a requested Amazon Web Services resource.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -7945,7 +7945,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -7962,7 +7962,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -8172,7 +8172,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the tags that are assigned to an Amazon Cognito user pool.
\nA tag is a label that you can apply to user pools to categorize and manage them in\n different ways, such as by purpose, owner, environment, or other criteria.
\nYou can use this action up to 10 times per second, per account.
" + "smithy.api#documentation": "Lists the tags that are assigned to an Amazon Cognito user pool.
\nA tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, or other criteria.
\nYou can use this action up to 10 times per second, per account.
" } }, "com.amazonaws.cognitoidentityprovider#ListTagsForResourceRequest": { @@ -8247,7 +8247,7 @@ "PaginationToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKeyType", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to\n ListUserImportJobs, which can be used to return the next set of import\n jobs in the list.
An identifier that was returned from the previous call to ListUserImportJobs, which can be used to return the next set of import jobs in the list.
An identifier that can be used to return the next set of user import jobs in the\n list.
" + "smithy.api#documentation": "An identifier that can be used to return the next set of user import jobs in the list.
" } } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to list the user import\n jobs.
" + "smithy.api#documentation": "Represents the response from the server to the request to list the user import jobs.
" } }, "com.amazonaws.cognitoidentityprovider#ListUserPoolClients": { @@ -8323,13 +8323,13 @@ "MaxResults": { "target": "com.amazonaws.cognitoidentityprovider#QueryLimit", "traits": { - "smithy.api#documentation": "The maximum number of results you want the request to return when listing the user\n pool clients.
" + "smithy.api#documentation": "The maximum number of results you want the request to return when listing the user pool clients.
" } }, "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } }, @@ -8349,7 +8349,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } }, @@ -8380,7 +8380,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the user pools associated with an account.
", + "smithy.api#documentation": "Lists the user pools associated with an Amazon Web Services account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", @@ -8395,13 +8395,13 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKeyType", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } }, "MaxResults": { "target": "com.amazonaws.cognitoidentityprovider#PoolQueryLimitType", "traits": { - "smithy.api#documentation": "The maximum number of results you want the request to return when listing the user\n pools.
", + "smithy.api#documentation": "The maximum number of results you want the request to return when listing the user pools.
", "smithy.api#required": {} } } @@ -8422,7 +8422,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKeyType", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } }, @@ -8526,7 +8526,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -8543,7 +8543,7 @@ "NextToken": { "target": "com.amazonaws.cognitoidentityprovider#PaginationKey", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } } @@ -8561,7 +8561,7 @@ "AttributesToGet": { "target": "com.amazonaws.cognitoidentityprovider#SearchedAttributeNamesListType", "traits": { - "smithy.api#documentation": "An array of strings, where each string is the name of a user attribute to be returned\n for each user in the search results. If the array is null, all attributes are\n returned.
" + "smithy.api#documentation": "An array of strings, where each string is the name of a user attribute to be returned for each user in the search results. If the array is null, all attributes are returned.
" } }, "Limit": { @@ -8573,13 +8573,13 @@ "PaginationToken": { "target": "com.amazonaws.cognitoidentityprovider#SearchPaginationTokenType", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } }, "Filter": { "target": "com.amazonaws.cognitoidentityprovider#UserFilterType", "traits": { - "smithy.api#documentation": "A filter string of the form \"AttributeName\n Filter-Type \"AttributeValue\"\". Quotation marks\n within the filter string must be escaped using the backslash (\\) character. For example,\n \"family_name = \\\"Reddy\\\"\".
\n AttributeName: The name of the attribute to search for.\n You can only search for one attribute at a time.
\n\n Filter-Type: For an exact match, use =, for example,\n \"given_name = \\\"Jon\\\"\". For a prefix (\"starts with\") match, use\n ^=, for example, \"given_name ^= \\\"Jon\\\"\".
\n AttributeValue: The attribute value that must be matched\n for each user.
\nIf the filter string is empty, ListUsers returns all users in the user\n pool.
You can only search for the following standard attributes:
\n\n username (case-sensitive)
\n email\n
\n phone_number\n
\n name\n
\n given_name\n
\n family_name\n
\n preferred_username\n
\n cognito:user_status (called Status in the Console) (case-insensitive)
\n status (called Enabled in the Console)\n (case-sensitive)\n
\n sub\n
Custom attributes are not searchable.
\nFor more information, see Searching for Users Using the ListUsers API and Examples of Using the ListUsers API in the Amazon Cognito\n Developer Guide.
" + "smithy.api#documentation": "A filter string of the form \"AttributeName \n Filter-Type \"AttributeValue\"\". Quotation \n marks within the filter string must be escaped using the backslash (\\) character. For example, \"family_name = \\\"Reddy\\\"\".
\n AttributeName: The name of the attribute to search for. You can only search for one attribute at a time.
\n\n Filter-Type: For an exact match, use =, for example, \"given_name = \\\"Jon\\\"\". For a prefix (\"starts with\") match, use ^=, for example, \n \"given_name ^= \\\"Jon\\\"\".
\n AttributeValue: The attribute value that must be matched for each user.
\nIf the filter string is empty, ListUsers returns all users in the user pool.
You can only search for the following standard attributes:
\n\n username (case-sensitive)
\n email \n
\n phone_number \n
\n name \n
\n given_name \n
\n family_name \n
\n preferred_username \n
\n cognito:user_status (called Status in the Console) (case-insensitive)
\n status (called Enabled in the Console) (case-sensitive)\n
\n sub\n
Custom attributes aren't searchable.
\nYou can also list users with a client-side filter. The server-side filter matches no more than 1 attribute. For an advanced search, \n use a client-side filter with the --query parameter of the list-users action in the CLI. When you use a \n client-side filter, ListUsers returns a paginated list of zero or more users. You can receive multiple pages in a row with zero \n results. Repeat the query with each pagination token that is returned until you receive a null pagination token value, and then \n review the combined result.\n
For more information about server-side and client-side filtering, \n see FilteringCLI output \n in the Command Line Interface User Guide.\n
\nFor more information, \n see Searching for Users \n Using the ListUsers API \n and Examples of Using \n the ListUsers API in the Amazon Cognito Developer Guide.
" } } }, @@ -8599,7 +8599,7 @@ "PaginationToken": { "target": "com.amazonaws.cognitoidentityprovider#SearchPaginationTokenType", "traits": { - "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be\n used to return the next set of items in the list.
" + "smithy.api#documentation": "An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.
" } } }, @@ -8628,12 +8628,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when Amazon Cognito throws an MFA method not found\n exception.
" + "smithy.api#documentation": "The message returned when Amazon Cognito throws an MFA method not found exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when Amazon Cognito cannot find a multi-factor authentication\n (MFA) method.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito can't find a multi-factor authentication (MFA) method.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -8650,18 +8650,18 @@ "DeliveryMedium": { "target": "com.amazonaws.cognitoidentityprovider#DeliveryMediumType", "traits": { - "smithy.api#documentation": "The delivery medium to send the MFA code. You can use this parameter to set only the\n SMS delivery medium value.
The delivery medium to send the MFA code. You can use this parameter to set only the SMS delivery medium value.
The attribute name of the MFA option type. The only valid value is\n phone_number.
The attribute name of the MFA option type. The only valid value is phone_number.
\n This data type is no longer supported. You can use it only for\n SMS MFA configurations. You can't use it for TOTP software token MFA\n configurations.
" + "smithy.api#documentation": "\n This data type is no longer supported. You can use it \n only for SMS multi-factor authentication (MFA) configurations. You can't use it for time-based one-time password (TOTP) software token MFA configurations.
" } }, "com.amazonaws.cognitoidentityprovider#MessageActionType": { @@ -8691,13 +8691,13 @@ "EmailMessage": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationMessageType", "traits": { - "smithy.api#documentation": "The message template for email messages. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The message template for email messages. EmailMessage is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "EmailSubject": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationSubjectType", "traits": { - "smithy.api#documentation": "The subject line for email messages. EmailSubject is allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The subject line for email messages. EmailSubject is allowed only if \n EmailSendingAccount is DEVELOPER.
" } } }, @@ -8734,12 +8734,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a not authorized\n exception.
" + "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a not authorized exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a user is not authorized.
", + "smithy.api#documentation": "This exception is thrown when a user isn't authorized.
", "smithy.api#error": "client", "smithy.api#httpError": 403 } @@ -8750,7 +8750,7 @@ "From": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The email address that is sending the email. It must be either individually verified\n with Amazon SES, or from a domain that has been verified with Amazon SES.
" + "smithy.api#documentation": "The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
" } }, "ReplyTo": { @@ -8762,7 +8762,7 @@ "SourceArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) of the identity that is associated with the sending\n authorization policy. It permits Amazon Cognito to send for the email address specified\n in the From parameter.
The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the \n From parameter.
The MFA email template used when MFA is challenged as part of a detected risk.
" + "smithy.api#documentation": "The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
" } } }, @@ -8795,20 +8795,20 @@ "Subject": { "target": "com.amazonaws.cognitoidentityprovider#EmailNotificationSubjectType", "traits": { - "smithy.api#documentation": "The subject.
", + "smithy.api#documentation": "The email subject.
", "smithy.api#required": {} } }, "HtmlBody": { "target": "com.amazonaws.cognitoidentityprovider#EmailNotificationBodyType", "traits": { - "smithy.api#documentation": "The HTML body.
" + "smithy.api#documentation": "The email HTML body.
" } }, "TextBody": { "target": "com.amazonaws.cognitoidentityprovider#EmailNotificationBodyType", "traits": { - "smithy.api#documentation": "The text body.
" + "smithy.api#documentation": "The email text body.
" } } }, @@ -8833,7 +8833,7 @@ } }, "traits": { - "smithy.api#documentation": "The minimum and maximum value of an attribute that is of the number data type.
" + "smithy.api#documentation": "The minimum and maximum values of an attribute that is of the number data type.
" } }, "com.amazonaws.cognitoidentityprovider#OAuthFlowType": { @@ -8900,37 +8900,37 @@ "MinimumLength": { "target": "com.amazonaws.cognitoidentityprovider#PasswordPolicyMinLengthType", "traits": { - "smithy.api#documentation": "The minimum length of the password policy that you have set. Cannot be less than\n 6.
" + "smithy.api#documentation": "The minimum length of the password in the policy that you have set. This value can't be less than 6.
" } }, "RequireUppercase": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to\n use at least one uppercase letter in their password.
" + "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
" } }, "RequireLowercase": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to\n use at least one lowercase letter in their password.
" + "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
" } }, "RequireNumbers": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to\n use at least one number in their password.
" + "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
" } }, "RequireSymbols": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to\n use at least one symbol in their password.
" + "smithy.api#documentation": "In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
" } }, "TemporaryPasswordValidityDays": { "target": "com.amazonaws.cognitoidentityprovider#TemporaryPasswordValidityDaysType", "traits": { - "smithy.api#documentation": "In the password policy you have set, refers to the number of days a temporary password\n is valid. If the user does not sign-in during this time, their password will need to be\n reset by an administrator.
\nWhen you set TemporaryPasswordValidityDays for a user pool, you will\n no longer be able to set the deprecated UnusedAccountValidityDays value\n for that user pool.
The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password.
\nWhen you set TemporaryPasswordValidityDays for a user pool, you can no longer set the deprecated UnusedAccountValidityDays value for that user pool.
The name of the provider, for example, Facebook, Google, or Login with Amazon.
" + "smithy.api#documentation": "The name of the provider, such as Facebook, Google, or Login with Amazon.
" } }, "ProviderAttributeName": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The name of the provider attribute to link to, for example,\n NameID.
The name of the provider attribute to link to, such as NameID.
The value of the provider attribute to link to, for example,\n xxxxx_account.
The value of the provider attribute to link to, such as xxxxx_account.
A positive integer specifying priority of a method with 1 being the highest\n priority.
", + "smithy.api#documentation": "A positive integer specifying priority of a method with 1 being the highest priority.
", "smithy.api#required": {} } }, "Name": { "target": "com.amazonaws.cognitoidentityprovider#RecoveryOptionNameType", "traits": { - "smithy.api#documentation": "Specifies the recovery method for a user.
", + "smithy.api#documentation": "The recovery method for a user.
", "smithy.api#required": {} } } @@ -9276,7 +9276,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Resends the confirmation (for confirmation of registration) to a specific user in the\n user pool.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nResends the confirmation (for confirmation of registration) to a specific user in the user pool.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nA keyed-hash message authentication code (HMAC) calculated using the secret key of a\n user pool client and username plus the client ID in the message.
" + "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
" } }, "UserContextData": { "target": "com.amazonaws.cognitoidentityprovider#UserContextDataType", "traits": { - "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user to whom you wish to resend a confirmation code.
", + "smithy.api#documentation": "The username attribute of the user to whom you want to resend a confirmation code.
The Amazon Pinpoint analytics metadata for collecting metrics for\n ResendConfirmationCode calls.
The Amazon Pinpoint analytics metadata for collecting metrics for ResendConfirmationCode calls.
A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the ResendConfirmationCode API action, Amazon Cognito invokes the function\n that is assigned to the custom message trigger. When Amazon Cognito\n invokes this function, it passes a JSON payload, which the function receives as input.\n This payload contains a clientMetadata attribute, which provides the data\n that you assigned to the ClientMetadata parameter in your ResendConfirmationCode\n request. In your function code in Lambda, you can process the\n clientMetadata value to enhance your workflow for your specific\n needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the ResendConfirmationCode API action, Amazon Cognito \n invokes the function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a \n JSON \n payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned \n to the ClientMetadata parameter in your ResendConfirmationCode request. In your function code in Lambda, you can process the clientMetadata \n value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe code delivery details returned by the server in response to the request to resend\n the confirmation code.
" + "smithy.api#documentation": "The code delivery details returned by the server in response to the request to resend the confirmation code.
" } } }, "traits": { - "smithy.api#documentation": "The response from the server when the Amazon Cognito Your User Pools service makes the\n request to resend a confirmation code.
" + "smithy.api#documentation": "The response from the server when Amazon Cognito makes the request to resend a confirmation code.
" } }, "com.amazonaws.cognitoidentityprovider#ResourceNotFoundException": { @@ -9346,12 +9346,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a resource not found\n exception.
" + "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a resource not found exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service cannot find the requested\n resource.
", + "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service can't find the requested resource.
", "smithy.api#error": "client", "smithy.api#httpError": 404 } @@ -9539,7 +9539,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Responds to the authentication challenge.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nResponds to the authentication challenge.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nThe challenge name. For more information, see InitiateAuth.
\n\n ADMIN_NO_SRP_AUTH is not a valid value.
The challenge name. For more information, see InitiateAuth.
\n\n ADMIN_NO_SRP_AUTH isn't a valid value.
The session which should be passed both ways in challenge-response calls to the\n service. If InitiateAuth or RespondToAuthChallenge API call\n determines that the caller needs to go through another challenge, they return a session\n with other challenge parameters. This session should be passed as it is to the next\n RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If InitiateAuth or RespondToAuthChallenge API call determines \n that the caller must pass another challenge, they return a session with other challenge parameters. This session should be passed as it is to the next RespondToAuthChallenge \n API call.
The challenge responses. These are inputs corresponding to the value of\n ChallengeName, for example:
\n SECRET_HASH (if app client is configured with client secret) applies\n to all inputs below (including SOFTWARE_TOKEN_MFA).
\n SMS_MFA: SMS_MFA_CODE, USERNAME.
\n PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE,\n PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP,\n USERNAME.
\n NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other\n required attributes, USERNAME.
\n SOFTWARE_TOKEN_MFA: USERNAME and\n SOFTWARE_TOKEN_MFA_CODE are required attributes.
\n DEVICE_SRP_AUTH requires USERNAME,\n DEVICE_KEY, SRP_A (and\n SECRET_HASH).
\n DEVICE_PASSWORD_VERIFIER requires everything that\n PASSWORD_VERIFIER requires plus DEVICE_KEY.
\n MFA_SETUP requires USERNAME, plus you need to use\n the session value returned by VerifySoftwareToken in the\n Session parameter.
The challenge responses. These are inputs corresponding to the value of ChallengeName, for example:
\n SECRET_HASH (if app client is configured with client secret) applies to all of the inputs that follow (including SOFTWARE_TOKEN_MFA).
\n SMS_MFA: SMS_MFA_CODE, USERNAME.
\n PASSWORD_VERIFIER: PASSWORD_CLAIM_SIGNATURE, PASSWORD_CLAIM_SECRET_BLOCK, TIMESTAMP, USERNAME.
\n PASSWORD_VERIFIER requires DEVICE_KEY when signing in with a remembered device.
\n NEW_PASSWORD_REQUIRED: NEW_PASSWORD, any other required attributes, USERNAME.
\n SOFTWARE_TOKEN_MFA: USERNAME and SOFTWARE_TOKEN_MFA_CODE are required attributes.
\n DEVICE_SRP_AUTH requires USERNAME, DEVICE_KEY, SRP_A (and SECRET_HASH).
\n DEVICE_PASSWORD_VERIFIER requires everything that PASSWORD_VERIFIER requires, plus DEVICE_KEY.
\n MFA_SETUP requires USERNAME, plus you must use the session value returned by VerifySoftwareToken in the Session parameter.
The Amazon Pinpoint analytics metadata for collecting metrics for\n RespondToAuthChallenge calls.
The Amazon Pinpoint analytics metadata for collecting metrics for RespondToAuthChallenge calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the RespondToAuthChallenge API action, Amazon Cognito invokes any functions\n that are assigned to the following triggers: post authentication,\n pre token generation, define auth\n challenge, create auth challenge, and\n verify auth challenge. When Amazon Cognito invokes any of these\n functions, it passes a JSON payload, which the function receives as input. This payload\n contains a clientMetadata attribute, which provides the data that you\n assigned to the ClientMetadata parameter in your RespondToAuthChallenge request. In your\n function code in Lambda, you can process the clientMetadata value to\n enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the RespondToAuthChallenge API action, Amazon Cognito \n invokes any functions that are assigned to the following triggers: post authentication, pre token generation, \n define auth challenge, create auth challenge, and verify auth challenge. When Amazon Cognito \n invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata \n attribute, which provides the data that you assigned to the ClientMetadata parameter in your RespondToAuthChallenge request. In your function code in \n Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs.
For more information, see Customizing \n User Pool Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration \n doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe session which should be passed both ways in challenge-response calls to the\n service. If the caller needs to go through another challenge, they return a session with\n other challenge parameters. This session should be passed as it is to the next\n RespondToAuthChallenge API call.
The session that should be passed both ways in challenge-response calls to the service. If the caller must pass another challenge, they return a session with other challenge parameters. \n This session should be passed as it is to the next RespondToAuthChallenge API call.
The result returned by the server in response to the request to respond to the\n authentication challenge.
" + "smithy.api#documentation": "The result returned by the server in response to the request to respond to the authentication challenge.
" } } }, @@ -9656,7 +9656,7 @@ } ], "traits": { - "smithy.api#documentation": "Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can not \n use the revoked token to access Cognito authenticated APIs.
" + "smithy.api#documentation": "Revokes all of the access tokens generated by the specified refresh token. After the token is revoked, you can't use the revoked token to access Amazon Cognito authenticated APIs.
" } }, "com.amazonaws.cognitoidentityprovider#RevokeTokenRequest": { @@ -9665,7 +9665,7 @@ "Token": { "target": "com.amazonaws.cognitoidentityprovider#TokenModelType", "traits": { - "smithy.api#documentation": "The token that you want to revoke.
", + "smithy.api#documentation": "The refresh token that you want to revoke.
", "smithy.api#required": {} } }, @@ -9706,13 +9706,13 @@ "CompromisedCredentialsRiskConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#CompromisedCredentialsRiskConfigurationType", "traits": { - "smithy.api#documentation": "The compromised credentials risk configuration object including the\n EventFilter and the EventAction\n
The compromised credentials risk configuration object, including the EventFilter and the EventAction.
The account takeover risk configuration object including the\n NotifyConfiguration object and Actions to take in the case\n of an account takeover.
The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
Overrides the risk decision to always block the pre-authentication requests. The IP\n range is in CIDR notation: a compact representation of an IP address and its associated\n routing prefix.
" + "smithy.api#documentation": "Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
" } }, "SkippedIPRangeList": { "target": "com.amazonaws.cognitoidentityprovider#SkippedIPRangeListType", "traits": { - "smithy.api#documentation": "Risk detection is not performed on the IP addresses in the range list. The IP range is\n in CIDR notation.
" + "smithy.api#documentation": "Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
" } } }, @@ -9816,7 +9816,7 @@ "Enabled": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "Specifies whether SMS text message MFA is enabled. If an MFA type is enabled for a\n user, the user will be prompted for MFA during all sign in attempts, unless device\n tracking is turned on and the device has been trusted.
" + "smithy.api#documentation": "Specifies whether SMS text message MFA is activated. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is \n turned on and the device has been trusted.
" } }, "PreferredMfa": { @@ -9827,7 +9827,7 @@ } }, "traits": { - "smithy.api#documentation": "The type used for enabling SMS MFA at the user level. Phone numbers don't need to be\n verified to be used for SMS MFA. If an MFA type is enabled for a user, the user will be\n prompted for MFA during all sign in attempts, unless device tracking is turned on and\n the device has been trusted. If you would like MFA to be applied selectively based on\n the assessed risk level of sign in attempts, disable MFA for users and turn on Adaptive\n Authentication for the user pool.
" + "smithy.api#documentation": "The type used for enabling SMS multi-factor authentication (MFA) at the user level. Phone numbers don't need to be verified to be used for SMS MFA. If an MFA type \n is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned on and the device has been trusted. If you \n would like MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive Authentication for the user pool.
" } }, "com.amazonaws.cognitoidentityprovider#SchemaAttributeType": { @@ -9849,21 +9849,21 @@ "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { "smithy.api#box": {}, - "smithy.api#documentation": "We recommend that you use WriteAttributes in the user pool client to control how attributes can\n be mutated for new use cases instead of using\n DeveloperOnlyAttribute.
Specifies whether the attribute type is developer only. This attribute can only be\n modified by an administrator. Users will not be able to modify this attribute using\n their access token. For example, DeveloperOnlyAttribute can be modified\n using AdminUpdateUserAttributes but cannot be updated using UpdateUserAttributes.
You should use WriteAttributes \n in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute.
Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access \n token. For example, DeveloperOnlyAttribute can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes.
Specifies whether the value of the attribute can be changed.
\nFor any user pool attribute that's mapped to an identity provider attribute, you must\n set this parameter to true. Amazon Cognito updates mapped attributes when\n users sign in to your application through an identity provider. If an attribute is\n immutable, Amazon Cognito throws an error when it attempts to update the attribute. For\n more information, see Specifying Identity Provider Attribute Mappings for Your User\n Pool.
Specifies whether the value of the attribute can be changed.
\nFor any user pool attribute that is mapped to an identity provider attribute, you must set this parameter to true. Amazon Cognito updates mapped attributes when users \n sign in to your application through an identity provider. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, \n see Specifying Identity Provider Attribute Mappings for \n Your User Pool.
Specifies whether a user pool attribute is required. If the attribute is required and\n the user does not provide a value, registration or sign-in will fail.
" + "smithy.api#documentation": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.
" } }, "NumberAttributeConstraints": { @@ -9903,7 +9903,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the specified scope does not exist.
", + "smithy.api#documentation": "This exception is thrown when the specified scope doesn't exist.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -10010,7 +10010,7 @@ } ], "traits": { - "smithy.api#documentation": "Configures actions on detected risks. To delete the risk configuration for\n UserPoolId or ClientId, pass null values for all four\n configuration types.
To enable Amazon Cognito advanced security features, update the user pool to include\n the UserPoolAddOns keyAdvancedSecurityMode.
Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.
To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.
The app client ID. If ClientId is null, then the risk configuration is\n mapped to userPoolId. When the client ID is null, the same risk\n configuration is applied to all the clients in the userPool.
Otherwise, ClientId is mapped to the client. When the client ID is not\n null, the user pool configuration is overridden and the risk configuration for the\n client is used instead.
The app client ID. If ClientId is null, then the risk configuration is mapped to userPoolId. When the client ID is null, the same risk configuration is applied \n to all the clients in the userPool.
Otherwise, ClientId is mapped to the client. When the client ID isn't null, the user pool configuration is overridden and the risk configuration for the client is used instead.
Sets the UI customization information for a user pool's built-in app UI.
\nYou can specify app UI customization settings for a single client (with a specific\n clientId) or for all clients (by setting the clientId to\n ALL). If you specify ALL, the default configuration will\n be used for every client that has no UI customization set previously. If you specify UI\n customization settings for a particular client, it will no longer fall back to the\n ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise,\n there is no place to host the app's pages, and the service will throw an\n error.
\nSets the user interface (UI) customization information for a user pool's built-in app UI.
\nYou can specify app UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId \n to ALL). If you specify ALL, the default configuration is used for every client that has no previously set UI customization. If you specify UI \n customization settings for a particular client, it will no longer return to the ALL configuration.
To use this API, your user pool must have a domain associated with it. Otherwise, there is no place to host the app's pages, and the service will throw an error.
\nSet the user's multi-factor authentication (MFA) method preference, including which\n MFA factors are enabled and if any are preferred. Only one factor can be set as\n preferred. The preferred MFA factor will be used to authenticate a user if multiple\n factors are enabled. If multiple options are enabled and no preference is set, a\n challenge to choose an MFA option will be returned during sign in. If an MFA type is\n enabled for a user, the user will be prompted for MFA during all sign in attempts,\n unless device tracking is turned on and the device has been trusted. If you would like\n MFA to be applied selectively based on the assessed risk level of sign in attempts,\n disable MFA for users and turn on Adaptive Authentication for the user pool.
" + "smithy.api#documentation": "Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred. \n Only one factor can be set as preferred. The preferred MFA factor will be used to authenticate a user if multiple factors are activated. \n If multiple options are activated and no preference is set, a challenge to choose an MFA option will be returned during sign-in. If an \n MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts unless device tracking is turned on and \n the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate \n MFA for users and turn on Adaptive Authentication for the user pool.
" } }, "com.amazonaws.cognitoidentityprovider#SetUserMFAPreferenceRequest": { @@ -10227,7 +10227,7 @@ } ], "traits": { - "smithy.api#documentation": "Set the user pool multi-factor authentication (MFA) configuration.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nSets the user pool multi-factor authentication (MFA) configuration.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nThe MFA configuration. Users who don't have an MFA factor set up won't be able to\n sign-in if you set the MfaConfiguration value to ‘ON’. See Adding Multi-Factor\n Authentication (MFA) to a User Pool to learn more. Valid values\n include:
\n\n OFF MFA will not be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have\n an MFA factor enabled.
The MFA configuration. If you set the MfaConfiguration value to ‘ON’, only users with an MFA factor set up can sign in. To learn more, \n see Adding Multi-Factor Authentication (MFA) to a User Pool. Valid values include:
\n \n\n OFF MFA won't be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have an MFA factor activated.
The MFA configuration. Valid values include:
\n\n OFF MFA will not be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have\n an MFA factor enabled.
The MFA configuration. Valid values include:
\n \n\n OFF MFA won't be used for any users.
\n ON MFA is required for all users to sign in.
\n OPTIONAL MFA will be required only for individual users who have an MFA factor enabled.
\n This action is no longer supported. You can use it to configure\n only SMS MFA. You can't use it to configure TOTP software token MFA. To configure either\n type of MFA, use SetUserMFAPreference instead.
", + "smithy.api#documentation": "\n This action is no longer supported. You can use it to configure only SMS MFA. You can't use it to configure time-based one-time password (TOTP) software token MFA. \n To configure either type of MFA, use SetUserMFAPreference instead.
", "smithy.api#optionalAuth": {} } }, @@ -10333,7 +10333,7 @@ "MFAOptions": { "target": "com.amazonaws.cognitoidentityprovider#MFAOptionListType", "traits": { - "smithy.api#documentation": "You can use this parameter only to set an SMS configuration that uses SMS for\n delivery.
", + "smithy.api#documentation": "You can use this parameter only to set an SMS configuration that uses SMS for delivery.
", "smithy.api#required": {} } } @@ -10403,7 +10403,7 @@ ], "traits": { "smithy.api#auth": [], - "smithy.api#documentation": "Registers the user in the specified user pool and creates a user name, password, and\n user attributes.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nRegisters the user in the specified user pool and creates a user name, password, and user attributes.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nA keyed-hash message authentication code (HMAC) calculated using the secret key of a\n user pool client and username plus the client ID in the message.
" + "smithy.api#documentation": "A keyed-hash message authentication code (HMAC) calculated using the secret key of a user pool client and username plus the client ID in the message.
" } }, "Username": { "target": "com.amazonaws.cognitoidentityprovider#UsernameType", "traits": { - "smithy.api#documentation": "The user name of the user you wish to register.
", + "smithy.api#documentation": "The user name of the user you want to register.
", "smithy.api#required": {} } }, "Password": { "target": "com.amazonaws.cognitoidentityprovider#PasswordType", "traits": { - "smithy.api#documentation": "The password of the user you wish to register.
", + "smithy.api#documentation": "The password of the user you want to register.
", "smithy.api#required": {} } }, "UserAttributes": { "target": "com.amazonaws.cognitoidentityprovider#AttributeListType", "traits": { - "smithy.api#documentation": "An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
The Amazon Pinpoint analytics metadata for collecting metrics for SignUp\n calls.
The Amazon Pinpoint analytics metadata for collecting metrics for SignUp calls.
Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "ClientMetadata": { "target": "com.amazonaws.cognitoidentityprovider#ClientMetadataType", "traits": { - "smithy.api#documentation": "A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the SignUp API action, Amazon Cognito invokes any functions that are\n assigned to the following triggers: pre sign-up, custom\n message, and post confirmation. When Amazon Cognito\n invokes any of these functions, it passes a JSON payload, which the function receives as\n input. This payload contains a clientMetadata attribute, which provides the\n data that you assigned to the ClientMetadata parameter in your SignUp request. In your\n function code in Lambda, you can process the clientMetadata value to\n enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the SignUp API action, Amazon Cognito \n invokes any functions that are assigned to the following triggers: pre sign-up, custom message, \n and post confirmation. When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function \n receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the \n ClientMetadata parameter in your SignUp request. In your function code in Lambda, you can process the clientMetadata \n value to enhance your workflow for your specific needs.
For more information, \n see Customizing User Pool Workflows with Lambda Triggers \n in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nA response from the server indicating that a user registration has been\n confirmed.
", + "smithy.api#documentation": "A response from the server indicating that a user registration has been confirmed.
", "smithy.api#required": {} } }, "CodeDeliveryDetails": { "target": "com.amazonaws.cognitoidentityprovider#CodeDeliveryDetailsType", "traits": { - "smithy.api#documentation": "The code delivery details returned by the server response to the user registration\n request.
" + "smithy.api#documentation": "The code delivery details returned by the server response to the user registration request.
" } }, "UserSub": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The UUID of the authenticated user. This is not the same as\n username.
The UUID of the authenticated user. This isn't the same as username.
The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) caller.\n This is the ARN of the IAM role in your account which Cognito will use to send SMS\n messages. SMS messages are subject to a spending limit.
", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your Amazon Web Services account that Amazon Cognito will use to send SMS messages. SMS messages are \n subject to a spending limit.
", "smithy.api#required": {} } }, "ExternalId": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The external ID is a value that we recommend you use to add security to your IAM role\n which is used to call Amazon SNS to send SMS messages for your user pool. If you provide\n an ExternalId, the Cognito User Pool will include it when attempting to\n assume your IAM role, so that you can set your roles trust policy to require the\n ExternalID. If you use the Cognito Management Console to create a role\n for SMS MFA, Cognito will create a role with the required permissions and a trust policy\n that demonstrates use of the ExternalId.
For more information about the ExternalId of a role, see How to use an\n external ID when granting access to your Amazon Web Services resources to a third\n party\n
The external ID is a value that you should use to add security to your IAM role that is used to call Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, \n the Amazon Cognito User Pool will include it when attempting to assume your IAM role so that you can set your roles trust policy to require the ExternalID. If you use the Amazon Cognito Management \n Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito will create a role with the required permissions and a trust policy that demonstrates use of the ExternalId.
For more information about the ExternalId of a role, \n see How to use an external ID when granting access to your Amazon Web Services resources to a \n third party\n
The SMS configuration type that includes the settings the Cognito User Pool needs to\n call for the Amazon SNS service to send an SMS message from your account. The\n Cognito User Pool makes the request to the Amazon SNS Service by using an IAM role\n that you provide for your account.
" + "smithy.api#documentation": "The SMS configuration type that includes the settings the Amazon Cognito User Pool must call for the Amazon Simple Notification Service service to send an SMS message from your Amazon Web Services account. The \n Amazon Cognito User Pool makes the request to the Amazon SNS Service by using an Identity and Access Management role that you provide for your Amazon Web Services account.
" } }, "com.amazonaws.cognitoidentityprovider#SmsMfaConfigType": { @@ -10539,7 +10539,7 @@ "SmsAuthenticationMessage": { "target": "com.amazonaws.cognitoidentityprovider#SmsVerificationMessageType", "traits": { - "smithy.api#documentation": "The SMS authentication message that will be sent to users with the code they need to\n sign in. The message must contain the ‘{####}’ placeholder, which will be replaced with\n the code. If the message is not included, and default message will be used.
" + "smithy.api#documentation": "The SMS authentication message that will be sent to users with the code they must sign in. The message must contain the ‘{####}’ placeholder, which is replaced with the code. \n If the message isn't included, and default message will be used.
" } }, "SmsConfiguration": { @@ -10571,7 +10571,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the software token TOTP multi-factor authentication\n (MFA) is not enabled for the user pool.
", + "smithy.api#documentation": "This exception is thrown when the software token time-based one-time password (TOTP) multi-factor authentication (MFA) isn't activated for the user pool.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -10592,7 +10592,7 @@ "Enabled": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "Specifies whether software token MFA is enabled.
" + "smithy.api#documentation": "Specifies whether software token MFA is activated.
" } } }, @@ -10606,7 +10606,7 @@ "Enabled": { "target": "com.amazonaws.cognitoidentityprovider#BooleanType", "traits": { - "smithy.api#documentation": "Specifies whether software token MFA is enabled. If an MFA type is enabled for a user,\n the user will be prompted for MFA during all sign in attempts, unless device tracking is\n turned on and the device has been trusted.
" + "smithy.api#documentation": "Specifies whether software token MFA is activated. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking is turned \n on and the device has been trusted.
" } }, "PreferredMfa": { @@ -10617,7 +10617,7 @@ } }, "traits": { - "smithy.api#documentation": "The type used for enabling software token MFA at the user level. If an MFA type is\n enabled for a user, the user will be prompted for MFA during all sign in attempts,\n unless device tracking is turned on and the device has been trusted. If you would like\n MFA to be applied selectively based on the assessed risk level of sign in attempts,\n disable MFA for users and turn on Adaptive Authentication for the user pool.
" + "smithy.api#documentation": "The type used for enabling software token MFA at the user level. If an MFA type is activated for a user, the user will be prompted for MFA during all sign-in attempts, unless device tracking \n is turned on and the device has been trusted. If you want MFA to be applied selectively based on the assessed risk level of sign-in attempts, deactivate MFA for users and turn on Adaptive \n Authentication for the user pool.
" } }, "com.amazonaws.cognitoidentityprovider#StartUserImportJob": { @@ -10685,7 +10685,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to start the user import\n job.
" + "smithy.api#documentation": "Represents the response from the server to the request to start the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#StatusType": { @@ -10741,7 +10741,7 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool that the users are being imported into.
", + "smithy.api#documentation": "The user pool ID for the user pool that the users are being imported\n into.
", "smithy.api#required": {} } }, @@ -10768,7 +10768,7 @@ } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to stop the user import\n job.
" + "smithy.api#documentation": "Represents the response from the server to the request to stop the user import job.
" } }, "com.amazonaws.cognitoidentityprovider#StringAttributeConstraintsType": { @@ -10835,7 +10835,7 @@ } ], "traits": { - "smithy.api#documentation": "Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can\n use to categorize and manage user pools in different ways, such as by purpose, owner,\n environment, or other criteria.
\nEach tag consists of a key and value, both of which you define. A key is a general\n category for more specific values. For example, if you have two versions of a user pool,\n one for testing and another for production, you might assign an Environment\n tag key to both user pools. The value of this key might be Test for one\n user pool and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so\n that they appear on the Billing and Cost Management console, where you can track the\n costs associated with your user pools. In an IAM policy, you can constrain permissions\n for user pools based on specific tags or tag values.
\nYou can use this action up to 5 times per second, per account. A user pool can have as\n many as 50 tags.
" + "smithy.api#documentation": "Assigns a set of tags to an Amazon Cognito user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
\nEach tag consists of a key and value, both of which you define. A key is a general category for more specific values. For example, if you have two versions of a user pool, \n one for testing and another for production, you might assign an Environment tag key to both user pools. The value of this key might be Test for \n one user pool, and Production for the other.
Tags are useful for cost tracking and access control. You can activate your tags so that they appear on the Billing and Cost Management console, where you can track the costs associated with \n your user pools. In an Identity and Access Management policy, you can constrain permissions for user pools based on specific tags or tag values.
\nYou can use this action up to 5 times per second, per account. A user pool can have as many as 50 tags.
" } }, "com.amazonaws.cognitoidentityprovider#TagResourceRequest": { @@ -10915,24 +10915,24 @@ "AccessToken": { "target": "com.amazonaws.cognitoidentityprovider#TimeUnitsType", "traits": { - "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours” or “days” for the value in\n AccessTokenValidity, defaults to hours.
" + "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in AccessTokenValidity, defaulting to hours.
" } }, "IdToken": { "target": "com.amazonaws.cognitoidentityprovider#TimeUnitsType", "traits": { - "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours” or “days” for the value in\n IdTokenValidity, defaults to hours.
" + "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in IdTokenValidity, defaulting to hours.
" } }, "RefreshToken": { "target": "com.amazonaws.cognitoidentityprovider#TimeUnitsType", "traits": { - "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours” or “days” for the value in\n RefreshTokenValidity, defaults to days.
" + "smithy.api#documentation": "A time unit in “seconds”, “minutes”, “hours”, or “days” for the value in RefreshTokenValidity, defaulting to days.
" } } }, "traits": { - "smithy.api#documentation": "The data type for TokenValidityUnits that specifics the time measurements for token\n validity.
" + "smithy.api#documentation": "The data type for TokenValidityUnits that specifics the time measurements for token validity.
" } }, "com.amazonaws.cognitoidentityprovider#TooManyFailedAttemptsException": { @@ -10941,12 +10941,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a too many failed\n attempts exception.
" + "smithy.api#documentation": "The message returned when Amazon Cognito returns a TooManyFailedAttempts exception.
This exception is thrown when the user has made too many failed attempts for a given\n action (e.g., sign in).
", + "smithy.api#documentation": "This exception is thrown when the user has made too many failed attempts for a given action, such as sign-in.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -10957,12 +10957,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a too many requests\n exception.
" + "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a too many requests exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the user has made too many requests for a given\n operation.
", + "smithy.api#documentation": "This exception is thrown when the user has made too many requests for a given operation.
", "smithy.api#error": "client", "smithy.api#httpError": 429 } @@ -11014,7 +11014,7 @@ } }, "traits": { - "smithy.api#documentation": "A container for the UI customization information for a user pool's built-in app\n UI.
" + "smithy.api#documentation": "A container for the UI customization information for a user pool's built-in app UI.
" } }, "com.amazonaws.cognitoidentityprovider#UnauthorizedException": { @@ -11025,7 +11025,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the request is not authorized. This can happen due to an invalid access token in the request.
", + "smithy.api#documentation": "Exception that is thrown when the request isn't authorized. This can happen due to an invalid access token in the request.
", "smithy.api#error": "client", "smithy.api#httpError": 401 } @@ -11036,12 +11036,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns an unexpected Lambda\n exception.
" + "smithy.api#documentation": "The message returned when Amazon Cognito returns an unexpected Lambda exception.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters an unexpected\n exception with the Lambda service.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters an unexpected exception with Lambda.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -11054,7 +11054,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the specified identifier is not supported.
", + "smithy.api#documentation": "This exception is thrown when the specified identifier isn't supported.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -11067,7 +11067,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when you attempt to perform an operation that is not enabled for the user pool client.
", + "smithy.api#documentation": "Exception that is thrown when you attempt to perform an operation that isn't enabled for the user pool client.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -11080,7 +11080,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when an unsupported token is passed to an operation.
", + "smithy.api#documentation": "Exception that is thrown when an unsupported token is passed to an operation.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -11096,7 +11096,7 @@ } }, "traits": { - "smithy.api#documentation": "The request failed because the user is in an unsupported state.
", + "smithy.api#documentation": "The request failed because the user is in an unsupported\n state.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -11127,7 +11127,7 @@ } ], "traits": { - "smithy.api#documentation": "Removes the specified tags from an Amazon Cognito user pool. You can use this action\n up to 5 times per second, per account
" + "smithy.api#documentation": "Removes the specified tags from an Amazon Cognito user pool. You can use this action up to 5 times per second, per account.
" } }, "com.amazonaws.cognitoidentityprovider#UntagResourceRequest": { @@ -11185,7 +11185,7 @@ } ], "traits": { - "smithy.api#documentation": "Provides the feedback for an authentication event whether it was from a valid user or\n not. This feedback is used for improving the risk evaluation decision for the user pool\n as part of Amazon Cognito advanced security.
" + "smithy.api#documentation": "Provides the feedback for an authentication event, whether it was from a valid user or not. This feedback is used for improving the risk evaluation decision for the user pool as part \n of Amazon Cognito advanced security.
" } }, "com.amazonaws.cognitoidentityprovider#UpdateAuthEventFeedbackRequest": { @@ -11363,13 +11363,13 @@ "RoleArn": { "target": "com.amazonaws.cognitoidentityprovider#ArnType", "traits": { - "smithy.api#documentation": "The new role ARN for the group. This is used for setting the\n cognito:roles and cognito:preferred_role claims in the\n token.
The new role Amazon Resource Name (ARN) for the group. This is used for setting the cognito:roles and cognito:preferred_role claims in the token.
The new precedence value for the group. For more information about this parameter, see\n CreateGroup.
" + "smithy.api#documentation": "The new precedence value for the group. For more information about this parameter, \n see CreateGroup.
" } } } @@ -11437,7 +11437,7 @@ "ProviderDetails": { "target": "com.amazonaws.cognitoidentityprovider#ProviderDetailsType", "traits": { - "smithy.api#documentation": "The identity provider details to be updated, such as MetadataURL and\n MetadataFile.
The identity provider details to be updated, such as MetadataURL and MetadataFile.
Updates the name and scopes of resource server. All other fields are read-only.
\nIf you don't provide a value for an attribute, it will be set to the default\n value.
\nUpdates the name and scopes of resource server. All other fields are read-only.
\nIf you don't provide a value for an attribute, it is set to the default value.
\nAllows a user to update a specific attribute (one at a time).
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nAllows a user to update a specific attribute (one at a time).
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nAn array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the\n attribute name.
An array of name-value pairs representing user attributes.
\nFor custom attributes, you must prepend the custom: prefix to the attribute name.
A map of custom key-value pairs that you can provide as input for any custom workflows\n that this action triggers.
\nYou create custom workflows by assigning Lambda functions to user pool triggers.\n When you use the UpdateUserAttributes API action, Amazon Cognito invokes the function\n that is assigned to the custom message trigger. When Amazon Cognito\n invokes this function, it passes a JSON payload, which the function receives as input.\n This payload contains a clientMetadata attribute, which provides the data\n that you assigned to the ClientMetadata parameter in your UpdateUserAttributes request.\n In your function code in Lambda, you can process the clientMetadata\n value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool Workflows with Lambda Triggers in the\n Amazon Cognito Developer Guide.
\nTake the following limitations into consideration when you use the ClientMetadata\n parameter:
\nAmazon Cognito does not store the ClientMetadata value. This data is\n available only to Lambda triggers that are assigned to a user pool to\n support custom workflows. If your user pool configuration does not include\n triggers, the ClientMetadata parameter serves no purpose.
\nAmazon Cognito does not validate the ClientMetadata value.
\nAmazon Cognito does not encrypt the the ClientMetadata value, so don't use\n it to provide sensitive information.
\nA map of custom key-value pairs that you can provide as input for any custom workflows that this action initiates.
\nYou create custom workflows by assigning Lambda functions to user pool triggers. When you use the UpdateUserAttributes API action, Amazon Cognito invokes the \n function that is assigned to the custom message trigger. When Amazon Cognito invokes this function, it passes a \n JSON \n payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you \n assigned to the ClientMetadata parameter in your UpdateUserAttributes request. In your function code in Lambda, you can process the clientMetadata \n value to enhance your workflow for your specific needs.
For more information, see Customizing User Pool \n Workflows with Lambda Triggers in the Amazon Cognito Developer Guide.
\n \nWhen you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:
\nStore the ClientMetadata value. This data is available only to Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool \n configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.
\nValidate the ClientMetadata value.
\nEncrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.
\nThe code delivery details list from the server for the request to update user\n attributes.
" + "smithy.api#documentation": "The code delivery details list from the server for the request to update user attributes.
" } } }, "traits": { - "smithy.api#documentation": "Represents the response from the server for the request to update user\n attributes.
" + "smithy.api#documentation": "Represents the response from the server for the request to update user attributes.
" } }, "com.amazonaws.cognitoidentityprovider#UpdateUserPool": { @@ -11695,7 +11695,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the specified user pool with the specified attributes. You can get a list of\n the current user pool settings using DescribeUserPool. If you don't provide a value for an attribute, it will be set to the default\n value.
\n \nThis action might generate an SMS text message. Starting June 1, 2021, U.S. \n telecom carriers require that you register an origination phone number before you can \n send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, \n you must register a phone number with Amazon Pinpoint. \n Cognito will use the the registered number automatically. Otherwise, Cognito users that must\n receive SMS messages might be unable to sign up, activate their accounts, or sign\n in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon SNS might place your account in SMS sandbox. In \n sandbox\n mode\n , you’ll have limitations, such as sending messages\n to only verified phone numbers. After testing in the sandbox environment, you can\n move out of the SMS sandbox and into production. For more information, see SMS message settings for Cognito User Pools in the Amazon\n Cognito Developer Guide.
\nUpdates the specified user pool with the specified attributes. You can get a list of the current user pool settings using \n DescribeUserPool. \n If you don't provide a value for an attribute, it will be set to the default value.
\n \n \nThis action might generate an SMS text message. Starting June 1, 2021, US telecom carriers require you to register an \n origination phone number before you can send SMS messages to U.S. phone numbers. If you use SMS text messages in Amazon Cognito, you must \n register a phone number with Amazon Pinpoint. Amazon Cognito will use the registered number \n automatically. Otherwise, Amazon Cognito users that must receive SMS messages might be unable to sign up, activate their accounts, \n or sign in.
\nIf you have never used SMS text messages with Amazon Cognito or any other Amazon Web Service, Amazon Simple Notification Service \n might place your account in SMS sandbox. In \n \n sandbox mode\n , you will have \n limitations, such as sending messages only to verified phone numbers. After testing in the sandbox environment, you can move \n out of the SMS sandbox and into production. For more information, see \n SMS \n message settings for Amazon Cognito User Pools in the Amazon Cognito Developer Guide.
\nUpdates the specified user pool app client with the specified attributes. You can get\n a list of the current user pool app client settings using DescribeUserPoolClient.
\nIf you don't provide a value for an attribute, it will be set to the default\n value.
\nYou can also use this operation to enable token revocation for user pool clients. For more information\n about revoking tokens, see RevokeToken.
" + "smithy.api#documentation": "Updates the specified user pool app client with the specified attributes. You can get a list of the current user pool app client settings using \n DescribeUserPoolClient.
\nIf you don't provide a value for an attribute, it will be set to the default value.
\nYou can also use this operation to enable token revocation for user pool clients. For more information about revoking tokens, \n see RevokeToken.
" } }, "com.amazonaws.cognitoidentityprovider#UpdateUserPoolClientRequest": { @@ -11742,7 +11742,7 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool where you want to update the user pool\n client.
", + "smithy.api#documentation": "The user pool ID for the user pool where you want to update the user pool client.
", "smithy.api#required": {} } }, @@ -11762,25 +11762,25 @@ "RefreshTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#RefreshTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and cannot\n be used.
" + "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and can't be used.
" } }, "AccessTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#AccessTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, after which the access token is no longer valid and cannot be\n used.
" + "smithy.api#documentation": "The time limit after which the access token is no longer valid and can't be used.
" } }, "IdTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#IdTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, after which the ID token is no longer valid and cannot be used.
" + "smithy.api#documentation": "The time limit after which the ID token is no longer valid and can't be used.
" } }, "TokenValidityUnits": { "target": "com.amazonaws.cognitoidentityprovider#TokenValidityUnitsType", "traits": { - "smithy.api#documentation": "The units in which the validity times are represented in. Default for RefreshToken is\n days, and default for ID and access tokens are hours.
" + "smithy.api#documentation": "The units in which the validity times are represented. Default for RefreshToken is days, and default for ID and access tokens is hours.
" } }, "ReadAttributes": { @@ -11798,19 +11798,19 @@ "ExplicitAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#ExplicitAuthFlowsListType", "traits": { - "smithy.api#documentation": "The authentication flows that are supported by the user pool clients. Flow names\n without the ALLOW_ prefix are deprecated in favor of new names with the\n ALLOW_ prefix. Note that values with ALLOW_ prefix cannot\n be used along with values without ALLOW_ prefix.
Valid values include:
\n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password\n authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces\n the ADMIN_NO_SRP_AUTH setting. With this authentication flow,\n Cognito receives the password in the request instead of using the SRP (Secure\n Remote Password protocol) protocol to verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based\n authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based\n authentication. In this flow, Cognito receives the password in the request\n instead of using the SRP protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh\n tokens.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the \n ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values with the ALLOW_ prefix.
Valid values include:
\n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the \n ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to \n verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP \n protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this\n client.
" + "smithy.api#documentation": "A list of provider names for the identity providers that are supported on this client.
" } }, "CallbackURLs": { "target": "com.amazonaws.cognitoidentityprovider#CallbackURLsListType", "traits": { - "smithy.api#documentation": "A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
\nApp callback URLs such as myapp://example are also supported.
The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
App callback URLs such as myapp://example are also supported.
The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an\n authorization code as the response. This code can be exchanged for access tokens with\n the token endpoint.
Set to implicit to specify that the client should get the access token\n (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the\n access token (and, optionally, ID token, based on scopes) from the token endpoint using\n a combination of client and client_secret.
The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination \n of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,\n email, openid, and profile. Possible values\n provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created\n in Resource Servers are also supported.
The allowed OAuth scopes. Possible values provided by OAuth are: phone, \n email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created \n in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting\n with Cognito user pools.
" + "smithy.api#documentation": "Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
" } }, "AnalyticsConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#AnalyticsConfigurationType", "traits": { - "smithy.api#documentation": "The Amazon Pinpoint analytics configuration for collecting metrics for this user\n pool.
\nIn regions where Pinpoint is not available, Cognito User Pools only supports\n sending events to Amazon Pinpoint projects in us-east-1. In regions where Pinpoint\n is available, Cognito User Pools will support sending events to Amazon Pinpoint\n projects within that same region.
\nThe Amazon Pinpoint analytics configuration for collecting metrics for this user pool.
\nIn Amazon Web Services Regions where isn't available, User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In Regions where Pinpoint is available, User Pools will support \n sending events to Amazon Pinpoint projects within that same Region.
\nUse this setting to choose which errors and responses are returned by Cognito APIs\n during authentication, account confirmation, and password recovery when the user does\n not exist in the user pool. When set to ENABLED and the user does not\n exist, authentication returns an error indicating either the username or password was\n incorrect, and account confirmation and password recovery return a response indicating a\n code was sent to a simulated destination. When set to LEGACY, those APIs\n will return a UserNotFoundException exception if the user does not exist in\n the user pool.
Valid values include:
\n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This represents the old behavior of Cognito where user\n existence related errors are not prevented.
After February 15th 2020, the value of PreventUserExistenceErrors\n will default to ENABLED for newly created user pool clients if no value\n is provided.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist in the \n user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password was incorrect. \n Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs \n return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
\n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This represents the early \n behavior of Amazon Cognito where user existence related errors aren't prevented.
Enables or disables token revocation. For more information\n about revoking tokens, see RevokeToken.
" + "smithy.api#documentation": "Activates or deactivates token revocation. For more information about revoking tokens, \n see RevokeToken.
" } } }, @@ -11872,12 +11872,12 @@ "UserPoolClient": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolClientType", "traits": { - "smithy.api#documentation": "The user pool client value from the response from the server when an update user pool\n client request is made.
" + "smithy.api#documentation": "The user pool client value from the response from the server when you request to update the user pool client.
" } } }, "traits": { - "smithy.api#documentation": "Represents the response from the server to the request to update the user pool\n client.
" + "smithy.api#documentation": "Represents the response from the server to the request to update the user pool client.
" } }, "com.amazonaws.cognitoidentityprovider#UpdateUserPoolDomain": { @@ -11906,7 +11906,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user\n pool.
\nYou can use this operation to provide the Amazon Resource Name (ARN) of a new\n certificate to Amazon Cognito. You cannot use it to change the domain for a user\n pool.
\nA custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up\n and sign-in pages for your application. When you set up a custom domain, you provide a\n certificate that you manage with Certificate Manager (ACM). When necessary, you can\n use this operation to change the certificate that you applied to your custom\n domain.
\nUsually, this is unnecessary following routine certificate renewal with ACM. When you\n renew your existing certificate in ACM, the ARN for your certificate remains the same,\n and your custom domain uses the new certificate automatically.
\nHowever, if you replace your existing certificate with a new one, ACM gives the new\n certificate a new ARN. To apply the new certificate to your custom domain, you must\n provide this ARN to Amazon Cognito.
\nWhen you add your new certificate in ACM, you must choose US East (N. Virginia) as the\n Region.
\nAfter you submit your request, Amazon Cognito requires up to 1 hour to distribute your\n new certificate to your custom domain.
\nFor more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
" + "smithy.api#documentation": "Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool.
\nYou can use this operation to provide the Amazon Resource Name (ARN) of a new certificate to Amazon Cognito. You can't use it to change the domain for a user pool.
\nA custom domain is used to host the Amazon Cognito hosted UI, which provides sign-up and sign-in pages for your application. When you set up a custom domain, you provide a certificate that you \n manage with Certificate Manager (ACM). When necessary, you can use this operation to change the certificate that you applied to your custom domain.
\nUsually, this is unnecessary following routine certificate renewal with ACM. When you renew your existing certificate in ACM, the ARN for your certificate remains the same, \n and your custom domain uses the new certificate automatically.
\nHowever, if you replace your existing certificate with a new one, ACM gives the new certificate a new ARN. To apply the new certificate to your custom domain, you must provide \n this ARN to Amazon Cognito.
\nWhen you add your new certificate in ACM, you must choose US East (N. Virginia) as the Amazon Web Services Region.
\nAfter you submit your request, Amazon Cognito requires up to 1 hour to distribute your new certificate to your custom domain.
\nFor more information about adding a custom domain to your user pool, \n see Using Your Own Domain for the Hosted UI.
" } }, "com.amazonaws.cognitoidentityprovider#UpdateUserPoolDomainRequest": { @@ -11915,21 +11915,21 @@ "Domain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The domain name for the custom domain that hosts the sign-up and sign-in pages for\n your application. For example: auth.example.com.
This string can include only lowercase letters, numbers, and hyphens. Do not use a\n hyphen for the first or last character. Use periods to separate subdomain names.
", + "smithy.api#documentation": "The domain name for the custom domain that hosts the sign-up and sign-in pages for your application. One example might be auth.example.com.
This string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names.
", "smithy.api#required": {} } }, "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The ID of the user pool that is associated with the custom domain that you are\n updating the certificate for.
", + "smithy.api#documentation": "The ID of the user pool that is associated with the custom domain whose certificate you're updating.
", "smithy.api#required": {} } }, "CustomDomainConfig": { "target": "com.amazonaws.cognitoidentityprovider#CustomDomainConfigType", "traits": { - "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in pages for\n your application. Use this object to specify an SSL certificate that is managed by\n ACM.
", + "smithy.api#documentation": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.
", "smithy.api#required": {} } } @@ -11944,7 +11944,7 @@ "CloudFrontDomain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "The Amazon CloudFront endpoint that Amazon Cognito set up when you added the custom\n domain to your user pool.
" + "smithy.api#documentation": "The Amazon CloudFront endpoint that Amazon Cognito set up when you added the custom domain to your user pool.
" } } }, @@ -11965,19 +11965,19 @@ "Policies": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolPolicyType", "traits": { - "smithy.api#documentation": "A container with the policies you wish to update in a user pool.
" + "smithy.api#documentation": "A container with the policies you want to update in a user pool.
" } }, "LambdaConfig": { "target": "com.amazonaws.cognitoidentityprovider#LambdaConfigType", "traits": { - "smithy.api#documentation": "The Lambda configuration information from the request to update the user\n pool.
" + "smithy.api#documentation": "The Lambda configuration information from the request to update the user pool.
" } }, "AutoVerifiedAttributes": { "target": "com.amazonaws.cognitoidentityprovider#VerifiedAttributesListType", "traits": { - "smithy.api#documentation": "The attributes that are automatically verified when the Amazon Cognito service makes a\n request to update user pools.
" + "smithy.api#documentation": "The attributes that are automatically verified when Amazon Cognito requests to update user pools.
" } }, "SmsVerificationMessage": { @@ -12013,7 +12013,7 @@ "MfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolMfaType", "traits": { - "smithy.api#documentation": "Can be one of the following values:
\n\n OFF - MFA tokens are not required and cannot be specified during\n user registration.
\n ON - MFA tokens are required for all user registrations. You can\n only specify ON when you are initially creating a user pool. You can use the\n SetUserPoolMfaConfig API operation to turn MFA \"ON\" for existing\n user pools.
\n OPTIONAL - Users have the option when registering to create an MFA\n token.
Can be one of the following values:
\n \n \n OFF - MFA tokens aren't required and can't be specified during user registration.
\n ON - MFA tokens are required for all user registrations. You can only specify ON when you're initially creating a user pool. You can \n use the SetUserPoolMfaConfig API operation \n to turn MFA \"ON\" for existing user pools.
\n OPTIONAL - Users have the option when registering to create an MFA token.
The tag keys and values to assign to the user pool. A tag is a label that you can use\n to categorize and manage user pools in different ways, such as by purpose, owner,\n environment, or other criteria.
" + "smithy.api#documentation": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, \n or other criteria.
" } }, "AdminCreateUserConfig": { @@ -12049,13 +12049,13 @@ "UserPoolAddOns": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolAddOnsType", "traits": { - "smithy.api#documentation": "Used to enable advanced security risk detection. Set the key\n AdvancedSecurityMode to the value \"AUDIT\".
Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value \"AUDIT\".
Use this setting to define which verified available method a user can use to recover\n their password when they call ForgotPassword. It allows you to define a\n preferred method when a user has more than one method available. With this setting, SMS\n does not qualify for a valid password recovery mechanism if the user also has SMS MFA\n enabled. In the absence of this setting, Cognito uses the legacy behavior to determine\n the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a \n preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user \n also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method \n where SMS is preferred through email.
Represents the response from the server when you make a request to update the user\n pool.
" + "smithy.api#documentation": "Represents the response from the server when you make a request to update the user pool.
" } }, "com.amazonaws.cognitoidentityprovider#UserContextDataType": { @@ -12076,12 +12076,12 @@ "EncodedData": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } } }, "traits": { - "smithy.api#documentation": "Contextual data such as the user's device fingerprint, IP address, or location used\n for evaluating the risk of an unexpected event by Amazon Cognito advanced\n security.
" + "smithy.api#documentation": "Contextual data, such as the user's device fingerprint, IP address, or location, used for evaluating the risk of an unexpected event by Amazon Cognito advanced security.
" } }, "com.amazonaws.cognitoidentityprovider#UserFilterType": { @@ -12104,7 +12104,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when you are trying to modify a user pool while a user import\n job is in progress for that pool.
", + "smithy.api#documentation": "This exception is thrown when you're trying to modify a user pool while a user import job is in progress for that pool.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -12186,7 +12186,7 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool that the users are being imported into.
" + "smithy.api#documentation": "The user pool ID for the user pool that the users are being imported\n into.
" } }, "PreSignedUrl": { @@ -12216,13 +12216,13 @@ "Status": { "target": "com.amazonaws.cognitoidentityprovider#UserImportJobStatusType", "traits": { - "smithy.api#documentation": "The status of the user import job. One of the following:
\n\n Created - The job was created but not started.
\n Pending - A transition state. You have started the job, but it\n has not begun importing users yet.
\n InProgress - The job has started, and users are being\n imported.
\n Stopping - You have stopped the job, but the job has not stopped\n importing users yet.
\n Stopped - You have stopped the job, and the job has stopped\n importing users.
\n Succeeded - The job has completed successfully.
\n Failed - The job has stopped due to an error.
\n Expired - You created a job, but did not start the job within\n 24-48 hours. All data associated with the job was deleted, and the job cannot be\n started.
The status of the user import job. One of the following:
\n \n\n Created - The job was created but not started.
\n Pending - A transition state. You have started the job, but it has not begun importing users yet.
\n InProgress - The job has started, and users are being imported.
\n Stopping - You have stopped the job, but the job has not stopped importing users yet.
\n Stopped - You have stopped the job, and the job has stopped importing users.
\n Succeeded - The job has completed successfully.
\n Failed - The job has stopped due to an error.
\n Expired - You created a job, but did not start the job within 24-48 hours. All data associated with the job was deleted, and the job can't be started.
The role ARN for the Amazon CloudWatch Logging role for the user import job. For more\n information, see \"Creating the CloudWatch Logs IAM Role\" in the Amazon Cognito Developer\n Guide.
" + "smithy.api#documentation": "The role Amazon Resource Name (ARN) for the Amazon CloudWatch Logging role for the user import job. For more information, see \"Creating the CloudWatch Logs IAM Role\" in the Amazon Cognito Developer Guide.
" } }, "ImportedUsers": { @@ -12240,7 +12240,7 @@ "FailedUsers": { "target": "com.amazonaws.cognitoidentityprovider#LongType", "traits": { - "smithy.api#documentation": "The number of users that could not be imported.
" + "smithy.api#documentation": "The number of users that couldn't be imported.
" } }, "CompletionMessage": { @@ -12272,12 +12272,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a user validation\n exception with the Lambda service.
" + "smithy.api#documentation": "The message returned when the Amazon Cognito service returns a user validation exception with the Lambda service.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters a user validation\n exception with the Lambda service.
", + "smithy.api#documentation": "This exception is thrown when the Amazon Cognito service encounters a user validation exception with the Lambda service.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -12294,12 +12294,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when a user is not confirmed successfully.
" + "smithy.api#documentation": "The message returned when a user isn't confirmed successfully.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a user is not confirmed successfully.
", + "smithy.api#documentation": "This exception is thrown when a user isn't confirmed successfully.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -12310,12 +12310,12 @@ "message": { "target": "com.amazonaws.cognitoidentityprovider#MessageType", "traits": { - "smithy.api#documentation": "The message returned when a user is not found.
" + "smithy.api#documentation": "The message returned when a user isn't found.
" } } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a user is not found.
", + "smithy.api#documentation": "This exception is thrown when a user isn't found.
", "smithy.api#error": "client", "smithy.api#httpError": 404 } @@ -12328,7 +12328,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when user pool add-ons are not enabled.
", + "smithy.api#documentation": "This exception is thrown when user pool add-ons aren't enabled.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -12360,7 +12360,7 @@ "UserPoolId": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolIdType", "traits": { - "smithy.api#documentation": "The user pool ID for the user pool where you want to describe the user pool\n client.
" + "smithy.api#documentation": "The user pool ID for the user pool where you want to describe the user pool client.
" } }, "ClientName": { @@ -12422,25 +12422,25 @@ "RefreshTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#RefreshTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and cannot\n be used.
" + "smithy.api#documentation": "The time limit, in days, after which the refresh token is no longer valid and can't be used.
" } }, "AccessTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#AccessTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, specified by tokenValidityUnits, defaulting to hours, after which the\n access token is no longer valid and cannot be used.
" + "smithy.api#documentation": "The time limit, specified by tokenValidityUnits, defaulting to hours, after which the access token is no longer valid and can't be used.
" } }, "IdTokenValidity": { "target": "com.amazonaws.cognitoidentityprovider#IdTokenValidityType", "traits": { - "smithy.api#documentation": "The time limit, specified by tokenValidityUnits, defaulting to hours, after which the\n refresh token is no longer valid and cannot be used.
" + "smithy.api#documentation": "The time limit specified by tokenValidityUnits, defaulting to hours, after which the refresh token is no longer valid and can't be used.
" } }, "TokenValidityUnits": { "target": "com.amazonaws.cognitoidentityprovider#TokenValidityUnitsType", "traits": { - "smithy.api#documentation": "The time units used to specify the token validity times of their respective\n token.
" + "smithy.api#documentation": "The time units used to specify the token validity times of their respective token.
" } }, "ReadAttributes": { @@ -12458,19 +12458,19 @@ "ExplicitAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#ExplicitAuthFlowsListType", "traits": { - "smithy.api#documentation": "The authentication flows that are supported by the user pool clients. Flow names\n without the ALLOW_ prefix are deprecated in favor of new names with the\n ALLOW_ prefix. Note that values with ALLOW_ prefix cannot\n be used along with values without ALLOW_ prefix.
Valid values include:
\n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password\n authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces\n the ADMIN_NO_SRP_AUTH setting. With this authentication flow,\n Cognito receives the password in the request instead of using the SRP (Secure\n Remote Password protocol) protocol to verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based\n authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based\n authentication. In this flow, Cognito receives the password in the request\n instead of using the SRP protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh\n tokens.
The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are no longer supported in favor of new names with the \n ALLOW_ prefix. Note that values with ALLOW_ prefix must be used only along with values including the ALLOW_ prefix.
Valid values include:
\n \n\n ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the \n ADMIN_NO_SRP_AUTH setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to \n verify passwords.
\n ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication.
\n ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP \n protocol to verify passwords.
\n ALLOW_USER_SRP_AUTH: Enable SRP-based authentication.
\n ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens.
A list of provider names for the identity providers that are supported on this\n client.
" + "smithy.api#documentation": "A list of provider names for the identity providers that are supported on this client.
" } }, "CallbackURLs": { "target": "com.amazonaws.cognitoidentityprovider#CallbackURLsListType", "traits": { - "smithy.api#documentation": "A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "A list of allowed redirect (callback) URLs for the identity providers.
\nA redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
\nApp callback URLs such as myapp://example are also supported.
" } }, "LogoutURLs": { @@ -12482,44 +12482,44 @@ "DefaultRedirectURI": { "target": "com.amazonaws.cognitoidentityprovider#RedirectUrlType", "traits": { - "smithy.api#documentation": "The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a fragment component.
\nSee OAuth 2.0 -\n Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing\n purposes only.
\nApp callback URLs such as myapp://example are also supported.
" + "smithy.api#documentation": "The default redirect URI. Must be in the CallbackURLs list.
A redirect URI must:
\nBe an absolute URI.
\nBe registered with the authorization server.
\nNot include a \n fragment component.
\nSee OAuth 2.0 - Redirection Endpoint.
\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
\nApp callback URLs such as myapp://example are also supported.
" } }, "AllowedOAuthFlows": { "target": "com.amazonaws.cognitoidentityprovider#OAuthFlowsType", "traits": { - "smithy.api#documentation": "The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an\n authorization code as the response. This code can be exchanged for access tokens with\n the token endpoint.
Set to implicit to specify that the client should get the access token\n (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the\n access token (and, optionally, ID token, based on scopes) from the token endpoint using\n a combination of client and client_secret.
The allowed OAuth flows.
\nSet to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
Set to implicit to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
Set to client_credentials to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination \n of client and client_secret.
The allowed OAuth scopes. Possible values provided by OAuth are: phone,\n email, openid, and profile. Possible values\n provided by Amazon Web Services are: aws.cognito.signin.user.admin. Custom scopes created\n in Resource Servers are also supported.
The allowed OAuth scopes. Possible values provided by OAuth are: \n phone, email, openid, and profile. Possible values provided by Amazon Web Services are: aws.cognito.signin.user.admin. \n Custom scopes created in Resource Servers are also supported.
Set to true if the client is allowed to follow the OAuth protocol when interacting\n with Cognito user pools.
" + "smithy.api#documentation": "Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
" } }, "AnalyticsConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#AnalyticsConfigurationType", "traits": { - "smithy.api#documentation": "The Amazon Pinpoint analytics configuration for the user pool client.
\nCognito User Pools only supports sending events to Amazon Pinpoint projects in the\n US East (N. Virginia) us-east-1 Region, regardless of the region in which the user\n pool resides.
\nThe Amazon Pinpoint analytics configuration for the user pool client.
\nAmazon Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia) us-east-1 Region, regardless of the Region in which the user pool resides.
\nUse this setting to choose which errors and responses are returned by Cognito APIs\n during authentication, account confirmation, and password recovery when the user does\n not exist in the user pool. When set to ENABLED and the user does not\n exist, authentication returns an error indicating either the username or password was\n incorrect, and account confirmation and password recovery return a response indicating a\n code was sent to a simulated destination. When set to LEGACY, those APIs\n will return a UserNotFoundException exception if the user does not exist in\n the user pool.
Valid values include:
\n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This represents the old behavior of Cognito where user\n existence related errors are not prevented.
After February 15th 2020, the value of PreventUserExistenceErrors\n will default to ENABLED for newly created user pool clients if no value\n is provided.
Errors and responses that you want Amazon Cognito APIs to return during authentication, account confirmation, and password recovery when the user doesn't exist \n in the user pool. When set to ENABLED and the user doesn't exist, authentication returns an error indicating either the username or password \n was incorrect. Account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to \n LEGACY, those APIs return a UserNotFoundException exception if the user doesn't exist in the user pool.
Valid values include:
\n \n\n ENABLED - This prevents user existence-related errors.
\n LEGACY - This \n represents the old behavior of Cognito where user existence related errors aren't prevented.
Indicates whether token revocation is enabled for the user pool client. When you \n create a new user pool client, token revocation is enabled by default. For more information\n about revoking tokens, see RevokeToken.
" + "smithy.api#documentation": "Indicates whether token revocation is activated for the user pool client. When you create a new user pool client, token revocation is activated by default. For more information about \n revoking tokens, see RevokeToken.
" } } }, @@ -12638,7 +12638,7 @@ } }, "traits": { - "smithy.api#documentation": "This exception is thrown when a user pool tag cannot be set or updated.
", + "smithy.api#documentation": "This exception is thrown when a user pool tag can't be set or updated.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -12712,19 +12712,19 @@ "AutoVerifiedAttributes": { "target": "com.amazonaws.cognitoidentityprovider#VerifiedAttributesListType", "traits": { - "smithy.api#documentation": "Specifies the attributes that are auto-verified in a user pool.
" + "smithy.api#documentation": "The attributes that are auto-verified in a user pool.
" } }, "AliasAttributes": { "target": "com.amazonaws.cognitoidentityprovider#AliasAttributesListType", "traits": { - "smithy.api#documentation": "Specifies the attributes that are aliased in a user pool.
" + "smithy.api#documentation": "The attributes that are aliased in a user pool.
" } }, "UsernameAttributes": { "target": "com.amazonaws.cognitoidentityprovider#UsernameAttributesListType", "traits": { - "smithy.api#documentation": "Specifies whether email addresses or phone numbers can be specified as usernames when\n a user signs up.
" + "smithy.api#documentation": "Specifies whether a user can use an email address or phone number as a username when they sign up.
" } }, "SmsVerificationMessage": { @@ -12760,7 +12760,7 @@ "MfaConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#UserPoolMfaType", "traits": { - "smithy.api#documentation": "Can be one of the following values:
\n\n OFF - MFA tokens are not required and cannot be specified during\n user registration.
\n ON - MFA tokens are required for all user registrations. You can\n only specify required when you are initially creating a user pool.
\n OPTIONAL - Users have the option when registering to create an MFA\n token.
Can be one of the following values:
\n \n \n OFF - MFA tokens aren't required and can't be specified during user registration.
\n ON - MFA tokens are required for all user registrations. You can only specify required when you're initially creating a user pool.
\n OPTIONAL - Users have the option when registering to create an MFA token.
The tags that are assigned to the user pool. A tag is a label that you can apply to\n user pools to categorize and manage them in different ways, such as by purpose, owner,\n environment, or other criteria.
" + "smithy.api#documentation": "The tags that are assigned to the user pool. A tag is a label that you can apply to user pools to categorize and manage them in different ways, such as by purpose, owner, environment, \n or other criteria.
" } }, "SmsConfigurationFailure": { "target": "com.amazonaws.cognitoidentityprovider#StringType", "traits": { - "smithy.api#documentation": "The reason why the SMS configuration cannot send the messages to your users.
\nThis message might include comma-separated values to describe why your SMS configuration\n can't send messages to user pool end users.
\n \nInvalidSmsRoleAccessPolicyException - The IAM role which Cognito uses to send\n SMS messages is not properly configured. For more information, see SmsConfigurationType.
\nSNSSandbox - The account is in SNS Sandbox and messages won’t reach\n unverified end users. This parameter won’t get populated\n with SNSSandbox if the IAM user creating the user pool doesn’t have SNS permissions.\n To learn how to move your account out of the sandbox, see Moving out of the SMS sandbox.
\nThe reason why the SMS configuration can't send the messages to your users.
\nThis message might include comma-separated values to describe why your SMS configuration can't send messages to user pool end users.
\n \n \nInvalidSmsRoleAccessPolicyException - The Identity and Access Management role that Amazon Cognito uses to send SMS messages isn't properly configured. For more information, \n see SmsConfigurationType.
\nSNSSandbox - \n The Amazon Web Services account is in SNS Sandbox and messages will only reach verified end users. This parameter won’t get populated with SNSSandbox if the IAM user creating the user pool \n doesn’t have SNS permissions. To learn how to move your Amazon Web Services account out of the sandbox, \n see Moving out of the SMS sandbox.
\nThe reason why the email configuration cannot send the messages to your users.
" + "smithy.api#documentation": "The reason why the email configuration can't send the messages to your users.
" } }, "Domain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "Holds the domain prefix if the user pool has a domain associated with it.
" + "smithy.api#documentation": "The domain prefix, if the user pool has a domain associated with it.
" } }, "CustomDomain": { "target": "com.amazonaws.cognitoidentityprovider#DomainType", "traits": { - "smithy.api#documentation": "A custom domain name that you provide to Amazon Cognito. This parameter applies only\n if you use a custom domain to host the sign-up and sign-in pages for your application.\n For example: auth.example.com.
For more information about adding a custom domain to your user pool, see Using Your Own Domain for the Hosted UI.
" + "smithy.api#documentation": "A custom domain name that you provide to Amazon Cognito. This parameter applies only if you use a custom domain to host the sign-up and sign-in pages for your application. An \n example of a custom domain name might be auth.example.com.
For more information about adding a custom domain to your user pool, \n see Using Your Own Domain for the Hosted UI.
" } }, "AdminCreateUserConfig": { @@ -12832,7 +12832,7 @@ "UsernameConfiguration": { "target": "com.amazonaws.cognitoidentityprovider#UsernameConfigurationType", "traits": { - "smithy.api#documentation": "You can choose to enable case sensitivity on the username input for the selected\n sign-in option. For example, when this is set to False, users will be able\n to sign in using either \"username\" or \"Username\". This configuration is immutable once\n it has been set. For more information, see UsernameConfigurationType.
Case sensitivity of the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either \"username\" \n or \"Username\". This configuration is immutable once it has been set. For more information, \n see UsernameConfigurationType.
Use this setting to define which verified available method a user can use to recover\n their password when they call ForgotPassword. It allows you to define a\n preferred method when a user has more than one method available. With this setting, SMS\n does not qualify for a valid password recovery mechanism if the user also has SMS MFA\n enabled. In the absence of this setting, Cognito uses the legacy behavior to determine\n the recovery method where SMS is preferred over email.
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a \n preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user \n also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method \n where SMS is preferred through email.
The user name of the user you wish to describe.
" + "smithy.api#documentation": "The user name of the user you want to describe.
" } }, "Attributes": { @@ -12923,7 +12923,7 @@ "UserStatus": { "target": "com.amazonaws.cognitoidentityprovider#UserStatusType", "traits": { - "smithy.api#documentation": "The user status. Can be one of the following:
\nUNCONFIRMED - User has been created but not confirmed.
\nCONFIRMED - User has been confirmed.
\nARCHIVED - User is no longer active.
\nCOMPROMISED - User is disabled due to a potential security threat.
\nUNKNOWN - User status is not known.
\nRESET_REQUIRED - User is confirmed, but the user must request a code and reset\n his or her password before he or she can sign in.
\nFORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a\n temporary password, but on first sign-in, the user must change his or her\n password to a new value before doing anything else.
\nThe user status. This can be one of the following:
\n \nUNCONFIRMED - User has been created but not confirmed.
\nCONFIRMED - User has been confirmed.
\nARCHIVED - User is no longer active.
\nCOMPROMISED - User is disabled due to a potential security threat.
\nUNKNOWN - User status isn't known.
\nRESET_REQUIRED - User is confirmed, but the user must request a code and reset their password before they can sign in.
\nFORCE_CHANGE_PASSWORD - The user is confirmed and the user can sign in using a temporary password, but on first sign-in, the user must change their password to a \n new value before doing anything else.
\nSpecifies whether username case sensitivity will be applied for all users in the user\n pool through Cognito APIs.
\nValid values include:
\n\n \n True\n : Enables case sensitivity\n for all username input. When this option is set to True, users must\n sign in using the exact capitalization of their given username. For example,\n “UserName”. This is the default value.
\n \n False\n : Enables case\n insensitivity for all username input. For example, when this option is set to\n False, users will be able to sign in using either \"username\" or\n \"Username\". This option also enables both preferred_username and\n email alias to be case insensitive, in addition to the\n username attribute.
Specifies whether username case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs.
\nValid values include:
\n \n\n \n True\n : Enables case sensitivity for all username input. When this option is set to True, \n users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
\n \n False\n : Enables case insensitivity for all username input. For example, when this option is set to \n False, users can sign in using either \"username\" or \"Username\". This option also enables both preferred_username and email \n alias to be case insensitive, in addition to the username attribute.
This exception is thrown when Amazon Cognito encounters a user name that already\n exists in the user pool.
", + "smithy.api#documentation": "This exception is thrown when Amazon Cognito encounters a user name that already exists in the user pool.
", "smithy.api#error": "client", "smithy.api#httpError": 400 } @@ -13018,25 +13018,25 @@ "EmailMessage": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationMessageType", "traits": { - "smithy.api#documentation": "The email message template. EmailMessage is allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The email message template. EmailMessage is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "EmailSubject": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationSubjectType", "traits": { - "smithy.api#documentation": "The subject line for the email message template. EmailSubject is allowed only if\n EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The subject line for the email message template. EmailSubject is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "EmailMessageByLink": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationMessageByLinkType", "traits": { - "smithy.api#documentation": "The email message template for sending a confirmation link to the user.\n EmailMessageByLink is allowed only if EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The email message template for sending a confirmation link to the user. EmailMessageByLink is allowed only if \n EmailSendingAccount is DEVELOPER.
" } }, "EmailSubjectByLink": { "target": "com.amazonaws.cognitoidentityprovider#EmailVerificationSubjectByLinkType", "traits": { - "smithy.api#documentation": "The subject line for the email message template for sending a confirmation link to the\n user. EmailSubjectByLink is allowed only EmailSendingAccount is DEVELOPER.
" + "smithy.api#documentation": "The subject line for the email message template for sending a confirmation link to the user. EmailSubjectByLink is allowed only \n EmailSendingAccount is DEVELOPER.
" } }, "DefaultEmailOption": { @@ -13118,7 +13118,7 @@ } ], "traits": { - "smithy.api#documentation": "Use this API to register a user's entered TOTP code and mark the user's software token\n MFA status as \"verified\" if successful. The request takes an access token or a session\n string, but not both.
" + "smithy.api#documentation": "Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as \"verified\" if successful. The request takes an access \n token or a session string, but not both.
" } }, "com.amazonaws.cognitoidentityprovider#VerifySoftwareTokenRequest": { @@ -13133,13 +13133,13 @@ "Session": { "target": "com.amazonaws.cognitoidentityprovider#SessionType", "traits": { - "smithy.api#documentation": "The session which should be passed both ways in challenge-response calls to the\n service.
" + "smithy.api#documentation": "The session that should be passed both ways in challenge-response calls to the service.
" } }, "UserCode": { "target": "com.amazonaws.cognitoidentityprovider#SoftwareTokenMFAUserCodeType", "traits": { - "smithy.api#documentation": "The one time password computed using the secret code returned by AssociateSoftwareToken\".
", + "smithy.api#documentation": "The one- time password computed using the secret code returned by \n AssociateSoftwareToken.
", "smithy.api#required": {} } }, @@ -13163,7 +13163,7 @@ "Session": { "target": "com.amazonaws.cognitoidentityprovider#SessionType", "traits": { - "smithy.api#documentation": "The session which should be passed both ways in challenge-response calls to the\n service.
" + "smithy.api#documentation": "The session that should be passed both ways in challenge-response calls to the service.
" } } } @@ -13238,7 +13238,7 @@ "AccessToken": { "target": "com.amazonaws.cognitoidentityprovider#TokenModelType", "traits": { - "smithy.api#documentation": "Represents the access token of the request to verify user attributes.
", + "smithy.api#documentation": "The access token of the request to verify user attributes.
", "smithy.api#required": {} } }, @@ -13265,7 +13265,7 @@ "type": "structure", "members": {}, "traits": { - "smithy.api#documentation": "A container representing the response from the server from the request to verify user\n attributes.
" + "smithy.api#documentation": "A container representing the response from the server from the request to verify user attributes.
" } }, "com.amazonaws.cognitoidentityprovider#WrappedBooleanType": { diff --git a/codegen/sdk-codegen/aws-models/connect.json b/codegen/sdk-codegen/aws-models/connect.json index a854577b43af..38bcb491efc6 100644 --- a/codegen/sdk-codegen/aws-models/connect.json +++ b/codegen/sdk-codegen/aws-models/connect.json @@ -307,7 +307,7 @@ "name": "connect" }, "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon Connect is a cloud-based contact center solution that you use to set up and manage a customer\n contact center and provide reliable customer engagement at any scale.
\nAmazon Connect provides metrics and real-time reporting that enable you to optimize contact routing.\n You can also resolve customer issues more efficiently by getting customers in touch with the\n appropriate agents.
\nThere are limits to the number of Amazon Connect resources that you can create. There are also limits\n to the number of requests that you can make per second. For more information, see Amazon Connect\n Service Quotas in the Amazon Connect Administrator Guide.
\nYou can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect\n endpoints, see Amazon Connect\n Endpoints.
\nWorking with contact flows? Check out the Amazon Connect Flow language.
\nAmazon Connect is a cloud-based contact center solution that you use to set up and manage a customer\n contact center and provide reliable customer engagement at any scale.
\nAmazon Connect provides metrics and real-time reporting that enable you to optimize contact routing.\n You can also resolve customer issues more efficiently by getting customers in touch with the\n appropriate agents.
\nThere are limits to the number of Amazon Connect resources that you can create. There are also limits\n to the number of requests that you can make per second. For more information, see Amazon Connect\n Service Quotas in the Amazon Connect Administrator Guide.
\nYou can connect programmatically to an Amazon Web Services service by using an endpoint. For\n a list of Amazon Connect endpoints, see Amazon Connect Endpoints.
\nWorking with contact flows? Check out the Amazon Connect Flow language.
\nAssociates an existing vocabulary as the default. Contact Lens for Amazon Connect uses the vocabulary in post-call and real-time analysis sessions for the given language.
", + "smithy.api#http": { + "method": "PUT", + "uri": "/default-vocabulary/{InstanceId}/{LanguageCode}", + "code": 200 + } + } + }, + "com.amazonaws.connect#AssociateDefaultVocabularyRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary. If this is empty, the default is set to none.
" + } + } + } + }, + "com.amazonaws.connect#AssociateDefaultVocabularyResponse": { + "type": "structure", + "members": {} + }, "com.amazonaws.connect#AssociateInstanceStorageConfig": { "type": "operation", "input": { @@ -1247,7 +1330,7 @@ } }, "traits": { - "smithy.api#documentation": "Information about the attachment reference if the referenceType is ATTACHMENT. Otherwise, null.
Information about the attachment reference if the referenceType is\n ATTACHMENT. Otherwise, null.
The date and time this contact was initiated, in UTC time. For INBOUND, this is when the\n contact arrived. For OUTBOUND, this is when the agent began dialing. For CALLBACK, this is when\n the callback contact was created. For TRANSFER and QUEUE_TRANSFER, this is when the transfer was\n initiated. For API, this is when the request arrived.
The date and time this contact was initiated, in UTC time. For INBOUND, this is\n when the contact arrived. For OUTBOUND, this is when the agent began dialing. For\n CALLBACK, this is when the callback contact was created. For TRANSFER\n and QUEUE_TRANSFER, this is when the transfer was initiated. For API,\n this is when the request arrived.
The timestamp, in Unix epoch time format, at which to start running the inbound flow.
" + "smithy.api#documentation": "The timestamp, in Unix epoch time format, at which to start running the inbound flow.\n
" } } }, @@ -2825,7 +2918,7 @@ "QuickConnectId": { "target": "com.amazonaws.connect#QuickConnectId", "traits": { - "smithy.api#documentation": "The identifier for the quick connect. \n
" + "smithy.api#documentation": "The identifier for the quick connect.
" } } } @@ -3337,6 +3430,119 @@ } } }, + "com.amazonaws.connect#CreateVocabulary": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#CreateVocabularyRequest" + }, + "output": { + "target": "com.amazonaws.connect#CreateVocabularyResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#AccessDeniedException" + }, + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ResourceConflictException" + }, + { + "target": "com.amazonaws.connect#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.connect#ServiceQuotaExceededException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Creates a custom vocabulary associated with your Amazon Connect instance. You can set a custom\n vocabulary to be your default vocabulary for a given language. Contact Lens for Amazon Connect uses the default\n vocabulary in post-call and real-time contact analysis sessions for that language.
", + "smithy.api#http": { + "method": "POST", + "uri": "/vocabulary/{InstanceId}", + "code": 200 + } + } + }, + "com.amazonaws.connect#CreateVocabularyRequest": { + "type": "structure", + "members": { + "ClientToken": { + "target": "com.amazonaws.connect#ClientToken", + "traits": { + "smithy.api#documentation": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the\n request. If a create request is received more than once with same client token,\n subsequent requests return the previous response without creating a vocabulary again.
", + "smithy.api#idempotencyToken": {} + } + }, + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "VocabularyName": { + "target": "com.amazonaws.connect#VocabularyName", + "traits": { + "smithy.api#documentation": "A unique name of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
", + "smithy.api#required": {} + } + }, + "Content": { + "target": "com.amazonaws.connect#VocabularyContent", + "traits": { + "smithy.api#documentation": "The content of the custom vocabulary in plain-text format with a table of values. Each row\n in the table represents a word or a phrase, described with Phrase, IPA,\n SoundsLike, and DisplayAs fields. Separate the fields with TAB\n characters. The size limit is 50KB. For more information, see Create a custom\n vocabulary using a table.
The tags used to organize, track, or control access for this resource.
" + } + } + } + }, + "com.amazonaws.connect#CreateVocabularyResponse": { + "type": "structure", + "members": { + "VocabularyArn": { + "target": "com.amazonaws.connect#ARN", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "State": { + "target": "com.amazonaws.connect#VocabularyState", + "traits": { + "smithy.api#documentation": "The current state of the custom vocabulary.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.connect#Credentials": { "type": "structure", "members": { @@ -3508,6 +3714,48 @@ "target": "com.amazonaws.connect#CurrentMetric" } }, + "com.amazonaws.connect#DefaultVocabulary": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
", + "smithy.api#required": {} + } + }, + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "VocabularyName": { + "target": "com.amazonaws.connect#VocabularyName", + "traits": { + "smithy.api#documentation": "A unique name of the custom vocabulary.
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a default vocabulary.
" + } + }, + "com.amazonaws.connect#DefaultVocabularyList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#DefaultVocabulary" + } + }, "com.amazonaws.connect#Delay": { "type": "integer", "traits": { @@ -3744,7 +3992,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an Amazon Web Services resource association from an Amazon Connect instance. The association must not have\n any use cases associated with it.
", + "smithy.api#documentation": "Deletes an Amazon Web Services resource association from an Amazon Connect instance. The association\n must not have any use cases associated with it.
", "smithy.api#http": { "method": "DELETE", "uri": "/instance/{InstanceId}/integration-associations/{IntegrationAssociationId}", @@ -4047,24 +4295,27 @@ } } }, - "com.amazonaws.connect#DescribeAgentStatus": { + "com.amazonaws.connect#DeleteVocabulary": { "type": "operation", "input": { - "target": "com.amazonaws.connect#DescribeAgentStatusRequest" + "target": "com.amazonaws.connect#DeleteVocabularyRequest" }, "output": { - "target": "com.amazonaws.connect#DescribeAgentStatusResponse" + "target": "com.amazonaws.connect#DeleteVocabularyResponse" }, "errors": [ { - "target": "com.amazonaws.connect#InternalServiceException" + "target": "com.amazonaws.connect#AccessDeniedException" }, { - "target": "com.amazonaws.connect#InvalidParameterException" + "target": "com.amazonaws.connect#InternalServiceException" }, { "target": "com.amazonaws.connect#InvalidRequestException" }, + { + "target": "com.amazonaws.connect#ResourceInUseException" + }, { "target": "com.amazonaws.connect#ResourceNotFoundException" }, @@ -4073,15 +4324,15 @@ } ], "traits": { - "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nDescribes an agent status.
", + "smithy.api#documentation": "Deletes the vocabulary that has the given identifier.
", "smithy.api#http": { - "method": "GET", - "uri": "/agent-status/{InstanceId}/{AgentStatusId}", + "method": "POST", + "uri": "/vocabulary-remove/{InstanceId}/{VocabularyId}", "code": 200 } } }, - "com.amazonaws.connect#DescribeAgentStatusRequest": { + "com.amazonaws.connect#DeleteVocabularyRequest": { "type": "structure", "members": { "InstanceId": { @@ -4092,34 +4343,49 @@ "smithy.api#required": {} } }, - "AgentStatusId": { - "target": "com.amazonaws.connect#AgentStatusId", + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", "traits": { - "smithy.api#documentation": "The identifier for the agent status.
", + "smithy.api#documentation": "The identifier of the custom vocabulary.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } } } }, - "com.amazonaws.connect#DescribeAgentStatusResponse": { + "com.amazonaws.connect#DeleteVocabularyResponse": { "type": "structure", "members": { - "AgentStatus": { - "target": "com.amazonaws.connect#AgentStatus", + "VocabularyArn": { + "target": "com.amazonaws.connect#ARN", "traits": { - "smithy.api#documentation": "The agent status.
" + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "State": { + "target": "com.amazonaws.connect#VocabularyState", + "traits": { + "smithy.api#documentation": "The current state of the custom vocabulary.
", + "smithy.api#required": {} } } } }, - "com.amazonaws.connect#DescribeContact": { + "com.amazonaws.connect#DescribeAgentStatus": { "type": "operation", "input": { - "target": "com.amazonaws.connect#DescribeContactRequest" + "target": "com.amazonaws.connect#DescribeAgentStatusRequest" }, "output": { - "target": "com.amazonaws.connect#DescribeContactResponse" + "target": "com.amazonaws.connect#DescribeAgentStatusResponse" }, "errors": [ { @@ -4139,28 +4405,94 @@ } ], "traits": { - "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nDescribes the specified contact.
\nContact information remains available in Amazon Connect for 24 months, and then it is\n deleted.
\nThis API is in preview release for Amazon Connect and is subject to change.
\nDescribes an agent status.
", "smithy.api#http": { "method": "GET", - "uri": "/contacts/{InstanceId}/{ContactId}", + "uri": "/agent-status/{InstanceId}/{AgentStatusId}", "code": 200 } } }, - "com.amazonaws.connect#DescribeContactFlow": { - "type": "operation", - "input": { - "target": "com.amazonaws.connect#DescribeContactFlowRequest" - }, - "output": { - "target": "com.amazonaws.connect#DescribeContactFlowResponse" - }, - "errors": [ - { - "target": "com.amazonaws.connect#ContactFlowNotPublishedException" + "com.amazonaws.connect#DescribeAgentStatusRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } }, - { - "target": "com.amazonaws.connect#InternalServiceException" + "AgentStatusId": { + "target": "com.amazonaws.connect#AgentStatusId", + "traits": { + "smithy.api#documentation": "The identifier for the agent status.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.connect#DescribeAgentStatusResponse": { + "type": "structure", + "members": { + "AgentStatus": { + "target": "com.amazonaws.connect#AgentStatus", + "traits": { + "smithy.api#documentation": "The agent status.
" + } + } + } + }, + "com.amazonaws.connect#DescribeContact": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#DescribeContactRequest" + }, + "output": { + "target": "com.amazonaws.connect#DescribeContactResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidParameterException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ResourceNotFoundException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nDescribes the specified contact.
\nContact information remains available in Amazon Connect for 24 months, and then it is\n deleted.
\nDescribes the specified vocabulary.
", + "smithy.api#http": { + "method": "GET", + "uri": "/vocabulary/{InstanceId}/{VocabularyId}", + "code": 200 + } + } + }, + "com.amazonaws.connect#DescribeVocabularyRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "VocabularyId": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.connect#DescribeVocabularyResponse": { + "type": "structure", + "members": { + "Vocabulary": { + "target": "com.amazonaws.connect#Vocabulary", + "traits": { + "smithy.api#documentation": "A list of specific words that you want Contact Lens for Amazon Connect to recognize in your audio input. They\n are generally domain-specific words and phrases, words that Contact Lens is not recognizing, or\n proper nouns.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.connect#Description": { "type": "string", "traits": { @@ -5629,7 +6028,7 @@ "Queues": { "target": "com.amazonaws.connect#Queues", "traits": { - "smithy.api#documentation": "The queues to use to filter the metrics. You should specify at least one queue, and can specify up to 100 queues per\n request. The GetCurrentMetricsData API in particular requires a queue when you include a Filter in your request.
The queues to use to filter the metrics. You should specify at least one queue, and can\n specify up to 100 queues per request. The GetCurrentMetricsData API in particular\n requires a queue when you include a Filter in your request.
The metrics to retrieve. Specify the name and unit for each metric. The following metrics\n are available. For a description of all the metrics, see Real-time Metrics\n Definitions in the Amazon Connect Administrator Guide.
\nUnit: COUNT
\nName in real-time metrics report: ACW\n
\n\nUnit: COUNT
\nName in real-time metrics report: Available\n
\nUnit: COUNT
\nName in real-time metrics report: Error\n
\nUnit: COUNT
\nName in real-time metrics report: NPT (Non-Productive Time)\n
\nUnit: COUNT
\nName in real-time metrics report: On\n contact\n
\nUnit: COUNT
\nName in real-time metrics report: On\n contact\n
\nUnit: COUNT
\nName in real-time metrics report: Online\n
\nUnit: COUNT
\nName in real-time metrics report: Staffed\n
\nUnit: COUNT
\nName in real-time metrics report: In\n queue\n
\nUnit: COUNT
\nName in real-time metrics report: Scheduled\n
\nUnit: SECONDS
\nWhen you use groupings, Unit says SECONDS and the Value is returned in SECONDS.
\nWhen you do not use groupings, Unit says SECONDS but the Value is returned in MILLISECONDS. For\n example, if you get a response like this:
\n\n { \"Metric\": { \"Name\": \"OLDEST_CONTACT_AGE\", \"Unit\": \"SECONDS\" }, \"Value\": 24113.0\n }
The actual OLDEST_CONTACT_AGE is 24 seconds.
\n\nName in real-time metrics report: Oldest\n
\nUnit: COUNT
\nName in real-time metrics report: Active\n
\nUnit: COUNT
\nName in real-time metrics report: Availability\n
\nThe metrics to retrieve. Specify the name and unit for each metric. The following metrics\n are available. For a description of all the metrics, see Real-time Metrics\n Definitions in the Amazon Connect Administrator Guide.
\nUnit: COUNT
\nName in real-time metrics report: ACW\n
\n\nUnit: COUNT
\nName in real-time metrics report: Available\n
\nUnit: COUNT
\nName in real-time metrics report: Error\n
\nUnit: COUNT
\nName in real-time metrics report: NPT (Non-Productive Time)\n
\nUnit: COUNT
\nName in real-time metrics report: On\n contact\n
\nUnit: COUNT
\nName in real-time metrics report: On\n contact\n
\nUnit: COUNT
\nName in real-time metrics report: Online\n
\nUnit: COUNT
\nName in real-time metrics report: Staffed\n
\nUnit: COUNT
\nName in real-time metrics report: In\n queue\n
\nUnit: COUNT
\nName in real-time metrics report: Scheduled\n
\nUnit: SECONDS
\nWhen you use groupings, Unit says SECONDS and the Value is returned in SECONDS.
\nWhen you do not use groupings, Unit says SECONDS but the Value is returned in\n MILLISECONDS. For example, if you get a response like this:
\n\n { \"Metric\": { \"Name\": \"OLDEST_CONTACT_AGE\", \"Unit\": \"SECONDS\" }, \"Value\": 24113.0\n }
The actual OLDEST_CONTACT_AGE is 24 seconds.
\n\nName in real-time metrics report: Oldest\n
\nUnit: COUNT
\nName in real-time metrics report: Active\n
\nUnit: COUNT
\nName in real-time metrics report: Availability\n
\nThis API is in preview release for Amazon Connect and is subject to change.
\nFor the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the\n instance.
", + "smithy.api#documentation": "This API is in preview release for Amazon Connect and is subject to change.
\nFor the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently\n associated with the instance.
", "smithy.api#http": { "method": "GET", "uri": "/instance/{InstanceId}/bots", @@ -7905,6 +8304,92 @@ } } }, + "com.amazonaws.connect#ListDefaultVocabularies": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#ListDefaultVocabulariesRequest" + }, + "output": { + "target": "com.amazonaws.connect#ListDefaultVocabulariesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#AccessDeniedException" + }, + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Lists the default vocabularies for the specified Amazon Connect instance.
", + "smithy.api#http": { + "method": "POST", + "uri": "/default-vocabulary-summary/{InstanceId}", + "code": 200 + }, + "smithy.api#paginated": { + "inputToken": "NextToken", + "outputToken": "NextToken", + "items": "DefaultVocabularyList", + "pageSize": "MaxResults" + } + } + }, + "com.amazonaws.connect#ListDefaultVocabulariesRequest": { + "type": "structure", + "members": { + "InstanceId": { + "target": "com.amazonaws.connect#InstanceId", + "traits": { + "smithy.api#documentation": "The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
" + } + }, + "MaxResults": { + "target": "com.amazonaws.connect#MaxResult100", + "traits": { + "smithy.api#documentation": "The maximum number of results to return per page.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#VocabularyNextToken", + "traits": { + "smithy.api#documentation": "The token for the next set of results. Use the value returned in the previous \nresponse in the next request to retrieve the next set of results.
" + } + } + } + }, + "com.amazonaws.connect#ListDefaultVocabulariesResponse": { + "type": "structure", + "members": { + "DefaultVocabularyList": { + "target": "com.amazonaws.connect#DefaultVocabularyList", + "traits": { + "smithy.api#documentation": "A list of default vocabularies.
", + "smithy.api#required": {} + } + }, + "NextToken": { + "target": "com.amazonaws.connect#VocabularyNextToken", + "traits": { + "smithy.api#documentation": "If there are additional results, this is the token for the next set of results.
" + } + } + } + }, "com.amazonaws.connect#ListHoursOfOperations": { "type": "operation", "input": { @@ -8258,7 +8743,7 @@ } ], "traits": { - "smithy.api#documentation": "Provides summary information about the Amazon Web Services resource associations for the specified Amazon Connect\n instance.
", + "smithy.api#documentation": "Provides summary information about the Amazon Web Services resource associations for the\n specified Amazon Connect instance.
", "smithy.api#http": { "method": "GET", "uri": "/instance/{InstanceId}/integration-associations", @@ -8471,7 +8956,7 @@ "target": "com.amazonaws.connect#MaxResult25", "traits": { "smithy.api#box": {}, - "smithy.api#documentation": "The maximum number of results to return per page. If no value is specified, the default is 10.
", + "smithy.api#documentation": "The maximum number of results to return per page. If no value is specified, the default is 10.\n
", "smithy.api#httpQuery": "maxResults" } } @@ -11565,14 +12050,14 @@ "Value": { "target": "com.amazonaws.connect#ReferenceValue", "traits": { - "smithy.api#documentation": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).
", + "smithy.api#documentation": "A valid value for the reference. For example, for a URL reference, a formatted URL that is\n displayed to an agent in the Contact Control Panel (CCP).
", "smithy.api#required": {} } }, "Type": { "target": "com.amazonaws.connect#ReferenceType", "traits": { - "smithy.api#documentation": "The type of the reference. Only URL type can be added or updated on a contact.
The type of the reference. Only URL type can be added or updated on a\n contact.
Information about the attachment reference if the referenceType is ATTACHMENT. Otherwise, null.
Information about the attachment reference if the referenceType is\n ATTACHMENT. Otherwise, null.
Contains summary information about a reference. ReferenceSummary contains only one non null field between the URL and attachment based on the reference type.
Contains summary information about a reference. ReferenceSummary contains only\n one non null field between the URL and attachment based on the reference type.
Information about the Amazon Simple Storage Service (Amazon S3) storage type.
" } }, + "com.amazonaws.connect#SearchVocabularies": { + "type": "operation", + "input": { + "target": "com.amazonaws.connect#SearchVocabulariesRequest" + }, + "output": { + "target": "com.amazonaws.connect#SearchVocabulariesResponse" + }, + "errors": [ + { + "target": "com.amazonaws.connect#AccessDeniedException" + }, + { + "target": "com.amazonaws.connect#InternalServiceException" + }, + { + "target": "com.amazonaws.connect#InvalidRequestException" + }, + { + "target": "com.amazonaws.connect#ThrottlingException" + } + ], + "traits": { + "smithy.api#documentation": "Searches for vocabularies within a specific Amazon Connect instance using State, NameStartsWith, and LanguageCode.
The identifier of the Amazon Connect instance. You can find the instanceId in the ARN of the instance.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "MaxResults": { + "target": "com.amazonaws.connect#MaxResult100", + "traits": { + "smithy.api#documentation": "The maximum number of results to return per page.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#VocabularyNextToken", + "traits": { + "smithy.api#documentation": "The token for the next set of results. Use the value returned in the previous \nresponse in the next request to retrieve the next set of results.
" + } + }, + "State": { + "target": "com.amazonaws.connect#VocabularyState", + "traits": { + "smithy.api#documentation": "The current state of the custom vocabulary.
" + } + }, + "NameStartsWith": { + "target": "com.amazonaws.connect#VocabularyName", + "traits": { + "smithy.api#documentation": "The starting pattern of the name of the vocabulary.
" + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
" + } + } + } + }, + "com.amazonaws.connect#SearchVocabulariesResponse": { + "type": "structure", + "members": { + "VocabularySummaryList": { + "target": "com.amazonaws.connect#VocabularySummaryList", + "traits": { + "smithy.api#documentation": "The list of the available custom vocabularies.
" + } + }, + "NextToken": { + "target": "com.amazonaws.connect#VocabularyNextToken", + "traits": { + "smithy.api#documentation": "If there are additional results, this is the token for the next set of results.
" + } + } + } + }, "com.amazonaws.connect#SecurityKey": { "type": "structure", "members": { @@ -12292,7 +12874,7 @@ } ], "traits": { - "smithy.api#documentation": "Initiates a contact flow to start a new chat for the customer. Response of this API provides\n a token required to obtain credentials from the CreateParticipantConnection API in the Amazon Connect Participant Service.
\n\nWhen a new chat contact is successfully created, clients must subscribe to the participant’s\n connection for the created chat within 5 minutes. This is achieved by invoking CreateParticipantConnection with WEBSOCKET and CONNECTION_CREDENTIALS.
\n\nA 429 error occurs in two situations:
\nAPI rate limit is exceeded. API TPS throttling returns a TooManyRequests\n exception.
The quota for concurrent active\n chats is exceeded. Active chat throttling returns a\n LimitExceededException.
For more information about chat, see Chat in the Amazon Connect Administrator\n Guide.
", + "smithy.api#documentation": "Initiates a contact flow to start a new chat for the customer. Response of this API provides\n a token required to obtain credentials from the CreateParticipantConnection API in the Amazon Connect Participant Service.
\n\nWhen a new chat contact is successfully created, clients must subscribe to the participant’s\n connection for the created chat within 5 minutes. This is achieved by invoking CreateParticipantConnection with WEBSOCKET and CONNECTION_CREDENTIALS.
\n\nA 429 error occurs in the following situations:
\nAPI rate limit is exceeded. API TPS throttling returns a TooManyRequests\n exception.
The quota for concurrent active\n chats is exceeded. Active chat throttling returns a\n LimitExceededException.
If you use the ChatDurationInMinutes parameter and receive a 400 error, your account may\n not support the ability to configure custom chat durations. For more information, contact Amazon Web Services Support. \n
For more information about chat, see Chat in the Amazon Connect Administrator\n Guide.
", "smithy.api#http": { "method": "PUT", "uri": "/contact/chat", @@ -12342,6 +12924,12 @@ "smithy.api#documentation": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the\n request.
", "smithy.api#idempotencyToken": {} } + }, + "ChatDurationInMinutes": { + "target": "com.amazonaws.connect#ChatDurationInMinutes", + "traits": { + "smithy.api#documentation": "The total duration of the newly started chat session. If not specified, the chat session duration defaults to 25 hour. \n The minumum configurable time is 60 minutes. The maximum configurable time is 10,080 minutes (7 days).
" + } } } }, @@ -12462,7 +13050,7 @@ } ], "traits": { - "smithy.api#documentation": "Initiates real-time message streaming for a new chat contact.
\nFor more information about message streaming, see Enable real-time chat message\n streaming in the Amazon Connect Administrator Guide.
", + "smithy.api#documentation": "Initiates real-time message streaming for a new chat contact.
\nFor more information about message streaming, see Enable real-time chat message\n streaming in the Amazon Connect Administrator Guide.
", "smithy.api#http": { "method": "POST", "uri": "/contact/start-streaming", @@ -12548,7 +13136,7 @@ } ], "traits": { - "smithy.api#documentation": "Places an outbound call to a contact, and then initiates the contact flow. It performs the\n actions in the contact flow that's specified (in ContactFlowId).
Agents do not initiate the outbound API, which means that they do not dial the contact. If\n the contact flow places an outbound call to a contact, and then puts the contact in queue, the\n call is then routed to the agent, like any other inbound case.
\n\nThere is a 60-second dialing timeout for this operation. If the call is not connected after\n 60 seconds, it fails.
\nUK numbers with a 447 prefix are not allowed by default. Before you can dial these UK\n mobile numbers, you must submit a service quota increase request. For more information, see\n Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
\nCampaign calls are not allowed by default. Before you can make a call with \n TrafficType = CAMPAIGN, you must submit a service quota increase request. For more information, see \n Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
Places an outbound call to a contact, and then initiates the contact flow. It performs the\n actions in the contact flow that's specified (in ContactFlowId).
Agents do not initiate the outbound API, which means that they do not dial the contact. If\n the contact flow places an outbound call to a contact, and then puts the contact in queue, the\n call is then routed to the agent, like any other inbound case.
\n\nThere is a 60-second dialing timeout for this operation. If the call is not connected after\n 60 seconds, it fails.
\nUK numbers with a 447 prefix are not allowed by default. Before you can dial these UK\n mobile numbers, you must submit a service quota increase request. For more information, see\n Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.
\nCampaign calls are not allowed by default. Before you can make a call with\n TrafficType = CAMPAIGN, you must submit a service quota increase\n request. For more information, see Amazon Connect Service Quotas\n in the Amazon Connect Administrator Guide.
Denotes the class of traffic. Calls with different traffic types are handled differently by\n Amazon Connect. The default value is GENERAL. Use CAMPAIGN if\n EnableAnswerMachineDetection is set to true. For all other cases, use\n GENERAL.
Denotes the class of traffic. Calls with different traffic types are handled differently by\n Amazon Connect. The default value is GENERAL. Use CAMPAIGN if\n EnableAnswerMachineDetection is set to true. For all other cases, use\n GENERAL.
Adds the specified tags to the specified resource.
\nThe supported resource types are users, routing profiles, queues, quick connects, \n contact flows, agent status, and hours of operation.
\nFor sample policies that use tags, see Amazon Connect Identity-Based\n Policy Examples in the Amazon Connect Administrator Guide.
", + "smithy.api#documentation": "Adds the specified tags to the specified resource.
\nThe supported resource types are users, routing profiles, queues, quick connects, contact\n flows, agent status, and hours of operation.
\nFor sample policies that use tags, see Amazon Connect Identity-Based\n Policy Examples in the Amazon Connect Administrator Guide.
", "smithy.api#http": { "method": "POST", "uri": "/tags/{resourceArn}", @@ -14067,7 +14655,7 @@ "AttributeType": { "target": "com.amazonaws.connect#InstanceAttributeType", "traits": { - "smithy.api#documentation": "The type of attribute.
\nOnly allowlisted customers can consume USE_CUSTOM_TTS_VOICES. To access this feature, contact Amazon Web Services Support for allowlisting.
\nThe type of attribute.
\nOnly allowlisted customers can consume USE_CUSTOM_TTS_VOICES. To access this feature,\n contact Amazon Web Services Support for allowlisting.
\nA unique name of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "Id": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "Arn": { + "target": "com.amazonaws.connect#ARN", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
", + "smithy.api#required": {} + } + }, + "State": { + "target": "com.amazonaws.connect#VocabularyState", + "traits": { + "smithy.api#documentation": "The current state of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "LastModifiedTime": { + "target": "com.amazonaws.connect#VocabularyLastModifiedTime", + "traits": { + "smithy.api#documentation": "The timestamp when the custom vocabulary was last modified.
", + "smithy.api#required": {} + } + }, + "FailureReason": { + "target": "com.amazonaws.connect#VocabularyFailureReason", + "traits": { + "smithy.api#documentation": "The reason why the custom vocabulary was not created.
" + } + }, + "Content": { + "target": "com.amazonaws.connect#VocabularyContent", + "traits": { + "smithy.api#documentation": "The content of the custom vocabulary in plain-text format with a table of values. Each row\n in the table represents a word or a phrase, described with Phrase, IPA,\n SoundsLike, and DisplayAs fields. Separate the fields with TAB\n characters. For more information, see Create a custom\n vocabulary using a table.
The tags used to organize, track, or control access for this resource.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about a custom vocabulary.
" + } + }, + "com.amazonaws.connect#VocabularyContent": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 60000 + } + } + }, + "com.amazonaws.connect#VocabularyFailureReason": { + "type": "string" + }, + "com.amazonaws.connect#VocabularyId": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 500 + } + } + }, + "com.amazonaws.connect#VocabularyLanguageCode": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ar-AE", + "name": "AR_AE" + }, + { + "value": "de-CH", + "name": "DE_CH" + }, + { + "value": "de-DE", + "name": "DE_DE" + }, + { + "value": "en-AB", + "name": "EN_AB" + }, + { + "value": "en-AU", + "name": "EN_AU" + }, + { + "value": "en-GB", + "name": "EN_GB" + }, + { + "value": "en-IE", + "name": "EN_IE" + }, + { + "value": "en-IN", + "name": "EN_IN" + }, + { + "value": "en-US", + "name": "EN_US" + }, + { + "value": "en-WL", + "name": "EN_WL" + }, + { + "value": "es-ES", + "name": "ES_ES" + }, + { + "value": "es-US", + "name": "ES_US" + }, + { + "value": "fr-CA", + "name": "FR_CA" + }, + { + "value": "fr-FR", + "name": "FR_FR" + }, + { + "value": "hi-IN", + "name": "HI_IN" + }, + { + "value": "it-IT", + "name": "IT_IT" + }, + { + "value": "ja-JP", + "name": "JA_JP" + }, + { + "value": "ko-KR", + "name": "KO_KR" + }, + { + "value": "pt-BR", + "name": "PT_BR" + }, + { + "value": "pt-PT", + "name": "PT_PT" + }, + { + "value": "zh-CN", + "name": "ZH_CN" + } + ] + } + }, + "com.amazonaws.connect#VocabularyLastModifiedTime": { + "type": "timestamp" + }, + "com.amazonaws.connect#VocabularyName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 140 + }, + "smithy.api#pattern": "^[0-9a-zA-Z._-]+$" + } + }, + "com.amazonaws.connect#VocabularyNextToken": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 131070 + }, + "smithy.api#pattern": "\\S" + } + }, + "com.amazonaws.connect#VocabularyState": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "CREATION_IN_PROGRESS", + "name": "CREATION_IN_PROGRESS" + }, + { + "value": "ACTIVE", + "name": "ACTIVE" + }, + { + "value": "CREATION_FAILED", + "name": "CREATION_FAILED" + }, + { + "value": "DELETE_IN_PROGRESS", + "name": "DELETE_IN_PROGRESS" + } + ] + } + }, + "com.amazonaws.connect#VocabularySummary": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.connect#VocabularyName", + "traits": { + "smithy.api#documentation": "A unique name of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "Id": { + "target": "com.amazonaws.connect#VocabularyId", + "traits": { + "smithy.api#documentation": "The identifier of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "Arn": { + "target": "com.amazonaws.connect#ARN", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "LanguageCode": { + "target": "com.amazonaws.connect#VocabularyLanguageCode", + "traits": { + "smithy.api#documentation": "The language code of the vocabulary entries. For a list of languages and their corresponding language codes, see \nWhat is Amazon Transcribe?\n
", + "smithy.api#required": {} + } + }, + "State": { + "target": "com.amazonaws.connect#VocabularyState", + "traits": { + "smithy.api#documentation": "The current state of the custom vocabulary.
", + "smithy.api#required": {} + } + }, + "LastModifiedTime": { + "target": "com.amazonaws.connect#VocabularyLastModifiedTime", + "traits": { + "smithy.api#documentation": "The timestamp when the custom vocabulary was last modified.
", + "smithy.api#required": {} + } + }, + "FailureReason": { + "target": "com.amazonaws.connect#VocabularyFailureReason", + "traits": { + "smithy.api#documentation": "The reason why the custom vocabulary was not created.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains summary information about the custom vocabulary.
" + } + }, + "com.amazonaws.connect#VocabularySummaryList": { + "type": "list", + "member": { + "target": "com.amazonaws.connect#VocabularySummary" + } + }, "com.amazonaws.connect#VoiceRecordingConfiguration": { "type": "structure", "members": { diff --git a/codegen/sdk-codegen/aws-models/ebs.json b/codegen/sdk-codegen/aws-models/ebs.json index 81ae6b870857..489db47931c5 100644 --- a/codegen/sdk-codegen/aws-models/ebs.json +++ b/codegen/sdk-codegen/aws-models/ebs.json @@ -349,6 +349,21 @@ }, "com.amazonaws.ebs#Ebs": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "EBS", + "arnNamespace": "ebs", + "cloudFormationName": "EBS", + "cloudTrailEventSource": "ebs.amazonaws.com", + "endpointPrefix": "ebs" + }, + "aws.auth#sigv4": { + "name": "ebs" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "You can use the Amazon Elastic Block Store (Amazon EBS) direct APIs to create Amazon EBS snapshots, write data directly to \n \t\tyour snapshots, read data on your snapshots, and identify the differences or changes between \n \t\ttwo snapshots. If you’re an independent software vendor (ISV) who offers backup services for \n \t\tAmazon EBS, the EBS direct APIs make it more efficient and cost-effective to track incremental changes on \n \t\tyour Amazon EBS volumes through snapshots. This can be done without having to create new volumes \n \t\tfrom snapshots, and then use Amazon Elastic Compute Cloud (Amazon EC2) instances to compare the differences.
\n \t\t\n \tYou can create incremental snapshots directly from data on-premises into volumes and the \n \t\tcloud to use for quick disaster recovery. With the ability to write and read snapshots, you can \n \t\twrite your on-premises data to an snapshot during a disaster. Then after recovery, you can \n \t\trestore it back to Amazon Web Services or on-premises from the snapshot. You no longer need to build and \n \t\tmaintain complex mechanisms to copy data to and from Amazon EBS.
\n\n\nThis API reference provides detailed information about the actions, data types,\n parameters, and errors of the EBS direct APIs. For more information about the elements that\n make up the EBS direct APIs, and examples of how to use them effectively, see Accessing the Contents of an Amazon EBS Snapshot in the Amazon Elastic Compute Cloud User\n Guide. For more information about the supported Amazon Web Services Regions, endpoints,\n and service quotas for the EBS direct APIs, see Amazon Elastic Block Store Endpoints and Quotas in\n the Amazon Web Services General Reference.
", + "smithy.api#title": "Amazon Elastic Block Store" + }, "version": "2019-11-02", "operations": [ { @@ -369,22 +384,7 @@ { "target": "com.amazonaws.ebs#StartSnapshot" } - ], - "traits": { - "aws.api#service": { - "sdkId": "EBS", - "arnNamespace": "ebs", - "cloudFormationName": "EBS", - "cloudTrailEventSource": "ebs.amazonaws.com", - "endpointPrefix": "ebs" - }, - "aws.auth#sigv4": { - "name": "ebs" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "You can use the Amazon Elastic Block Store (Amazon EBS) direct APIs to create Amazon EBS snapshots, write data directly to \n \t\tyour snapshots, read data on your snapshots, and identify the differences or changes between \n \t\ttwo snapshots. If you’re an independent software vendor (ISV) who offers backup services for \n \t\tAmazon EBS, the EBS direct APIs make it more efficient and cost-effective to track incremental changes on \n \t\tyour Amazon EBS volumes through snapshots. This can be done without having to create new volumes \n \t\tfrom snapshots, and then use Amazon Elastic Compute Cloud (Amazon EC2) instances to compare the differences.
\n \t\t\n \tYou can create incremental snapshots directly from data on-premises into volumes and the \n \t\tcloud to use for quick disaster recovery. With the ability to write and read snapshots, you can \n \t\twrite your on-premises data to an snapshot during a disaster. Then after recovery, you can \n \t\trestore it back to Amazon Web Services or on-premises from the snapshot. You no longer need to build and \n \t\tmaintain complex mechanisms to copy data to and from Amazon EBS.
\n\n\nThis API reference provides detailed information about the actions, data types,\n parameters, and errors of the EBS direct APIs. For more information about the elements that\n make up the EBS direct APIs, and examples of how to use them effectively, see Accessing the Contents of an Amazon EBS Snapshot in the Amazon Elastic Compute Cloud User\n Guide. For more information about the supported Amazon Web Services Regions, endpoints,\n and service quotas for the EBS direct APIs, see Amazon Elastic Block Store Endpoints and Quotas in\n the Amazon Web Services General Reference.
", - "smithy.api#title": "Amazon Elastic Block Store" - } + ] }, "com.amazonaws.ebs#ErrorMessage": { "type": "string", @@ -591,21 +591,21 @@ "NextToken": { "target": "com.amazonaws.ebs#PageToken", "traits": { - "smithy.api#documentation": "The token to request the next page of results.
", + "smithy.api#documentation": "The token to request the next page of results.
\nIf you specify NextToken, then \n StartingBlockIndex is ignored.
", "smithy.api#httpQuery": "pageToken" } }, "MaxResults": { "target": "com.amazonaws.ebs#MaxResults", "traits": { - "smithy.api#documentation": "The number of results to return.
", + "smithy.api#documentation": "The maximum number of blocks to be returned by the request.
\nEven if additional blocks can be retrieved from the snapshot, the request can \n return less blocks than MaxResults or an empty \n array of blocks.
\nTo retrieve the next set of blocks from the snapshot, make another request with \n the returned NextToken value. The value of \n NextToken is null when there are no \n more blocks to return.
The block index from which the comparison should start.
\nThe list in the response will start from this block index or the next valid block\n index in the snapshots.
", + "smithy.api#documentation": "The block index from which the comparison should start.
\nThe list in the response will start from this block index or the next valid block\n index in the snapshots.
\nIf you specify NextToken, then \n StartingBlockIndex is ignored.
", "smithy.api#httpQuery": "startingBlockIndex" } } @@ -702,21 +702,21 @@ "NextToken": { "target": "com.amazonaws.ebs#PageToken", "traits": { - "smithy.api#documentation": "The token to request the next page of results.
", + "smithy.api#documentation": "The token to request the next page of results.
\nIf you specify NextToken, then \n StartingBlockIndex is ignored.
", "smithy.api#httpQuery": "pageToken" } }, "MaxResults": { "target": "com.amazonaws.ebs#MaxResults", "traits": { - "smithy.api#documentation": "The number of results to return.
", + "smithy.api#documentation": "The maximum number of blocks to be returned by the request.
\nEven if additional blocks can be retrieved from the snapshot, the request can \n return less blocks than MaxResults or an empty \n array of blocks.
\nTo retrieve the next set of blocks from the snapshot, make another request with \n the returned NextToken value. The value of \n NextToken is null when there are no \n more blocks to return.
The block index from which the list should start. The list in the response will start\n from this block index or the next valid block index in the snapshot.
", + "smithy.api#documentation": "The block index from which the list should start. The list in the response will start\n from this block index or the next valid block index in the snapshot.
\nIf you specify NextToken, then \n StartingBlockIndex is ignored.
", "smithy.api#httpQuery": "startingBlockIndex" } } diff --git a/codegen/sdk-codegen/aws-models/ec2.json b/codegen/sdk-codegen/aws-models/ec2.json index f459b481213a..aa43116d61b7 100644 --- a/codegen/sdk-codegen/aws-models/ec2.json +++ b/codegen/sdk-codegen/aws-models/ec2.json @@ -46857,6 +46857,30 @@ "value": "x1e.32xlarge", "name": "x1e_32xlarge" }, + { + "value": "x2iezn.2xlarge", + "name": "x2iezn_2xlarge" + }, + { + "value": "x2iezn.4xlarge", + "name": "x2iezn_4xlarge" + }, + { + "value": "x2iezn.6xlarge", + "name": "x2iezn_6xlarge" + }, + { + "value": "x2iezn.8xlarge", + "name": "x2iezn_8xlarge" + }, + { + "value": "x2iezn.12xlarge", + "name": "x2iezn_12xlarge" + }, + { + "value": "x2iezn.metal", + "name": "x2iezn_metal" + }, { "value": "x2gd.medium", "name": "x2gd_medium" diff --git a/codegen/sdk-codegen/aws-models/efs.json b/codegen/sdk-codegen/aws-models/efs.json index a579cf3e90c3..a6b40e17b7e5 100644 --- a/codegen/sdk-codegen/aws-models/efs.json +++ b/codegen/sdk-codegen/aws-models/efs.json @@ -424,13 +424,13 @@ "Encrypted": { "target": "com.amazonaws.efs#Encrypted", "traits": { - "smithy.api#documentation": "A Boolean value that, if true, creates an encrypted file system. When creating an\n encrypted file system, you have the option of specifying CreateFileSystemRequest$KmsKeyId for an existing Key Management Service (KMS\n customer master key (CMK). If you don't specify a CMK, then the default CMK for\n Amazon EFS, /aws/elasticfilesystem, is used to protect the encrypted file system.\n
A Boolean value that, if true, creates an encrypted file system. When creating an\n encrypted file system, you have the option of specifying an existing Key Management Service key (KMS key).\n If you don't specify a KMS key, then the default KMS key for\n Amazon EFS, /aws/elasticfilesystem, is used to protect the encrypted file system.\n
The ID of the KMS CMK that you want to use to protect the encrypted file system. This\n parameter is only required if you want to use a non-default KMS key. If this parameter is not\n specified, the default CMK for Amazon EFS is used. This ID can be in one of the following\n formats:
\nKey ID - A unique identifier of the key, for example\n 1234abcd-12ab-34cd-56ef-1234567890ab.
ARN - An Amazon Resource Name (ARN) for the key, for example\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
Key alias - A previously created display name for a key, for example\n alias/projectKey1.
Key alias ARN - An ARN for a key alias, for example\n arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
If KmsKeyId is specified, the CreateFileSystemRequest$Encrypted parameter must be set to true.
EFS accepts only symmetric KMS keys. You cannot use asymmetric KMS keys with EFS file systems.
\nThe ID of the KMS key that you want to use to protect the encrypted file system. This\n parameter is only required if you want to use a non-default KMS key. If this parameter is not\n specified, the default KMS key for Amazon EFS is used. You can specify a KMS key \n ID using the following formats:
\nKey ID - A unique identifier of the key, for example\n 1234abcd-12ab-34cd-56ef-1234567890ab.
ARN - An Amazon Resource Name (ARN) for the key, for example\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
Key alias - A previously created display name for a key, for example\n alias/projectKey1.
Key alias ARN - An ARN for a key alias, for example\n arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
If you use KmsKeyId, you must set the CreateFileSystemRequest$Encrypted \n parameter to true.
EFS accepts only symmetric KMS keys. You cannot use asymmetric \n KMS keys with Amazon EFS file systems.
\nSpecifies whether automatic backups are enabled on the file system that you are creating.\n Set the value to true to enable automatic backups. If you are creating a file\n system that uses One Zone storage classes, automatic backups are enabled by default. For more\n information, see Automatic backups in the\n Amazon EFS User Guide.
Default is false. However, if you specify an AvailabilityZoneName, \n the default is true.
Backup is not available in all Amazon Web Services Regionswhere Amazon EFS is available.
\nSpecifies whether automatic backups are enabled on the file system that you are creating.\n Set the value to true to enable automatic backups. If you are creating a file\n system that uses One Zone storage classes, automatic backups are enabled by default. For more\n information, see Automatic backups in the\n Amazon EFS User Guide.
Default is false. However, if you specify an AvailabilityZoneName, \n the default is true.
Backup is not available in all Amazon Web Services Regions where Amazon EFS is available.
\nCreates a replication configuration that replicates an existing EFS file \n system to a new, read-only file system. For more information, see \n Amazon EFS replication. \n The replication configuration specifies the following:
\n\n Source file system - an existing\n EFS file system that you want replicated. The source file system cannot be a destination file system \n in an existing replication configuration.
\n\n Destination file system configuration\n - the configuration of the destination file system to which the source file system \n will be replicated. There can only be one destination file system in a replication\n configuration.
\n\n Amazon Web Services Region - The Amazon Web Services Region in which the destination \n file system is created. EFS Replication is available in all Amazon Web Services Region that Amazon EFS is available in, except the following regions: \n Asia Pacific (Hong Kong) Europe (Milan), Middle East (Bahrain), Africa (Cape Town), and Asia Pacific (Jakarta).
\n\n Availability zone - If you want the destination file system to use \n One Zone availability and durability, you must specify the Availability Zone to create the file system in. \n For more information about EFS storage classes, see \n Amazon EFS storage classes in the Amazon EFS User Guide.
\n\n Encryption - All destination file systems are\n created with encryption at rest enabled. You can specify the \n KMS key that is used to encrypt the destination file system. \n Your service-managed KMS key for Amazon EFS is used if you don't specify a KMS key. \n You cannot change this after the file system is created.
\nThe following properties are set by default:
\n\n Performance mode - The destination file system's \n performance mode will match that of the source file system, unless the destination file \n system uses One Zone storage. In that case, the General Purpose \n performance mode is used. The Performance mode cannot be changed.
\n\n Throughput mode - The destination file system \n use the Bursting throughput mode by default. You can modify the throughput mode once the file system \n is created.
\nThe following properties are turned off by default:
\n\n Lifecycle management - EFS lifecycle \n management and intelligent tiering are not enabled on the destination file system. You can enable \n EFS lifecycle management and intelligent tiering after the destination file system is created.
\n\n Automatic backups - Automatic daily backups \n not enabled on the destination file system. You can change this setting after the file system is created.
\nFor more information, see Amazon EFS replication.
", + "smithy.api#http": { + "method": "POST", + "uri": "/2015-02-01/file-systems/{SourceFileSystemId}/replication-configuration", + "code": 200 + } + } + }, + "com.amazonaws.efs#CreateReplicationConfigurationRequest": { + "type": "structure", + "members": { + "SourceFileSystemId": { + "target": "com.amazonaws.efs#FileSystemId", + "traits": { + "smithy.api#documentation": "Specifies the Amazon EFS file system that you want to replicate. This file system cannot already be \n a source or destination file system in another replication configuration.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "Destinations": { + "target": "com.amazonaws.efs#DestinationsToCreate", + "traits": { + "smithy.api#documentation": "An array of destination configuration objects. Only one destination configuration object is supported.
", + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.efs#CreateTags": { "type": "operation", "input": { @@ -719,6 +788,9 @@ "target": "com.amazonaws.efs#DeleteFileSystemPolicyRequest" }, "errors": [ + { + "target": "com.amazonaws.efs#BadRequest" + }, { "target": "com.amazonaws.efs#FileSystemNotFound" }, @@ -811,6 +883,47 @@ "smithy.api#documentation": "" } }, + "com.amazonaws.efs#DeleteReplicationConfiguration": { + "type": "operation", + "input": { + "target": "com.amazonaws.efs#DeleteReplicationConfigurationRequest" + }, + "errors": [ + { + "target": "com.amazonaws.efs#BadRequest" + }, + { + "target": "com.amazonaws.efs#FileSystemNotFound" + }, + { + "target": "com.amazonaws.efs#InternalServerError" + }, + { + "target": "com.amazonaws.efs#ReplicationNotFound" + } + ], + "traits": { + "smithy.api#documentation": "Deletes an existing replication configuration. To delete a replication \n configuration, you must make the request from the Amazon Web Services Region \n in which the destination file system is located. Deleting a replication \n configuration ends the replication process. You can write to the destination file \n system once it's status becomes Writeable.
The ID of the source file system in the replication configuration.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + } + } + }, "com.amazonaws.efs#DeleteTags": { "type": "operation", "input": { @@ -930,7 +1043,7 @@ "NextToken": { "target": "com.amazonaws.efs#Token", "traits": { - "smithy.api#documentation": "\n NextToken is present if the response is paginated. You can use NextMarker in the subsequent request to fetch the next page of access point descriptions.
\n NextToken is present if the response is paginated. You can use \n NextMarker in the subsequent request to fetch the next page of access point descriptions.
Retrieves the replication configurations for either a specific file system, or all configurations for the \n Amazon Web Services account in an Amazon Web Services Region if a file system is not specified.
", + "smithy.api#http": { + "method": "GET", + "uri": "/2015-02-01/file-systems/replication-configurations", + "code": 200 + } + } + }, + "com.amazonaws.efs#DescribeReplicationConfigurationsRequest": { + "type": "structure", + "members": { + "FileSystemId": { + "target": "com.amazonaws.efs#FileSystemId", + "traits": { + "smithy.api#documentation": "You can retrieve replication configurations for a specific file system by providing a file system ID.
", + "smithy.api#httpQuery": "FileSystemId" + } + }, + "NextToken": { + "target": "com.amazonaws.efs#Token", + "traits": { + "smithy.api#documentation": "\n NextToken is present if the response is paginated. You can use \n NextMarker in a subsequent request to fetch the next page of output.
(Optional) You can optionally specify the MaxItems parameter \n to limit the number of objects returned in a response. The default value is 100.
The collection of replication configurations returned.
" + } + }, + "NextToken": { + "target": "com.amazonaws.efs#Token", + "traits": { + "smithy.api#documentation": "You can use the NextToken from the previous response in a subsequent \n request to fetch the additional descriptions.
Describes the status of the destination Amazon EFS file system.
", + "smithy.api#required": {} + } + }, + "FileSystemId": { + "target": "com.amazonaws.efs#FileSystemId", + "traits": { + "smithy.api#documentation": "The ID of the destination Amazon EFS file system.
", + "smithy.api#required": {} + } + }, + "Region": { + "target": "com.amazonaws.efs#RegionName", + "traits": { + "smithy.api#documentation": "The Amazon Web Services Region in which the destination file system is located.
", + "smithy.api#required": {} + } + }, + "LastReplicatedTimestamp": { + "target": "com.amazonaws.efs#Timestamp", + "traits": { + "smithy.api#documentation": "The time when the most recent sync successfully completed on the destination file system. \n Any changes to data on the source file system that occurred prior to this time were successfully \n replicated to the destination file system. Any changes that occurred after this time might not be \n fully replicated.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Describes the destination file system in the replication configuration.
" + } + }, + "com.amazonaws.efs#DestinationToCreate": { + "type": "structure", + "members": { + "Region": { + "target": "com.amazonaws.efs#RegionName", + "traits": { + "smithy.api#documentation": "To create a file system that uses regional storage, specify the Amazon Web Services Region\n in which to create the destination file system.
" + } + }, + "AvailabilityZoneName": { + "target": "com.amazonaws.efs#AvailabilityZoneName", + "traits": { + "smithy.api#documentation": "To create a file system that uses One Zone storage, specify the name of the \n Availability Zone in which to create the destination file system.
" + } + }, + "KmsKeyId": { + "target": "com.amazonaws.efs#KmsKeyId", + "traits": { + "smithy.api#documentation": "Specifies the KMS key you want to use to encrypt the destination file system. If you do not \n specify a KMS key, EFS uses your default KMS key for Amazon EFS, \n /aws/elasticfilesystem. This ID can be in one of the following\n formats:
Key ID - A unique identifier of the key, for example\n 1234abcd-12ab-34cd-56ef-1234567890ab.
ARN - An Amazon Resource Name (ARN) for the key, for example\n arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
Key alias - A previously created display name for a key, for example\n alias/projectKey1.
Key alias ARN - An ARN for a key alias, for example\n arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
Describes the destination file system to create in the replication configuration.
" + } + }, + "com.amazonaws.efs#Destinations": { + "type": "list", + "member": { + "target": "com.amazonaws.efs#Destination" + } + }, + "com.amazonaws.efs#DestinationsToCreate": { + "type": "list", + "member": { + "target": "com.amazonaws.efs#DestinationToCreate" + } + }, "com.amazonaws.efs#Encrypted": { "type": "boolean", "traits": { @@ -1508,13 +1774,17 @@ "com.amazonaws.efs#ErrorCode": { "type": "string", "traits": { + "smithy.api#documentation": "The error code is a string that uniquely identifies an error condition. \n It is meant to be read and understood by programs that detect and handle errors by type.
", "smithy.api#length": { "min": 1 } } }, "com.amazonaws.efs#ErrorMessage": { - "type": "string" + "type": "string", + "traits": { + "smithy.api#documentation": "The error message contains a generic description of the error \n condition in English. It is intended for a human audience. Simple programs display the message directly \n to the end user if they encounter an error condition they don't know how or don't care to handle. \n Sophisticated programs with more exhaustive error handling and proper internationalization are \n more likely to ignore the error message.
" + } }, "com.amazonaws.efs#FileSystemAlreadyExists": { "type": "structure", @@ -1624,7 +1894,7 @@ "KmsKeyId": { "target": "com.amazonaws.efs#KmsKeyId", "traits": { - "smithy.api#documentation": "The ID of an Key Management Service customer master key (CMK) that was\n used to protect the encrypted file system.
" + "smithy.api#documentation": "The ID of an KMS key used to protect the encrypted file system.
" } }, "ThroughputMode": { @@ -2100,6 +2370,21 @@ }, "com.amazonaws.efs#MagnolioAPIService_v20150201": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "EFS", + "arnNamespace": "elasticfilesystem", + "cloudFormationName": "EFS", + "cloudTrailEventSource": "efs.amazonaws.com", + "endpointPrefix": "elasticfilesystem" + }, + "aws.auth#sigv4": { + "name": "elasticfilesystem" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use\n with Amazon EC2 Linux and Mac instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic,\n growing and shrinking automatically as you add and remove files, so your applications have the\n storage they need, when they need it. For more information, see the Amazon Elastic File System API Reference and the Amazon Elastic File System User Guide.
", + "smithy.api#title": "Amazon Elastic File System" + }, "version": "2015-02-01", "operations": [ { @@ -2111,6 +2396,9 @@ { "target": "com.amazonaws.efs#CreateMountTarget" }, + { + "target": "com.amazonaws.efs#CreateReplicationConfiguration" + }, { "target": "com.amazonaws.efs#CreateTags" }, @@ -2126,6 +2414,9 @@ { "target": "com.amazonaws.efs#DeleteMountTarget" }, + { + "target": "com.amazonaws.efs#DeleteReplicationConfiguration" + }, { "target": "com.amazonaws.efs#DeleteTags" }, @@ -2153,6 +2444,9 @@ { "target": "com.amazonaws.efs#DescribeMountTargetSecurityGroups" }, + { + "target": "com.amazonaws.efs#DescribeReplicationConfigurations" + }, { "target": "com.amazonaws.efs#DescribeTags" }, @@ -2183,22 +2477,7 @@ { "target": "com.amazonaws.efs#UpdateFileSystem" } - ], - "traits": { - "aws.api#service": { - "sdkId": "EFS", - "arnNamespace": "elasticfilesystem", - "cloudFormationName": "EFS", - "cloudTrailEventSource": "efs.amazonaws.com", - "endpointPrefix": "elasticfilesystem" - }, - "aws.auth#sigv4": { - "name": "elasticfilesystem" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use\n with Amazon EC2 instances in the Amazon Web Services Cloud. With Amazon EFS, storage capacity is elastic,\n growing and shrinking automatically as you add and remove files, so your applications have the\n storage they need, when they need it. For more information, see the Amazon Elastic File System API Reference and the Amazon Elastic File System User Guide.
", - "smithy.api#title": "Amazon Elastic File System" - } + ] }, "com.amazonaws.efs#Marker": { "type": "string", @@ -2598,7 +2877,7 @@ } ], "traits": { - "smithy.api#documentation": "Use this operation to set the account preference in the current Amazon Web Services Region to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for \n new EFS file system and mount target resources. All existing resource IDs are not affected by any changes you make. You can set the ID preference during the\n opt-in period as EFS transitions to long resource IDs. For more information, \n see Managing Amazon EFS resource IDs.
\nStarting in October, 2021, you will receive an error if you try to set the account preference to use the short 8 character format resource ID. \n Contact Amazon Web Services support if you receive an error and need to use short IDs for file system and mount target resources.
\nUse this operation to set the account preference in the current Amazon Web Services Region \n to use long 17 character (63 bit) or short 8 character (32 bit) resource IDs for \n new EFS file system and mount target resources. All existing resource IDs are not affected \n by any changes you make. You can set the ID preference during the\n opt-in period as EFS transitions to long resource IDs. For more information, \n see Managing Amazon EFS resource IDs.
\nStarting in October, 2021, you will receive an error if you try to set the account preference to use the short 8 character format resource ID. \n Contact Amazon Web Services support if you receive an error and need to use short IDs for file system and mount target resources.
\nSpecifies the EFS resource ID preference to set for the user's Amazon Web Services account, in the current Amazon Web Services Region, \n either LONG_ID (17 characters), or SHORT_ID (8 characters).
Starting in October, 2021, you will receive an error when setting the account preference to SHORT_ID. \n Contact Amazon Web Services support if you receive an error and need to use short IDs for file system and mount target resources.
Specifies the EFS resource ID preference to set for the user's Amazon Web Services account, \n in the current Amazon Web Services Region, either LONG_ID (17 characters), or \n SHORT_ID (8 characters).
Starting in October, 2021, you will receive an error when setting the account \n preference to SHORT_ID. Contact Amazon Web Services support if you receive an \n error and need to use short IDs for file system and mount target resources.
The ID of the source Amazon EFS file system that is being replicated.
", + "smithy.api#required": {} + } + }, + "SourceFileSystemRegion": { + "target": "com.amazonaws.efs#RegionName", + "traits": { + "smithy.api#documentation": "The Amazon Web Services Region in which the source Amazon EFS file system is located.
", + "smithy.api#required": {} + } + }, + "SourceFileSystemArn": { + "target": "com.amazonaws.efs#FileSystemArn", + "traits": { + "smithy.api#documentation": "The ARN of the current source file system in the replication configuration.
", + "smithy.api#required": {} + } + }, + "OriginalSourceFileSystemArn": { + "target": "com.amazonaws.efs#FileSystemArn", + "traits": { + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the original source Amazon EFS file system in the replication configuration.
", + "smithy.api#required": {} + } + }, + "CreationTime": { + "target": "com.amazonaws.efs#Timestamp", + "traits": { + "smithy.api#documentation": "Describes when the replication configuration was created.
", + "smithy.api#required": {} + } + }, + "Destinations": { + "target": "com.amazonaws.efs#Destinations", + "traits": { + "smithy.api#documentation": "Array of destination objects. Only one destination object is supported.
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.efs#ReplicationConfigurationDescriptions": { + "type": "list", + "member": { + "target": "com.amazonaws.efs#ReplicationConfigurationDescription" + } + }, + "com.amazonaws.efs#ReplicationNotFound": { + "type": "structure", + "members": { + "ErrorCode": { + "target": "com.amazonaws.efs#ErrorCode", + "traits": { + "smithy.api#documentation": "ReplicationNotFound
" + } + }, + "Message": { + "target": "com.amazonaws.efs#ErrorMessage" + } + }, + "traits": { + "smithy.api#documentation": "Returned if the specified file system did not have a replication configuration.
", + "smithy.api#error": "client", + "smithy.api#httpError": 404 + } + }, + "com.amazonaws.efs#ReplicationStatus": { + "type": "string", + "traits": { + "smithy.api#enum": [ + { + "value": "ENABLED", + "name": "ENABLED" + }, + { + "value": "ENABLING", + "name": "ENABLING" + }, + { + "value": "DELETING", + "name": "DELETING" + }, + { + "value": "ERROR", + "name": "ERROR" + } + ] + } + }, "com.amazonaws.efs#Resource": { "type": "string", "traits": { diff --git a/codegen/sdk-codegen/aws-models/frauddetector.json b/codegen/sdk-codegen/aws-models/frauddetector.json index ccbd6607a377..bd7bff1c137b 100644 --- a/codegen/sdk-codegen/aws-models/frauddetector.json +++ b/codegen/sdk-codegen/aws-models/frauddetector.json @@ -31,6 +31,24 @@ "shapes": { "com.amazonaws.frauddetector#AWSHawksNestServiceFacade": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "FraudDetector", + "arnNamespace": "frauddetector", + "cloudFormationName": "FraudDetector", + "cloudTrailEventSource": "frauddetector.amazonaws.com", + "endpointPrefix": "frauddetector" + }, + "aws.auth#sigv4": { + "name": "frauddetector" + }, + "aws.protocols#awsJson1_1": {}, + "smithy.api#documentation": "This is the Amazon Fraud Detector API Reference. This guide is for developers who need\n detailed information about Amazon Fraud Detector API actions, data types, and errors. For\n more information about Amazon Fraud Detector features, see the Amazon Fraud Detector User Guide.
", + "smithy.api#title": "Amazon Fraud Detector", + "smithy.api#xmlNamespace": { + "uri": "http://hawksnest.amazonaws.com/doc/2019-11-15" + } + }, "version": "2019-11-15", "operations": [ { @@ -141,6 +159,9 @@ { "target": "com.amazonaws.frauddetector#GetEventPrediction" }, + { + "target": "com.amazonaws.frauddetector#GetEventPredictionMetadata" + }, { "target": "com.amazonaws.frauddetector#GetEventTypes" }, @@ -168,6 +189,9 @@ { "target": "com.amazonaws.frauddetector#GetVariables" }, + { + "target": "com.amazonaws.frauddetector#ListEventPredictions" + }, { "target": "com.amazonaws.frauddetector#ListTagsForResource" }, @@ -231,25 +255,7 @@ { "target": "com.amazonaws.frauddetector#UpdateVariable" } - ], - "traits": { - "aws.api#service": { - "sdkId": "FraudDetector", - "arnNamespace": "frauddetector", - "cloudFormationName": "FraudDetector", - "cloudTrailEventSource": "frauddetector.amazonaws.com", - "endpointPrefix": "frauddetector" - }, - "aws.auth#sigv4": { - "name": "frauddetector" - }, - "aws.protocols#awsJson1_1": {}, - "smithy.api#documentation": "This is the Amazon Fraud Detector API Reference. This guide is for developers who need\n detailed information about Amazon Fraud Detector API actions, data types, and errors. For\n more information about Amazon Fraud Detector features, see the Amazon Fraud Detector User Guide.
", - "smithy.api#title": "Amazon Fraud Detector", - "smithy.api#xmlNamespace": { - "uri": "http://hawksnest.amazonaws.com/doc/2019-11-15" - } - } + ] }, "com.amazonaws.frauddetector#AccessDeniedException": { "type": "structure", @@ -668,6 +674,12 @@ "target": "com.amazonaws.frauddetector#BatchPrediction" } }, + "com.amazonaws.frauddetector#Boolean": { + "type": "boolean", + "traits": { + "smithy.api#box": {} + } + }, "com.amazonaws.frauddetector#CancelBatchImportJob": { "type": "operation", "input": { @@ -2548,6 +2560,126 @@ "smithy.api#documentation": "The entity type details.
" } }, + "com.amazonaws.frauddetector#EvaluatedExternalModel": { + "type": "structure", + "members": { + "modelEndpoint": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe endpoint of the external (Amazon Sagemaker) model.\n
" + } + }, + "useEventVariables": { + "target": "com.amazonaws.frauddetector#Boolean", + "traits": { + "smithy.api#documentation": "\nIndicates whether event variables were used to generate predictions.\n
" + } + }, + "inputVariables": { + "target": "com.amazonaws.frauddetector#MapOfStrings", + "traits": { + "smithy.api#documentation": "\nInput variables use for generating predictions.\n
" + } + }, + "outputVariables": { + "target": "com.amazonaws.frauddetector#MapOfStrings", + "traits": { + "smithy.api#documentation": "\nOutput variables.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe details of the external (Amazon Sagemaker) model evaluated for generating predictions.\n
" + } + }, + "com.amazonaws.frauddetector#EvaluatedModelVersion": { + "type": "structure", + "members": { + "modelId": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe model ID.\n
" + } + }, + "modelVersion": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe model version.\n
" + } + }, + "modelType": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "The model type.
\nValid values: ONLINE_FRAUD_INSIGHTS | TRANSACTION_FRAUD_INSIGHTS\n
\nEvaluations generated for the model version.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe model version evaluated for generating prediction.\n
" + } + }, + "com.amazonaws.frauddetector#EvaluatedRule": { + "type": "structure", + "members": { + "ruleId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe rule ID.\n
" + } + }, + "ruleVersion": { + "target": "com.amazonaws.frauddetector#wholeNumberVersionString", + "traits": { + "smithy.api#documentation": "\nThe rule version.\n
" + } + }, + "expression": { + "target": "com.amazonaws.frauddetector#sensitiveString", + "traits": { + "smithy.api#documentation": "\nThe rule expression.\n
" + } + }, + "expressionWithValues": { + "target": "com.amazonaws.frauddetector#sensitiveString", + "traits": { + "smithy.api#documentation": "\nThe rule expression value.\n
" + } + }, + "outcomes": { + "target": "com.amazonaws.frauddetector#ListOfStrings", + "traits": { + "smithy.api#documentation": "\nThe rule outcome.\n
" + } + }, + "evaluated": { + "target": "com.amazonaws.frauddetector#Boolean", + "traits": { + "smithy.api#documentation": "\nIndicates whether the rule was evaluated.\n
" + } + }, + "matched": { + "target": "com.amazonaws.frauddetector#Boolean", + "traits": { + "smithy.api#documentation": "\nIndicates whether the rule matched.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe details of the rule used for evaluating variable values.\n
" + } + }, + "com.amazonaws.frauddetector#EvaluatedRuleList": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#EvaluatedRule" + } + }, "com.amazonaws.frauddetector#Event": { "type": "structure", "members": { @@ -2622,6 +2754,60 @@ ] } }, + "com.amazonaws.frauddetector#EventPredictionSummary": { + "type": "structure", + "members": { + "eventId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event ID.\n
" + } + }, + "eventTypeName": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event type.\n
" + } + }, + "eventTimestamp": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe timestamp of the event.\n
" + } + }, + "predictionTimestamp": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe timestamp when the prediction was generated.\n
" + } + }, + "detectorId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe detector ID.\n
" + } + }, + "detectorVersionId": { + "target": "com.amazonaws.frauddetector#wholeNumberVersionString", + "traits": { + "smithy.api#documentation": "\nThe detector version ID.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nInformation about the summary of an event prediction.\n
" + } + }, + "com.amazonaws.frauddetector#EventPredictionsMaxResults": { + "type": "integer", + "traits": { + "smithy.api#box": {}, + "smithy.api#range": { + "min": 50, + "max": 100 + } + } + }, "com.amazonaws.frauddetector#EventType": { "type": "structure", "members": { @@ -2705,6 +2891,32 @@ } } }, + "com.amazonaws.frauddetector#EventVariableSummary": { + "type": "structure", + "members": { + "name": { + "target": "com.amazonaws.frauddetector#sensitiveString", + "traits": { + "smithy.api#documentation": "\nThe event variable name.\n
" + } + }, + "value": { + "target": "com.amazonaws.frauddetector#sensitiveString", + "traits": { + "smithy.api#documentation": "\nThe value of the event variable.\n
" + } + }, + "source": { + "target": "com.amazonaws.frauddetector#sensitiveString", + "traits": { + "smithy.api#documentation": "\nThe event variable source. \n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nInformation about the summary of an event variable that was evaluated for generating prediction.\n
" + } + }, "com.amazonaws.frauddetector#ExternalEventsDetail": { "type": "structure", "members": { @@ -2930,6 +3142,20 @@ "smithy.api#documentation": "The message details.
" } }, + "com.amazonaws.frauddetector#FilterCondition": { + "type": "structure", + "members": { + "value": { + "target": "com.amazonaws.frauddetector#filterString", + "traits": { + "smithy.api#documentation": "\nA statement containing a resource property and a value to specify filter condition. \n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nA conditional statement for filtering a list of past predictions. \n
" + } + }, "com.amazonaws.frauddetector#GetBatchImportJobs": { "type": "operation", "input": { @@ -3467,6 +3693,170 @@ "smithy.api#documentation": "Evaluates an event against a detector version. If a version ID is not provided, the detector’s (ACTIVE) version is used.
\nGets details of the past fraud predictions for the specified event ID, event type, detector ID, and detector version ID that was generated in the specified time period.\n
" + } + }, + "com.amazonaws.frauddetector#GetEventPredictionMetadataRequest": { + "type": "structure", + "members": { + "eventId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event ID.\n
", + "smithy.api#required": {} + } + }, + "eventTypeName": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event type associated with the detector specified for the prediction.\n
", + "smithy.api#required": {} + } + }, + "detectorId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe detector ID.\n
", + "smithy.api#required": {} + } + }, + "detectorVersionId": { + "target": "com.amazonaws.frauddetector#wholeNumberVersionString", + "traits": { + "smithy.api#documentation": "\nThe detector version ID.\n
", + "smithy.api#required": {} + } + }, + "predictionTimestamp": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe timestamp that defines when the prediction was generated. \n
", + "smithy.api#required": {} + } + } + } + }, + "com.amazonaws.frauddetector#GetEventPredictionMetadataResult": { + "type": "structure", + "members": { + "eventId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event ID.\n
" + } + }, + "eventTypeName": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe event type associated with the detector specified for this prediction.\n
" + } + }, + "entityId": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe entity ID.\n
" + } + }, + "entityType": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe entity type.\n
" + } + }, + "eventTimestamp": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe timestamp for when the prediction was generated for the associated event ID.\n
" + } + }, + "detectorId": { + "target": "com.amazonaws.frauddetector#identifier", + "traits": { + "smithy.api#documentation": "\nThe detector ID.\n
" + } + }, + "detectorVersionId": { + "target": "com.amazonaws.frauddetector#wholeNumberVersionString", + "traits": { + "smithy.api#documentation": "\nThe detector version ID.\n
" + } + }, + "detectorVersionStatus": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe status of the detector version.\n
" + } + }, + "eventVariables": { + "target": "com.amazonaws.frauddetector#ListOfEventVariableSummaries", + "traits": { + "smithy.api#documentation": "\nA list of event variables that influenced the prediction scores.\n
" + } + }, + "rules": { + "target": "com.amazonaws.frauddetector#EvaluatedRuleList", + "traits": { + "smithy.api#documentation": "\nList of rules associated with the detector version that were used for evaluating variable values.\n
" + } + }, + "ruleExecutionMode": { + "target": "com.amazonaws.frauddetector#RuleExecutionMode", + "traits": { + "smithy.api#documentation": "\nThe execution mode of the rule used for evaluating variable values.\n
" + } + }, + "outcomes": { + "target": "com.amazonaws.frauddetector#ListOfStrings", + "traits": { + "smithy.api#documentation": "\nThe outcomes of the matched rule, based on the rule execution mode.\n
" + } + }, + "evaluatedModelVersions": { + "target": "com.amazonaws.frauddetector#ListOfEvaluatedModelVersions", + "traits": { + "smithy.api#documentation": "\nModel versions that were evaluated for generating predictions.\n
" + } + }, + "evaluatedExternalModels": { + "target": "com.amazonaws.frauddetector#ListOfEvaluatedExternalModels", + "traits": { + "smithy.api#documentation": "\nExternal (Amazon SageMaker) models that were evaluated for generating predictions.\n
" + } + }, + "predictionTimestamp": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "The timestamp that defines when the prediction was generated.\n
" + } + } + } + }, "com.amazonaws.frauddetector#GetEventPredictionRequest": { "type": "structure", "members": { @@ -4467,6 +4857,125 @@ ] } }, + "com.amazonaws.frauddetector#ListEventPredictions": { + "type": "operation", + "input": { + "target": "com.amazonaws.frauddetector#ListEventPredictionsRequest" + }, + "output": { + "target": "com.amazonaws.frauddetector#ListEventPredictionsResult" + }, + "errors": [ + { + "target": "com.amazonaws.frauddetector#AccessDeniedException" + }, + { + "target": "com.amazonaws.frauddetector#InternalServerException" + }, + { + "target": "com.amazonaws.frauddetector#ThrottlingException" + }, + { + "target": "com.amazonaws.frauddetector#ValidationException" + } + ], + "traits": { + "smithy.api#documentation": "Gets a list of past predictions. The list can be filtered by detector ID, detector version ID, event ID, event type, or by specifying a time period. \n If filter is not specified, the most recent prediction is returned.
\n\nFor example, the following filter lists all past predictions for xyz event type -\n { \n \"eventType\":{\n \"value\": \"xyz\" }” \n } \n
This is a paginated API. If you provide a null maxResults, this action will retrieve a maximum of 10 records per page. \n If you provide a maxResults, the value must be between 50 and 100. To get the next page results, provide \n the nextToken from the response as part of your request. A null nextToken fetches the records from the beginning. \n
\nThe event ID.\n
" + } + }, + "eventType": { + "target": "com.amazonaws.frauddetector#FilterCondition", + "traits": { + "smithy.api#documentation": "\nThe event type associated with the detector.\n
" + } + }, + "detectorId": { + "target": "com.amazonaws.frauddetector#FilterCondition", + "traits": { + "smithy.api#documentation": "\nThe detector ID.\n
" + } + }, + "detectorVersionId": { + "target": "com.amazonaws.frauddetector#FilterCondition", + "traits": { + "smithy.api#documentation": "\nThe detector version ID.\n
" + } + }, + "predictionTimeRange": { + "target": "com.amazonaws.frauddetector#PredictionTimeRange", + "traits": { + "smithy.api#documentation": "\nThe time period for when the predictions were generated.\n
" + } + }, + "nextToken": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nIdentifies the next page of results to return. Use the token to make the call again to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.\n
" + } + }, + "maxResults": { + "target": "com.amazonaws.frauddetector#EventPredictionsMaxResults", + "traits": { + "smithy.api#documentation": "\nThe maximum number of predictions to return for the request.\n
" + } + } + } + }, + "com.amazonaws.frauddetector#ListEventPredictionsResult": { + "type": "structure", + "members": { + "eventPredictionSummaries": { + "target": "com.amazonaws.frauddetector#ListOfEventPredictionSummaries", + "traits": { + "smithy.api#documentation": "\nThe summary of the past predictions.\n
" + } + }, + "nextToken": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nIdentifies the next page of results to return. Use the token to make the call again to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.\n
" + } + } + } + }, + "com.amazonaws.frauddetector#ListOfEvaluatedExternalModels": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#EvaluatedExternalModel" + } + }, + "com.amazonaws.frauddetector#ListOfEvaluatedModelVersions": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#EvaluatedModelVersion" + } + }, + "com.amazonaws.frauddetector#ListOfEventPredictionSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#EventPredictionSummary" + } + }, + "com.amazonaws.frauddetector#ListOfEventVariableSummaries": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#EventVariableSummary" + } + }, "com.amazonaws.frauddetector#ListOfExternalModelOutputs": { "type": "list", "member": { @@ -4485,6 +4994,12 @@ "target": "com.amazonaws.frauddetector#ModelScores" } }, + "com.amazonaws.frauddetector#ListOfModelVersionEvaluations": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#ModelVersionEvaluation" + } + }, "com.amazonaws.frauddetector#ListOfModelVersions": { "type": "list", "member": { @@ -4610,6 +5125,18 @@ "smithy.api#box": {} } }, + "com.amazonaws.frauddetector#MapOfStrings": { + "type": "map", + "key": { + "target": "com.amazonaws.frauddetector#string" + }, + "value": { + "target": "com.amazonaws.frauddetector#string" + }, + "traits": { + "smithy.api#sensitive": {} + } + }, "com.amazonaws.frauddetector#MetricDataPoint": { "type": "structure", "members": { @@ -4993,6 +5520,32 @@ "smithy.api#documentation": "The details of the model version.
" } }, + "com.amazonaws.frauddetector#ModelVersionEvaluation": { + "type": "structure", + "members": { + "outputVariableName": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe output variable name.\n
" + } + }, + "evaluationScore": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe evaluation score generated for the model version.\n
" + } + }, + "predictionExplanations": { + "target": "com.amazonaws.frauddetector#PredictionExplanations", + "traits": { + "smithy.api#documentation": "\nThe prediction explanations generated for the model version.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe model version evalutions.\n
" + } + }, "com.amazonaws.frauddetector#ModelVersionStatus": { "type": "string", "traits": { @@ -5089,6 +5642,42 @@ } } }, + "com.amazonaws.frauddetector#PredictionExplanations": { + "type": "structure", + "members": { + "variableImpactExplanations": { + "target": "com.amazonaws.frauddetector#listOfVariableImpactExplanations", + "traits": { + "smithy.api#documentation": "\nThe details of the event variable's impact on the prediction score.\n
" + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe prediction explanations that provide insight into how each event variable impacted the model version's fraud prediction score. \n
" + } + }, + "com.amazonaws.frauddetector#PredictionTimeRange": { + "type": "structure", + "members": { + "startTime": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe start time of the time period for when the predictions were generated.\n
", + "smithy.api#required": {} + } + }, + "endTime": { + "target": "com.amazonaws.frauddetector#time", + "traits": { + "smithy.api#documentation": "\nThe end time of the time period for when the predictions were generated.\n
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\nThe time period for when the predictions were generated.\n
" + } + }, "com.amazonaws.frauddetector#PutDetector": { "type": "operation", "input": { @@ -6920,6 +7509,32 @@ } } }, + "com.amazonaws.frauddetector#VariableImpactExplanation": { + "type": "structure", + "members": { + "eventVariableName": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\nThe event variable name.\n
" + } + }, + "relativeImpact": { + "target": "com.amazonaws.frauddetector#string", + "traits": { + "smithy.api#documentation": "\n The event variable's relative impact in terms of magnitude on the prediction scores. \n The relative impact values consist of a numerical rating (0-5, 5 being the highest) and direction (increased/decreased) impact of the fraud risk.\n
" + } + }, + "logOddsImpact": { + "target": "com.amazonaws.frauddetector#float", + "traits": { + "smithy.api#documentation": "\n The raw, uninterpreted value represented as log-odds of the fraud. These values are usually between -10 to +10, but range from - infinity to + infinity.
\nA positive value indicates that the variable drove the risk score up.
\nA negative value indicates that the variable drove the risk score down.
\n\nThe details of the event variable's impact on the prediction score.\n
" + } + }, "com.amazonaws.frauddetector#VariableImportanceMetrics": { "type": "structure", "members": { @@ -7064,6 +7679,16 @@ "target": "com.amazonaws.frauddetector#FileValidationMessage" } }, + "com.amazonaws.frauddetector#filterString": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#pattern": "^[0-9A-Za-z_-]+$" + } + }, "com.amazonaws.frauddetector#float": { "type": "float", "traits": { @@ -7141,6 +7766,12 @@ "target": "com.amazonaws.frauddetector#Entity" } }, + "com.amazonaws.frauddetector#listOfVariableImpactExplanations": { + "type": "list", + "member": { + "target": "com.amazonaws.frauddetector#VariableImpactExplanation" + } + }, "com.amazonaws.frauddetector#metricDataPointsList": { "type": "list", "member": { @@ -7218,6 +7849,12 @@ "smithy.api#pattern": "^[0-9A-Za-z_-]+$" } }, + "com.amazonaws.frauddetector#sensitiveString": { + "type": "string", + "traits": { + "smithy.api#sensitive": {} + } + }, "com.amazonaws.frauddetector#string": { "type": "string" }, diff --git a/codegen/sdk-codegen/aws-models/fsx.json b/codegen/sdk-codegen/aws-models/fsx.json index 7eea71e51b4e..426ce4440a8d 100644 --- a/codegen/sdk-codegen/aws-models/fsx.json +++ b/codegen/sdk-codegen/aws-models/fsx.json @@ -326,7 +326,7 @@ "com.amazonaws.fsx#AdministrativeActionType": { "type": "string", "traits": { - "smithy.api#documentation": "Describes the type of administrative action, as follows:
\n\n FILE_SYSTEM_UPDATE - A file system update administrative action\n initiated from the Amazon FSx console, API\n (UpdateFileSystem), or CLI\n (update-file-system).
\n STORAGE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE\n task to increase a file system's storage capacity has been completed\n successfully, a STORAGE_OPTIMIZATION task starts.
For Windows, storage optimization is the process of migrating the file system data\n to the new, larger disks.
\nFor Lustre, storage optimization consists of rebalancing the data across the existing and\n newly added file servers.
\nFor OpenZFS, storage optimization consists of migrating data from the\n older smaller disks to the newer larger disks.
\nYou can track the storage-optimization progress using the\n ProgressPercent property. When\n STORAGE_OPTIMIZATION has been completed successfully, the\n parent FILE_SYSTEM_UPDATE action status changes to\n COMPLETED. For more information, see Managing\n storage capacity in the Amazon FSx for Windows\n File Server User Guide, Managing storage\n and throughput capacity in the Amazon FSx for\n Lustre User Guide, and Managing storage capacity in the\n Amazon FSx for OpenZFS User Guide.
\n FILE_SYSTEM_ALIAS_ASSOCIATION - A file system update to associate a new Domain\n Name System (DNS) alias with the file system. For more information, see \n AssociateFileSystemAliases.
\n FILE_SYSTEM_ALIAS_DISASSOCIATION - A file system update to disassociate a DNS alias from the file system.\n For more information, see DisassociateFileSystemAliases.
\n VOLUME_UPDATE - A volume update to an Amazon FSx for NetApp ONTAP or\n Amazon FSx for OpenZFS volume initiated from the Amazon FSx\n console, API (UpdateVolume), or CLI\n (update-volume).
\n SNAPSHOT_UPDATE - A snapshot update to an Amazon FSx for\n OpenZFS volume initiated from the Amazon FSx console, API\n (UpdateSnapshot), or CLI (update-snapshot).
\n RELEASE_NFS_V3_LOCKS - Tracks the release of Network File System\n (NFS) V3 locks on an Amazon FSx for OpenZFS file system.
Describes the type of administrative action, as follows:
\n\n FILE_SYSTEM_UPDATE - A file system update administrative action\n initiated from the Amazon FSx console, API\n (UpdateFileSystem), or CLI\n (update-file-system).
\n STORAGE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE\n task to increase a file system's storage capacity has been completed\n successfully, a STORAGE_OPTIMIZATION task starts.
For Windows and ONTAP, storage optimization is the process of migrating the file system data\n to newer larger disks.
\nFor Lustre, storage optimization consists of rebalancing the data across the existing and\n newly added file servers.
\nYou can track the storage-optimization progress using the\n ProgressPercent property. When\n STORAGE_OPTIMIZATION has been completed successfully, the\n parent FILE_SYSTEM_UPDATE action status changes to\n COMPLETED. For more information, see Managing\n storage capacity in the Amazon FSx for Windows\n File Server User Guide, Managing storage\n and throughput capacity in the Amazon FSx for\n Lustre User Guide, and\n Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User\n Guide.
\n FILE_SYSTEM_ALIAS_ASSOCIATION - A file system update to associate a new Domain\n Name System (DNS) alias with the file system. For more information, see \n AssociateFileSystemAliases.
\n FILE_SYSTEM_ALIAS_DISASSOCIATION - A file system update to disassociate a DNS alias from the file system.\n For more information, see DisassociateFileSystemAliases.
\n VOLUME_UPDATE - A volume update to an Amazon FSx for NetApp ONTAP or\n Amazon FSx for OpenZFS volume initiated from the Amazon FSx\n console, API (UpdateVolume), or CLI\n (update-volume).
\n SNAPSHOT_UPDATE - A snapshot update to an Amazon FSx for\n OpenZFS volume initiated from the Amazon FSx console, API\n (UpdateSnapshot), or CLI (update-snapshot).
\n RELEASE_NFS_V3_LOCKS - Tracks the release of Network File System\n (NFS) V3 locks on an Amazon FSx for OpenZFS file system.
Creates a new, empty Amazon FSx file system. You can create the following supported \n Amazon FSx file systems using the CreateFileSystem API operation:
Amazon FSx for Lustre
\nAmazon FSx for NetApp ONTAP
\nAmazon FSx for Windows File Server
\nThis operation requires a client request token in the request that Amazon FSx uses\n to ensure idempotent creation. This means that calling the operation multiple times with\n the same client request token has no effect. By using the idempotent operation, you can\n retry a CreateFileSystem operation without the risk of creating an extra\n file system. This approach can be useful when an initial call fails in a way that makes\n it unclear whether a file system was created. Examples are if a transport level timeout\n occurred, or your connection was reset. If you use the same client request token and the\n initial call created a file system, the client receives success as long as the\n parameters are the same.
If a file system with the specified client request token exists and the parameters\n match, CreateFileSystem returns the description of the existing file\n system. If a file system with the specified client request token exists and the\n parameters don't match, this call returns IncompatibleParameterError. If a\n file system with the specified client request token doesn't exist,\n CreateFileSystem does the following:
Creates a new, empty Amazon FSx file system with an assigned ID, and\n an initial lifecycle state of CREATING.
Returns the description of the file system.
\nThis operation requires a client request token in the request that Amazon FSx\n uses to ensure idempotent creation. This means that calling the operation multiple times\n with the same client request token has no effect. By using the idempotent operation, you\n can retry a CreateFileSystem operation without the risk of creating an\n extra file system. This approach can be useful when an initial call fails in a way that\n makes it unclear whether a file system was created. Examples are if a transport-level\n timeout occurred, or your connection was reset. If you use the same client request token\n and the initial call created a file system, the client receives a success message as\n long as the parameters are the same.
The CreateFileSystem call returns while the file system's lifecycle\n state is still CREATING. You can check the file-system creation status\n by calling the DescribeFileSystems operation, which returns the file system state\n along with other information.
Creates a new, empty Amazon FSx file system. You can create the following supported \n Amazon FSx file systems using the CreateFileSystem API operation:
Amazon FSx for Lustre
\nAmazon FSx for NetApp ONTAP
\nAmazon FSx for OpenZFS
\nAmazon FSx for Windows File Server
\nThis operation requires a client request token in the request that Amazon FSx uses\n to ensure idempotent creation. This means that calling the operation multiple times with\n the same client request token has no effect. By using the idempotent operation, you can\n retry a CreateFileSystem operation without the risk of creating an extra\n file system. This approach can be useful when an initial call fails in a way that makes\n it unclear whether a file system was created. Examples are if a transport level timeout\n occurred, or your connection was reset. If you use the same client request token and the\n initial call created a file system, the client receives success as long as the\n parameters are the same.
If a file system with the specified client request token exists and the parameters\n match, CreateFileSystem returns the description of the existing file\n system. If a file system with the specified client request token exists and the\n parameters don't match, this call returns IncompatibleParameterError. If a\n file system with the specified client request token doesn't exist,\n CreateFileSystem does the following:
Creates a new, empty Amazon FSx file system with an assigned ID, and\n an initial lifecycle state of CREATING.
Returns the description of the file system.
\nThis operation requires a client request token in the request that Amazon FSx\n uses to ensure idempotent creation. This means that calling the operation multiple times\n with the same client request token has no effect. By using the idempotent operation, you\n can retry a CreateFileSystem operation without the risk of creating an\n extra file system. This approach can be useful when an initial call fails in a way that\n makes it unclear whether a file system was created. Examples are if a transport-level\n timeout occurred, or your connection was reset. If you use the same client request token\n and the initial call created a file system, the client receives a success message as\n long as the parameters are the same.
The CreateFileSystem call returns while the file system's lifecycle\n state is still CREATING. You can check the file-system creation status\n by calling the DescribeFileSystems operation, which returns the file system state\n along with other information.
(Optional) Choose SCRATCH_1 and SCRATCH_2 deployment \n types when you need temporary storage and shorter-term processing of data. \n The SCRATCH_2 deployment type provides in-transit encryption of data and higher burst \n throughput capacity than SCRATCH_1.
Choose PERSISTENT_1 for longer-term storage and for throughput-focused \n workloads that aren’t latency-sensitive. a. \n PERSISTENT_1 supports encryption of data in transit, and is available in all \n Amazon Web Services Regions in which FSx for Lustre is available.
Choose PERSISTENT_2 for longer-term storage and for latency-sensitive workloads \n that require the highest levels of IOPS/throughput. PERSISTENT_2 supports \n SSD storage, and offers higher PerUnitStorageThroughput (up to 1000 MB/s/TiB). PERSISTENT_2 \n is available in a limited number of Amazon Web Services Regions. \n For more information, and an up-to-date list of Amazon Web Services Regions in which \n PERSISTENT_2 is available, see \n File \n system deployment options for FSx for Lustre in the Amazon FSx for Lustre User Guide.
If you choose PERSISTENT_2, and you set FileSystemTypeVersion to\n 2.10, the CreateFileSystem operation fails.
Encryption of data in transit is automatically turned on when you access\n SCRATCH_2, PERSISTENT_1 and PERSISTENT_2 file\n systems from Amazon EC2 instances that support\n automatic encryption in the Amazon Web Services Regions where they are\n available. For more information about encryption in transit for FSx for Lustre\n file systems, see Encrypting data in\n transit in the Amazon FSx for Lustre User Guide.
(Default = SCRATCH_1)
(Optional) Choose SCRATCH_1 and SCRATCH_2 deployment \n types when you need temporary storage and shorter-term processing of data. \n The SCRATCH_2 deployment type provides in-transit encryption of data and higher burst \n throughput capacity than SCRATCH_1.
Choose PERSISTENT_1 for longer-term storage and for throughput-focused \n workloads that aren’t latency-sensitive.\n PERSISTENT_1 supports encryption of data in transit, and is available in all \n Amazon Web Services Regions in which FSx for Lustre is available.
Choose PERSISTENT_2 for longer-term storage and for latency-sensitive workloads \n that require the highest levels of IOPS/throughput. PERSISTENT_2 supports \n SSD storage, and offers higher PerUnitStorageThroughput (up to 1000 MB/s/TiB). PERSISTENT_2 \n is available in a limited number of Amazon Web Services Regions. \n For more information, and an up-to-date list of Amazon Web Services Regions in which \n PERSISTENT_2 is available, see \n File \n system deployment options for FSx for Lustre in the Amazon FSx for Lustre User Guide.
If you choose PERSISTENT_2, and you set FileSystemTypeVersion to\n 2.10, the CreateFileSystem operation fails.
Encryption of data in transit is automatically turned on when you access\n SCRATCH_2, PERSISTENT_1 and PERSISTENT_2 file\n systems from Amazon EC2 instances that support\n automatic encryption in the Amazon Web Services Regions where they are\n available. For more information about encryption in transit for FSx for Lustre\n file systems, see Encrypting data in\n transit in the Amazon FSx for Lustre User Guide.
(Default = SCRATCH_1)
Sets the throughput capacity for the file system that you're creating. \n Valid values are 512, 1024, and 2048 MBps.
", + "smithy.api#documentation": "Sets the throughput capacity for the file system that you're creating. \n Valid values are 128, 256, 512, 1024, and 2048 MBps.
", "smithy.api#required": {} } }, @@ -1735,7 +1735,7 @@ "StorageType": { "target": "com.amazonaws.fsx#StorageType", "traits": { - "smithy.api#documentation": "Sets the storage type for the file system that you're creating. Valid values are\n SSD and HDD.
Set to SSD to use solid state drive storage. SSD is supported on all Windows,\n Lustre, ONTAP, and OpenZFS deployment types.
Set to HDD to use hard disk drive storage. \n HDD is supported on SINGLE_AZ_2 and MULTI_AZ_1 Windows file system deployment types,\n and on PERSISTENT Lustre file system deployment types. \n
Default value is SSD. For more information, see Storage\n type options in the FSx for Windows File Server User\n Guide and Multiple storage\n options in the FSx for Lustre User\n Guide.
Sets the storage type for the file system that you're creating. Valid values are\n SSD and HDD.
Set to SSD to use solid state drive storage. SSD is supported on all Windows,\n Lustre, ONTAP, and OpenZFS deployment types.
Set to HDD to use hard disk drive storage. \n HDD is supported on SINGLE_AZ_2 and MULTI_AZ_1 Windows file system deployment types,\n and on PERSISTENT_1 Lustre file system deployment types. \n
Default value is SSD. For more information, see Storage\n type options in the FSx for Windows File Server User\n Guide and Multiple storage\n options in the FSx for Lustre User\n Guide.
To delete the volume's children and snapshots, use the string\n DELETE_CHILD_VOLUMES_AND_SNAPSHOTS.
To delete the volume's child volumes, snapshots, and clones, use the string\n DELETE_CHILD_VOLUMES_AND_SNAPSHOTS.
The Lustre version of the Amazon FSx for Lustrefile system, either\n 2.10 or 2.12.
The Lustre version of the Amazon FSx for Lustre file system, either\n 2.10 or 2.12.
Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent\n tiering automatically transitions a volume's data between the file system's primary storage and capacity\n pool storage based on your access patterns.
" + "smithy.api#documentation": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent\n tiering automatically transitions a volume's data between the file system's primary storage and capacity\n pool storage based on your access patterns.
\nValid tiering policies are the following:
\n\n SNAPSHOT_ONLY - (Default value) moves cold snapshots to the capacity pool storage tier.
\n AUTO - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.
\n ALL - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.
\n NONE - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.
Use this operation to update the configuration of an existing Amazon FSx file\n system. You can update multiple properties in a single request.
\nFor Amazon FSx for Windows File Server file systems, you can update the following\n properties:
\n\n AuditLogConfiguration\n
\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n SelfManagedActiveDirectoryConfiguration\n
\n StorageCapacity\n
\n ThroughputCapacity\n
\n WeeklyMaintenanceStartTime\n
For FSx for Lustre file systems, you can update the following\n properties:
\n\n AutoImportPolicy\n
\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n DataCompressionType\n
\n StorageCapacity\n
\n WeeklyMaintenanceStartTime\n
For FSx for ONTAP file systems, you can update the following\n properties:
\n\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n FsxAdminPassword\n
\n WeeklyMaintenanceStartTime\n
For the Amazon FSx for OpenZFS file systems, you can update the following\n properties:
\n\n AutomaticBackupRetentionDays\n
\n CopyTagsToBackups\n
\n CopyTagsToVolumes\n
\n DailyAutomaticBackupStartTime\n
\n DiskIopsConfiguration\n
\n ThroughputCapacity\n
\n WeeklyMaintenanceStartTime\n
Use this operation to update the configuration of an existing Amazon FSx file\n system. You can update multiple properties in a single request.
\nFor Amazon FSx for Windows File Server file systems, you can update the following\n properties:
\n\n AuditLogConfiguration\n
\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n SelfManagedActiveDirectoryConfiguration\n
\n StorageCapacity\n
\n ThroughputCapacity\n
\n WeeklyMaintenanceStartTime\n
For Amazon FSx for Lustre file systems, you can update the following\n properties:
\n\n AutoImportPolicy\n
\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n DataCompressionType\n
\n StorageCapacity\n
\n WeeklyMaintenanceStartTime\n
For Amazon FSx for NetApp ONTAP file systems, you can update the following\n properties:
\n\n AutomaticBackupRetentionDays\n
\n DailyAutomaticBackupStartTime\n
\n DiskIopsConfiguration\n
\n FsxAdminPassword\n
\n StorageCapacity\n
\n WeeklyMaintenanceStartTime\n
For the Amazon FSx for OpenZFS file systems, you can update the following\n properties:
\n\n AutomaticBackupRetentionDays\n
\n CopyTagsToBackups\n
\n CopyTagsToVolumes\n
\n DailyAutomaticBackupStartTime\n
\n ThroughputCapacity\n
\n WeeklyMaintenanceStartTime\n
The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP file system. The default is 3 IOPS per GB of storage capacity,\n but you can provision additional IOPS per GB of storage. The configuration consists\n of an IOPS mode (AUTOMATIC or USER_PROVISIONED), and in\n the case of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned.
The throughput of an Amazon FSx file system, measured in megabytes per second\n (MBps), in 2 to the nth increments, between 2^3 (8) and 2^11 (2048).
" + "smithy.api#documentation": "The throughput of an Amazon FSx file system, measured in megabytes per second\n (MBps), in 2 to the nth increments, between 2^3 (8) and 2^12 (4096).
" } }, "WeeklyMaintenanceStartTime": { @@ -7623,7 +7629,7 @@ "StorageCapacity": { "target": "com.amazonaws.fsx#StorageCapacity", "traits": { - "smithy.api#documentation": "Use this parameter to increase the storage capacity of an Amazon FSx for Windows\n File Server or Amazon FSx for Lustre file system. Specifies the storage capacity\n target value, in GiB, to increase the storage capacity for the file system that you're\n updating.
\nYou can't make a storage capacity increase request if there is an existing storage\n capacity increase request in progress.
\nFor Windows file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. To increase storage capacity, the file system\n must have at least 16 MBps of throughput capacity.
\nFor Lustre file systems, the storage capacity target value can be the following:
\nFor SCRATCH_2 and PERSISTENT_1 SSD deployment types, valid values\n are in multiples of 2400 GiB. The value must be greater than the current storage capacity.
For PERSISTENT HDD file systems, valid values are multiples of 6000 GiB for\n 12-MBps throughput per TiB file systems and multiples of 1800 GiB for 40-MBps throughput\n per TiB file systems. The values must be greater than the current storage capacity.
For SCRATCH_1 file systems, you can't increase the storage capacity.
For OpenZFS file systems, the input/output operations per second (IOPS) automatically\n scale with increases to the storage capacity if IOPS is configured for automatic scaling. If\n the storage capacity increase would result in less than 3 IOPS per GiB of storage, this\n operation returns an error.
\nFor more information, see Managing storage\n capacity in the Amazon FSx for Windows File Server User\n Guide, Managing storage and throughput\n capacity in the Amazon FSx for Lustre User Guide, and\n Managing storage capacity in the Amazon FSx for OpenZFS User\n Guide.
" + "smithy.api#documentation": "Use this parameter to increase the storage capacity of an Amazon FSx for Windows\n File Server, Amazon FSx for Lustre, or Amazon FSx for NetApp ONTAP file system.\n Specifies the storage capacity target value, in GiB, to increase the storage capacity for\n the file system that you're updating.
\nYou can't make a storage capacity increase request if there is an existing storage\n capacity increase request in progress.
\nFor Windows file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. To increase storage capacity, the file system\n must have at least 16 MBps of throughput capacity. For more information, see Managing storage\n capacity in the Amazon FSx for Windows File Server User\n Guide.
\nFor Lustre file systems, the storage capacity target value can be the following:
\nFor SCRATCH_2, PERSISTENT_1, and PERSISTENT_2 SSD deployment types, valid values\n are in multiples of 2400 GiB. The value must be greater than the current storage capacity.
For PERSISTENT HDD file systems, valid values are multiples of 6000 GiB for\n 12-MBps throughput per TiB file systems and multiples of 1800 GiB for 40-MBps throughput\n per TiB file systems. The values must be greater than the current storage capacity.
For SCRATCH_1 file systems, you can't increase the storage capacity.
For more information, see Managing storage and throughput\n capacity in the Amazon FSx for Lustre User Guide.
\nFor ONTAP file systems, the storage capacity target value must be at least 10 percent\n greater than the current storage capacity value. For more information, see\n Managing storage capacity and provisioned IOPS in the Amazon FSx for NetApp ONTAP User\n Guide.
" } }, "WindowsConfiguration": { diff --git a/codegen/sdk-codegen/aws-models/guardduty.json b/codegen/sdk-codegen/aws-models/guardduty.json index 505fc59201d9..33d700bcc4af 100644 --- a/codegen/sdk-codegen/aws-models/guardduty.json +++ b/codegen/sdk-codegen/aws-models/guardduty.json @@ -255,6 +255,13 @@ "smithy.api#documentation": "Information about the PORT_PROBE action described in this finding.
", "smithy.api#jsonName": "portProbeAction" } + }, + "KubernetesApiCallAction": { + "target": "com.amazonaws.guardduty#KubernetesApiCallAction", + "traits": { + "smithy.api#documentation": "Information about the Kubernetes API call action described in this finding.
", + "smithy.api#jsonName": "kubernetesApiCallAction" + } } }, "traits": { @@ -396,6 +403,12 @@ "smithy.api#jsonName": "errorCode" } }, + "UserAgent": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#jsonName": "userAgent" + } + }, "RemoteIpDetails": { "target": "com.amazonaws.guardduty#RemoteIpDetails", "traits": { @@ -674,6 +687,69 @@ "smithy.api#documentation": "Contains information about the condition.
" } }, + "com.amazonaws.guardduty#Container": { + "type": "structure", + "members": { + "ContainerRuntime": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The container runtime (such as, Docker or containerd) used to run the container.
", + "smithy.api#jsonName": "containerRuntime" + } + }, + "Id": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Container ID.
", + "smithy.api#jsonName": "id" + } + }, + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Container name.
", + "smithy.api#jsonName": "name" + } + }, + "Image": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Container image.
", + "smithy.api#jsonName": "image" + } + }, + "ImagePrefix": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Part of the image name before the last slash. For example, imagePrefix for public.ecr.aws/amazonlinux/amazonlinux:latest would be public.ecr.aws/amazonlinux. If the image name is relative and does not have a slash, this field is empty.
", + "smithy.api#jsonName": "imagePrefix" + } + }, + "VolumeMounts": { + "target": "com.amazonaws.guardduty#VolumeMounts", + "traits": { + "smithy.api#documentation": "Container volume mounts.
", + "smithy.api#jsonName": "volumeMounts" + } + }, + "SecurityContext": { + "target": "com.amazonaws.guardduty#SecurityContext", + "traits": { + "smithy.api#documentation": "Container security context.
", + "smithy.api#jsonName": "securityContext" + } + } + }, + "traits": { + "smithy.api#documentation": "Details of a container.
" + } + }, + "com.amazonaws.guardduty#Containers": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#Container" + } + }, "com.amazonaws.guardduty#CountBySeverity": { "type": "map", "key": { @@ -1316,6 +1392,10 @@ { "value": "S3_LOGS", "name": "S3_LOGS" + }, + { + "value": "KUBERNETES_AUDIT_LOGS", + "name": "KUBERNETES_AUDIT_LOGS" } ] } @@ -1329,6 +1409,13 @@ "smithy.api#documentation": "Describes whether S3 data event logs are enabled as a data source.
", "smithy.api#jsonName": "s3Logs" } + }, + "Kubernetes": { + "target": "com.amazonaws.guardduty#KubernetesConfiguration", + "traits": { + "smithy.api#documentation": "Describes whether any Kubernetes logs are enabled as data sources.
", + "smithy.api#jsonName": "kubernetes" + } } }, "traits": { @@ -1369,6 +1456,13 @@ "smithy.api#jsonName": "s3Logs", "smithy.api#required": {} } + }, + "Kubernetes": { + "target": "com.amazonaws.guardduty#KubernetesConfigurationResult", + "traits": { + "smithy.api#documentation": "An object that contains information on the status of all Kubernetes data sources.
", + "smithy.api#jsonName": "kubernetes" + } } }, "traits": { @@ -2288,6 +2382,56 @@ "com.amazonaws.guardduty#Double": { "type": "double" }, + "com.amazonaws.guardduty#EksClusterDetails": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "EKS cluster name.
", + "smithy.api#jsonName": "name" + } + }, + "Arn": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "EKS cluster ARN.
", + "smithy.api#jsonName": "arn" + } + }, + "VpcId": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The VPC ID to which the EKS cluster is attached.
", + "smithy.api#jsonName": "vpcId" + } + }, + "Status": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The EKS cluster status.
", + "smithy.api#jsonName": "status" + } + }, + "Tags": { + "target": "com.amazonaws.guardduty#Tags", + "traits": { + "smithy.api#documentation": "The EKS cluster tags.
", + "smithy.api#jsonName": "tags" + } + }, + "CreatedAt": { + "target": "com.amazonaws.guardduty#Timestamp", + "traits": { + "smithy.api#documentation": "The timestamp when the EKS cluster was created.
", + "smithy.api#jsonName": "createdAt" + } + } + }, + "traits": { + "smithy.api#documentation": "Details about the EKS cluster involved in a Kubernetes finding.
" + } + }, "com.amazonaws.guardduty#Email": { "type": "string", "traits": { @@ -3564,8 +3708,29 @@ } } }, + "com.amazonaws.guardduty#Groups": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#String" + } + }, "com.amazonaws.guardduty#GuardDutyAPIService": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "GuardDuty", + "arnNamespace": "guardduty", + "cloudFormationName": "GuardDuty", + "cloudTrailEventSource": "guardduty.amazonaws.com", + "endpointPrefix": "guardduty" + }, + "aws.auth#sigv4": { + "name": "guardduty" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "Amazon GuardDuty is a continuous security monitoring service that analyzes and processes\n the following data sources: VPC Flow Logs, Amazon Web Services CloudTrail event logs, and DNS logs. It uses\n threat intelligence feeds (such as lists of malicious IPs and domains) and machine learning to\n identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services\n environment. This can include issues like escalations of privileges, uses of exposed\n credentials, or communication with malicious IPs, URLs, or domains. For example, GuardDuty can\n detect compromised EC2 instances that serve malware or mine bitcoin.
\nGuardDuty also monitors Amazon Web Services account access behavior for signs of compromise. Some examples\n of this are unauthorized infrastructure deployments such as EC2 instances deployed in a Region\n that has never been used, or unusual API calls like a password policy change to reduce\n password strength.
\nGuardDuty informs you of the status of your Amazon Web Services environment by producing security findings\n that you can view in the GuardDuty console or through Amazon CloudWatch events. For more\n information, see the \n Amazon\n GuardDuty User Guide\n .
", + "smithy.api#title": "Amazon GuardDuty" + }, "version": "2017-11-28", "operations": [ { @@ -3742,22 +3907,7 @@ { "target": "com.amazonaws.guardduty#UpdateThreatIntelSet" } - ], - "traits": { - "aws.api#service": { - "sdkId": "GuardDuty", - "arnNamespace": "guardduty", - "cloudFormationName": "GuardDuty", - "cloudTrailEventSource": "guardduty.amazonaws.com", - "endpointPrefix": "guardduty" - }, - "aws.auth#sigv4": { - "name": "guardduty" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "Amazon GuardDuty is a continuous security monitoring service that analyzes and processes\n the following data sources: VPC Flow Logs, Amazon Web Services CloudTrail event logs, and DNS logs. It uses\n threat intelligence feeds (such as lists of malicious IPs and domains) and machine learning to\n identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services\n environment. This can include issues like escalations of privileges, uses of exposed\n credentials, or communication with malicious IPs, URLs, or domains. For example, GuardDuty can\n detect compromised EC2 instances that serve malware or mine bitcoin.
\nGuardDuty also monitors Amazon Web Services account access behavior for signs of compromise. Some examples\n of this are unauthorized infrastructure deployments such as EC2 instances deployed in a Region\n that has never been used, or unusual API calls like a password policy change to reduce\n password strength.
\nGuardDuty informs you of the status of your Amazon Web Services environment by producing security findings\n that you can view in the GuardDuty console or through Amazon CloudWatch events. For more\n information, see the \n Amazon\n GuardDuty User Guide\n .
", - "smithy.api#title": "Amazon GuardDuty" - } + ] }, "com.amazonaws.guardduty#GuardDutyArn": { "type": "string", @@ -3765,6 +3915,21 @@ "smithy.api#pattern": "^arn:[A-Za-z_.-]{1,20}:guardduty:[A-Za-z0-9_/.-]{0,63}:\\d+:detector/[A-Za-z0-9_/.-]{32,264}$" } }, + "com.amazonaws.guardduty#HostPath": { + "type": "structure", + "members": { + "Path": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Path of the file or directory on the host that the volume maps to.
", + "smithy.api#jsonName": "path" + } + } + }, + "traits": { + "smithy.api#documentation": "Represents a pre-existing file or directory on the host machine that the volume maps to.
" + } + }, "com.amazonaws.guardduty#IamInstanceProfile": { "type": "structure", "members": { @@ -4127,6 +4292,234 @@ "target": "com.amazonaws.guardduty#String" } }, + "com.amazonaws.guardduty#KubernetesApiCallAction": { + "type": "structure", + "members": { + "RequestUri": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The Kubernetes API request URI.
", + "smithy.api#jsonName": "requestUri" + } + }, + "Verb": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The Kubernetes API request HTTP verb.
", + "smithy.api#jsonName": "verb" + } + }, + "SourceIps": { + "target": "com.amazonaws.guardduty#SourceIps", + "traits": { + "smithy.api#documentation": "The IP of the Kubernetes API caller and the IPs of any proxies or load balancers between the caller and the API endpoint.
", + "smithy.api#jsonName": "sourceIps" + } + }, + "UserAgent": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The user agent of the caller of the Kubernetes API.
", + "smithy.api#jsonName": "userAgent" + } + }, + "RemoteIpDetails": { + "target": "com.amazonaws.guardduty#RemoteIpDetails", + "traits": { + "smithy.api#jsonName": "remoteIpDetails" + } + }, + "StatusCode": { + "target": "com.amazonaws.guardduty#Integer", + "traits": { + "smithy.api#documentation": "The resulting HTTP response code of the Kubernetes API call action.
", + "smithy.api#jsonName": "statusCode" + } + }, + "Parameters": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Parameters related to the Kubernetes API call action.
", + "smithy.api#jsonName": "parameters" + } + } + }, + "traits": { + "smithy.api#documentation": "Information about the Kubernetes API call action described in this finding.
" + } + }, + "com.amazonaws.guardduty#KubernetesAuditLogsConfiguration": { + "type": "structure", + "members": { + "Enable": { + "target": "com.amazonaws.guardduty#Boolean", + "traits": { + "smithy.api#documentation": "The status of Kubernetes audit logs as a data source.
", + "smithy.api#jsonName": "enable", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes whether Kubernetes audit logs are enabled as a data source.
" + } + }, + "com.amazonaws.guardduty#KubernetesAuditLogsConfigurationResult": { + "type": "structure", + "members": { + "Status": { + "target": "com.amazonaws.guardduty#DataSourceStatus", + "traits": { + "smithy.api#documentation": "A value that describes whether Kubernetes audit logs are enabled as a data source.
", + "smithy.api#jsonName": "status", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes whether Kubernetes audit logs are enabled as a data source.
" + } + }, + "com.amazonaws.guardduty#KubernetesConfiguration": { + "type": "structure", + "members": { + "AuditLogs": { + "target": "com.amazonaws.guardduty#KubernetesAuditLogsConfiguration", + "traits": { + "smithy.api#documentation": "The status of Kubernetes audit logs as a data source.
", + "smithy.api#jsonName": "auditLogs", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes whether any Kubernetes data sources are enabled.
" + } + }, + "com.amazonaws.guardduty#KubernetesConfigurationResult": { + "type": "structure", + "members": { + "AuditLogs": { + "target": "com.amazonaws.guardduty#KubernetesAuditLogsConfigurationResult", + "traits": { + "smithy.api#documentation": "Describes whether Kubernetes audit logs are enabled as a data source.
", + "smithy.api#jsonName": "auditLogs", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Describes whether any Kubernetes logs will be enabled as a data source.
" + } + }, + "com.amazonaws.guardduty#KubernetesDetails": { + "type": "structure", + "members": { + "KubernetesUserDetails": { + "target": "com.amazonaws.guardduty#KubernetesUserDetails", + "traits": { + "smithy.api#documentation": "Details about the Kubernetes user involved in a Kubernetes finding.
", + "smithy.api#jsonName": "kubernetesUserDetails" + } + }, + "KubernetesWorkloadDetails": { + "target": "com.amazonaws.guardduty#KubernetesWorkloadDetails", + "traits": { + "smithy.api#documentation": "Details about the Kubernetes workload involved in a Kubernetes finding.
", + "smithy.api#jsonName": "kubernetesWorkloadDetails" + } + } + }, + "traits": { + "smithy.api#documentation": "Details about Kubernetes resources such as a Kubernetes user or workload resource involved in a Kubernetes finding.
" + } + }, + "com.amazonaws.guardduty#KubernetesUserDetails": { + "type": "structure", + "members": { + "Username": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The username of the user who called the Kubernetes API.
", + "smithy.api#jsonName": "username" + } + }, + "Uid": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "The user ID of the user who called the Kubernetes API.
", + "smithy.api#jsonName": "uid" + } + }, + "Groups": { + "target": "com.amazonaws.guardduty#Groups", + "traits": { + "smithy.api#documentation": "The groups that include the user who called the Kubernetes API.
", + "smithy.api#jsonName": "groups" + } + } + }, + "traits": { + "smithy.api#documentation": "Details about the Kubernetes user involved in a Kubernetes finding.
" + } + }, + "com.amazonaws.guardduty#KubernetesWorkloadDetails": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Kubernetes workload name.
", + "smithy.api#jsonName": "name" + } + }, + "Type": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Kubernetes workload type (e.g. Pod, Deployment, etc.).
", + "smithy.api#jsonName": "type" + } + }, + "Uid": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Kubernetes workload ID.
", + "smithy.api#jsonName": "uid" + } + }, + "Namespace": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Kubernetes namespace that the workload is part of.
", + "smithy.api#jsonName": "namespace" + } + }, + "HostNetwork": { + "target": "com.amazonaws.guardduty#Boolean", + "traits": { + "smithy.api#documentation": "Whether the hostNetwork flag is enabled for the pods included in the workload.
", + "smithy.api#jsonName": "hostNetwork" + } + }, + "Containers": { + "target": "com.amazonaws.guardduty#Containers", + "traits": { + "smithy.api#documentation": "Containers running as part of the Kubernetes workload.
", + "smithy.api#jsonName": "containers" + } + }, + "Volumes": { + "target": "com.amazonaws.guardduty#Volumes", + "traits": { + "smithy.api#documentation": "Volumes used by the Kubernetes workload.
", + "smithy.api#jsonName": "volumes" + } + } + }, + "traits": { + "smithy.api#documentation": "Details about the Kubernetes workload involved in a Kubernetes finding.
" + } + }, "com.amazonaws.guardduty#ListDetectors": { "type": "operation", "input": { @@ -5314,6 +5707,13 @@ "smithy.api#documentation": "Describes whether S3 data event logs are enabled for new members of the\n organization.
", "smithy.api#jsonName": "s3Logs" } + }, + "Kubernetes": { + "target": "com.amazonaws.guardduty#OrganizationKubernetesConfiguration", + "traits": { + "smithy.api#documentation": "Describes the configuration of Kubernetes data sources for new members of the organization.
", + "smithy.api#jsonName": "kubernetes" + } } }, "traits": { @@ -5330,12 +5730,83 @@ "smithy.api#jsonName": "s3Logs", "smithy.api#required": {} } + }, + "Kubernetes": { + "target": "com.amazonaws.guardduty#OrganizationKubernetesConfigurationResult", + "traits": { + "smithy.api#documentation": "Describes the configuration of Kubernetes data sources.
", + "smithy.api#jsonName": "kubernetes" + } } }, "traits": { "smithy.api#documentation": "An object that contains information on which data sources are automatically enabled for\n new members within the organization.
" } }, + "com.amazonaws.guardduty#OrganizationKubernetesAuditLogsConfiguration": { + "type": "structure", + "members": { + "AutoEnable": { + "target": "com.amazonaws.guardduty#Boolean", + "traits": { + "smithy.api#documentation": "A value that contains information on whether Kubernetes audit logs should be enabled\n automatically as a data source for the organization.
", + "smithy.api#jsonName": "autoEnable", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Organization-wide Kubernetes audit logs configuration.
" + } + }, + "com.amazonaws.guardduty#OrganizationKubernetesAuditLogsConfigurationResult": { + "type": "structure", + "members": { + "AutoEnable": { + "target": "com.amazonaws.guardduty#Boolean", + "traits": { + "smithy.api#documentation": "Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.
", + "smithy.api#jsonName": "autoEnable", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The current configuration of Kubernetes audit logs as a data source for the organization.
" + } + }, + "com.amazonaws.guardduty#OrganizationKubernetesConfiguration": { + "type": "structure", + "members": { + "AuditLogs": { + "target": "com.amazonaws.guardduty#OrganizationKubernetesAuditLogsConfiguration", + "traits": { + "smithy.api#documentation": "Whether Kubernetes audit logs data source should be auto-enabled for new members joining the organization.
", + "smithy.api#jsonName": "auditLogs", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "Organization-wide Kubernetes data sources configurations.
" + } + }, + "com.amazonaws.guardduty#OrganizationKubernetesConfigurationResult": { + "type": "structure", + "members": { + "AuditLogs": { + "target": "com.amazonaws.guardduty#OrganizationKubernetesAuditLogsConfigurationResult", + "traits": { + "smithy.api#documentation": "The current configuration of Kubernetes audit logs as a data source for the organization.
", + "smithy.api#jsonName": "auditLogs", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "The current configuration of all Kubernetes data sources for the organization.
" + } + }, "com.amazonaws.guardduty#OrganizationS3LogsConfiguration": { "type": "structure", "members": { @@ -5678,6 +6149,20 @@ "smithy.api#jsonName": "instanceDetails" } }, + "EksClusterDetails": { + "target": "com.amazonaws.guardduty#EksClusterDetails", + "traits": { + "smithy.api#documentation": "Details about the EKS cluster involved in a Kubernetes finding.
", + "smithy.api#jsonName": "eksClusterDetails" + } + }, + "KubernetesDetails": { + "target": "com.amazonaws.guardduty#KubernetesDetails", + "traits": { + "smithy.api#documentation": "Details about the Kubernetes user and workload involved in a Kubernetes finding.
", + "smithy.api#jsonName": "kubernetesDetails" + } + }, "ResourceType": { "target": "com.amazonaws.guardduty#String", "traits": { @@ -5798,6 +6283,21 @@ "smithy.api#documentation": "Describes whether S3 data event logs will be enabled as a data source.
" } }, + "com.amazonaws.guardduty#SecurityContext": { + "type": "structure", + "members": { + "Privileged": { + "target": "com.amazonaws.guardduty#Boolean", + "traits": { + "smithy.api#documentation": "Whether the container is privileged.
", + "smithy.api#jsonName": "privileged" + } + } + }, + "traits": { + "smithy.api#documentation": "Container security context.
" + } + }, "com.amazonaws.guardduty#SecurityGroup": { "type": "structure", "members": { @@ -5926,6 +6426,12 @@ "smithy.api#documentation": "Contains information about the criteria used for sorting findings.
" } }, + "com.amazonaws.guardduty#SourceIps": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#String" + } + }, "com.amazonaws.guardduty#StartMonitoringMembers": { "type": "operation", "input": { @@ -7179,6 +7685,62 @@ "traits": { "smithy.api#documentation": "Contains the result of GuardDuty usage. If a UsageStatisticType is provided the result for\n other types will be null.
" } + }, + "com.amazonaws.guardduty#Volume": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Volume name.
", + "smithy.api#jsonName": "name" + } + }, + "HostPath": { + "target": "com.amazonaws.guardduty#HostPath", + "traits": { + "smithy.api#documentation": "Represents a pre-existing file or directory on the host machine that the volume maps to.
", + "smithy.api#jsonName": "hostPath" + } + } + }, + "traits": { + "smithy.api#documentation": "Volume used by the Kubernetes workload.
" + } + }, + "com.amazonaws.guardduty#VolumeMount": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Volume mount name.
", + "smithy.api#jsonName": "name" + } + }, + "MountPath": { + "target": "com.amazonaws.guardduty#String", + "traits": { + "smithy.api#documentation": "Volume mount path.
", + "smithy.api#jsonName": "mountPath" + } + } + }, + "traits": { + "smithy.api#documentation": "Container volume mount.
" + } + }, + "com.amazonaws.guardduty#VolumeMounts": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#VolumeMount" + } + }, + "com.amazonaws.guardduty#Volumes": { + "type": "list", + "member": { + "target": "com.amazonaws.guardduty#Volume" + } } } } diff --git a/codegen/sdk-codegen/aws-models/kafka.json b/codegen/sdk-codegen/aws-models/kafka.json index bc42d95b96a8..b39ffe980708 100644 --- a/codegen/sdk-codegen/aws-models/kafka.json +++ b/codegen/sdk-codegen/aws-models/kafka.json @@ -242,12 +242,18 @@ "smithy.api#required": {} } }, + "ProvisionedThroughput": { + "target": "com.amazonaws.kafka#ProvisionedThroughput", + "traits": { + "smithy.api#documentation": "EBS volume provisioned throughput information.", + "smithy.api#jsonName": "provisionedThroughput" + } + }, "VolumeSizeGB": { "target": "com.amazonaws.kafka#__integer", "traits": { "smithy.api#documentation": "Size of the EBS volume to update.
", - "smithy.api#jsonName": "volumeSizeGB", - "smithy.api#required": {} + "smithy.api#jsonName": "volumeSizeGB" } } }, @@ -1959,6 +1965,13 @@ "com.amazonaws.kafka#EBSStorageInfo": { "type": "structure", "members": { + "ProvisionedThroughput": { + "target": "com.amazonaws.kafka#ProvisionedThroughput", + "traits": { + "smithy.api#documentation": "EBS volume provisioned throughput information.", + "smithy.api#jsonName": "provisionedThroughput" + } + }, "VolumeSize": { "target": "com.amazonaws.kafka#__integerMin1Max16384", "traits": { @@ -3689,6 +3702,28 @@ "smithy.api#documentation": "Provisioned cluster request.
" } }, + "com.amazonaws.kafka#ProvisionedThroughput": { + "type": "structure", + "members": { + "Enabled": { + "target": "com.amazonaws.kafka#__boolean", + "traits": { + "smithy.api#documentation": "Provisioned throughput is enabled or not.", + "smithy.api#jsonName": "enabled" + } + }, + "VolumeThroughput": { + "target": "com.amazonaws.kafka#__integer", + "traits": { + "smithy.api#documentation": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", + "smithy.api#jsonName": "volumeThroughput" + } + } + }, + "traits": { + "smithy.api#documentation": "Contains information about provisioned throughput for EBS storage volumes attached to kafka broker nodes." + } + }, "com.amazonaws.kafka#PublicAccess": { "type": "structure", "members": { diff --git a/codegen/sdk-codegen/aws-models/opensearch.json b/codegen/sdk-codegen/aws-models/opensearch.json index 16df6034e34e..130b58ee9c50 100644 --- a/codegen/sdk-codegen/aws-models/opensearch.json +++ b/codegen/sdk-codegen/aws-models/opensearch.json @@ -422,6 +422,9 @@ { "target": "com.amazonaws.opensearch#DescribeDomainAutoTunes" }, + { + "target": "com.amazonaws.opensearch#DescribeDomainChangeProgress" + }, { "target": "com.amazonaws.opensearch#DescribeDomainConfig" }, @@ -953,6 +956,135 @@ "smithy.api#documentation": "The result of a CancelServiceSoftwareUpdate operation. Contains the status of the\n update.\n
The unique change identifier associated with a specific domain configuration change.
" + } + }, + "Message": { + "target": "com.amazonaws.opensearch#Message", + "traits": { + "smithy.api#documentation": "Contains an optional message associated with the domain configuration change.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Specifies change details of the domain configuration change.
" + } + }, + "com.amazonaws.opensearch#ChangeProgressStage": { + "type": "structure", + "members": { + "Name": { + "target": "com.amazonaws.opensearch#ChangeProgressStageName", + "traits": { + "smithy.api#documentation": "The name of the specific progress stage.
" + } + }, + "Status": { + "target": "com.amazonaws.opensearch#ChangeProgressStageStatus", + "traits": { + "smithy.api#documentation": "The overall status of a specific progress stage.
" + } + }, + "Description": { + "target": "com.amazonaws.opensearch#Description", + "traits": { + "smithy.api#documentation": "The description of the progress stage.
" + } + }, + "LastUpdated": { + "target": "com.amazonaws.opensearch#LastUpdated", + "traits": { + "smithy.api#documentation": "The last updated timestamp of the progress stage.
" + } + } + }, + "traits": { + "smithy.api#documentation": "A progress stage details of a specific domain configuration change.
" + } + }, + "com.amazonaws.opensearch#ChangeProgressStageList": { + "type": "list", + "member": { + "target": "com.amazonaws.opensearch#ChangeProgressStage" + }, + "traits": { + "smithy.api#documentation": "The list of progress stages of a specific domain configuration change.
" + } + }, + "com.amazonaws.opensearch#ChangeProgressStageName": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 64 + } + } + }, + "com.amazonaws.opensearch#ChangeProgressStageStatus": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + } + } + }, + "com.amazonaws.opensearch#ChangeProgressStatusDetails": { + "type": "structure", + "members": { + "ChangeId": { + "target": "com.amazonaws.opensearch#GUID", + "traits": { + "smithy.api#documentation": "The unique change identifier associated with a specific domain configuration change.
" + } + }, + "StartTime": { + "target": "com.amazonaws.opensearch#UpdateTimestamp", + "traits": { + "smithy.api#documentation": "The time at which the configuration change is made on the domain.
" + } + }, + "Status": { + "target": "com.amazonaws.opensearch#OverallChangeStatus", + "traits": { + "smithy.api#documentation": "The overall status of the domain configuration change. This field can take the following values: PENDING, PROCESSING, COMPLETED and FAILED
The list of properties involved in the domain configuration change that are still in pending.
" + } + }, + "CompletedProperties": { + "target": "com.amazonaws.opensearch#StringList", + "traits": { + "smithy.api#documentation": "The list of properties involved in the domain configuration change that are completed.
" + } + }, + "TotalNumberOfStages": { + "target": "com.amazonaws.opensearch#TotalNumberOfStages", + "traits": { + "smithy.api#documentation": "The total number of stages required for the configuration change.
" + } + }, + "ChangeProgressStages": { + "target": "com.amazonaws.opensearch#ChangeProgressStageList", + "traits": { + "smithy.api#documentation": "The specific stages that the domain is going through to perform the configuration change.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The progress details of a specific domain configuration change.
" + } + }, "com.amazonaws.opensearch#CloudWatchLogsLogGroupArn": { "type": "string", "traits": { @@ -1938,6 +2070,74 @@ "smithy.api#documentation": "The result of a DescribeDomainAutoTunes request. See \n Auto-Tune for Amazon OpenSearch Service\n for more information.\n
Returns information about the current blue/green deployment happening on a domain, including\n a change ID, status, and progress stages.
", + "smithy.api#http": { + "method": "GET", + "uri": "/2021-01-01/opensearch/domain/{DomainName}/progress", + "code": 200 + } + } + }, + "com.amazonaws.opensearch#DescribeDomainChangeProgressRequest": { + "type": "structure", + "members": { + "DomainName": { + "target": "com.amazonaws.opensearch#DomainName", + "traits": { + "smithy.api#documentation": "The domain you want to get the progress information about.
", + "smithy.api#httpLabel": {}, + "smithy.api#required": {} + } + }, + "ChangeId": { + "target": "com.amazonaws.opensearch#GUID", + "traits": { + "smithy.api#documentation": "The specific change ID for which you want to get progress information. This is an optional parameter.\n If omitted, the service returns information about the most recent configuration change.\n
", + "smithy.api#httpQuery": "changeid" + } + } + }, + "traits": { + "smithy.api#documentation": "Container for the parameters to the DescribeDomainChangeProgress operation. Specifies the\n domain name and optional change specific identity for which you want progress information.\n
Progress information for the configuration change that is requested in the DescribeDomainChangeProgress request.\n
The result of a DescribeDomainChangeProgress request. Contains the progress information of\n the requested domain change.\n
Container for results from\n DescribeReservedInstances\n
Specifies AutoTuneOptions for the domain.\n
Specifies change details of the domain configuration change.
" + } } }, "traits": { @@ -3191,6 +3400,12 @@ "traits": { "smithy.api#documentation": "The current status of the domain's Auto-Tune options.
" } + }, + "ChangeProgressDetails": { + "target": "com.amazonaws.opensearch#ChangeProgressDetails", + "traits": { + "smithy.api#documentation": "Specifies change details of the domain configuration change.
" + } } }, "traits": { @@ -5273,6 +5488,30 @@ "target": "com.amazonaws.opensearch#OutboundConnection" } }, + "com.amazonaws.opensearch#OverallChangeStatus": { + "type": "string", + "traits": { + "smithy.api#documentation": "The overall status value of the domain configuration change.
", + "smithy.api#enum": [ + { + "value": "PENDING", + "name": "PENDING" + }, + { + "value": "PROCESSING", + "name": "PROCESSING" + }, + { + "value": "COMPLETED", + "name": "COMPLETED" + }, + { + "value": "FAILED", + "name": "FAILED" + } + ] + } + }, "com.amazonaws.opensearch#OwnerId": { "type": "string", "traits": { @@ -6507,6 +6746,9 @@ ] } }, + "com.amazonaws.opensearch#TotalNumberOfStages": { + "type": "integer" + }, "com.amazonaws.opensearch#UIntValue": { "type": "integer", "traits": { @@ -6850,6 +7092,9 @@ }, "AdvancedOptions": { "target": "com.amazonaws.opensearch#AdvancedOptions" + }, + "ChangeProgressDetails": { + "target": "com.amazonaws.opensearch#ChangeProgressDetails" } }, "traits": { diff --git a/codegen/sdk-codegen/aws-models/route53-recovery-readiness.json b/codegen/sdk-codegen/aws-models/route53-recovery-readiness.json index 7d8318bc3592..768b2061adaa 100644 --- a/codegen/sdk-codegen/aws-models/route53-recovery-readiness.json +++ b/codegen/sdk-codegen/aws-models/route53-recovery-readiness.json @@ -51,7 +51,7 @@ "CellArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the Cell", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the cell.
", "smithy.api#jsonName": "cellArn", "smithy.api#required": {} } @@ -59,7 +59,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the Cell", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#jsonName": "cellName", "smithy.api#required": {} } @@ -67,7 +67,7 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of cell ARNs.
", "smithy.api#jsonName": "cells", "smithy.api#required": {} } @@ -75,7 +75,7 @@ "ParentReadinessScopes": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell ARNs and/or RecoveryGroup ARNs", + "smithy.api#documentation": "The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
", "smithy.api#jsonName": "parentReadinessScopes", "smithy.api#required": {} } @@ -83,12 +83,13 @@ "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "Tags on the resources.
", "smithy.api#jsonName": "tags" } } }, "traits": { - "smithy.api#documentation": "A Cell and its properties" + "smithy.api#documentation": "Information about a cell.
" } }, "com.amazonaws.route53recoveryreadiness#ConflictException": { @@ -133,7 +134,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new Cell.", + "smithy.api#documentation": "Creates a cell in an account.
", "smithy.api#http": { "method": "POST", "uri": "/cells", @@ -147,7 +148,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the Cell to create", + "smithy.api#documentation": "The name of the cell to create.
", "smithy.api#jsonName": "cellName", "smithy.api#required": {} } @@ -155,7 +156,7 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns contained within this Cell (for use in nested Cells, e.g. regions within which AZs)", + "smithy.api#documentation": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific Amazon Web Services Regions.
", "smithy.api#jsonName": "cells" } }, @@ -165,9 +166,6 @@ "smithy.api#jsonName": "tags" } } - }, - "traits": { - "smithy.api#documentation": "The Cell to create" } }, "com.amazonaws.route53recoveryreadiness#CreateCellResponse": { @@ -176,34 +174,35 @@ "CellArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the Cell", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the cell.
", "smithy.api#jsonName": "cellArn" } }, "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the Cell", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#jsonName": "cellName" } }, "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of cell ARNs.
", "smithy.api#jsonName": "cells" } }, "ParentReadinessScopes": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell ARNs and/or RecoveryGroup ARNs", + "smithy.api#documentation": "The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
", "smithy.api#jsonName": "parentReadinessScopes" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "Tags on the resources.
", "smithy.api#jsonName": "tags" } } @@ -235,7 +234,7 @@ } ], "traits": { - "smithy.api#documentation": "Create a new cross account readiness authorization.", + "smithy.api#documentation": "Creates a cross-account readiness authorization. This lets you authorize another account to work with Route 53 Application Recovery Controller, for example, to check the readiness status of resources in a separate account.
", "smithy.api#http": { "method": "POST", "uri": "/crossaccountauthorizations", @@ -249,14 +248,11 @@ "CrossAccountAuthorization": { "target": "com.amazonaws.route53recoveryreadiness#CrossAccountAuthorization", "traits": { - "smithy.api#documentation": "The cross account authorization", + "smithy.api#documentation": "The cross-account authorization.
", "smithy.api#jsonName": "crossAccountAuthorization", "smithy.api#required": {} } } - }, - "traits": { - "smithy.api#documentation": "The cross account authorization" } }, "com.amazonaws.route53recoveryreadiness#CreateCrossAccountAuthorizationResponse": { @@ -265,7 +261,7 @@ "CrossAccountAuthorization": { "target": "com.amazonaws.route53recoveryreadiness#CrossAccountAuthorization", "traits": { - "smithy.api#documentation": "The cross account authorization", + "smithy.api#documentation": "The cross-account authorization.
", "smithy.api#jsonName": "crossAccountAuthorization" } } @@ -297,7 +293,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new Readiness Check.", + "smithy.api#documentation": "Creates a readiness check in an account. A readiness check monitors a resource set in your application, such as a set of Amazon Aurora instances, that Application Recovery Controller is auditing recovery readiness for. The audits run once every minute on every resource that's associated with a readiness check.
", "smithy.api#http": { "method": "POST", "uri": "/readinesschecks", @@ -311,7 +307,7 @@ "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the ReadinessCheck to create", + "smithy.api#documentation": "The name of the readiness check to create.
", "smithy.api#jsonName": "readinessCheckName", "smithy.api#required": {} } @@ -319,7 +315,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the ResourceSet to check", + "smithy.api#documentation": "The name of the resource set to check.
", "smithy.api#jsonName": "resourceSetName", "smithy.api#required": {} } @@ -330,9 +326,6 @@ "smithy.api#jsonName": "tags" } } - }, - "traits": { - "smithy.api#documentation": "The ReadinessCheck to create" } }, "com.amazonaws.route53recoveryreadiness#CreateReadinessCheckResponse": { @@ -341,21 +334,21 @@ "ReadinessCheckArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "Arn associated with ReadinessCheck", + "smithy.api#documentation": "The Amazon Resource Name (ARN) associated with a readiness check.
", "smithy.api#jsonName": "readinessCheckArn" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name for a ReadinessCheck", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#jsonName": "readinessCheckName" } }, "ResourceSet": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name of the ResourceSet to be checked", + "smithy.api#documentation": "Name of the resource set to be checked.
", "smithy.api#jsonName": "resourceSet" } }, @@ -393,7 +386,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new Recovery Group.", + "smithy.api#documentation": "Creates a recovery group in an account. A recovery group corresponds to an application and includes a list of the cells that make up the application.
", "smithy.api#http": { "method": "POST", "uri": "/recoverygroups", @@ -407,14 +400,14 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.
", "smithy.api#jsonName": "cells" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup to create", + "smithy.api#documentation": "The name of the recovery group to create.
", "smithy.api#jsonName": "recoveryGroupName", "smithy.api#required": {} } @@ -425,9 +418,6 @@ "smithy.api#jsonName": "tags" } } - }, - "traits": { - "smithy.api#documentation": "The RecoveryGroup to create" } }, "com.amazonaws.route53recoveryreadiness#CreateRecoveryGroupResponse": { @@ -436,27 +426,28 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of a cell's Amazon Resource Names (ARNs).
", "smithy.api#jsonName": "cells" } }, "RecoveryGroupArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the RecoveryGroup", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the recovery group.
", "smithy.api#jsonName": "recoveryGroupArn" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup", + "smithy.api#documentation": "The name of the recovery group.
", "smithy.api#jsonName": "recoveryGroupName" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "The tags associated with the recovery group.
", "smithy.api#jsonName": "tags" } } @@ -488,7 +479,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a new Resource Set.", + "smithy.api#documentation": "Creates a resource set. A resource set is a set of resources of one type that span multiple cells. You can associate a resource set with a readiness check to monitor the resources for failover readiness.
", "smithy.api#http": { "method": "POST", "uri": "/resourcesets", @@ -502,7 +493,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the ResourceSet to create", + "smithy.api#documentation": "The name of the resource set to create.
", "smithy.api#jsonName": "resourceSetName", "smithy.api#required": {} } @@ -510,7 +501,7 @@ "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType", "smithy.api#required": {} } @@ -518,7 +509,7 @@ "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects in the resource set.
", "smithy.api#jsonName": "resources", "smithy.api#required": {} } @@ -526,12 +517,10 @@ "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "A tag to associate with the parameters for a resource set.
", "smithy.api#jsonName": "tags" } } - }, - "traits": { - "smithy.api#documentation": "The ResourceSet to create" } }, "com.amazonaws.route53recoveryreadiness#CreateResourceSetResponse": { @@ -540,28 +529,28 @@ "ResourceSetArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the ResourceSet", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource set.
", "smithy.api#jsonName": "resourceSetArn" } }, "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the ResourceSet", + "smithy.api#documentation": "The name of the resource set.
", "smithy.api#jsonName": "resourceSetName" } }, "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource Type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType" } }, "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects.
", "smithy.api#jsonName": "resources" } }, @@ -576,7 +565,7 @@ "com.amazonaws.route53recoveryreadiness#CrossAccountAuthorization": { "type": "string", "traits": { - "smithy.api#documentation": "A cross-account authorization, e.g. arn:aws:iam::123456789012:root" + "smithy.api#documentation": "CrossAccountAuthorization
" } }, "com.amazonaws.route53recoveryreadiness#DNSTargetResource": { @@ -585,40 +574,41 @@ "DomainName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The DNS Name that acts as ingress point to a portion of application", + "smithy.api#documentation": "The domain name that acts as an ingress point to a portion of the customer application.
", "smithy.api#jsonName": "domainName" } }, "HostedZoneArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Hosted Zone ARN that contains the DNS record with the provided name of target resource.", + "smithy.api#documentation": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.
", "smithy.api#jsonName": "hostedZoneArn" } }, "RecordSetId": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The R53 Set Id to uniquely identify a record given a Name and a Type", + "smithy.api#documentation": "The Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.
", "smithy.api#jsonName": "recordSetId" } }, "RecordType": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Type of DNS Record of target resource", + "smithy.api#documentation": "The type of DNS record of the target resource.
", "smithy.api#jsonName": "recordType" } }, "TargetResource": { "target": "com.amazonaws.route53recoveryreadiness#TargetResource", "traits": { + "smithy.api#documentation": "The target resource of the DNS target resource.
", "smithy.api#jsonName": "targetResource" } } }, "traits": { - "smithy.api#documentation": "A component for DNS/Routing Control Readiness Checks" + "smithy.api#documentation": "A component for DNS/routing control readiness checks and architecture checks.
" } }, "com.amazonaws.route53recoveryreadiness#DeleteCell": { @@ -644,7 +634,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Cell.", + "smithy.api#documentation": "Delete a cell. When successful, the response code is 204, with no response body.
", "smithy.api#http": { "method": "DELETE", "uri": "/cells/{CellName}", @@ -658,7 +648,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Cell to delete", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -688,7 +678,7 @@ } ], "traits": { - "smithy.api#documentation": "Delete cross account readiness authorization", + "smithy.api#documentation": "Deletes cross account readiness authorization.
", "smithy.api#http": { "method": "DELETE", "uri": "/crossaccountauthorizations/{CrossAccountAuthorization}", @@ -702,7 +692,7 @@ "CrossAccountAuthorization": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The cross account authorization", + "smithy.api#documentation": "The cross-account authorization.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -736,7 +726,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Readiness Check.", + "smithy.api#documentation": "Deletes a readiness check.
", "smithy.api#http": { "method": "DELETE", "uri": "/readinesschecks/{ReadinessCheckName}", @@ -750,7 +740,7 @@ "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ReadinessCheck to delete", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -780,7 +770,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Recovery Group.", + "smithy.api#documentation": "Deletes a recovery group.
", "smithy.api#http": { "method": "DELETE", "uri": "/recoverygroups/{RecoveryGroupName}", @@ -794,7 +784,7 @@ "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The RecoveryGroup to delete", + "smithy.api#documentation": "The name of a recovery group.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -824,7 +814,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes an existing Resource Set.", + "smithy.api#documentation": "Deletes a resource set.
", "smithy.api#http": { "method": "DELETE", "uri": "/resourcesets/{ResourceSetName}", @@ -838,7 +828,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ResourceSet to delete", + "smithy.api#documentation": "Name of a resource set.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -871,7 +861,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of recommendations to improve resilliance and readiness check quality for a Recovery Group.", + "smithy.api#documentation": "Gets recommendations about architecture designs for improving resiliency for an application, based on a recovery group.
", "smithy.api#http": { "method": "GET", "uri": "/recoverygroups/{RecoveryGroupName}/architectureRecommendations", @@ -885,21 +875,21 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "Name of RecoveryGroup (top level resource) to be analyzed.", + "smithy.api#documentation": "The name of a recovery group.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -912,21 +902,21 @@ "LastAuditTimestamp": { "target": "com.amazonaws.route53recoveryreadiness#LastAuditTimestamp", "traits": { - "smithy.api#documentation": "The time a Recovery Group was last assessed for recommendations in UTC ISO-8601 format.", + "smithy.api#documentation": "The time that a recovery group was last assessed for recommendations, in UTC ISO-8601 format.
", "smithy.api#jsonName": "lastAuditTimestamp" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Recommendations": { "target": "com.amazonaws.route53recoveryreadiness#__listOfRecommendation", "traits": { - "smithy.api#documentation": "A list of recommendations for the customer's application", + "smithy.api#documentation": "A list of the recommendations for the customer's application.
", "smithy.api#jsonName": "recommendations" } } @@ -958,7 +948,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about a Cell.", + "smithy.api#documentation": "Gets information about a cell including cell name, cell Amazon Resource Name (ARN), ARNs of nested cells for this cell, and a list of those cell ARNs with their associated recovery group ARNs.
", "smithy.api#http": { "method": "GET", "uri": "/cells/{CellName}", @@ -992,7 +982,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about readiness of a Cell.", + "smithy.api#documentation": "Gets readiness for a cell. Aggregates the readiness of all the resources that are associated with the cell into a single value.
", "smithy.api#http": { "method": "GET", "uri": "/cellreadiness/{CellName}", @@ -1012,7 +1002,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the Cell", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1020,14 +1010,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -1039,21 +1029,21 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness at Cell level.", + "smithy.api#documentation": "The readiness at a cell level.
", "smithy.api#jsonName": "readiness" } }, "ReadinessChecks": { "target": "com.amazonaws.route53recoveryreadiness#__listOfReadinessCheckSummary", "traits": { - "smithy.api#documentation": "Summaries for the ReadinessChecks making up the Cell", + "smithy.api#documentation": "Summaries for the readiness checks that make up the cell.
", "smithy.api#jsonName": "readinessChecks" } } @@ -1065,7 +1055,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Cell to get", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1078,34 +1068,35 @@ "CellArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the Cell", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the cell.
", "smithy.api#jsonName": "cellArn" } }, "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the Cell", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#jsonName": "cellName" } }, "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of cell ARNs.
", "smithy.api#jsonName": "cells" } }, "ParentReadinessScopes": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell ARNs and/or RecoveryGroup ARNs", + "smithy.api#documentation": "The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
", "smithy.api#jsonName": "parentReadinessScopes" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "Tags on the resources.
", "smithy.api#jsonName": "tags" } } @@ -1137,7 +1128,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about a ReadinessCheck.", + "smithy.api#documentation": "Gets details about a readiness check.
", "smithy.api#http": { "method": "GET", "uri": "/readinesschecks/{ReadinessCheckName}", @@ -1151,7 +1142,7 @@ "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ReadinessCheck to get", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1184,7 +1175,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns detailed information about the status of an individual resource within a Readiness Check's Resource Set.", + "smithy.api#documentation": "Gets individual readiness status for a readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in the recovery group, use GetRecoveryGroupReadinessSummary.
", "smithy.api#http": { "method": "GET", "uri": "/readinesschecks/{ReadinessCheckName}/resource/{ResourceIdentifier}/status", @@ -1204,21 +1195,21 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ReadinessCheck to get", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1226,7 +1217,7 @@ "ResourceIdentifier": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The resource ARN or component Id to get", + "smithy.api#documentation": "The resource identifier, which is the Amazon Resource Name (ARN) or the identifier generated for the resource by Application Recovery Controller (for example, for a DNS target resource).
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1239,21 +1230,21 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness at rule level.", + "smithy.api#documentation": "The readiness at a rule level.
", "smithy.api#jsonName": "readiness" } }, "Rules": { "target": "com.amazonaws.route53recoveryreadiness#__listOfRuleResult", "traits": { - "smithy.api#documentation": "Details of the rules's results", + "smithy.api#documentation": "Details of the rule's results.
", "smithy.api#jsonName": "rules" } } @@ -1265,21 +1256,21 @@ "ReadinessCheckArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "Arn associated with ReadinessCheck", + "smithy.api#documentation": "The Amazon Resource Name (ARN) associated with a readiness check.
", "smithy.api#jsonName": "readinessCheckArn" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name for a ReadinessCheck", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#jsonName": "readinessCheckName" } }, "ResourceSet": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name of the ResourceSet to be checked", + "smithy.api#documentation": "Name of the resource set to be checked.
", "smithy.api#jsonName": "resourceSet" } }, @@ -1317,7 +1308,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about the status of a Readiness Check.", + "smithy.api#documentation": "Gets the readiness status for an individual readiness check. To see the overall readiness status for a recovery group, that considers the readiness status for all the readiness checks in a recovery group, use GetRecoveryGroupReadinessSummary.
", "smithy.api#http": { "method": "GET", "uri": "/readinesschecks/{ReadinessCheckName}/status", @@ -1337,21 +1328,21 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ReadinessCheck to get", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1364,28 +1355,28 @@ "Messages": { "target": "com.amazonaws.route53recoveryreadiness#__listOfMessage", "traits": { - "smithy.api#documentation": "Top level messages for readiness check status", + "smithy.api#documentation": "Top level messages for readiness check status
", "smithy.api#jsonName": "messages" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness at rule level.", + "smithy.api#documentation": "The readiness at rule level.
", "smithy.api#jsonName": "readiness" } }, "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResourceResult", "traits": { - "smithy.api#documentation": "Summary of resources's readiness", + "smithy.api#documentation": "Summary of the readiness of resources.
", "smithy.api#jsonName": "resources" } } @@ -1417,7 +1408,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about a Recovery Group.", + "smithy.api#documentation": "Gets details about a recovery group, including a list of the cells that are included in it.
", "smithy.api#http": { "method": "GET", "uri": "/recoverygroups/{RecoveryGroupName}", @@ -1451,7 +1442,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about a Recovery Group.", + "smithy.api#documentation": "Displays a summary of information about a recovery group's readiness status. Includes the readiness checks for resources in the recovery group and the readiness status of each one.
", "smithy.api#http": { "method": "GET", "uri": "/recoverygroupreadiness/{RecoveryGroupName}", @@ -1471,21 +1462,21 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup", + "smithy.api#documentation": "The name of a recovery group.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1498,21 +1489,21 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness at RecoveryGroup level.", + "smithy.api#documentation": "The readiness status at a recovery group level.
", "smithy.api#jsonName": "readiness" } }, "ReadinessChecks": { "target": "com.amazonaws.route53recoveryreadiness#__listOfReadinessCheckSummary", "traits": { - "smithy.api#documentation": "Summaries for the ReadinessChecks making up the RecoveryGroup", + "smithy.api#documentation": "Summaries of the readiness checks for the recovery group.
", "smithy.api#jsonName": "readinessChecks" } } @@ -1524,7 +1515,7 @@ "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The RecoveryGroup to get", + "smithy.api#documentation": "The name of a recovery group.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1537,27 +1528,28 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of a cell's Amazon Resource Names (ARNs).
", "smithy.api#jsonName": "cells" } }, "RecoveryGroupArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the RecoveryGroup", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the recovery group.
", "smithy.api#jsonName": "recoveryGroupArn" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup", + "smithy.api#documentation": "The name of the recovery group.
", "smithy.api#jsonName": "recoveryGroupName" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "The tags associated with the recovery group.
", "smithy.api#jsonName": "tags" } } @@ -1589,7 +1581,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns information about a Resource Set.", + "smithy.api#documentation": "Displays the details about a resource set, including a list of the resources in the set.
", "smithy.api#http": { "method": "GET", "uri": "/resourcesets/{ResourceSetName}", @@ -1603,7 +1595,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ResourceSet to get", + "smithy.api#documentation": "Name of a resource set.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -1616,28 +1608,28 @@ "ResourceSetArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the ResourceSet", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource set.
", "smithy.api#jsonName": "resourceSetArn" } }, "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the ResourceSet", + "smithy.api#documentation": "The name of the resource set.
", "smithy.api#jsonName": "resourceSetName" } }, "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource Type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType" } }, "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects.
", "smithy.api#jsonName": "resources" } }, @@ -1668,7 +1660,7 @@ "com.amazonaws.route53recoveryreadiness#LastAuditTimestamp": { "type": "timestamp", "traits": { - "smithy.api#documentation": "The time a Recovery Group was last assessed for recommendations in UTC ISO-8601 format", + "smithy.api#documentation": "The time that a recovery group was last assessed for recommendations, in UTC ISO-8601 format.
", "smithy.api#timestampFormat": "date-time" } }, @@ -1695,7 +1687,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of Cells.", + "smithy.api#documentation": "Lists the cells for an account.
", "smithy.api#http": { "method": "GET", "uri": "/cells", @@ -1715,14 +1707,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -1734,14 +1726,14 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOfCellOutput", "traits": { - "smithy.api#documentation": "A list of Cells", + "smithy.api#documentation": "A list of cells.
", "smithy.api#jsonName": "cells" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } } @@ -1770,7 +1762,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of cross account readiness authorizations.", + "smithy.api#documentation": "Lists the cross-account readiness authorizations that are in place for an account.
", "smithy.api#http": { "method": "GET", "uri": "/crossaccountauthorizations", @@ -1790,14 +1782,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -1809,14 +1801,14 @@ "CrossAccountAuthorizations": { "target": "com.amazonaws.route53recoveryreadiness#__listOfCrossAccountAuthorization", "traits": { - "smithy.api#documentation": "A list of CrossAccountAuthorizations", + "smithy.api#documentation": "A list of cross-account authorizations.
", "smithy.api#jsonName": "crossAccountAuthorizations" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } } @@ -1845,7 +1837,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of Readiness Checks.", + "smithy.api#documentation": "Lists the readiness checks for an account.
", "smithy.api#http": { "method": "GET", "uri": "/readinesschecks", @@ -1865,14 +1857,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -1884,14 +1876,14 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "ReadinessChecks": { "target": "com.amazonaws.route53recoveryreadiness#__listOfReadinessCheckOutput", "traits": { - "smithy.api#documentation": "A list of ReadinessCheck associated with the account", + "smithy.api#documentation": "A list of readiness checks associated with the account.
", "smithy.api#jsonName": "readinessChecks" } } @@ -1920,7 +1912,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of Recovery Groups.", + "smithy.api#documentation": "Lists the recovery groups in an account.
", "smithy.api#http": { "method": "GET", "uri": "/recoverygroups", @@ -1940,14 +1932,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -1959,14 +1951,14 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "RecoveryGroups": { "target": "com.amazonaws.route53recoveryreadiness#__listOfRecoveryGroupOutput", "traits": { - "smithy.api#documentation": "A list of RecoveryGroups", + "smithy.api#documentation": "A list of recovery groups.
", "smithy.api#jsonName": "recoveryGroups" } } @@ -1995,7 +1987,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of Resource Sets.", + "smithy.api#documentation": "Lists the resource sets in an account.
", "smithy.api#http": { "method": "GET", "uri": "/resourcesets", @@ -2015,14 +2007,14 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } } @@ -2034,14 +2026,14 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "ResourceSets": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResourceSetOutput", "traits": { - "smithy.api#documentation": "A list of ResourceSets associated with the account", + "smithy.api#documentation": "A list of resource sets associated with the account.
", "smithy.api#jsonName": "resourceSets" } } @@ -2070,7 +2062,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a collection of rules that are applied as part of Readiness Checks.", + "smithy.api#documentation": "Lists all readiness rules, or lists the readiness rules for a specific resource type.
", "smithy.api#http": { "method": "GET", "uri": "/rules", @@ -2090,7 +2082,7 @@ "ResourceType": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64", "traits": { - "smithy.api#documentation": "The resource type the rule applies to.", + "smithy.api#documentation": "The resource type that the readiness rule applies to.
", "smithy.api#jsonName": "resourceType", "smithy.api#required": {} } @@ -2098,7 +2090,7 @@ "RuleDescription": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "A description of the rule", + "smithy.api#documentation": "The description of a readiness rule.
", "smithy.api#jsonName": "ruleDescription", "smithy.api#required": {} } @@ -2106,14 +2098,14 @@ "RuleId": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64", "traits": { - "smithy.api#documentation": "The Rule's ID.", + "smithy.api#documentation": "The ID for the readiness rule.
", "smithy.api#jsonName": "ruleId", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "A collection of rules used in a readiness check" + "smithy.api#documentation": "Readiness rule information, including the resource type, rule ID, and rule description.
" } }, "com.amazonaws.route53recoveryreadiness#ListRulesRequest": { @@ -2122,21 +2114,21 @@ "MaxResults": { "target": "com.amazonaws.route53recoveryreadiness#MaxResults", "traits": { - "smithy.api#documentation": "Upper bound on number of records to return.", + "smithy.api#documentation": "The number of objects that you want to return with this call.
", "smithy.api#httpQuery": "maxResults" } }, "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token used to resume pagination from the end of a previous request.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#httpQuery": "nextToken" } }, "ResourceType": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "Filter parameter which specifies the rules to return given a resource type.", + "smithy.api#documentation": "The resource type that a readiness rule applies to.
", "smithy.api#httpQuery": "resourceType" } } @@ -2148,14 +2140,14 @@ "NextToken": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "A token that can be used to resume pagination from the end of the collection.", + "smithy.api#documentation": "The token that identifies which batch of results you want to see.
", "smithy.api#jsonName": "nextToken" } }, "Rules": { "target": "com.amazonaws.route53recoveryreadiness#__listOfListRulesOutput", "traits": { - "smithy.api#documentation": "A list of rules", + "smithy.api#documentation": "A list of readiness rules for a specific resource type.
", "smithy.api#jsonName": "rules" } } @@ -2181,7 +2173,7 @@ } ], "traits": { - "smithy.api#documentation": "Returns a list of the tags assigned to the specified resource.", + "smithy.api#documentation": "Lists the tags for a resource.
", "smithy.api#http": { "method": "GET", "uri": "/tags/{ResourceArn}", @@ -2195,7 +2187,7 @@ "ResourceArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource.", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for a resource.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -2208,6 +2200,7 @@ "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "", "smithy.api#jsonName": "tags" } } @@ -2228,13 +2221,13 @@ "MessageText": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The text of a readiness check message", + "smithy.api#documentation": "The text of a readiness check message.
", "smithy.api#jsonName": "messageText" } } }, "traits": { - "smithy.api#documentation": "Information relating to readiness check status" + "smithy.api#documentation": "Information relating to readiness check status.
" } }, "com.amazonaws.route53recoveryreadiness#NLBResource": { @@ -2243,13 +2236,13 @@ "Arn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "An NLB resource arn", + "smithy.api#documentation": "The Network Load Balancer resource Amazon Resource Name (ARN).
", "smithy.api#jsonName": "arn" } } }, "traits": { - "smithy.api#documentation": "The NLB resource a DNS Target Resource points to" + "smithy.api#documentation": "The Network Load Balancer resource that a DNS target resource points to.
" } }, "com.amazonaws.route53recoveryreadiness#R53ResourceRecord": { @@ -2258,26 +2251,26 @@ "DomainName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The DNS target name", + "smithy.api#documentation": "The DNS target domain name.
", "smithy.api#jsonName": "domainName" } }, "RecordSetId": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Resource Record set id", + "smithy.api#documentation": "The Route 53 Resource Record Set ID.
", "smithy.api#jsonName": "recordSetId" } } }, "traits": { - "smithy.api#documentation": "The Route 53 resource a DNS Target Resource record points to" + "smithy.api#documentation": "The Route 53 resource that a DNS target resource record points to.
" } }, "com.amazonaws.route53recoveryreadiness#Readiness": { "type": "string", "traits": { - "smithy.api#documentation": "The readiness of an entire ReadinessCheck or an individual resource ARN.", + "smithy.api#documentation": "The readiness status.
", "smithy.api#enum": [ { "value": "READY", @@ -2304,7 +2297,7 @@ "ReadinessCheckArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "Arn associated with ReadinessCheck", + "smithy.api#documentation": "The Amazon Resource Name (ARN) associated with a readiness check.
", "smithy.api#jsonName": "readinessCheckArn", "smithy.api#required": {} } @@ -2312,14 +2305,14 @@ "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name for a ReadinessCheck", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#jsonName": "readinessCheckName" } }, "ResourceSet": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name of the ResourceSet to be checked", + "smithy.api#documentation": "Name of the resource set to be checked.
", "smithy.api#jsonName": "resourceSet", "smithy.api#required": {} } @@ -2332,7 +2325,7 @@ } }, "traits": { - "smithy.api#documentation": "A resource used for checking the readiness of a Resource Set" + "smithy.api#documentation": "A readiness check.
" } }, "com.amazonaws.route53recoveryreadiness#ReadinessCheckSummary": { @@ -2341,26 +2334,26 @@ "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness of this ReadinessCheck", + "smithy.api#documentation": "The readiness status of this readiness check.
", "smithy.api#jsonName": "readiness" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of a ReadinessCheck which is part of the given RecoveryGroup or Cell", + "smithy.api#documentation": "The name of a readiness check.
", "smithy.api#jsonName": "readinessCheckName" } } }, "traits": { - "smithy.api#documentation": "Summary of ReadinessCheck status, paginated in GetRecoveryGroupReadinessSummary and GetCellReadinessSummary" + "smithy.api#documentation": "Summary of all readiness check statuses in a recovery group, paginated in GetRecoveryGroupReadinessSummary and GetCellReadinessSummary.
" } }, "com.amazonaws.route53recoveryreadiness#ReadinessCheckTimestamp": { "type": "timestamp", "traits": { - "smithy.api#documentation": "The time the Cell was last checked for readiness, in ISO-8601 format, UTC.", + "smithy.api#documentation": "The time (UTC) that the cell was last checked for readiness, in ISO-8601 format.
", "smithy.api#timestampFormat": "date-time" } }, @@ -2370,14 +2363,14 @@ "RecommendationText": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "Guidance text for recommendation", + "smithy.api#documentation": "Text of the recommendations that are provided to make an application more recovery resilient.
", "smithy.api#jsonName": "recommendationText", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Guidance for improving Recovery Group resilliancy" + "smithy.api#documentation": "Recommendations that are provided to make an application more recovery resilient.
" } }, "com.amazonaws.route53recoveryreadiness#RecoveryGroupOutput": { @@ -2386,7 +2379,7 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of a cell's Amazon Resource Names (ARNs).
", "smithy.api#jsonName": "cells", "smithy.api#required": {} } @@ -2394,7 +2387,7 @@ "RecoveryGroupArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the RecoveryGroup", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the recovery group.
", "smithy.api#jsonName": "recoveryGroupArn", "smithy.api#required": {} } @@ -2402,7 +2395,7 @@ "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup", + "smithy.api#documentation": "The name of the recovery group.
", "smithy.api#jsonName": "recoveryGroupName", "smithy.api#required": {} } @@ -2410,12 +2403,13 @@ "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "The tags associated with the recovery group.
", "smithy.api#jsonName": "tags" } } }, "traits": { - "smithy.api#documentation": "A Recovery Group generally containing multiple Cells" + "smithy.api#documentation": "A representation of the application, typically containing multiple cells.
" } }, "com.amazonaws.route53recoveryreadiness#Resource": { @@ -2424,33 +2418,34 @@ "ComponentId": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The component id of the resource, generated by the service when dnsTargetResource is used", + "smithy.api#documentation": "The component identifier of the resource, generated when DNS target resource is used.
", "smithy.api#jsonName": "componentId" } }, "DnsTargetResource": { "target": "com.amazonaws.route53recoveryreadiness#DNSTargetResource", "traits": { + "smithy.api#documentation": "The DNS target resource.
", "smithy.api#jsonName": "dnsTargetResource" } }, "ReadinessScopes": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of RecoveryGroup ARNs and/or Cell ARNs that this resource is contained within.", + "smithy.api#documentation": "A list of recovery group Amazon Resource Names (ARNs) and cell ARNs that this resource is contained within.
", "smithy.api#jsonName": "readinessScopes" } }, "ResourceArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ARN of the AWS resource, can be skipped if dnsTargetResource is used", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the Amazon Web Services resource.
", "smithy.api#jsonName": "resourceArn" } } }, "traits": { - "smithy.api#documentation": "The resource element of a ResourceSet" + "smithy.api#documentation": "The resource element of a resource set.
" } }, "com.amazonaws.route53recoveryreadiness#ResourceNotFoundException": { @@ -2475,14 +2470,14 @@ "ComponentId": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The component id of the resource", + "smithy.api#documentation": "The component id of the resource.
", "smithy.api#jsonName": "componentId" } }, "LastCheckedTimestamp": { "target": "com.amazonaws.route53recoveryreadiness#ReadinessCheckTimestamp", "traits": { - "smithy.api#documentation": "The time the resource was last checked for readiness, in ISO-8601 format, UTC.", + "smithy.api#documentation": "The time (UTC) that the resource was last checked for readiness, in ISO-8601 format.
", "smithy.api#jsonName": "lastCheckedTimestamp", "smithy.api#required": {} } @@ -2490,7 +2485,7 @@ "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness of the resource.", + "smithy.api#documentation": "The readiness of a resource.
", "smithy.api#jsonName": "readiness", "smithy.api#required": {} } @@ -2498,13 +2493,13 @@ "ResourceArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ARN of the resource", + "smithy.api#documentation": "The Amazon Resource Name (ARN) of the resource.
", "smithy.api#jsonName": "resourceArn" } } }, "traits": { - "smithy.api#documentation": "Result with status for an individual resource." + "smithy.api#documentation": "The result of a successful Resource request, with status for an individual resource.
" } }, "com.amazonaws.route53recoveryreadiness#ResourceSetOutput": { @@ -2513,7 +2508,7 @@ "ResourceSetArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the ResourceSet", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource set.
", "smithy.api#jsonName": "resourceSetArn", "smithy.api#required": {} } @@ -2521,7 +2516,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the ResourceSet", + "smithy.api#documentation": "The name of the resource set.
", "smithy.api#jsonName": "resourceSetName", "smithy.api#required": {} } @@ -2529,7 +2524,7 @@ "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource Type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType", "smithy.api#required": {} } @@ -2537,7 +2532,7 @@ "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects.
", "smithy.api#jsonName": "resources", "smithy.api#required": {} } @@ -2550,11 +2545,26 @@ } }, "traits": { - "smithy.api#documentation": "A collection of resources of the same type" + "smithy.api#documentation": "A collection of resources of the same type.
" } }, "com.amazonaws.route53recoveryreadiness#Route53RecoveryReadiness": { "type": "service", + "traits": { + "aws.api#service": { + "sdkId": "Route53 Recovery Readiness", + "arnNamespace": "route53-recovery-readiness", + "cloudFormationName": "Route53RecoveryReadiness", + "cloudTrailEventSource": "route53recoveryreadiness.amazonaws.com", + "endpointPrefix": "route53-recovery-readiness" + }, + "aws.auth#sigv4": { + "name": "route53-recovery-readiness" + }, + "aws.protocols#restJson1": {}, + "smithy.api#documentation": "Recovery readiness
", + "smithy.api#title": "AWS Route53 Recovery Readiness" + }, "version": "2019-12-02", "operations": [ { @@ -2653,22 +2663,7 @@ { "target": "com.amazonaws.route53recoveryreadiness#UpdateResourceSet" } - ], - "traits": { - "aws.api#service": { - "sdkId": "Route53 Recovery Readiness", - "arnNamespace": "route53-recovery-readiness", - "cloudFormationName": "Route53RecoveryReadiness", - "cloudTrailEventSource": "route53recoveryreadiness.amazonaws.com", - "endpointPrefix": "route53-recovery-readiness" - }, - "aws.auth#sigv4": { - "name": "route53-recovery-readiness" - }, - "aws.protocols#restJson1": {}, - "smithy.api#documentation": "AWS Route53 Recovery Readiness", - "smithy.api#title": "AWS Route53 Recovery Readiness" - } + ] }, "com.amazonaws.route53recoveryreadiness#RuleResult": { "type": "structure", @@ -2676,7 +2671,7 @@ "LastCheckedTimestamp": { "target": "com.amazonaws.route53recoveryreadiness#ReadinessCheckTimestamp", "traits": { - "smithy.api#documentation": "The time the resource was last checked for readiness, in ISO-8601 format, UTC.", + "smithy.api#documentation": "The time the resource was last checked for readiness, in ISO-8601 format, UTC.
", "smithy.api#jsonName": "lastCheckedTimestamp", "smithy.api#required": {} } @@ -2684,7 +2679,7 @@ "Messages": { "target": "com.amazonaws.route53recoveryreadiness#__listOfMessage", "traits": { - "smithy.api#documentation": "Details about the resource's readiness", + "smithy.api#documentation": "Details about the resource's readiness.
", "smithy.api#jsonName": "messages", "smithy.api#required": {} } @@ -2692,7 +2687,7 @@ "Readiness": { "target": "com.amazonaws.route53recoveryreadiness#Readiness", "traits": { - "smithy.api#documentation": "The readiness at rule level.", + "smithy.api#documentation": "The readiness at rule level.
", "smithy.api#jsonName": "readiness", "smithy.api#required": {} } @@ -2700,14 +2695,14 @@ "RuleId": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The identifier of the rule.", + "smithy.api#documentation": "The identifier of the rule.
", "smithy.api#jsonName": "ruleId", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Result with status for an individual rule.." + "smithy.api#documentation": "The result of a successful Rule request, with status for an individual rule.
" } }, "com.amazonaws.route53recoveryreadiness#TagResource": { @@ -2730,7 +2725,7 @@ } ], "traits": { - "smithy.api#documentation": "Adds tags to the specified resource. You can specify one or more tags to add.", + "smithy.api#documentation": "Adds a tag to a resource.
", "smithy.api#http": { "method": "POST", "uri": "/tags/{ResourceArn}", @@ -2744,7 +2739,7 @@ "ResourceArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource.", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for a resource.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -2752,6 +2747,7 @@ "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "", "smithy.api#jsonName": "tags", "smithy.api#required": {} } @@ -2771,7 +2767,7 @@ "target": "com.amazonaws.route53recoveryreadiness#__string" }, "traits": { - "smithy.api#documentation": "A collection of tags associated with a resource" + "smithy.api#documentation": "A collection of tags associated with a resource.
" } }, "com.amazonaws.route53recoveryreadiness#TargetResource": { @@ -2780,18 +2776,20 @@ "NLBResource": { "target": "com.amazonaws.route53recoveryreadiness#NLBResource", "traits": { + "smithy.api#documentation": "The Network Load Balancer Resource.
", "smithy.api#jsonName": "nLBResource" } }, "R53Resource": { "target": "com.amazonaws.route53recoveryreadiness#R53ResourceRecord", "traits": { + "smithy.api#documentation": "The Route 53 resource.
", "smithy.api#jsonName": "r53Resource" } } }, "traits": { - "smithy.api#documentation": "The target resource the R53 record points to" + "smithy.api#documentation": "The target resource that the Route 53 record points to.
" } }, "com.amazonaws.route53recoveryreadiness#ThrottlingException": { @@ -2827,7 +2825,7 @@ } ], "traits": { - "smithy.api#documentation": "Removes tags from the specified resource. You can specify one or more tags to remove.", + "smithy.api#documentation": "Removes a tag from a resource.
", "smithy.api#http": { "method": "DELETE", "uri": "/tags/{ResourceArn}", @@ -2841,7 +2839,7 @@ "ResourceArn": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource. You can get this from the response to any request to the resource.", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for a resource.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -2849,7 +2847,7 @@ "TagKeys": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A comma-separated list of the tag keys to remove from the resource.", + "smithy.api#documentation": "The keys for tags you add to resources.
", "smithy.api#httpQuery": "tagKeys", "smithy.api#required": {} } @@ -2882,7 +2880,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an existing Cell.", + "smithy.api#documentation": "Updates a cell to replace the list of nested cells with a new list of nested cells.
", "smithy.api#http": { "method": "PUT", "uri": "/cells/{CellName}", @@ -2896,7 +2894,7 @@ "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The Cell to update", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -2904,14 +2902,11 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns, completely replaces previous list", + "smithy.api#documentation": "A list of cell Amazon Resource Names (ARNs), which completely replaces the previous list.
", "smithy.api#jsonName": "cells", "smithy.api#required": {} } } - }, - "traits": { - "smithy.api#documentation": "Parameters to update for the Cell" } }, "com.amazonaws.route53recoveryreadiness#UpdateCellResponse": { @@ -2920,34 +2915,35 @@ "CellArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the Cell", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the cell.
", "smithy.api#jsonName": "cellArn" } }, "CellName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the Cell", + "smithy.api#documentation": "The name of the cell.
", "smithy.api#jsonName": "cellName" } }, "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of cell ARNs.
", "smithy.api#jsonName": "cells" } }, "ParentReadinessScopes": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell ARNs and/or RecoveryGroup ARNs", + "smithy.api#documentation": "The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element.
", "smithy.api#jsonName": "parentReadinessScopes" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "Tags on the resources.
", "smithy.api#jsonName": "tags" } } @@ -2979,7 +2975,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an exisiting Readiness Check.", + "smithy.api#documentation": "Updates a readiness check.
", "smithy.api#http": { "method": "PUT", "uri": "/readinesschecks/{ReadinessCheckName}", @@ -2993,7 +2989,7 @@ "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ReadinessCheck to update", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -3001,14 +2997,14 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The name of the ResourceSet to check", + "smithy.api#documentation": "The name of the resource set to be checked.
", "smithy.api#jsonName": "resourceSetName", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "The new Readiness Check values" + "smithy.api#documentation": "Name of a readiness check to describe.
" } }, "com.amazonaws.route53recoveryreadiness#UpdateReadinessCheckResponse": { @@ -3017,21 +3013,21 @@ "ReadinessCheckArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "Arn associated with ReadinessCheck", + "smithy.api#documentation": "The Amazon Resource Name (ARN) associated with a readiness check.
", "smithy.api#jsonName": "readinessCheckArn" } }, "ReadinessCheckName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name for a ReadinessCheck", + "smithy.api#documentation": "Name of a readiness check.
", "smithy.api#jsonName": "readinessCheckName" } }, "ResourceSet": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "Name of the ResourceSet to be checked", + "smithy.api#documentation": "Name of the resource set to be checked.
", "smithy.api#jsonName": "resourceSet" } }, @@ -3069,7 +3065,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an existing Recovery Group.", + "smithy.api#documentation": "Updates a recovery group.
", "smithy.api#http": { "method": "PUT", "uri": "/recoverygroups/{RecoveryGroupName}", @@ -3083,7 +3079,7 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns, completely replaces previous list", + "smithy.api#documentation": "A list of cell Amazon Resource Names (ARNs). This list completely replaces the previous list.
", "smithy.api#jsonName": "cells", "smithy.api#required": {} } @@ -3091,14 +3087,14 @@ "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The RecoveryGroup to update", + "smithy.api#documentation": "The name of a recovery group.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "Parameters to update for the RecoveryGroup" + "smithy.api#documentation": "Name of a recovery group.
" } }, "com.amazonaws.route53recoveryreadiness#UpdateRecoveryGroupResponse": { @@ -3107,27 +3103,28 @@ "Cells": { "target": "com.amazonaws.route53recoveryreadiness#__listOf__string", "traits": { - "smithy.api#documentation": "A list of Cell arns", + "smithy.api#documentation": "A list of a cell's Amazon Resource Names (ARNs).
", "smithy.api#jsonName": "cells" } }, "RecoveryGroupArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the RecoveryGroup", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the recovery group.
", "smithy.api#jsonName": "recoveryGroupArn" } }, "RecoveryGroupName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the RecoveryGroup", + "smithy.api#documentation": "The name of the recovery group.
", "smithy.api#jsonName": "recoveryGroupName" } }, "Tags": { "target": "com.amazonaws.route53recoveryreadiness#Tags", "traits": { + "smithy.api#documentation": "The tags associated with the recovery group.
", "smithy.api#jsonName": "tags" } } @@ -3159,7 +3156,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates an existing Resource Set.", + "smithy.api#documentation": "Updates a resource set.
", "smithy.api#http": { "method": "PUT", "uri": "/resourcesets/{ResourceSetName}", @@ -3173,7 +3170,7 @@ "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__string", "traits": { - "smithy.api#documentation": "The ResourceSet to update", + "smithy.api#documentation": "Name of a resource set.
", "smithy.api#httpLabel": {}, "smithy.api#required": {} } @@ -3181,7 +3178,7 @@ "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource Type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType", "smithy.api#required": {} } @@ -3189,14 +3186,14 @@ "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects.
", "smithy.api#jsonName": "resources", "smithy.api#required": {} } } }, "traits": { - "smithy.api#documentation": "configuration for the desired" + "smithy.api#documentation": "Name of a resource set.
" } }, "com.amazonaws.route53recoveryreadiness#UpdateResourceSetResponse": { @@ -3205,28 +3202,28 @@ "ResourceSetArn": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax256", "traits": { - "smithy.api#documentation": "The arn for the ResourceSet", + "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource set.
", "smithy.api#jsonName": "resourceSetArn" } }, "ResourceSetName": { "target": "com.amazonaws.route53recoveryreadiness#__stringMax64PatternAAZAZ09Z", "traits": { - "smithy.api#documentation": "The name of the ResourceSet", + "smithy.api#documentation": "The name of the resource set.
", "smithy.api#jsonName": "resourceSetName" } }, "ResourceSetType": { "target": "com.amazonaws.route53recoveryreadiness#__stringPatternAWSAZaZ09AZaZ09", "traits": { - "smithy.api#documentation": "AWS Resource Type of the resources in the ResourceSet", + "smithy.api#documentation": "The resource type of the resources in the resource set. Enter one of the following values for resource type:
AWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource
", "smithy.api#jsonName": "resourceSetType" } }, "Resources": { "target": "com.amazonaws.route53recoveryreadiness#__listOfResource", "traits": { - "smithy.api#documentation": "A list of Resource objects", + "smithy.api#documentation": "A list of resource objects.
", "smithy.api#jsonName": "resources" } }, diff --git a/codegen/sdk-codegen/aws-models/sagemaker.json b/codegen/sdk-codegen/aws-models/sagemaker.json index be39693a511c..89df5c6df5cc 100644 --- a/codegen/sdk-codegen/aws-models/sagemaker.json +++ b/codegen/sdk-codegen/aws-models/sagemaker.json @@ -5323,7 +5323,7 @@ "AsyncInferenceConfig": { "target": "com.amazonaws.sagemaker#AsyncInferenceConfig", "traits": { - "smithy.api#documentation": "Specifies configuration for how an endpoint performs asynchronous inference. \n This is a required field in order for your Endpoint to be invoked using \n \n InvokeEndpointAsync\n .
Specifies configuration for how an endpoint performs asynchronous inference. \n This is a required field in order for your Endpoint to be invoked using\n InvokeEndpointAsync.
" } } } @@ -17411,6 +17411,20 @@ } } }, + "com.amazonaws.sagemaker#FailStepMetadata": { + "type": "structure", + "members": { + "ErrorMessage": { + "target": "com.amazonaws.sagemaker#String3072", + "traits": { + "smithy.api#documentation": "A message that you define and then is processed and rendered by \n the Fail step when the error occurs.
" + } + } + }, + "traits": { + "smithy.api#documentation": "The container for the metadata for Fail step.
" + } + }, "com.amazonaws.sagemaker#FailureReason": { "type": "string", "traits": { @@ -24420,7 +24434,7 @@ "ModelPackageType": { "target": "com.amazonaws.sagemaker#ModelPackageType", "traits": { - "smithy.api#documentation": "A filter that returns onlyl the model packages of the specified type. This can be one\n of the following values.
\n\n VERSIONED - List only versioned models.
\n UNVERSIONED - List only unversioined models.
\n BOTH - List both versioned and unversioned models.
A filter that returns only the model packages of the specified type. This can be one\n of the following values.
\n\n UNVERSIONED - List only unversioined models. \n This is the default value if no ModelPackageType is specified.
\n VERSIONED - List only versioned models.
\n BOTH - List both versioned and unversioned models.
The current attempt of the execution step. For more information, see Retry Policy for Amazon SageMaker Pipelines steps.
" + "smithy.api#documentation": "The current attempt of the execution step. For more information, see Retry Policy for SageMaker Pipelines steps.
" } }, "FailureReason": { @@ -31003,6 +31017,12 @@ "traits": { "smithy.api#documentation": "The configurations and outcomes of an EMR step execution.
" } + }, + "Fail": { + "target": "com.amazonaws.sagemaker#FailStepMetadata", + "traits": { + "smithy.api#documentation": "The configurations and outcomes of a Fail step execution.
" + } } }, "traits": { @@ -31041,6 +31061,12 @@ "traits": { "smithy.api#documentation": "The display name of the pipeline execution.
" } + }, + "PipelineExecutionFailureReason": { + "target": "com.amazonaws.sagemaker#String3072", + "traits": { + "smithy.api#documentation": "A message generated by SageMaker Pipelines describing why the pipeline execution failed.
" + } } }, "traits": { @@ -36896,7 +36922,7 @@ } ], "traits": { - "smithy.api#documentation": "Stops a pipeline execution.
\n\n\n Callback Step\n
\nA pipeline execution won't stop while a callback step is running.\n When you call StopPipelineExecution\n on a pipeline execution with a running callback step, Amazon SageMaker Pipelines sends an\n additional Amazon SQS message to the specified SQS queue. The body of the SQS message\n contains a \"Status\" field which is set to \"Stopping\".
You should add logic to your Amazon SQS message consumer to take any needed action (for\n example, resource cleanup) upon receipt of the message followed by a call to\n SendPipelineExecutionStepSuccess or\n SendPipelineExecutionStepFailure.
Only when Amazon SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
\n\n\n Lambda Step\n
\nA pipeline execution can't be stopped while a lambda step is running because the Lambda\n function invoked by the lambda step can't be stopped. If you attempt to stop the execution\n while the Lambda function is running, the pipeline waits for the Lambda function to finish\n or until the timeout is hit, whichever occurs first, and then stops. If the Lambda function\n finishes, the pipeline execution status is Stopped. If the timeout is hit\n the pipeline execution status is Failed.
Stops a pipeline execution.
\n\n\n Callback Step\n
\nA pipeline execution won't stop while a callback step is running.\n When you call StopPipelineExecution\n on a pipeline execution with a running callback step, SageMaker Pipelines sends an\n additional Amazon SQS message to the specified SQS queue. The body of the SQS message\n contains a \"Status\" field which is set to \"Stopping\".
You should add logic to your Amazon SQS message consumer to take any needed action (for\n example, resource cleanup) upon receipt of the message followed by a call to\n SendPipelineExecutionStepSuccess or\n SendPipelineExecutionStepFailure.
Only when SageMaker Pipelines receives one of these calls will it stop the pipeline execution.
\n\n\n Lambda Step\n
\nA pipeline execution can't be stopped while a lambda step is running because the Lambda\n function invoked by the lambda step can't be stopped. If you attempt to stop the execution\n while the Lambda function is running, the pipeline waits for the Lambda function to finish\n or until the timeout is hit, whichever occurs first, and then stops. If the Lambda function\n finishes, the pipeline execution status is Stopped. If the timeout is hit\n the pipeline execution status is Failed.
Turns off automatic rotation, and if a rotation is currently in\n progress, cancels the rotation.
\nTo turn on automatic rotation again, call RotateSecret.
\nIf you cancel a rotation in progress, it can leave the VersionStage\n labels in an unexpected state. Depending on the step of the rotation in progress, you might\n need to remove the staging label AWSPENDING from the partially created version, specified\n by the VersionId response value. We recommend you also evaluate the partially rotated\n new version to see if it should be deleted. You can delete a version by removing all staging labels\n from it.
Turns off automatic rotation, and if a rotation is currently in\n progress, cancels the rotation.
\nTo turn on automatic rotation again, call RotateSecret.
\nIf you cancel a rotation in progress, it can leave the VersionStage\n labels in an unexpected state. Depending on the step of the rotation in progress, you might\n need to remove the staging label AWSPENDING from the partially created version, specified\n by the VersionId response value. We recommend you also evaluate the partially rotated\n new version to see if it should be deleted. You can delete a version by removing all staging labels\n from it.
\n Required permissions: \n secretsmanager:CancelRotateSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Creates a new secret. A secret is a set of credentials, such as a \n user name and password, that you store in an encrypted form in Secrets Manager. The secret also \n includes the connection information to access a database or other service, which Secrets Manager \n doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n important information needed to manage the secret.
\nFor information about creating a secret in the console, see Create a secret.
\nTo create a secret, you can provide the secret value to be encrypted in either the\n SecretString parameter or the SecretBinary parameter, but not both. \n If you include SecretString or SecretBinary\n then Secrets Manager creates an initial secret version and automatically attaches the staging\n label AWSCURRENT to it.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key \n doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. \n Creating aws/secretsmanager can result in a one-time significant delay in returning the \n result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n you can't use aws/secretsmanager to encrypt the secret, and you must create \n and use a customer managed KMS key.
Creates a new secret. A secret is a set of credentials, such as a \n user name and password, that you store in an encrypted form in Secrets Manager. The secret also \n includes the connection information to access a database or other service, which Secrets Manager \n doesn't encrypt. A secret in Secrets Manager consists of both the protected secret data and the\n important information needed to manage the secret.
\nFor information about creating a secret in the console, see Create a secret.
\nTo create a secret, you can provide the secret value to be encrypted in either the\n SecretString parameter or the SecretBinary parameter, but not both. \n If you include SecretString or SecretBinary\n then Secrets Manager creates an initial secret version and automatically attaches the staging\n label AWSCURRENT to it.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key \n doesn't already exist in your account, then Secrets Manager creates it for you automatically. All\n users and roles in the Amazon Web Services account automatically have access to use aws/secretsmanager. \n Creating aws/secretsmanager can result in a one-time significant delay in returning the \n result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then \n you can't use aws/secretsmanager to encrypt the secret, and you must create \n and use a customer managed KMS key.
\n Required permissions: \n secretsmanager:CreateSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Deletes the resource-based permission policy attached to the secret. To attach a policy to \n a secret, use PutResourcePolicy.
" + "smithy.api#documentation": "Deletes the resource-based permission policy attached to the secret. To attach a policy to \n a secret, use PutResourcePolicy.
\n\n Required permissions: \n secretsmanager:DeleteResourcePolicy. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Deletes a secret and all of its versions. You can specify a recovery\n window during which you can restore the secret. The minimum recovery window is 7 days. \n The default recovery window is 30 days. Secrets Manager attaches a DeletionDate stamp to\n the secret that specifies the end of the recovery window. At the end of the recovery window,\n Secrets Manager deletes the secret permanently.
For information about deleting a secret in the console, see https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_delete-secret.html.
\nSecrets Manager performs the permanent secret deletion at the end of the waiting period as a\n background task with low priority. There is no guarantee of a specific time after the\n recovery window for the permanent delete to occur.
\nAt any time before recovery window ends, you can use RestoreSecret to\n remove the DeletionDate and cancel the deletion of the secret.
In a secret scheduled for deletion, you cannot access the encrypted secret value.\n To access that information, first cancel the deletion with RestoreSecret and then retrieve the information.
" + "smithy.api#documentation": "Deletes a secret and all of its versions. You can specify a recovery\n window during which you can restore the secret. The minimum recovery window is 7 days. \n The default recovery window is 30 days. Secrets Manager attaches a DeletionDate stamp to\n the secret that specifies the end of the recovery window. At the end of the recovery window,\n Secrets Manager deletes the secret permanently.
For information about deleting a secret in the console, see https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_delete-secret.html.
\nSecrets Manager performs the permanent secret deletion at the end of the waiting period as a\n background task with low priority. There is no guarantee of a specific time after the\n recovery window for the permanent delete to occur.
\nAt any time before recovery window ends, you can use RestoreSecret to\n remove the DeletionDate and cancel the deletion of the secret.
In a secret scheduled for deletion, you cannot access the encrypted secret value.\n To access that information, first cancel the deletion with RestoreSecret and then retrieve the information.
\n\n Required permissions: \n secretsmanager:DeleteSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager\n only returns fields that have a value in the response.
" + "smithy.api#documentation": "Retrieves the details of a secret. It does not include the encrypted secret value. Secrets Manager\n only returns fields that have a value in the response.
\n\n Required permissions: \n secretsmanager:DescribeSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support.
" + "smithy.api#documentation": "Generates a random password. We recommend that you specify the\n maximum length and include every character type that the system you are generating a password\n for can support.
\n\n Required permissions: \n secretsmanager:GetRandomPassword. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Retrieves the JSON text of the resource-based policy document attached to the\n secret. For more information about permissions policies attached to a secret, see \n Permissions \n policies attached to a secret.
" + "smithy.api#documentation": "Retrieves the JSON text of the resource-based policy document attached to the\n secret. For more information about permissions policies attached to a secret, see \n Permissions \n policies attached to a secret.
\n\n Required permissions: \n secretsmanager:GetResourcePolicy. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Retrieves the contents of the encrypted fields SecretString or\n SecretBinary from the specified version of a secret, whichever contains\n content.
For information about retrieving the secret value in the console, see Retrieve secrets.
\nTo run this command, you must have secretsmanager:GetSecretValue permissions. \n If the secret is encrypted using a customer-managed key instead of the Amazon Web Services managed key \n aws/secretsmanager, then you also need kms:Decrypt permissions for that key.
Retrieves the contents of the encrypted fields SecretString or\n SecretBinary from the specified version of a secret, whichever contains\n content.
We recommend that you cache your secret values by using client-side caching. \n Caching secrets improves speed and reduces your costs. For more information, see Cache secrets for \n your applications.
\n \n\n Required permissions: \n secretsmanager:GetSecretValue. \n If the secret is encrypted using a customer-managed key instead of the Amazon Web Services managed key \n aws/secretsmanager, then you also need kms:Decrypt permissions for that key.\n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
The parameter name is invalid value.
", + "smithy.api#documentation": "The parameter name or value is invalid.
", "smithy.api#error": "client" } }, @@ -1042,7 +1055,7 @@ } ], "traits": { - "smithy.api#documentation": "Lists the versions for a secret.
\nTo list the secrets in the account, use ListSecrets.
\nTo get the secret value from SecretString or SecretBinary, \n call GetSecretValue.
\n Minimum\n permissions\n
\nTo run this command, you must have secretsmanager:ListSecretVersionIds permissions.
Lists the versions for a secret.
\nTo list the secrets in the account, use ListSecrets.
\nTo get the secret value from SecretString or SecretBinary, \n call GetSecretValue.
\n Required permissions: \n secretsmanager:ListSecretVersionIds. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Lists the secrets that are stored by Secrets Manager in the Amazon Web Services account.
\nTo list the versions of a secret, use ListSecretVersionIds.
\nTo get the secret value from SecretString or SecretBinary, \n call GetSecretValue.
For information about finding secrets in the console, see Enhanced search capabilities \n for secrets in Secrets Manager.
\n\n Minimum\n permissions\n
\nTo run this command, you must have secretsmanager:ListSecrets permissions.
Lists the secrets that are stored by Secrets Manager in the Amazon Web Services account.
\nTo list the versions of a secret, use ListSecretVersionIds.
\nTo get the secret value from SecretString or SecretBinary, \n call GetSecretValue.
For information about finding secrets in the console, see Enhanced search capabilities \n for secrets in Secrets Manager.
\n\n Required permissions: \n secretsmanager:ListSecrets. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Attaches a resource-based permission policy to a secret. A resource-based policy is \n optional. For more information, see Authentication and access control for Secrets Manager\n
\nFor information about attaching a policy in the console, see Attach a \n permissions policy to a secret.
" + "smithy.api#documentation": "Attaches a resource-based permission policy to a secret. A resource-based policy is \n optional. For more information, see Authentication and access control for Secrets Manager\n
\nFor information about attaching a policy in the console, see Attach a \n permissions policy to a secret.
\n\n Required permissions: \n secretsmanager:PutResourcePolicy. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Creates a new version with a new encrypted secret value and attaches it to the secret. The \n version can contain a new SecretString value or a new SecretBinary value.
We recommend you avoid calling PutSecretValue at a sustained rate of more than \n once every 10 minutes. When you update the secret value, Secrets Manager creates a new version \n of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not \n remove versions created less than 24 hours ago. If you call PutSecretValue more \n than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach \n the quota for secret versions.
You can specify the staging labels to attach to the new version in VersionStages. \n If you don't include VersionStages, then Secrets Manager automatically\n moves the staging label AWSCURRENT to this version. If this operation creates \n the first version for the secret, then Secrets Manager\n automatically attaches the staging label AWSCURRENT to it .
If this operation moves the staging label AWSCURRENT from another version to this\n version, then Secrets Manager also automatically moves the staging label AWSPREVIOUS to\n the version that AWSCURRENT was removed from.
This operation is idempotent. If a version with a VersionId with the same\n value as the ClientRequestToken parameter already exists, and you specify the\n same secret data, the operation succeeds but does nothing. However, if the secret data is\n different, then the operation fails because you can't modify an existing version; you can\n only create new ones.
Creates a new version with a new encrypted secret value and attaches it to the secret. The \n version can contain a new SecretString value or a new SecretBinary value.
We recommend you avoid calling PutSecretValue at a sustained rate of more than \n once every 10 minutes. When you update the secret value, Secrets Manager creates a new version \n of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not \n remove versions created less than 24 hours ago. If you call PutSecretValue more \n than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach \n the quota for secret versions.
You can specify the staging labels to attach to the new version in VersionStages. \n If you don't include VersionStages, then Secrets Manager automatically\n moves the staging label AWSCURRENT to this version. If this operation creates \n the first version for the secret, then Secrets Manager\n automatically attaches the staging label AWSCURRENT to it .
If this operation moves the staging label AWSCURRENT from another version to this\n version, then Secrets Manager also automatically moves the staging label AWSPREVIOUS to\n the version that AWSCURRENT was removed from.
This operation is idempotent. If a version with a VersionId with the same\n value as the ClientRequestToken parameter already exists, and you specify the\n same secret data, the operation succeeds but does nothing. However, if the secret data is\n different, then the operation fails because you can't modify an existing version; you can\n only create new ones.
\n Required permissions: \n secretsmanager:PutSecretValue. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.
" + "smithy.api#documentation": "For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify.
\n\n Required permissions: \n secretsmanager:RemoveRegionsFromReplication. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Replicates the secret to a new Regions. See Multi-Region secrets.
" + "smithy.api#documentation": "Replicates the secret to a new Regions. See Multi-Region secrets.
\n\n Required permissions: \n secretsmanager:ReplicateSecretToRegions. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Cancels the scheduled deletion of a secret by removing the DeletedDate time\n stamp. You can access a secret again after it has been restored.
Cancels the scheduled deletion of a secret by removing the DeletedDate time\n stamp. You can access a secret again after it has been restored.
\n Required permissions: \n secretsmanager:RestoreSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Configures and starts the asynchronous process of rotating the secret.
\nIf you include the\n configuration parameters, the operation sets the values for the secret and then immediately\n starts a rotation. If you don't include the configuration parameters, the operation starts a\n rotation with the values already stored in the secret. For more information about rotation, \n see Rotate secrets.
\nTo configure rotation, you include the ARN of an Amazon Web Services Lambda function and the schedule \n for the rotation. The Lambda rotation function creates a new\n version of the secret and creates or updates the credentials on the database or service to\n match. After testing the new credentials, the function marks the new secret version with the staging\n label AWSCURRENT. Then anyone who retrieves the secret gets the new version. For more\n information, see How rotation works.
When rotation is successful, the AWSPENDING staging label might be attached to the same \n version as the AWSCURRENT version, or it might not be attached to any version.
If the AWSPENDING staging label is present but not attached to the same version as\n AWSCURRENT, then any later invocation of RotateSecret assumes that a previous\n rotation request is still in progress and returns an error.
To run this command, you must have secretsmanager:RotateSecret permissions and \n lambda:InvokeFunction permissions on the function specified in the secret's metadata.
Configures and starts the asynchronous process of rotating the secret.
\nIf you include the\n configuration parameters, the operation sets the values for the secret and then immediately\n starts a rotation. If you don't include the configuration parameters, the operation starts a\n rotation with the values already stored in the secret. For more information about rotation, \n see Rotate secrets.
\nTo configure rotation, you include the ARN of an Amazon Web Services Lambda function and the schedule \n for the rotation. The Lambda rotation function creates a new\n version of the secret and creates or updates the credentials on the database or service to\n match. After testing the new credentials, the function marks the new secret version with the staging\n label AWSCURRENT. Then anyone who retrieves the secret gets the new version. For more\n information, see How rotation works.
When rotation is successful, the AWSPENDING staging label might be attached to the same \n version as the AWSCURRENT version, or it might not be attached to any version.
If the AWSPENDING staging label is present but not attached to the same version as\n AWSCURRENT, then any later invocation of RotateSecret assumes that a previous\n rotation request is still in progress and returns an error.
\n Required permissions: \n secretsmanager:RotateSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager. You also need lambda:InvokeFunction permissions on the rotation function. \n For more information, see \n Permissions for rotation.
A structure that defines the rotation configuration for this secret.
" } + }, + "RotateImmediately": { + "target": "com.amazonaws.secretsmanager#BooleanType", + "traits": { + "smithy.api#box": {}, + "smithy.api#documentation": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. \n The rotation schedule is defined in RotateSecretRequest$RotationRules.
\nIf you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the \n \n testSecret \n step of the Lambda rotation function. The test creates an AWSPENDING version of the secret and then removes it.
If you don't specify this value, then by default, Secrets Manager rotates the secret immediately.
" + } } } }, @@ -1861,7 +1884,19 @@ "target": "com.amazonaws.secretsmanager#AutomaticallyRotateAfterDaysType", "traits": { "smithy.api#box": {}, - "smithy.api#documentation": "Specifies the number of days between automatic scheduled rotations of the secret.
\nSecrets Manager schedules the next rotation when the previous \n one is complete. Secrets Manager schedules the date by adding the rotation interval (number of days) to the \n actual date of the last rotation. The service chooses the hour within that 24-hour date window \n randomly. The minute is also chosen somewhat randomly, but weighted towards the top of the hour \n and influenced by a variety of factors that help distribute load.
" + "smithy.api#documentation": "The number of days between automatic scheduled rotations of the secret. You can use this \n value to check that your secret meets your compliance guidelines for how often secrets must \n be rotated.
\nIn DescribeSecret and ListSecrets, this value is calculated from \n the rotation schedule after every successful rotation. In RotateSecret, you can \n set the rotation schedule in RotationRules with AutomaticallyAfterDays\n or ScheduleExpression, but not both.
The length of the rotation window in hours, for example 3h for a three hour window. Secrets Manager \n rotates your secret at any time during this window. The window must not go into the next UTC \n day. If you don't specify this value, the window automatically ends at the end of \n the UTC day. The window begins according to the ScheduleExpression. For more \n information, including examples, see Schedule expressions \n in Secrets Manager rotation.
A cron() or rate() expression that defines the schedule for \n rotating your secret. Secrets Manager rotation schedules use UTC time zone.
Secrets Manager rate() expressions \n represent the interval in days that you want to rotate your secret, for example \n rate(10 days). If you use a rate() expression, the rotation \n window opens at midnight, and Secrets Manager rotates your secret any time that day after midnight. \n You can set a Duration to shorten the rotation window.
You can use a cron() expression to create rotation schedules that are \n more detailed than a rotation interval. For more information, including examples, see \n Schedule expressions \n in Secrets Manager rotation. If you use a cron() expression, Secrets Manager rotates \n your secret any time during that day after the window opens. For example, \n cron(0 8 1 * ? *) represents a rotation window that occurs on the first \n day of every month beginning at 8:00 AM UTC. Secrets Manager rotates the secret any time that day \n after 8:00 AM. You can set a Duration to shorten \n the rotation window.
A structure that defines the rotation configuration for the secret.
" } }, + "com.amazonaws.secretsmanager#ScheduleExpressionType": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 1, + "max": 256 + }, + "smithy.api#pattern": "^[0-9A-Za-z\\(\\)#\\?\\*\\-\\/, ]+$" + } + }, "com.amazonaws.secretsmanager#SecretARNType": { "type": "string", "traits": { @@ -1934,7 +1979,7 @@ "RotationLambdaARN": { "target": "com.amazonaws.secretsmanager#RotationLambdaARNType", "traits": { - "smithy.api#documentation": "The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the\n secret either automatically per the schedule or manually by a call to RotateSecret.
" + "smithy.api#documentation": "The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the\n secret either automatically per the schedule or manually by a call to \n RotateSecret\n .
The date and time the deletion of the secret occurred. Not present on active secrets. The\n secret can be recovered until the number of days in the recovery window has passed, as\n specified in the RecoveryWindowInDays parameter of the DeleteSecret operation.
The date and time the deletion of the secret occurred. Not present on active secrets. The\n secret can be recovered until the number of days in the recovery window has passed, as\n specified in the RecoveryWindowInDays parameter of the \n DeleteSecret\n operation.
The list of user-defined tags associated with the secret. To add tags to a\n secret, use TagResource. To remove tags, use UntagResource.
" + "smithy.api#documentation": "The list of user-defined tags associated with the secret. To add tags to a\n secret, use \n TagResource\n . \n To remove tags, use \n UntagResource\n .
A structure that contains the details about a secret. It does not include the encrypted\n SecretString and SecretBinary values. To get those values, use the\n GetSecretValue operation.
A structure that contains the details about a secret. It does not include the encrypted\n SecretString and SecretBinary values. To get those values, use \n GetSecretValue\n .
Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.
\nYou must call this operation from the Region in which you want to promote the replica to a primary secret.
" + "smithy.api#documentation": "Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region.
\nYou must call this operation from the Region in which you want to promote the replica to a primary secret.
\n\n Required permissions: \n secretsmanager:StopReplicationToReplica. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Attaches tags to a secret. Tags consist of a key name and a value. Tags are part of the \n secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.
\nThe following restrictions apply to tags:
\nMaximum number of tags per secret: 50
\nMaximum key length: 127 Unicode characters in UTF-8
\nMaximum value length: 255 Unicode characters in UTF-8
\nTag keys and values are case sensitive.
\nDo not use the aws: prefix in your tag names or values because Amazon Web Services reserves it\n for Amazon Web Services use. You can't edit or delete tag names or values with this \n prefix. Tags with this prefix do not count against your tags per secret limit.
If you use your tagging schema across multiple services and resources,\n other services might have restrictions on allowed characters. Generally\n allowed characters: letters, spaces, and numbers representable in UTF-8, plus the\n following special characters: + - = . _ : / @.
\nIf you use tags as part of your security strategy, then adding or removing a tag can\n change permissions. If successfully completing this operation would result in you losing\n your permissions for this secret, then the operation is blocked and returns an Access Denied\n error.
\nAttaches tags to a secret. Tags consist of a key name and a value. Tags are part of the \n secret's metadata. They are not associated with specific versions of the secret. This operation appends tags to the existing list of tags.
\nThe following restrictions apply to tags:
\nMaximum number of tags per secret: 50
\nMaximum key length: 127 Unicode characters in UTF-8
\nMaximum value length: 255 Unicode characters in UTF-8
\nTag keys and values are case sensitive.
\nDo not use the aws: prefix in your tag names or values because Amazon Web Services reserves it\n for Amazon Web Services use. You can't edit or delete tag names or values with this \n prefix. Tags with this prefix do not count against your tags per secret limit.
If you use your tagging schema across multiple services and resources,\n other services might have restrictions on allowed characters. Generally\n allowed characters: letters, spaces, and numbers representable in UTF-8, plus the\n following special characters: + - = . _ : / @.
\nIf you use tags as part of your security strategy, then adding or removing a tag can\n change permissions. If successfully completing this operation would result in you losing\n your permissions for this secret, then the operation is blocked and returns an Access Denied\n error.
\n\n Required permissions: \n secretsmanager:TagResource. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Removes specific tags from a secret.
\nThis operation is idempotent. If a requested tag is not attached to the secret, no error\n is returned and the secret metadata is unchanged.
\nIf you use tags as part of your security strategy, then removing a tag can change\n permissions. If successfully completing this operation would result in you losing your\n permissions for this secret, then the operation is blocked and returns an Access Denied\n error.
\nRemoves specific tags from a secret.
\nThis operation is idempotent. If a requested tag is not attached to the secret, no error\n is returned and the secret metadata is unchanged.
\nIf you use tags as part of your security strategy, then removing a tag can change\n permissions. If successfully completing this operation would result in you losing your\n permissions for this secret, then the operation is blocked and returns an Access Denied\n error.
\n\n Required permissions: \n secretsmanager:UntagResource. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.
\nTo change the rotation configuration of a secret, use RotateSecret instead.
\n \nWe recommend you avoid calling UpdateSecret at a sustained rate of more than \n once every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager creates a new version \n of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not \n remove versions created less than 24 hours ago. If you update the secret value more \n than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach \n the quota for secret versions.
If you include SecretString or SecretBinary to create a new\n secret version, Secrets Manager automatically attaches the staging label AWSCURRENT to the new\n version.
If you call this operation with a VersionId that matches an existing version's \n ClientRequestToken, the operation results in an error. You can't modify an existing \n version, you can only create a new version. To remove a version, remove all staging labels from it. See \n UpdateSecretVersionStage.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager \n creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access \n to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time \n significant delay in returning the result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't \n use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed key.
To run this command, you must have secretsmanager:UpdateSecret permissions. If you use a \n customer managed key, you must also have kms:GenerateDataKey and kms:Decrypt permissions .
Modifies the details of a secret, including metadata and the secret value. To change the secret value, you can also use PutSecretValue.
\nTo change the rotation configuration of a secret, use RotateSecret instead.
\n \nWe recommend you avoid calling UpdateSecret at a sustained rate of more than \n once every 10 minutes. When you call UpdateSecret to update the secret value, Secrets Manager creates a new version \n of the secret. Secrets Manager removes outdated versions when there are more than 100, but it does not \n remove versions created less than 24 hours ago. If you update the secret value more \n than once every 10 minutes, you create more versions than Secrets Manager removes, and you will reach \n the quota for secret versions.
If you include SecretString or SecretBinary to create a new\n secret version, Secrets Manager automatically attaches the staging label AWSCURRENT to the new\n version.
If you call this operation with a VersionId that matches an existing version's \n ClientRequestToken, the operation results in an error. You can't modify an existing \n version, you can only create a new version. To remove a version, remove all staging labels from it. See \n UpdateSecretVersionStage.
If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web Services managed key \n aws/secretsmanager. If this key doesn't already exist in your account, then Secrets Manager \n creates it for you automatically. All users and roles in the Amazon Web Services account automatically have access \n to use aws/secretsmanager. Creating aws/secretsmanager can result in a one-time \n significant delay in returning the result.
If the secret is in a different Amazon Web Services account from the credentials calling the API, then you can't \n use aws/secretsmanager to encrypt the secret, and you must create and use a customer managed key.
\n Required permissions: \n secretsmanager:UpdateSecret. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager. \n If you use a customer managed key, you must also have kms:GenerateDataKey and \n kms:Decrypt permissions on the key. For more information, see \n Secret encryption and decryption.
Modifies the staging labels attached to a version of a secret. Secrets Manager uses staging labels to\n track a version as it progresses through the secret rotation process. Each staging label can be \n attached to only one version at a time. To add a staging label to a version when it is already \n attached to another version, Secrets Manager first removes it from the other version first and\n then attaches it to this one. For more information about versions and staging labels, see Concepts: Version.
\nThe staging labels that you specify in the VersionStage parameter are added\n to the existing list of staging labels for the version.
You can move the AWSCURRENT staging label to this version by including it in this\n call.
Whenever you move AWSCURRENT, Secrets Manager automatically moves the label AWSPREVIOUS\n to the version that AWSCURRENT was removed from.
If this action results in the last label being removed from a version, then the version is\n considered to be 'deprecated' and can be deleted by Secrets Manager.
" + "smithy.api#documentation": "Modifies the staging labels attached to a version of a secret. Secrets Manager uses staging labels to\n track a version as it progresses through the secret rotation process. Each staging label can be \n attached to only one version at a time. To add a staging label to a version when it is already \n attached to another version, Secrets Manager first removes it from the other version first and\n then attaches it to this one. For more information about versions and staging labels, see Concepts: Version.
\nThe staging labels that you specify in the VersionStage parameter are added\n to the existing list of staging labels for the version.
You can move the AWSCURRENT staging label to this version by including it in this\n call.
Whenever you move AWSCURRENT, Secrets Manager automatically moves the label AWSPREVIOUS\n to the version that AWSCURRENT was removed from.
If this action results in the last label being removed from a version, then the version is\n considered to be 'deprecated' and can be deleted by Secrets Manager.
\n\n Required permissions: \n secretsmanager:UpdateSecretVersionStage. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Validates that a resource policy does not grant a wide range of principals access to\n your secret. A resource-based policy is optional for secrets.
\nThe API performs three checks when validating the policy:
\nSends a call to Zelkova, an automated reasoning engine, to ensure your resource policy does not\n allow broad access to your secret, for example policies that use a wildcard for the principal.
\nChecks for correct syntax in a policy.
\nVerifies the policy does not lock out a caller.
\nValidates that a resource policy does not grant a wide range of principals access to\n your secret. A resource-based policy is optional for secrets.
\nThe API performs three checks when validating the policy:
\nSends a call to Zelkova, an automated reasoning engine, to ensure your resource policy does not\n allow broad access to your secret, for example policies that use a wildcard for the principal.
\nChecks for correct syntax in a policy.
\nVerifies the policy does not lock out a caller.
\n\n Required permissions: \n secretsmanager:ValidateResourcePolicy. \n For more information, see \n IAM policy actions for Secrets Manager and Authentication \n and access control in Secrets Manager.
Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.
\n \nThis guide provides descriptions of the Secrets Manager API. For more information about using this\n service, see the Amazon Web Services Secrets Manager User Guide.
\n \n\n API Version\n
\n \nThis version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
\nAs an alternative to using the API, you can use one of the Amazon Web Services SDKs, which consist of\n libraries and sample code for various programming languages and platforms such as Java,\n Ruby, .NET, iOS, and Android. The SDKs provide a convenient way to create programmatic\n access to Amazon Web Services Secrets Manager. For example, the SDKs provide cryptographically signing requests,\n managing errors, and retrying requests automatically. For more information about the Amazon Web Services\n SDKs, including downloading and installing them, see Tools for Amazon Web Services.
\nWe recommend you use the Amazon Web Services SDKs to make programmatic API calls to Secrets Manager. However, you\n also can use the Secrets Manager HTTP Query API to make direct calls to the Secrets Manager web service. To learn\n more about the Secrets Manager HTTP Query API, see Making Query Requests in the\n Amazon Web Services Secrets Manager User Guide.
\nSecrets Manager API supports GET and POST requests for all actions, and doesn't require you to use\n GET for some actions and POST for others. However, GET requests are subject to the limitation\n size of a URL. Therefore, for operations that require larger sizes, use a POST request.
\n \n \n \n \n \n \n \n\n Support and Feedback for Amazon Web Services Secrets Manager\n
\n \nWe welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more\n information about the Amazon Web Services Discussion Forums, see Forums\n Help.
\n \n\n How examples are presented\n
\n \nThe JSON that Amazon Web Services Secrets Manager expects as your request parameters and the service returns as a\n response to HTTP query requests contain single, long strings without line breaks or white\n space formatting. The JSON shown in the examples displays the code formatted with both line\n breaks and white space to improve readability. When example input parameters can also cause\n long strings extending beyond the screen, you can insert line breaks to enhance readability.\n You should always submit the input as a single JSON text string.
\n \n \n\n Logging API Requests\n
\nAmazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services\n account and delivers log files to an Amazon S3 bucket. By using information that's collected\n by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the\n request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services\n CloudTrail, see Logging\n Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide.\n To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.
", + "smithy.api#documentation": "Amazon Web Services Secrets Manager provides a service to enable you to store, manage, and retrieve, secrets.
\n \nThis guide provides descriptions of the Secrets Manager API. For more information about using this\n service, see the Amazon Web Services Secrets Manager User Guide.
\n \n\n API Version\n
\n \nThis version of the Secrets Manager API Reference documents the Secrets Manager API version 2017-10-17.
\n \n \n \n \n \n \n \n \n \n \n \n \n \n \n \n\n Support and Feedback for Amazon Web Services Secrets Manager\n
\nWe welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and questions in the Amazon Web Services Secrets Manager Discussion Forum. For more\n information about the Amazon Web Services Discussion Forums, see Forums\n Help.
\n \n\n Logging API Requests\n
\nAmazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services\n account and delivers log files to an Amazon S3 bucket. By using information that's collected\n by Amazon Web Services CloudTrail, you can determine the requests successfully made to Secrets Manager, who made the\n request, when it was made, and so on. For more about Amazon Web Services Secrets Manager and support for Amazon Web Services\n CloudTrail, see Logging\n Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail in the Amazon Web Services Secrets Manager User Guide.\n To learn more about CloudTrail, including enabling it and find your log files, see the Amazon Web Services CloudTrail User Guide.
", "smithy.api#title": "AWS Secrets Manager" }, "version": "2017-10-17", diff --git a/codegen/sdk-codegen/aws-models/securityhub.json b/codegen/sdk-codegen/aws-models/securityhub.json index 740ec58d9c41..e05cccd3ae6e 100644 --- a/codegen/sdk-codegen/aws-models/securityhub.json +++ b/codegen/sdk-codegen/aws-models/securityhub.json @@ -12338,6 +12338,12 @@ "traits": { "smithy.api#documentation": "In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.
Indicates whether the finding is a sample finding.
" + } } }, "traits": { @@ -12922,6 +12928,12 @@ "traits": { "smithy.api#documentation": "One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier\n that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual\n Behaviors | Sensitive Data Identifications
" } + }, + "Sample": { + "target": "com.amazonaws.securityhub#BooleanFilterList", + "traits": { + "smithy.api#documentation": "Indicates whether or not sample findings are included in the filter results.
" + } } }, "traits": { @@ -13795,6 +13807,26 @@ "com.amazonaws.securityhub#Boolean": { "type": "boolean" }, + "com.amazonaws.securityhub#BooleanFilter": { + "type": "structure", + "members": { + "Value": { + "target": "com.amazonaws.securityhub#Boolean", + "traits": { + "smithy.api#documentation": "The value of the boolean.
" + } + } + }, + "traits": { + "smithy.api#documentation": "Boolean filter for querying findings.
" + } + }, + "com.amazonaws.securityhub#BooleanFilterList": { + "type": "list", + "member": { + "target": "com.amazonaws.securityhub#BooleanFilter" + } + }, "com.amazonaws.securityhub#CategoryList": { "type": "list", "member": { diff --git a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json index 0514e0ac06b7..d75912f2426f 100644 --- a/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json +++ b/codegen/smithy-aws-typescript-codegen/src/main/resources/software/amazon/smithy/aws/typescript/codegen/endpoints.json @@ -4399,6 +4399,14 @@ } ] }, + "ap-southeast-3": { + "variants": [ + { + "hostname": "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", + "tags": ["fips"] + } + ] + }, "ca-central-1": { "variants": [ { @@ -4511,6 +4519,13 @@ "deprecated": true, "hostname": "elasticfilesystem-fips.ap-southeast-2.amazonaws.com" }, + "fips-ap-southeast-3": { + "credentialScope": { + "region": "ap-southeast-3" + }, + "deprecated": true, + "hostname": "elasticfilesystem-fips.ap-southeast-3.amazonaws.com" + }, "fips-ca-central-1": { "credentialScope": { "region": "ca-central-1" @@ -6148,6 +6163,7 @@ "ap-south-1": {}, "ap-southeast-1": {}, "ap-southeast-2": {}, + "ca-central-1": {}, "eu-central-1": {}, "eu-west-1": {}, "eu-west-2": {}, @@ -6891,9 +6907,11 @@ }, "kafka": { "endpoints": { + "af-south-1": {}, "ap-east-1": {}, "ap-northeast-1": {}, "ap-northeast-2": {}, + "ap-northeast-3": {}, "ap-south-1": {}, "ap-southeast-1": {}, "ap-southeast-2": {}, @@ -11214,7 +11232,21 @@ "ap-southeast-1": {}, "ap-southeast-2": {}, "ap-southeast-3": {}, - "ca-central-1": {}, + "ca-central-1": { + "variants": [ + { + "hostname": "secretsmanager-fips.ca-central-1.amazonaws.com", + "tags": ["fips"] + } + ] + }, + "ca-central-1-fips": { + "credentialScope": { + "region": "ca-central-1" + }, + "deprecated": true, + "hostname": "secretsmanager-fips.ca-central-1.amazonaws.com" + }, "eu-central-1": {}, "eu-north-1": {}, "eu-south-1": {},