From 30c4caba5675c05370f0f185e72d7b4f5f6059eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Mar 2023 21:04:04 +0000 Subject: [PATCH] rebase: Bump github.com/aws/aws-sdk-go from 1.44.205 to 1.44.220 Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.205 to 1.44.220. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG_PENDING.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.205...v1.44.220) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- .../aws/aws-sdk-go/aws/endpoints/defaults.go | 340 ++++++++++++- .../github.com/aws/aws-sdk-go/aws/version.go | 2 +- .../aws/aws-sdk-go/service/ec2/api.go | 471 ++++++++++++------ .../aws/aws-sdk-go/service/kms/api.go | 247 +++++---- .../aws/aws-sdk-go/service/kms/doc.go | 14 +- vendor/modules.txt | 2 +- 8 files changed, 820 insertions(+), 262 deletions(-) diff --git a/go.mod b/go.mod index 33912e645..a1350306e 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/IBM/keyprotect-go-client v0.9.2 - github.com/aws/aws-sdk-go v1.44.205 + github.com/aws/aws-sdk-go v1.44.220 github.com/aws/aws-sdk-go-v2/service/sts v1.18.6 github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000 // TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag diff --git a/go.sum b/go.sum index 790b1db3c..47312d18b 100644 --- a/go.sum +++ b/go.sum @@ -155,8 +155,8 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.44.205 h1:q23NJXgLPIuBMn4zaluWWz57HPP5z7Ut8ZtK1D3N9bs= -github.com/aws/aws-sdk-go v1.44.205/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.44.220 h1:yAj99qAt0Htjle9Up3DglgHfOP77lmFPrElA4jKnrBo= +github.com/aws/aws-sdk-go v1.44.220/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go-v2 v1.17.6 h1:Y773UK7OBqhzi5VDXMi1zVGsoj+CVHs2eaC2bDsLwi0= github.com/aws/aws-sdk-go-v2 v1.17.6/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.30 h1:y+8n9AGDjikyXoMBTRaHHHSaFEB8267ykmvyPodJfys= diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 6f4ad8ef1..1bfcbd976 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -2961,6 +2961,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -5236,12 +5245,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -5287,6 +5302,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -7796,12 +7814,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -13294,6 +13318,156 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "internetmonitor.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "internetmonitor.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "internetmonitor.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "internetmonitor.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "internetmonitor.ca-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "internetmonitor.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "internetmonitor.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "internetmonitor.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "internetmonitor.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "internetmonitor.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "internetmonitor.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "internetmonitor.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "internetmonitor.eu-west-3.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "internetmonitor.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "internetmonitor.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "internetmonitor.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "internetmonitor.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "internetmonitor.us-west-2.api.aws", + }, + }, + }, "iot": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -14190,6 +14364,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -14673,6 +14850,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -15270,6 +15450,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -18229,6 +18412,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -19740,9 +19926,6 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, - endpointKey{ - Region: "api", - }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -20667,12 +20850,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -20685,12 +20874,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -21469,6 +21664,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -29785,6 +29983,31 @@ var awscnPartition = partition{ }, }, }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "internetmonitor.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "internetmonitor.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "iot": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -30159,6 +30382,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "route53": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -31528,6 +31761,21 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudformation": service{ @@ -32751,6 +32999,16 @@ var awsusgovPartition = partition{ }, }, }, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "es": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -33426,6 +33684,31 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-west-1.api.aws", + }, + }, + }, "iot": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -33949,12 +34232,22 @@ var awsusgovPartition = partition{ "mediaconvert": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", }, }, }, @@ -34319,12 +34612,22 @@ var awsusgovPartition = partition{ "participant.connect": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "participant.connect.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect.us-gov-west-1.amazonaws.com", }, }, }, @@ -35174,21 +35477,45 @@ var awsusgovPartition = partition{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, @@ -36990,6 +37317,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "snowball": service{ diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go index a9e3cca1a..330cae1be 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.205" +const SDKVersion = "1.44.220" diff --git a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index 3d4d25336..9dfe4a86c 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -3931,9 +3931,10 @@ func (c *EC2) CancelSpotFleetRequestsRequest(input *CancelSpotFleetRequestsInput // // Cancels the specified Spot Fleet requests. // -// After you cancel a Spot Fleet request, the Spot Fleet launches no new Spot -// Instances. You must specify whether the Spot Fleet should also terminate -// its Spot Instances. If you terminate the instances, the Spot Fleet request +// After you cancel a Spot Fleet request, the Spot Fleet launches no new instances. +// +// You must also specify whether a canceled Spot Fleet request should terminate +// its instances. If you choose to terminate the instances, the Spot Fleet request // enters the cancelled_terminating state. Otherwise, the Spot Fleet request // enters the cancelled_running state and the instances continue to run until // they are interrupted or you terminate them manually. @@ -11657,11 +11658,11 @@ func (c *EC2) DeleteFleetsRequest(input *DeleteFleetsInput) (req *request.Reques // DeleteFleets API operation for Amazon Elastic Compute Cloud. // -// Deletes the specified EC2 Fleet. +// Deletes the specified EC2 Fleets. // // After you delete an EC2 Fleet, it launches no new instances. // -// You must specify whether a deleted EC2 Fleet should also terminate its instances. +// You must also specify whether a deleted EC2 Fleet should terminate its instances. // If you choose to terminate the instances, the EC2 Fleet enters the deleted_terminating // state. Otherwise, the EC2 Fleet enters the deleted_running state, and the // instances continue to run until they are interrupted or you terminate them @@ -29221,11 +29222,11 @@ func (c *EC2) DescribeSpotInstanceRequestsRequest(input *DescribeSpotInstanceReq // with a filter to look for instances where the instance lifecycle is spot. // // We recommend that you set MaxResults to a value between 5 and 1000 to limit -// the number of results returned. This paginates the output, which makes the -// list more manageable and returns the results faster. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests -// request to retrieve the remaining results. +// the number of items returned. This paginates the output, which makes the +// list more manageable and returns the items faster. If the list of items exceeds +// your MaxResults value, then that number of items is returned along with a +// NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests +// request to retrieve the remaining items. // // Spot Instance requests are deleted four hours after they are canceled and // their instances are terminated. @@ -42782,6 +42783,11 @@ func (c *EC2) ImportImageRequest(input *ImportImageInput) (req *request.Request, // ImportImage API operation for Amazon Elastic Compute Cloud. // +// To import your virtual machines (VMs) with a console-based experience, you +// can use the Import virtual machine images to Amazon Web Services template +// in the Migration Hub Orchestrator console (https://console.aws.amazon.com/migrationhub/orchestrator). +// For more information, see the Migration Hub Orchestrator User Guide (https://docs.aws.amazon.com/migrationhub-orchestrator/latest/userguide/import-vm-images.html). +// // Import single or multi-volume disk images or EBS snapshots into an Amazon // Machine Image (AMI). // @@ -44464,8 +44470,10 @@ func (c *EC2) ModifyImageAttributeRequest(input *ModifyImageAttributeInput) (req // ModifyImageAttribute API operation for Amazon Elastic Compute Cloud. // // Modifies the specified attribute of the specified AMI. You can specify only -// one attribute at a time. You can use the Attribute parameter to specify the -// attribute or one of the following parameters: Description or LaunchPermission. +// one attribute at a time. +// +// To specify the attribute, you can use the Attribute parameter, or one of +// the following parameters: Description, ImdsSupport, or LaunchPermission. // // Images with an Amazon Web Services Marketplace product code cannot be made // public. @@ -48076,14 +48084,14 @@ func (c *EC2) ModifyVpcPeeringConnectionOptionsRequest(input *ModifyVpcPeeringCo // If the peered VPCs are in the same Amazon Web Services account, you can enable // DNS resolution for queries from the local VPC. This ensures that queries // from the local VPC resolve to private IP addresses in the peer VPC. This -// option is not available if the peered VPCs are in different different Amazon -// Web Services accounts or different Regions. For peered VPCs in different -// Amazon Web Services accounts, each Amazon Web Services account owner must -// initiate a separate request to modify the peering connection options. For -// inter-region peering connections, you must use the Region for the requester -// VPC to modify the requester VPC peering options and the Region for the accepter -// VPC to modify the accepter VPC peering options. To verify which VPCs are -// the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections +// option is not available if the peered VPCs are in different Amazon Web Services +// accounts or different Regions. For peered VPCs in different Amazon Web Services +// accounts, each Amazon Web Services account owner must initiate a separate +// request to modify the peering connection options. For inter-region peering +// connections, you must use the Region for the requester VPC to modify the +// requester VPC peering options and the Region for the accepter VPC to modify +// the accepter VPC peering options. To verify which VPCs are the accepter and +// the requester for a VPC peering connection, use the DescribeVpcPeeringConnections // command. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -56039,8 +56047,6 @@ type AllocateHostsInput struct { // Indicates whether to enable or disable host maintenance for the Dedicated // Host. For more information, see Host maintenance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html) // in the Amazon EC2 User Guide. - // - // Default: on HostMaintenance *string `type:"string" enum:"HostMaintenance"` // Indicates whether to enable or disable host recovery for the Dedicated Host. @@ -62551,8 +62557,11 @@ type CancelSpotFleetRequestsInput struct { // SpotFleetRequestIds is a required field SpotFleetRequestIds []*string `locationName:"spotFleetRequestId" locationNameList:"item" type:"list" required:"true"` - // Indicates whether to terminate instances for a Spot Fleet request if it is - // canceled successfully. + // Indicates whether to terminate the associated instances when the Spot Fleet + // request is canceled. The default is to terminate the instances. + // + // To let the instances continue to run after the Spot Fleet request is canceled, + // specify no-terminate-instances. // // TerminateInstances is a required field TerminateInstances *bool `locationName:"terminateInstances" type:"boolean" required:"true"` @@ -67956,9 +67965,7 @@ type CreateCustomerGatewayInput struct { // For devices that support BGP, the customer gateway's BGP ASN. // // Default: 65000 - // - // BgpAsn is a required field - BgpAsn *int64 `type:"integer" required:"true"` + BgpAsn *int64 `type:"integer"` // The Amazon Resource Name (ARN) for the customer gateway certificate. CertificateArn *string `type:"string"` @@ -68012,9 +68019,6 @@ func (s CreateCustomerGatewayInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateCustomerGatewayInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateCustomerGatewayInput"} - if s.BgpAsn == nil { - invalidParams.Add(request.NewErrParamRequired("BgpAsn")) - } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -80397,11 +80401,11 @@ type DeleteFleetsInput struct { // FleetIds is a required field FleetIds []*string `locationName:"FleetId" type:"list" required:"true"` - // Indicates whether to terminate the instances when the EC2 Fleet is deleted. - // The default is to terminate the instances. + // Indicates whether to terminate the associated instances when the EC2 Fleet + // is deleted. The default is to terminate the instances. // // To let the instances continue to run after the EC2 Fleet is deleted, specify - // NoTerminateInstances. Supported only for fleets of type maintain and request. + // no-terminate-instances. Supported only for fleets of type maintain and request. // // For instant fleets, you cannot specify NoTerminateInstances. A deleted instant // fleet with running instances is not supported. @@ -86631,7 +86635,10 @@ func (s *DeprovisionIpamPoolCidrOutput) SetIpamPoolCidr(v *IpamPoolCidr) *Deprov type DeprovisionPublicIpv4PoolCidrInput struct { _ struct{} `type:"structure"` - // The CIDR you want to deprovision from the pool. + // The CIDR you want to deprovision from the pool. Enter the CIDR you want to + // deprovision with a netmask of /32. You must rerun this command for each IP + // address in the CIDR range. If your CIDR is a /24, you will have to run this + // command to deprovision each of the 256 IP addresses in the /24 CIDR. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -90377,12 +90384,13 @@ type DescribeFastLaunchImagesInput struct { // Details for one or more Windows AMI image IDs. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // If this parameter is not specified, then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -90441,8 +90449,8 @@ type DescribeFastLaunchImagesOutput struct { // meet the requested criteria. FastLaunchImages []*DescribeFastLaunchImagesSuccessItem `locationName:"fastLaunchImageSet" locationNameList:"item" type:"list"` - // The token to use for the next set of results. This value is null when there - // are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -90489,7 +90497,8 @@ type DescribeFastLaunchImagesSuccessItem struct { // launches Windows instances from pre-provisioned snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances that are launched for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows faster launching. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` // The owner ID for the fast-launch enabled Windows AMI. @@ -90913,12 +90922,13 @@ type DescribeFleetHistoryInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -91009,10 +91019,11 @@ type DescribeFleetHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -91086,12 +91097,13 @@ type DescribeFleetInstancesInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91166,7 +91178,8 @@ type DescribeFleetInstancesOutput struct { // The ID of the EC2 Fleet. FleetId *string `locationName:"fleetId" type:"string"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -91239,12 +91252,13 @@ type DescribeFleetsInput struct { // does not appear in the response. FleetIds []*string `locationName:"FleetId" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91373,7 +91387,8 @@ type DescribeFleetsOutput struct { // Information about the EC2 Fleets. Fleets []*FleetData `locationName:"fleetSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92842,11 +92857,13 @@ type DescribeImagesInput struct { // of what you specify for this parameter. IncludeDeprecated *bool `type:"boolean"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // Scopes the results to images with the specified owners. You can specify a @@ -92928,8 +92945,8 @@ type DescribeImagesOutput struct { // Information about the images. Images []*Image `locationName:"imagesSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -93471,10 +93488,11 @@ type DescribeInstanceCreditSpecificationsInput struct { InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` // The maximum number of items to return for this request. To get the next page - // of items, make another request with the token returned in the output. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. For more information, see Pagination - // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // call. MaxResults *int64 `min:"5" type:"integer"` // The token returned from a previous paginated request. Pagination continues @@ -93874,11 +93892,12 @@ type DescribeInstanceStatusInput struct { // Constraints: Maximum 100 explicitly specified instance IDs. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of items to return for this request. To retrieve the next - // page of items, make another request with the token returned in the output. - // This value can be between 5 and 1000. You cannot specify this parameter and - // the instance IDs parameter in the same call. For more information, see Pagination - // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `type:"integer"` // The token returned from a previous paginated request. Pagination continues @@ -94651,10 +94670,11 @@ type DescribeInstancesInput struct { InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` // The maximum number of items to return for this request. To get the next page - // of items, make another request with the token returned in the output. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same request. For more information, see Pagination - // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `locationName:"maxResults" type:"integer"` // The token returned from a previous paginated request. Pagination continues @@ -101451,12 +101471,13 @@ type DescribeSpotFleetInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -101531,8 +101552,8 @@ type DescribeSpotFleetInstancesOutput struct { // of date. ActiveInstances []*ActiveInstance `locationName:"activeInstanceSet" locationNameList:"item" type:"list"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -101588,12 +101609,13 @@ type DescribeSpotFleetRequestHistoryInput struct { // The type of events to describe. By default, all events are described. EventType *string `locationName:"eventType" type:"string" enum:"EventType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -101690,11 +101712,11 @@ type DescribeSpotFleetRequestHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -101762,12 +101784,13 @@ type DescribeSpotFleetRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The IDs of the Spot Fleet requests. @@ -101820,8 +101843,8 @@ func (s *DescribeSpotFleetRequestsInput) SetSpotFleetRequestIds(v []*string) *De type DescribeSpotFleetRequestsOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the configuration of your Spot Fleet. @@ -101976,13 +101999,13 @@ type DescribeSpotInstanceRequestsInput struct { // * valid-until - The end date of the request. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 5 and 1000. To retrieve the remaining results, make another call - // with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token to request the next set of results. This value is null when there - // are no more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // One or more Spot Instance request IDs. @@ -102041,8 +102064,8 @@ func (s *DescribeSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*strin type DescribeSpotInstanceRequestsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // One or more Spot Instance requests. @@ -102119,12 +102142,13 @@ type DescribeSpotPriceHistoryInput struct { // Filters the results by the specified instance types. InstanceTypes []*string `locationName:"InstanceType" type:"list" enum:"InstanceType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` // Filters the results by the specified basic product descriptions. @@ -102211,8 +102235,8 @@ func (s *DescribeSpotPriceHistoryInput) SetStartTime(v time.Time) *DescribeSpotP type DescribeSpotPriceHistoryOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // or an empty string when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The historical Spot prices. @@ -102397,13 +102421,16 @@ type DescribeStoreImageTasksInput struct { // in a request. ImageIds []*string `locationName:"ImageId" locationNameList:"item" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 1 and 200. You cannot specify this parameter and the - // ImageIDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the ImageIDs parameter in the same + // call. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -102471,8 +102498,8 @@ func (s *DescribeStoreImageTasksInput) SetNextToken(v string) *DescribeStoreImag type DescribeStoreImageTasksOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The information about the AMI store tasks. @@ -108955,7 +108982,8 @@ type DisableFastLaunchOutput struct { // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows faster launching. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` // The owner of the Windows AMI for which faster launching was turned off. @@ -113135,8 +113163,9 @@ type EnableFastLaunchInput struct { // the launch template, but not both. LaunchTemplate *FastLaunchLaunchTemplateSpecificationRequest `type:"structure"` - // The maximum number of parallel instances to launch for creating resources. - // Value must be 6 or greater. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows faster launching. Value must + // be 6 or greater. MaxParallelLaunches *int64 `type:"integer"` // The type of resource to use for pre-provisioning the Windows AMI for faster @@ -113232,7 +113261,8 @@ type EnableFastLaunchOutput struct { // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows faster launching. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` // The owner ID for the Windows AMI for which faster launching was enabled. @@ -113242,9 +113272,9 @@ type EnableFastLaunchOutput struct { // for faster launching. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` - // The configuration settings that were defined for creating and managing the - // pre-provisioned snapshots for faster launching of the Windows AMI. This property - // is returned when the associated resourceType is snapshot. + // Settings to create and manage the pre-provisioned snapshots that Amazon EC2 + // uses for faster launches from the Windows AMI. This property is returned + // when the associated resourceType is snapshot. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` // The current state of faster launching for the specified Windows AMI. @@ -117042,6 +117072,8 @@ type FleetLaunchTemplateOverrides struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` @@ -117172,6 +117204,8 @@ type FleetLaunchTemplateOverridesRequest struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `type:"string" enum:"InstanceType"` @@ -119756,12 +119790,13 @@ type GetInstanceTypesFromInstanceRequirementsInput struct { // InstanceRequirements is a required field InstanceRequirements *InstanceRequirementsRequest `type:"structure" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The virtualization type. @@ -119854,7 +119889,8 @@ type GetInstanceTypesFromInstanceRequirementsOutput struct { // The instance types with the specified instance attributes. InstanceTypes []*InstanceTypeInfoFromInstanceRequirements `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -121837,12 +121873,13 @@ type GetSpotPlacementScoresInput struct { // If you specify InstanceTypes, you can't specify InstanceRequirementsWithMetadata. InstanceTypes []*string `locationName:"InstanceType" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"10" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The Regions used to narrow down the list of Regions to be scored. Enter the @@ -121966,7 +122003,8 @@ func (s *GetSpotPlacementScoresInput) SetTargetCapacityUnitType(v string) *GetSp type GetSpotPlacementScoresOutput struct { _ struct{} `type:"structure"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The Spot placement score for the top 10 Regions or Availability Zones, scored @@ -127081,7 +127119,14 @@ type Instance struct { // Any block device mapping entries for the instance. BlockDeviceMappings []*InstanceBlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` - // The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode that was specified by the AMI. If the value is uefi-preferred, + // the AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter + // is the boot mode that is used to boot the instance at launch or start. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `locationName:"bootMode" type:"string" enum:"BootModeValues"` @@ -127097,6 +127142,11 @@ type Instance struct { // The CPU options for the instance. CpuOptions *CpuOptions `locationName:"cpuOptions" type:"structure"` + // The boot mode that is used to boot the instance at launch or start. For more + // information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // in the Amazon EC2 User Guide. + CurrentInstanceBootMode *string `locationName:"currentInstanceBootMode" type:"string" enum:"InstanceBootModeValues"` + // Indicates whether the instance is optimized for Amazon EBS I/O. This optimization // provides dedicated throughput to Amazon EBS and an optimized configuration // stack to provide optimal I/O performance. This optimization isn't available @@ -127335,6 +127385,12 @@ func (s *Instance) SetCpuOptions(v *CpuOptions) *Instance { return s } +// SetCurrentInstanceBootMode sets the CurrentInstanceBootMode field's value. +func (s *Instance) SetCurrentInstanceBootMode(v string) *Instance { + s.CurrentInstanceBootMode = &v + return s +} + // SetEbsOptimized sets the EbsOptimized field's value. func (s *Instance) SetEbsOptimized(v bool) *Instance { s.EbsOptimized = &v @@ -134176,7 +134232,8 @@ type LaunchSpecification struct { // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. // // UserData is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by LaunchSpecification's @@ -137165,14 +137222,13 @@ type ListImagesInRecycleBinInput struct { // that are in the Recycle Bin. You can specify up to 20 IDs in a single request. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. - // - // If you do not specify a value for MaxResults, the request returns 1,000 items - // per page by default. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -137237,8 +137293,8 @@ type ListImagesInRecycleBinOutput struct { // Information about the AMIs. Images []*ImageRecycleBinInfo `locationName:"imageSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -140223,7 +140279,7 @@ type ModifyImageAttributeInput struct { // The name of the attribute to modify. // - // Valid values: description | launchPermission + // Valid values: description | imdsSupport | launchPermission Attribute *string `type:"string"` // A new description for the AMI. @@ -140240,6 +140296,18 @@ type ModifyImageAttributeInput struct { // ImageId is a required field ImageId *string `type:"string" required:"true"` + // Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances launched + // from this AMI will have HttpTokens automatically set to required so that, + // by default, the instance requires that IMDSv2 is used when requesting instance + // metadata. In addition, HttpPutResponseHopLimit is set to 2. For more information, + // see Configure the AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration) + // in the Amazon EC2 User Guide. + // + // Do not use this parameter unless your AMI software supports IMDSv2. After + // you set the value to v2.0, you can't undo it. The only way to “reset” + // your AMI is to create a new AMI from the underlying snapshot. + ImdsSupport *AttributeValue `type:"structure"` + // A new launch permission for the AMI. LaunchPermission *LaunchPermissionModifications `type:"structure"` @@ -140267,7 +140335,7 @@ type ModifyImageAttributeInput struct { UserIds []*string `locationName:"UserId" locationNameList:"UserId" type:"list"` // The value of the attribute being modified. This parameter can be used only - // when the Attribute parameter is description. + // when the Attribute parameter is description or imdsSupport. Value *string `type:"string"` } @@ -140326,6 +140394,12 @@ func (s *ModifyImageAttributeInput) SetImageId(v string) *ModifyImageAttributeIn return s } +// SetImdsSupport sets the ImdsSupport field's value. +func (s *ModifyImageAttributeInput) SetImdsSupport(v *AttributeValue) *ModifyImageAttributeInput { + s.ImdsSupport = v + return s +} + // SetLaunchPermission sets the LaunchPermission field's value. func (s *ModifyImageAttributeInput) SetLaunchPermission(v *LaunchPermissionModifications) *ModifyImageAttributeInput { s.LaunchPermission = v @@ -154360,7 +154434,13 @@ type RegisterImageInput struct { // in the Amazon EC2 User Guide. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` - // The boot mode of the AMI. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode of the AMI. A value of uefi-preferred indicates that the AMI + // supports both UEFI and Legacy BIOS. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `type:"string" enum:"BootModeValues"` @@ -157785,8 +157865,8 @@ type RequestSpotLaunchSpecification struct { // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. User data is limited to 16 - // KB. + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. // // UserData is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by RequestSpotLaunchSpecification's @@ -166149,7 +166229,8 @@ type SpotFleetLaunchSpecification struct { // The tags to apply during creation. TagSpecifications []*SpotFleetTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` - // The Base64-encoded user data that instances use when starting up. + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. // // UserData is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SpotFleetLaunchSpecification's @@ -180194,6 +180275,9 @@ const ( // BootModeValuesUefi is a BootModeValues enum value BootModeValuesUefi = "uefi" + + // BootModeValuesUefiPreferred is a BootModeValues enum value + BootModeValuesUefiPreferred = "uefi-preferred" ) // BootModeValues_Values returns all elements of the BootModeValues enum @@ -180201,6 +180285,7 @@ func BootModeValues_Values() []string { return []string{ BootModeValuesLegacyBios, BootModeValuesUefi, + BootModeValuesUefiPreferred, } } @@ -182100,6 +182185,22 @@ func InstanceAutoRecoveryState_Values() []string { } } +const ( + // InstanceBootModeValuesLegacyBios is a InstanceBootModeValues enum value + InstanceBootModeValuesLegacyBios = "legacy-bios" + + // InstanceBootModeValuesUefi is a InstanceBootModeValues enum value + InstanceBootModeValuesUefi = "uefi" +) + +// InstanceBootModeValues_Values returns all elements of the InstanceBootModeValues enum +func InstanceBootModeValues_Values() []string { + return []string{ + InstanceBootModeValuesLegacyBios, + InstanceBootModeValuesUefi, + } +} + const ( // InstanceEventWindowStateCreating is a InstanceEventWindowState enum value InstanceEventWindowStateCreating = "creating" @@ -184193,6 +184294,63 @@ const ( // InstanceTypeR6idn32xlarge is a InstanceType enum value InstanceTypeR6idn32xlarge = "r6idn.32xlarge" + + // InstanceTypeC7gMetal is a InstanceType enum value + InstanceTypeC7gMetal = "c7g.metal" + + // InstanceTypeM7gMedium is a InstanceType enum value + InstanceTypeM7gMedium = "m7g.medium" + + // InstanceTypeM7gLarge is a InstanceType enum value + InstanceTypeM7gLarge = "m7g.large" + + // InstanceTypeM7gXlarge is a InstanceType enum value + InstanceTypeM7gXlarge = "m7g.xlarge" + + // InstanceTypeM7g2xlarge is a InstanceType enum value + InstanceTypeM7g2xlarge = "m7g.2xlarge" + + // InstanceTypeM7g4xlarge is a InstanceType enum value + InstanceTypeM7g4xlarge = "m7g.4xlarge" + + // InstanceTypeM7g8xlarge is a InstanceType enum value + InstanceTypeM7g8xlarge = "m7g.8xlarge" + + // InstanceTypeM7g12xlarge is a InstanceType enum value + InstanceTypeM7g12xlarge = "m7g.12xlarge" + + // InstanceTypeM7g16xlarge is a InstanceType enum value + InstanceTypeM7g16xlarge = "m7g.16xlarge" + + // InstanceTypeM7gMetal is a InstanceType enum value + InstanceTypeM7gMetal = "m7g.metal" + + // InstanceTypeR7gMedium is a InstanceType enum value + InstanceTypeR7gMedium = "r7g.medium" + + // InstanceTypeR7gLarge is a InstanceType enum value + InstanceTypeR7gLarge = "r7g.large" + + // InstanceTypeR7gXlarge is a InstanceType enum value + InstanceTypeR7gXlarge = "r7g.xlarge" + + // InstanceTypeR7g2xlarge is a InstanceType enum value + InstanceTypeR7g2xlarge = "r7g.2xlarge" + + // InstanceTypeR7g4xlarge is a InstanceType enum value + InstanceTypeR7g4xlarge = "r7g.4xlarge" + + // InstanceTypeR7g8xlarge is a InstanceType enum value + InstanceTypeR7g8xlarge = "r7g.8xlarge" + + // InstanceTypeR7g12xlarge is a InstanceType enum value + InstanceTypeR7g12xlarge = "r7g.12xlarge" + + // InstanceTypeR7g16xlarge is a InstanceType enum value + InstanceTypeR7g16xlarge = "r7g.16xlarge" + + // InstanceTypeR7gMetal is a InstanceType enum value + InstanceTypeR7gMetal = "r7g.metal" ) // InstanceType_Values returns all elements of the InstanceType enum @@ -184817,6 +184975,25 @@ func InstanceType_Values() []string { InstanceTypeR6idn16xlarge, InstanceTypeR6idn24xlarge, InstanceTypeR6idn32xlarge, + InstanceTypeC7gMetal, + InstanceTypeM7gMedium, + InstanceTypeM7gLarge, + InstanceTypeM7gXlarge, + InstanceTypeM7g2xlarge, + InstanceTypeM7g4xlarge, + InstanceTypeM7g8xlarge, + InstanceTypeM7g12xlarge, + InstanceTypeM7g16xlarge, + InstanceTypeM7gMetal, + InstanceTypeR7gMedium, + InstanceTypeR7gLarge, + InstanceTypeR7gXlarge, + InstanceTypeR7g2xlarge, + InstanceTypeR7g4xlarge, + InstanceTypeR7g8xlarge, + InstanceTypeR7g12xlarge, + InstanceTypeR7g16xlarge, + InstanceTypeR7gMetal, } } diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go index dc0252cd0..8f594ac0d 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/api.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/api.go @@ -1449,11 +1449,11 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output // KMS key that you intend. // // Whenever possible, use key policies to give users permission to call the -// Decrypt operation on a particular KMS key, instead of using IAM policies. -// Otherwise, you might create an IAM user policy that gives the user Decrypt -// permission on all KMS keys. This user could decrypt ciphertext that was encrypted -// by KMS keys in other accounts if the key policy for the cross-account KMS -// key permits it. If you must use an IAM policy for Decrypt permissions, limit +// Decrypt operation on a particular KMS key, instead of using &IAM; policies. +// Otherwise, you might create an &IAM; policy that gives the user Decrypt permission +// on all KMS keys. This user could decrypt ciphertext that was encrypted by +// KMS keys in other accounts if the key policy for the cross-account KMS key +// permits it. If you must use an IAM policy for Decrypt permissions, limit // the user to particular KMS keys or particular trusted accounts. For details, // see Best practices for IAM policies (https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policies-best-practices) // in the Key Management Service Developer Guide. @@ -1468,9 +1468,9 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output // For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) // in the Key Management Service Developer Guide. // -// Cross-account use: Yes. To perform this operation with a KMS key in a different -// Amazon Web Services account, specify the key ARN or alias ARN in the value -// of the KeyId parameter. +// Cross-account use: Yes. If you use the KeyId parameter to identify a KMS +// key in a different Amazon Web Services account, specify the key ARN or the +// alias ARN of the KMS key. // // Required permissions: kms:Decrypt (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html) // (key policy) @@ -3360,9 +3360,9 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request. // or NumberOfBytes parameters (but not both). For 128-bit and 256-bit data // keys, use the KeySpec parameter. // -// To generate an SM4 data key (China Regions only), specify a KeySpec value -// of AES_128 or NumberOfBytes value of 128. The symmetric encryption key used -// in China Regions to encrypt your data key is an SM4 encryption key. +// To generate a 128-bit SM4 data key (China Regions only), specify a KeySpec +// value of AES_128 or a NumberOfBytes value of 16. The symmetric encryption +// key used in China Regions to encrypt your data key is an SM4 encryption key. // // To get only an encrypted copy of the data key, use GenerateDataKeyWithoutPlaintext. // To generate an asymmetric data key pair, use the GenerateDataKeyPair or GenerateDataKeyPairWithoutPlaintext @@ -8661,9 +8661,11 @@ func (c *KMS) VerifyRequest(input *VerifyInput) (req *request.Request, output *V // (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) // in the Key Management Service Developer Guide. // -// To verify a digital signature, you can use the Verify operation. Specify -// the same asymmetric KMS key, message, and signing algorithm that were used -// to produce the signature. +// To use the Verify operation, specify the same asymmetric KMS key, message, +// and signing algorithm that were used to produce the signature. The message +// type does not need to be the same as the one used for signing, but it must +// indicate whether the value of the Message parameter should be hashed as part +// of the verification process. // // You can also verify the digital signature by using the public key of the // KMS key outside of KMS. Use the GetPublicKey operation to download the public @@ -10073,13 +10075,11 @@ type CreateGrantInput struct { // The identity that gets the permissions specified in the grant. // - // To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // of an Amazon Web Services principal. Valid Amazon Web Services principals - // include Amazon Web Services accounts (root), IAM users, IAM roles, federated - // users, and assumed role users. For examples of the ARN syntax to use for - // specifying a principal, see Amazon Web Services Identity and Access Management - // (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) - // in the Example ARNs section of the Amazon Web Services General Reference. + // To specify the grantee principal, use the Amazon Resource Name (ARN) of an + // Amazon Web Services principal. Valid principals include Amazon Web Services + // accounts, IAM users, IAM roles, federated users, and assumed role users. + // For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns) + // in the Identity and Access Management User Guide . // // GranteePrincipal is a required field GranteePrincipal *string `min:"1" type:"string" required:"true"` @@ -10132,12 +10132,10 @@ type CreateGrantInput struct { // the grant. // // To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // of an Amazon Web Services principal. Valid Amazon Web Services principals - // include Amazon Web Services accounts (root), IAM users, federated users, - // and assumed role users. For examples of the ARN syntax to use for specifying - // a principal, see Amazon Web Services Identity and Access Management (IAM) - // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) - // in the Example ARNs section of the Amazon Web Services General Reference. + // of an Amazon Web Services principal. Valid principals include Amazon Web + // Services accounts, IAM users, IAM roles, federated users, and assumed role + // users. For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns) + // in the Identity and Access Management User Guide . // // The grant determines the retiring principal. Other principals might have // permission to retire the grant or revoke the grant. For details, see RevokeGrant @@ -10288,19 +10286,18 @@ func (s *CreateGrantOutput) SetGrantToken(v string) *CreateGrantOutput { type CreateKeyInput struct { _ struct{} `type:"structure"` - // A flag to indicate whether to bypass the key policy lockout safety check. + // Skips ("bypasses") the key policy lockout safety check. The default value + // is false. // // Setting this value to true increases the risk that the KMS key becomes unmanageable. // Do not set this value to true indiscriminately. // - // For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section in the Key Management Service Developer Guide . + // For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. // - // Use this parameter only when you include a policy in the request and you - // intend to prevent the principal that is making the request from making a - // subsequent PutKeyPolicy request on the KMS key. - // - // The default value is false. + // Use this parameter only when you intend to prevent the principal that is + // making the request from making a subsequent PutKeyPolicy request on the KMS + // key. BypassPolicyLockoutSafetyCheck *bool `type:"boolean"` // Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html). @@ -10442,24 +10439,23 @@ type CreateKeyInput struct { // // If you provide a key policy, it must meet the following criteria: // - // * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy - // must allow the principal that is making the CreateKey request to make - // a subsequent PutKeyPolicy request on the KMS key. This reduces the risk - // that the KMS key becomes unmanageable. For more information, refer to - // the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section of the Key Management Service Developer Guide . + // * The key policy must allow the calling principal to make a subsequent + // PutKeyPolicy request on the KMS key. This reduces the risk that the KMS + // key becomes unmanageable. For more information, see Default key policy + // (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. (To omit this condition, + // set BypassPolicyLockoutSafetyCheck to true.) // // * Each statement in the key policy must contain one or more principals. // The principals in the key policy must exist and be visible to KMS. When - // you create a new Amazon Web Services principal (for example, an IAM user - // or role), you might need to enforce a delay before including the new principal - // in a key policy because the new principal might not be immediately visible - // to KMS. For more information, see Changes that I make are not always immediately - // visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + // you create a new Amazon Web Services principal, you might need to enforce + // a delay before including the new principal in a key policy because the + // new principal might not be immediately visible to KMS. For more information, + // see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) // in the Amazon Web Services Identity and Access Management User Guide. // // If you do not provide a key policy, KMS attaches a default key policy to - // the KMS key. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) + // the KMS key. For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) // in the Key Management Service Developer Guide. // // The key policy size quota is 32 kilobytes (32768 bytes). @@ -13957,11 +13953,17 @@ type GetParametersForImportInput struct { // KeyId is a required field KeyId *string `min:"1" type:"string" required:"true"` - // The algorithm you will use to encrypt the key material before importing it - // with ImportKeyMaterial. For more information, see Encrypt the Key Material + // The algorithm you will use to encrypt the key material before using the ImportKeyMaterial + // operation to import it. For more information, see Encrypt the key material // (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-encrypt-key-material.html) // in the Key Management Service Developer Guide. // + // The RSAES_PKCS1_V1_5 wrapping algorithm is deprecated. We recommend that + // you begin using a different wrapping algorithm immediately. KMS will end + // support for RSAES_PKCS1_V1_5 by October 1, 2023 pursuant to cryptographic + // key management guidance (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf) + // from the National Institute of Standards and Technology (NIST). + // // WrappingAlgorithm is a required field WrappingAlgorithm *string `type:"string" required:"true" enum:"AlgorithmSpec"` @@ -16893,11 +16895,10 @@ type ListRetirableGrantsInput struct { // Amazon Web Services account. // // To specify the retiring principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // of an Amazon Web Services principal. Valid Amazon Web Services principals - // include Amazon Web Services accounts (root), IAM users, federated users, - // and assumed role users. For examples of the ARN syntax for specifying a principal, - // see Amazon Web Services Identity and Access Management (IAM) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam) - // in the Example ARNs section of the Amazon Web Services General Reference. + // of an Amazon Web Services principal. Valid principals include Amazon Web + // Services accounts, IAM users, IAM roles, federated users, and assumed role + // users. For help with the ARN syntax for a principal, see IAM ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-arns) + // in the Identity and Access Management User Guide . // // RetiringPrincipal is a required field RetiringPrincipal *string `min:"1" type:"string" required:"true"` @@ -17191,19 +17192,18 @@ func (s *NotFoundException) RequestID() string { type PutKeyPolicyInput struct { _ struct{} `type:"structure"` - // A flag to indicate whether to bypass the key policy lockout safety check. + // Skips ("bypasses") the key policy lockout safety check. The default value + // is false. // // Setting this value to true increases the risk that the KMS key becomes unmanageable. // Do not set this value to true indiscriminately. // - // For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section in the Key Management Service Developer Guide. + // For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. // // Use this parameter only when you intend to prevent the principal that is // making the request from making a subsequent PutKeyPolicy request on the KMS // key. - // - // The default value is false. BypassPolicyLockoutSafetyCheck *bool `type:"boolean"` // Sets the key policy on the specified KMS key. @@ -17225,20 +17225,19 @@ type PutKeyPolicyInput struct { // // The key policy must meet the following criteria: // - // * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy - // must allow the principal that is making the PutKeyPolicy request to make - // a subsequent PutKeyPolicy request on the KMS key. This reduces the risk - // that the KMS key becomes unmanageable. For more information, refer to - // the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section of the Key Management Service Developer Guide. + // * The key policy must allow the calling principal to make a subsequent + // PutKeyPolicy request on the KMS key. This reduces the risk that the KMS + // key becomes unmanageable. For more information, see Default key policy + // (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. (To omit this condition, + // set BypassPolicyLockoutSafetyCheck to true.) // // * Each statement in the key policy must contain one or more principals. // The principals in the key policy must exist and be visible to KMS. When - // you create a new Amazon Web Services principal (for example, an IAM user - // or role), you might need to enforce a delay before including the new principal - // in a key policy because the new principal might not be immediately visible - // to KMS. For more information, see Changes that I make are not always immediately - // visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + // you create a new Amazon Web Services principal, you might need to enforce + // a delay before including the new principal in a key policy because the + // new principal might not be immediately visible to KMS. For more information, + // see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) // in the Amazon Web Services Identity and Access Management User Guide. // // A key policy document can include only the following characters: @@ -17651,19 +17650,18 @@ func (s *ReEncryptOutput) SetSourceKeyId(v string) *ReEncryptOutput { type ReplicateKeyInput struct { _ struct{} `type:"structure"` - // A flag to indicate whether to bypass the key policy lockout safety check. + // Skips ("bypasses") the key policy lockout safety check. The default value + // is false. // // Setting this value to true increases the risk that the KMS key becomes unmanageable. // Do not set this value to true indiscriminately. // - // For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section in the Key Management Service Developer Guide. + // For more information, see Default key policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. // // Use this parameter only when you intend to prevent the principal that is // making the request from making a subsequent PutKeyPolicy request on the KMS // key. - // - // The default value is false. BypassPolicyLockoutSafetyCheck *bool `type:"boolean"` // A description of the KMS key. The default value is an empty string (no description). @@ -17700,20 +17698,20 @@ type ReplicateKeyInput struct { // // If you provide a key policy, it must meet the following criteria: // - // * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy - // must give the caller kms:PutKeyPolicy permission on the replica key. This - // reduces the risk that the KMS key becomes unmanageable. For more information, - // refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) - // section of the Key Management Service Developer Guide . + // * The key policy must allow the calling principal to make a subsequent + // PutKeyPolicy request on the KMS key. This reduces the risk that the KMS + // key becomes unmanageable. For more information, see Default key policy + // (https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) + // in the Key Management Service Developer Guide. (To omit this condition, + // set BypassPolicyLockoutSafetyCheck to true.) // // * Each statement in the key policy must contain one or more principals. // The principals in the key policy must exist and be visible to KMS. When - // you create a new Amazon Web Services principal (for example, an IAM user - // or role), you might need to enforce a delay before including the new principal - // in a key policy because the new principal might not be immediately visible - // to KMS. For more information, see Changes that I make are not always immediately - // visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) - // in the Identity and Access Management User Guide . + // you create a new Amazon Web Services principal, you might need to enforce + // a delay before including the new principal in a key policy because the + // new principal might not be immediately visible to KMS. For more information, + // see Changes that I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) + // in the Amazon Web Services Identity and Access Management User Guide. // // A key policy document can include only the following characters: // @@ -18323,10 +18321,10 @@ type SignInput struct { KeyId *string `min:"1" type:"string" required:"true"` // Specifies the message or message digest to sign. Messages can be 0-4096 bytes. - // To sign a larger message, provide the message digest. + // To sign a larger message, provide a message digest. // - // If you provide a message, KMS generates a hash digest of the message and - // then signs it. + // If you provide a message digest, use the DIGEST value of MessageType to prevent + // the digest from being hashed again while signing. // // Message is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SignInput's @@ -18337,15 +18335,44 @@ type SignInput struct { // Message is a required field Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` - // Tells KMS whether the value of the Message parameter is a message or message - // digest. The default value, RAW, indicates a message. To indicate a message - // digest, enter DIGEST. + // Tells KMS whether the value of the Message parameter should be hashed as + // part of the signing algorithm. Use RAW for unhashed messages; use DIGEST + // for message digests, which are already hashed. + // + // When the value of MessageType is RAW, KMS uses the standard signing algorithm, + // which begins with a hash function. When the value is DIGEST, KMS skips the + // hashing step in the signing algorithm. + // + // Use the DIGEST value only when the value of the Message parameter is a message + // digest. If you use the DIGEST value with an unhashed message, the security + // of the signing operation can be compromised. + // + // When the value of MessageTypeis DIGEST, the length of the Message value must + // match the length of hashed messages for the specified signing algorithm. + // + // You can submit a message digest and omit the MessageType or specify RAW so + // the digest is hashed again while signing. However, this can cause verification + // failures when verifying with a system that assumes a single hash. + // + // The hashing algorithm in that Sign uses is based on the SigningAlgorithm + // value. + // + // * Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm. + // + // * Signing algorithms that end in SHA_384 use the SHA_384 hashing algorithm. + // + // * Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm. + // + // * SM2DSA uses the SM3 hashing algorithm. For details, see Offline verification + // with SM2 key pairs (https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification). MessageType *string `type:"string" enum:"MessageType"` // Specifies the signing algorithm to use when signing the message. // // Choose an algorithm that is compatible with the type and size of the specified - // asymmetric KMS key. + // asymmetric KMS key. When signing with RSA key pairs, RSASSA-PSS algorithms + // are preferred. We include RSASSA-PKCS1-v1_5 algorithms for compatibility + // with existing applications. // // SigningAlgorithm is a required field SigningAlgorithm *string `type:"string" required:"true" enum:"SigningAlgorithmSpec"` @@ -19507,13 +19534,37 @@ type VerifyInput struct { // Message is a required field Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"` - // Tells KMS whether the value of the Message parameter is a message or message - // digest. The default value, RAW, indicates a message. To indicate a message - // digest, enter DIGEST. + // Tells KMS whether the value of the Message parameter should be hashed as + // part of the signing algorithm. Use RAW for unhashed messages; use DIGEST + // for message digests, which are already hashed. + // + // When the value of MessageType is RAW, KMS uses the standard signing algorithm, + // which begins with a hash function. When the value is DIGEST, KMS skips the + // hashing step in the signing algorithm. // // Use the DIGEST value only when the value of the Message parameter is a message - // digest. If you use the DIGEST value with a raw message, the security of the - // verification operation can be compromised. + // digest. If you use the DIGEST value with an unhashed message, the security + // of the verification operation can be compromised. + // + // When the value of MessageTypeis DIGEST, the length of the Message value must + // match the length of hashed messages for the specified signing algorithm. + // + // You can submit a message digest and omit the MessageType or specify RAW so + // the digest is hashed again while signing. However, if the signed message + // is hashed once while signing, but twice while verifying, verification fails, + // even when the message hasn't changed. + // + // The hashing algorithm in that Verify uses is based on the SigningAlgorithm + // value. + // + // * Signing algorithms that end in SHA_256 use the SHA_256 hashing algorithm. + // + // * Signing algorithms that end in SHA_384 use the SHA_384 hashing algorithm. + // + // * Signing algorithms that end in SHA_512 use the SHA_512 hashing algorithm. + // + // * SM2DSA uses the SM3 hashing algorithm. For details, see Offline verification + // with SM2 key pairs (https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-sm-offline-verification). MessageType *string `type:"string" enum:"MessageType"` // The signature that the Sign operation generated. diff --git a/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go b/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go index 7dc9bd442..babb91fc8 100644 --- a/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go +++ b/vendor/github.com/aws/aws-sdk-go/service/kms/doc.go @@ -38,14 +38,14 @@ // // # Signing Requests // -// Requests must be signed by using an access key ID and a secret access key. -// We strongly recommend that you do not use your Amazon Web Services account -// (root) access key ID and secret access key for everyday work with KMS. Instead, -// use the access key ID and secret access key for an IAM user. You can also -// use the Amazon Web Services Security Token Service to generate temporary -// security credentials that you can use to sign requests. +// Requests must be signed using an access key ID and a secret access key. We +// strongly recommend that you do not use your Amazon Web Services account root +// access key ID and secret access key for everyday work. You can use the access +// key ID and secret access key for an IAM user or you can use the Security +// Token Service (STS) to generate temporary security credentials and use those +// to sign requests. // -// All KMS operations require Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). +// All KMS requests must be signed with Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). // // # Logging API Requests // diff --git a/vendor/modules.txt b/vendor/modules.txt index 028f2d00c..c9ce8373b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -8,7 +8,7 @@ github.com/ansel1/merry # github.com/ansel1/merry/v2 v2.0.1 ## explicit; go 1.12 github.com/ansel1/merry/v2 -# github.com/aws/aws-sdk-go v1.44.205 +# github.com/aws/aws-sdk-go v1.44.220 ## explicit; go 1.11 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/awserr